Overview

overview

7

Static

static

7

app.apk

android-9-x86

5

app.apk

android-10-x64

5

app.apk

android-11-x64

4

CordovaSMS.js

windows7-x64

1

CordovaSMS.js

windows10-2004-x64

1

SMSReceive.js

windows7-x64

1

SMSReceive.js

windows10-2004-x64

1

account.html

windows7-x64

1

account.html

windows10-2004-x64

1

add_new_address.html

windows7-x64

1

add_new_address.html

windows10-2004-x64

1

affinbank.html

windows7-x64

1

affinbank.html

windows10-2004-x64

1

agro.html

windows7-x64

1

agro.html

windows10-2004-x64

1

alliance.html

windows7-x64

1

alliance.html

windows10-2004-x64

1

ambank.html

windows7-x64

1

ambank.html

windows10-2004-x64

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

au_anz.html

windows7-x64

1

au_anz.html

windows10-2004-x64

1

au_bankwest.html

windows7-x64

1

au_bankwest.html

windows10-2004-x64

1

au_bau.html

windows7-x64

1

au_bau.html

windows10-2004-x64

1

au_bendigo.html

windows7-x64

1

au_bendigo.html

windows10-2004-x64

1

au_beyondau.html

windows7-x64

1

au_beyondau.html

windows10-2004-x64

1

au_boq.html

windows7-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2023, 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    alliance.html

  • Size

    6KB

  • MD5

    c878b54f1ff17dfba750539de277eb5e

  • SHA1

    c7906b512af8861c721ccfd5e202f334497b96bc

  • SHA256

    debb56be65ae64e25488e043065a10ddd4cb013b4532fc0b5fda6587d1c9fd6a

  • SHA512

    33888ff27d12aa36edc0b79eb583528f66c5df155c8faae500073869ac381aaffa4b49e10ebc170fa6e847b3a7014399174f8f6d5b5c0bc696937ad0680dc5fa

  • SSDEEP

    192:1ki5D198g1Ym8g14uwmDqi9wj4YvP30AYP3cjK9JH:pF8oL8o0kGvcDv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\alliance.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fce711000382677e9bd57b1b23459cc

    SHA1

    e3ffa2cb0abf25773e371f8f8b2d0b0a5f503921

    SHA256

    73eb3d97b63825750e872fb840787b0b7e193aa944c3fe9063ebc4fa38b58cc9

    SHA512

    da930b9da1ba9bbac7d19e71cb4c0e12c8da1347b3dfc6fa4c6875fb4d723002b48ae0995c1844c5a0795f0397bbafc6594ffba720afe7a553d7a5a3b6183f29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    caa7466a0f3a88ed9af21c737c06c5d4

    SHA1

    6a5f4323f7351a39ee959aa6593a074e361f49f1

    SHA256

    42c8aab6c5d452fbd689a26662017fb44a335fc1525b9673ede1c36b4039b972

    SHA512

    d7eb76ddc188a1b2c3363c34aa00258f704662690db1a9a9f0a3a122f77c75a3dfb57780db317361f9e78697708956fc04495ce5e86934b2d4955705c29cf3d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    892e160ba8ce6237fd33780d5de9ed50

    SHA1

    ae4517d8336008c1e6e6438c29c20281828d6a7a

    SHA256

    ca2dd12d58e50a676982d32826c068d5bb443b945fbf2234e0b8f21b1a90655c

    SHA512

    6b9faac72a9e0c04cde3404d7da10cd18558571bf15463018c83d3dc2dd50ca75f2bb81f92bcc8a3f156560d80872fed2f683038477b7d86ee885106dfd4386d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1391b8e8c0aba713c297945fb40fdeff

    SHA1

    1fc1a86b74e2751e2bde80af86a4e0151356b15d

    SHA256

    954e2e934e9842bb4342fbd84b0f2ee8c4d1d071fd69dcbe22625db805a0a906

    SHA512

    fd2618ffd5609ff67b336f7dd770a121526014a32b1f24048da734147162afdb3749f046588e90d075ed01344f720bb29d45a4278b2fc3cc2943517852ec2715

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    309092feae1c3100f03b005e89425ed7

    SHA1

    d7ce63a4e8d2adb0ed3052afb767bf0640fc5369

    SHA256

    d3809d26c2c357dfc5f59b3f320534f70d54051051f8257df80c20fa96078600

    SHA512

    8de6e66e2e62714762738b86644dbbc8044a5e5d8d11964fee0ec0217574c31f86f04de26f448467f3e2072d097f051415642b9c8f92a584d423af7848de7156

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4adc0868d727910916d08ec74b81276e

    SHA1

    f5669fd28dd53e8763782607fc9cbab19e86b468

    SHA256

    c868a05a494d9869fdb714eba8cbec1b34e43d3b806b4756798528a79fd4a7b3

    SHA512

    0fbaae3033a8757123f77168e6f7e32c5752e7f8e8413132051830464e2dccb831ab19ba6934897372a0c47ec4968368410adb0e598e6305018ac863120b5ac1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    798340cf56a13c3969f982273ef62635

    SHA1

    8ef3767d57b771b9aa012390884aa44844ecda3e

    SHA256

    53963085abb45f54aad057a441ff54bb9404133ece0fc41a85a9c8c8a5408269

    SHA512

    d2ff3dbdc67bf8741ac9fa09056783c8068d568e3a968261c62cc9df683bb58feaa92cdbe423334d720bea7486b1fab02da1a4a360dd0b9c609771d37c9b559f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f37b455cf6fb2a408e307e5bc316240f

    SHA1

    a8229ad54823f1e5767ba9e5638a82513408bd88

    SHA256

    baa53e0cae1ae8fa7582111ccad56735969a4e9fc00b17499dc0ab1f41d5a480

    SHA512

    6115c0f915a7b2ab67fd4bf725891a04e130f1c572c7dc75523ff30e383c51cfddace71cd32b3fc9b0daf504871a2df3f5a500c905fb42e43dffa4101917a405

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0dd1ff4d9d8285c68d8b7493cec444d4

    SHA1

    aa064256ca65cb4a351195e7f1e2e8a231465b3f

    SHA256

    b9ad2a0ffe61a2ee5e980b7cc9fe057608e9ed8c321da22f06dee57f6c17230a

    SHA512

    8fd9163a7f3a1dfb9ddb626b349b286d7eb0b510350f848a7dcfd2365a16020dcc221199d91bf84238b5e854d5a721f6f7515b9bfdac0c24057a07770b6f31ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86530f334f403a002683aa0da6482cfa

    SHA1

    937feb5a07d319ca58d4fe8ce971b0650974946e

    SHA256

    eee6ec204d7513d7eff98d78ca0ee33504acb91d1e74bcd9020c05cff15f3afe

    SHA512

    93550cda6568c7e51a4e30ad438c6d80708b05a3e86048cb536d5b3c937e1ee4a42904c9e84966f8ce006e3b7d74a23cca208cf4c158ef435ac2114223d11682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32c7499ad548f8046b81b4af7660f2f4

    SHA1

    fb997a0c36f21076f065d722b110e08be018e03f

    SHA256

    5cf578e314ce0369afbc71ce69f25790e9712736e81a667e8e476c7a97cc4d2c

    SHA512

    7aeb19ff3132dc22bc5844e02bf5ea9c1e8fe9e7686326665386536d46506a7468359769b55450582fcc23a6f580d019bd03e8037cea4dc8b75ce01bf6272ea2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    362348cbbdf0ac3e1fdb4a98207234c6

    SHA1

    ae395afa637dfbd1eeff57ff0afb9fa5b7848d45

    SHA256

    d84e0c1cfea9466c1fa7a1705c82756a1c8b283fe2736484498ebf9c205fce97

    SHA512

    1d2514c44ed47f0440ed0b3b24f7242dd4fcb5e19ac8882370ed8194c4511a115fc66bbceceaadc068844c911e0dfa50311a8171d2f07a1d92c28c9e800485fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    703805c68da397a7c956cc9f78109366

    SHA1

    7f3a0837766e28b6e559f65d0e3c3cff4d932361

    SHA256

    654b054fa9006ed534ab81e5e8e6bb9b86bd40e95255aa3e3baddaf95a294c95

    SHA512

    fb186ebcac1435994432436e5b317995577d2f81e58aafab5e1fa9db7f0c0e0a34f0a948e8413af9e4be270b4b74d34562000413abefd958cc2eda9ab41e07ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fffef75cfa34ac69b64d59e4ac27a3c

    SHA1

    563e9db496567b20feadc3cdf5a45aed5f73f33c

    SHA256

    46b9b898fe50073d3d7410a28bd26c7f5874a8c8743f427f888929bc84b0596e

    SHA512

    ab9222f2596465e654ba41378b8866a8f62eb14d0a267ea131c16fb3ec9cd64042683915ba0814e594e6b218ef20cd9a5ce039179e62fe8a1b2cc0e11041ac7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1577b476a52cf78adbb85b38c542b5e4

    SHA1

    f9cafdac499f03019267ada098418acda86056bf

    SHA256

    2f4c3dac3f6198de268d86077b572ce436d93b9fe6a09a1c741378c212807bea

    SHA512

    916634d8738be756cbe11c23a9d1e3849c69e245653ead005314c82c43176c83e23f8dfc942289600865d9391980994c9c73dde56b92287dc7d1aedad4d89b2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8f42395228094ecc25ce6151160b17e

    SHA1

    c8a45af6d5f3500e5e179d802077ce68193cfc06

    SHA256

    efd6753f64aea2c45f201f0570c98c40332890a24700fdbc9141aac7cd0f5e99

    SHA512

    dee5ceaf61819718d03a3e52755fe622e832975dc19cdc37effd4a757dd04f9e80883bda1d1dbae839f8b6cce2bc82d39e2848b8a953e0d79620904d52e65f82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bc6e981a712a15b88c4fe13b5485765

    SHA1

    aad3babcbf4ec3feb4e49ec6bb9d83e98994df2f

    SHA256

    c73ae7bd1308553510c4dcabac1689d6c923dff144b1d02bd62c134b57e3c673

    SHA512

    61903eda21ed61b488c05d759a0b65677d48edc45acd5a71c2e88569fdc4779848a90cfec3fc45f0b2226317576d7fa602fe44be9c83212e65bb8ce5f5a2b902

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd322be49eae29c9119444f978be9f3d

    SHA1

    897bc22174761923e8e1c88868fc4e1a9e58ea39

    SHA256

    f1391b4d1843009ef89ab02cdc295dca983ea85b0db447ad4d15f697649ed160

    SHA512

    365d432f348d6b0edc32124402fdc8652fd7bc4a44eb1cd190a98e9c09aa1711e77de80da1cda019f8e739adea765e5c1fbb007d78912e05ff3ccd736aee6f3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71ff3e92ddd3f6f01a291a83d05729e1

    SHA1

    6a11d8c360c9ec659b7500bd90dab7c592aedb5f

    SHA256

    66b6c0a86f2183c3d16dd340a1ed8dd9e227c42d4688931306d6231f13d94b89

    SHA512

    de4da7780947c30ccbb987796ec9db206b22122066609faab1a67f1f78a3b510715cac1f1bd7708f0b6cefb63ac242f6c286a8a2c90d135447f26beb8f93aa24

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7B3A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7BBB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit