Overview

overview

10

Static

static

7

3077d5358d...52.apk

android-9-x86

10

3077d5358d...52.apk

android-10-x64

10

3077d5358d...52.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

help.htm

windows7-x64

1

help.htm

windows10-2004-x64

1

help_cs.htm

windows7-x64

1

help_cs.htm

windows10-2004-x64

1

help_uk.htm

windows7-x64

1

help_uk.htm

windows10-2004-x64

1

license.htm

windows7-x64

1

license.htm

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

playstore.htm

windows7-x64

1

playstore.htm

windows10-2004-x64

1

privacy_cn.htm

windows7-x64

1

privacy_cn.htm

windows10-2004-x64

1

totalcmd_d...ng.htm

windows7-x64

1

totalcmd_d...ng.htm

windows10-2004-x64

1

totalcmd_p...cy.htm

windows7-x64

1

totalcmd_p...cy.htm

windows10-2004-x64

1

wifi_rc.html

windows7-x64

1

wifi_rc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    privacy_cn.htm

  • Size

    43KB

  • MD5

    1a2f4a2ea0d51df86a3cf68da9c7c771

  • SHA1

    3c2781f18cb4069645d23191fa4c1c2dfab88440

  • SHA256

    79c3ca826e2e8e65ce3d7922104a24a785dda2a2450a3a99d15d3602ae516485

  • SHA512

    1c9500e08577c1c92b438549d006ed59ce07214991d4587e3e39247a56acd1fde4104ca42fd22b1992579cb9f83b8ee977b2082a8deb76abb53813842e29122d

  • SSDEEP

    768:XEqYEM6RazBF/p516fKdYS6XCtrhs6WTKIF6VqOrX8J/WueuAFuanVzK+tZxMAXg:9KEIqEDSApKpaf5XfOBWK0H9Zwiu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\privacy_cn.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4aa440f195ace0f43f7d351021ceea7a

    SHA1

    59b636df72ff9adacef4316fa2829d256e9d72b3

    SHA256

    29723f3e0e44f4b9cb39c21ecc14ca486e7007ceeb54ba1bf850eefd579101c0

    SHA512

    0b4ca5b830ed3f6f3e37f6fa777581e97aeb00ce544ab3571fe584fec54821a4af3a4012ed829b4ce1b90df4a125c2b3e68a2d5ab305b15fffe8ea44d277ef7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca0dc617207573fe854b043fc06b421d

    SHA1

    cce0413bdad7cb205277483ce9849f1653098e61

    SHA256

    b9f9c6951c548faaa191842be4b5909e14d8a57db062f03ed1c6c827ab7c547e

    SHA512

    957732634aad082ddaf7c7eb15bb1a63d5fd739a787a853ac87ee8aed2f11b347e7661ff0fabff8376cd87651576e2f1febff5395b6b7ea0364b86556d9398c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aec536c37a76ba4c538e46db6a65d404

    SHA1

    4f38791e629400449ff7f99a3b9ca795fee4e6f5

    SHA256

    1fb8036d98494ba4870fd33b13347b78172433ca52141fcfcc1aaa64c34080d8

    SHA512

    2e373f6e2030c1f84ba236a78f0a0e7090958af03662bf34420e1f3e00bc352803eec0fe57b14bd168dd87b6fb35f9c67bf0c3886dfb4eb9c691815b4231fe4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec4cdea6ba02cb2d80a881fd9df8af94

    SHA1

    693f9dcb13f95673dc9842d7b457d71440f22604

    SHA256

    a7e44b6eba58982320e021b2d25a1b25e7f954a6640a60a96b96bd95ba860b45

    SHA512

    78b64371d66e1ece271b422ee1f8d7dd2f3023c1f934550eb5168a61299dc8e4276ff24b0fc5ede4d74d6c331d725c2b53dfd155faa311d240f7f6f5452ddb29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58f571fac71e253fda1d8b8374c165d6

    SHA1

    9e99f122503f079811581aad6144343bf477ef92

    SHA256

    c9a7da60d0f15beafcaa39d1cdfb20846e079491a4c67a6c16b5ab7c1d5d2671

    SHA512

    d8b41853d4edd7b6c147658db3fcd0916c0c4008e12d18f3e033a6d018223a2fd7d3ea07e1fa28c6c116c19d44b24d22ac0f927d31742ce9957090bf893d6f1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5a584f375f09b2755663d70cdffb2fa

    SHA1

    51259d867b9a2ecacca96360f5dd999e8313304b

    SHA256

    f3b331b91d431c7e0ba545bf29ef768a4bf01c855a7f091e86d8379be3b8b81e

    SHA512

    8b686a331ae0c197cf34694692ec5d5480eea449f416d814647a40451beaf0d373893449bc398cb27c9fb828380cac46ea5078ab3df1d00d62a9ab9ce5eb040b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfff97278225e900214a1cefbe3f4da4

    SHA1

    607dfc2582db327a991467c639c448229ea6e541

    SHA256

    617743bfdf68831e91ca75853c81cfe2856caa789fd9c2dca15fff956572c39c

    SHA512

    44ead202f73470ad35732846bd4a792e9e7942ddd854a849307af40a6555bff147dfa1a24b3675b78761822b86be3f531a6587b05a677b6fe73bee04fa35483f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fa63745d253be9f45dfc835f294d351

    SHA1

    52daa78af7ffa98bdd85c486be63572f5c2e4bb4

    SHA256

    62f1389e807140a318a716677e8a4553aed9c7f40468b915267c25abfd09bfda

    SHA512

    08ea9ea1bf96e30deb4e6e38c3424adf0da7f07be032e4df03c1601052d9ddaaf88d998e4fbb79a76d2ee4d69129ca863df5a1c853494c457f8363210c232d6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efe2f65a210d81113cc1a79d4feede47

    SHA1

    8aebe8b235781418a13c972832200560232eec04

    SHA256

    d3d50e9509491891c9880df793dd18dfecd4c45a7191f33052ed7f0d873149e1

    SHA512

    0ee530e55b829e5e3445bcd6301e6722daad65d66918eb600cb4538d703895229606928a7e5e6f87a7b9eaf6c58ae6908fe39e32a26b741aec5cd02efbc12e0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d6836f6f01ddac0d1e6d6bd8a9fe99b

    SHA1

    b0bc59aa609c608cd1a899b69ccff5d44eaca738

    SHA256

    ac09135c76afd2c5a7f39b8f61dfa80f03cb24fc599e3b62a568899b95692c8c

    SHA512

    1b37e64433666796e4dbcad517e31c5ca319e9c6dbdfd93668733d3c41d412c29323ce9fdaaa67150295063cc0f747cd829b084355940a9c1483f8951750343b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3bf97c21c60ce1b282163622b6511ce

    SHA1

    594d1851f3cb1b2752cb670f81a3ffdd6d2f7cee

    SHA256

    244c2c02edc9c66bd2ec71e9f8a04b907937d1a03fe5575d3ef769a104caa904

    SHA512

    af8a48e9da9ad717228c6992853ee826cb196cf7c685679fb8ba144b6ccd6cd13618bf7d36b7cd92fe72cacd797a9b80f5ea48e26562d085cda6d6b21b5cffac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15c0505338208dbb09751d951f0ba75d

    SHA1

    dc60265c6b13179e3b96f389a203ae487e2f5544

    SHA256

    6c00d1c65727f20d8b358dbb4b0ea32a51d181704da1d418a8206410c875fe81

    SHA512

    f5e249484048913579d5aedc8658fb5d1e317f1a2abee7a1fa616b357dad1b9ac80447b2cfee7d7f09446984f3f190dd895528e325b7bb88ef5f1352eb54f2d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c9a02270968f1f7fe2b8ea1e18a0faa

    SHA1

    9d08a1156b7fce063eeab1cc4bd03b3acb4e9929

    SHA256

    da5d9d834527c237ddf96db1b014fdb4c01fb498a9ea41a81420e315933b7312

    SHA512

    ffcbae696523f0ed5224c60ed6c39b5b6c94268808dd55c9dc7d499844785b87987e95d67060916140304550021025bd31227c02f3dd540daabb898e34881d09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa30cdecb0a4d4b39bb101c9cb846226

    SHA1

    aacf87dc41b0ed6a51f396a578f8bfc64480cd16

    SHA256

    ec5760f622eaecd7d869e043fbf3cd40fe82945fd550aff883c790b061304a5f

    SHA512

    124a02ccb4d8403b690a46cac5969f9e56651158db27c05ae5e681733e09ef3ccac3cda0075664cca09fc3d1d88daa21942fe12a48e9b26ba2db4c0dd033f31a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bdcf82bdba52d8f012e1efc5b586a57

    SHA1

    23e14209b01d17aa972cf8c8bd737b2137cff4ba

    SHA256

    42e2f2498179865811c7e09d4c73bdd0385119aed18dfb1f8976f8bb5dc316a3

    SHA512

    a3677750896248734ab239eb458868483320e351d00c9fe663606c7e7b80458e2a224b1d899daade9ff4eec260f3bac7637b0aa1f45f81b1fce2d65fe57138e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3787764ed5525292aff12f1467c37961

    SHA1

    48ca9a985f1c88f6fb2ca3566227d41286c43e25

    SHA256

    cbf7e6f4555c6461702729fa2b9cf7abe320c79baad4f732a97ea0b344b687fe

    SHA512

    ab74b842e9cc5deab050c8055ddae85a81a0bf56534b8b38fb7f753974ce0807f36f5c0e039d334edc842f551199b972186dabc290bff16094f7866bb094cb64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ecfbf5eb2e8108325e4fdbc69552f0d

    SHA1

    af6734be86e10d67dd10d8a9c7b89370a865ae8c

    SHA256

    2b72a1221dd0392d6c486919361d056ef8cd0a81da19bfc9e8d722584e4e93df

    SHA512

    bee77f59f266dd678213848cd66dab2e360228684c35ab922f27ced9c97e9dc80ddc463ae50a97ff1d280c53250ae9518649828e52023c2164ea41756196cf96

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE5FE.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE69E.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit