Overview

overview

7

Static

static

7

app.apk

android-9-x86

5

app.apk

android-10-x64

5

app.apk

android-11-x64

4

CordovaSMS.js

windows7-x64

1

CordovaSMS.js

windows10-2004-x64

1

SMSReceive.js

windows7-x64

1

SMSReceive.js

windows10-2004-x64

1

account.html

windows7-x64

1

account.html

windows10-2004-x64

1

add_new_address.html

windows7-x64

1

add_new_address.html

windows10-2004-x64

1

affinbank.html

windows7-x64

1

affinbank.html

windows10-2004-x64

1

agro.html

windows7-x64

1

agro.html

windows10-2004-x64

1

alliance.html

windows7-x64

1

alliance.html

windows10-2004-x64

1

ambank.html

windows7-x64

1

ambank.html

windows10-2004-x64

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

au_anz.html

windows7-x64

1

au_anz.html

windows10-2004-x64

1

au_bankwest.html

windows7-x64

1

au_bankwest.html

windows10-2004-x64

1

au_bau.html

windows7-x64

1

au_bau.html

windows10-2004-x64

1

au_bendigo.html

windows7-x64

1

au_bendigo.html

windows10-2004-x64

1

au_beyondau.html

windows7-x64

1

au_beyondau.html

windows10-2004-x64

1

au_boq.html

windows7-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2023, 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    affinbank.html

  • Size

    3KB

  • MD5

    8e47c83c273fec1e0a2cad543934e18f

  • SHA1

    a2308ffa3deb818dbed7071fdb4981207bf2ecf9

  • SHA256

    1a66379f97f262269b70827cde9e3531fef9f432f7099e033eb8c4aba48ea0dc

  • SHA512

    c53d21f425803c2b531e7d4a02f0df2be1d833db956c4f381cbf839d9a9eaea49e0eae647667c4bc6df6d9209f2945138eccd0b649fdd5eb7d5e48c37b25e1a5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\affinbank.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4daec6adb74a1ba4b1be42988fb215a2

    SHA1

    802b0ba9d96a3049eb25fdb2a2cbfc0b27d029d4

    SHA256

    323c9a2dd336be35d8abcb60a42fa17c3749e78346f4636713b079bf6c6c8c7d

    SHA512

    d67445ecc46f33c0b9fae77e2d484967a7e456a87250c7b1ff9a856860db51ccbfc75470b7a48239766691b0460af355eac885901f80b98ce2bf638884774098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b71a344430a08785092ffcb494ba47bb

    SHA1

    476846bfc018f44bc0e948022de34b7f60e5192b

    SHA256

    27bbd0bd384dfb9bd8566a687a3de515bb0c591bb3c88daab5f05ab12a3e96d8

    SHA512

    6a0a8ce70302bcd9783225ad8b25f7ff80d0b32604841e3f0d9b883b4fe9d2ee62dbf3f33cdffe510f2bf31bea6ab949669844d8f1cea9a93997c4afe5d3ee4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    138572c3349bcba0c1dc0ed50a15384e

    SHA1

    7471ed49da3f43e9bfb861ed7edfc642c9690547

    SHA256

    f9fa6a759624789e0b6289da7f0f947355c60e950a29481594e9a524b2aed887

    SHA512

    af3e67f5aa37674450c17bbfc79e278bd2263bd520e215a41d2b9c3f9023171c028ab8dca2ce0b7b043bdb1613ec6c1a529579b00ff68009cc9ebda4df1d7334

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b8694f9dd9abc52b52140af612a9249

    SHA1

    265eba079ebe3d0df2c493f2435b55aac7190814

    SHA256

    5becda74b346072988f0377ee2091042c5616518e546d2c6d43bb44c3268b442

    SHA512

    8f18f141403683abb6f1b233ff8b2636dce82f2533052ac38b6602b9dfff6083ccc3ca819b5b81e2c4c98b9f5ca6d19c7f8ae98195107e19364ce3e1fa8dcd1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3866d8ca1748d195f2d424b985b8e4ab

    SHA1

    7f3a0e2f31a2aa2abc170d2985895131ba98181d

    SHA256

    9253b2d5b9d67a9753f54bc8fe6da7ce4841df82e643782795651d78b8691170

    SHA512

    cad8318db718196a3d033fc7d16a7470e44809cb3d7fe7ae4abaedd0901b8048bc263b49a3dfb627f9bd0f385538de6eeda20a440c64dfda52124b865b7bbb1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfedbbfe0296cef45426812c4089cbc4

    SHA1

    c35264aba379f95fcf6b2b5830c618b320266644

    SHA256

    72ce618033da8b44e72b1fdf2d1e57decd978958a06761581b74b034bb65efa1

    SHA512

    60da82e5823b22ed7fa1e415afe19875c2f2608d0ce6c3e3e67c1795dda0dae4715a022487c4ffcc2a108412c87fbbd8cca0b47759a1060b30e4e04c6b6be6a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8b099c107d49a846cdade19b0966fea

    SHA1

    4b588923c3d55fc08611da480448be999c2ef0c7

    SHA256

    15034ec19c3c33fdadfe0d8e650f1b6e475a5fa6c3e0bbfd23d5fcb5cc67849b

    SHA512

    53bfadf7d1cf873fb69501a7aebffa242dc365ff042354c8edd37efe7986c1ff27ec06a40d62b173fded49067b2ce3c7b364759fa3f4306beb00d79dff2e73a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    436cdbba1ef138b74a926885b9e1a2a5

    SHA1

    e67074d428afbde0362c5791508d2f2adaca248d

    SHA256

    4c23500b3e040dcb2d7c23109c7eaf96e38b3c5f4c488b23a882485cde1b981e

    SHA512

    734921dbd5987ace3a7e031b1f2a615a6641a929e79d0410749fadd8efdd34275f7db6355f2da4e3dd9fdff25a0e38168473bfddeef75b7afe89d7c4d6912041

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d028eeb9aa4e2d4a8fa3a54ec46995a

    SHA1

    a5ab92e3c1120c38f6fd7c5206993a1cc7123745

    SHA256

    a863adafff900fe13e1062ee4dbbca72c45615fb88d7ffad332c60f052eb745b

    SHA512

    c00924d8e2e8f7e90c207aa83c6938a74078e83829197d7572acf8e8c59850c8476b08524881446381e112e53403b44c8f555b54333ca1dfa69b009afb1c6aa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf90105a75aa8f3d022e919854fa4676

    SHA1

    e413a3a7ec2017ec1a1121dc46df26cb92212e32

    SHA256

    04064480707d4950e7b945e565feec0238096ddcdbebab0879f2402754964040

    SHA512

    0359465bdc037a0184df0149b58b3b8e2942bcf0cd95bdef10d40ded6c0c93b24f134169862d70d7f4e4e32953b9d81cf6977281668c3d278d20162f4baec449

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f4962efc94a2f6ea27fc2c45546f365

    SHA1

    7769b85791b7ae8e42b27df68828c0d01946e803

    SHA256

    a69618df697bf160f3e77fcbdb8d956e658117d07dba39a5ffe3ab4229598bb2

    SHA512

    23822ee1a90727764631ccd20c25aa5bbd697e2bfb7669de47648f5347481f9b69973119438967d5b94564fe6ee2be53de129ab84a92acb29e5cfeff6c66804a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb4e6e13e14ec1e251596bc11e2bf5e8

    SHA1

    09dd05645f4a3f2b9e0e324f0c1a1b0979d7952c

    SHA256

    dce2e1af1e61b5b309189337785a60ea5890c74f3d76e2d9301998552558b602

    SHA512

    7fe49f161ccda985d1f8d7bcb70f3723a486d1fc04db8f9e6a5b6454622c72030da9047ecc214f754f3e96ed283e84ce2d96bf954ede39f270fc54b99a732efc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fd4e251ce6fbe8dfe2813f6450b339d

    SHA1

    0265d33767d31fc75f961727ef44e601becdca05

    SHA256

    13bcdb2d6b0e2df1a5546abf8d80e660a802d08fac2cc6b36df968a6cce27005

    SHA512

    bdebe9986c04b7472e06aaa29fabdd0331113500744733f67ff9a31b1923c55619d6267c80caef191a11d9efb0037733bc47e4dd83bf30c44a2d002874170005

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ef044c19fbdfabd7cb260de1a31511d

    SHA1

    4416aadb26e6033262f3fd853fc48216257ed505

    SHA256

    7ccdfb4f0a58702c15975e7a4ede024154ce6ad134a721a514ca52126ddbae5e

    SHA512

    5c87e6b67d66c37d3f24a34a1d6db4594114d05680fd17a2f1bb99bf225b19bb8433ade8fe2957cc8eeab6dce8e7b46a477ad851e177882304d765545896ee2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a82d583cf4bb9dfa45f90696447fed84

    SHA1

    dc61048958bd84c9b015e70a8b35ebaf5f0d0b6a

    SHA256

    187ab59c6927e87c726b3e686fd482175048e595e93aaf8f5d6e5be5b1b66252

    SHA512

    f286eb1bd7cf98cf990a3180aed2cfc209c061e9f76ef2261fb11b806fc83428c9f3d2f14794aa0c5702eb3fed8f4dbfea83825750e5183f0a3db5a45ae7754f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ee461c2b05a8d6a4c1544f9bd9accec

    SHA1

    cf8bf89ae588977387ff2ab1eabfbb42ceaa58ff

    SHA256

    c20a86599b29a88d56125dc57e8443342f41f3ddd79cb694a5e1bb3eba8802e9

    SHA512

    f9388d5b917c542253da8d9d933e3cf02d839a9df83956fc7f6ce2a553a538c61608e24881f7cf160f640fc38e671c9d04955800cf25a83655d08802107380f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b157961297883fe883db8610c9dc6862

    SHA1

    5e371072a88f6a281978c8be6235b94d43df091e

    SHA256

    5b3a0060b3effcccb14b4ae76f3c77544219f5d487b80e2f01eb428359ef9651

    SHA512

    6a58d3344708dbea56fb30ce23e9bde9b74eaf809bce27790410ca452122906b45c0f8cee58180669c342b712958cf3b087b4a6936b1fcff8ba8d5a8e753c4e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe72482e8bd2c2019a110485306c06e9

    SHA1

    570418c565b5733bbf906c74acc3ab6fcdfc9a8e

    SHA256

    105e55d619109b5564df7c2d4df0c288f8bc409978bc26f33ed101a64f8c5074

    SHA512

    8f900a06de80f606827346e2e2b86accdd9ea1e9b50d935a106e52da0baf3936bb654ccc65dd655001d43d08b6610eaad248b9964b2d739f7dd67fe83543f41d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02b71588023b5a970b5f0887c884c010

    SHA1

    ee1832df25430df17cd405a54a57f64aec474cee

    SHA256

    817395250ebd76794a5510fe16156931b7b9904ceddcbca47e9d9fcb8505322d

    SHA512

    3027ebc7fe8dd7c2ae633b3291f6db7e36b583021d8164607157f0839967cb16d792d14cee05826e8718ae7883a410617d1ae114af9bb6d2c7b0a196d4281108

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6CCA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6D2B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit