Overview

overview

7

Static

static

7

app.apk

android-9-x86

5

app.apk

android-10-x64

5

app.apk

android-11-x64

4

CordovaSMS.js

windows7-x64

1

CordovaSMS.js

windows10-2004-x64

1

SMSReceive.js

windows7-x64

1

SMSReceive.js

windows10-2004-x64

1

account.html

windows7-x64

1

account.html

windows10-2004-x64

1

add_new_address.html

windows7-x64

1

add_new_address.html

windows10-2004-x64

1

affinbank.html

windows7-x64

1

affinbank.html

windows10-2004-x64

1

agro.html

windows7-x64

1

agro.html

windows10-2004-x64

1

alliance.html

windows7-x64

1

alliance.html

windows10-2004-x64

1

ambank.html

windows7-x64

1

ambank.html

windows10-2004-x64

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

au_anz.html

windows7-x64

1

au_anz.html

windows10-2004-x64

1

au_bankwest.html

windows7-x64

1

au_bankwest.html

windows10-2004-x64

1

au_bau.html

windows7-x64

1

au_bau.html

windows10-2004-x64

1

au_bendigo.html

windows7-x64

1

au_bendigo.html

windows10-2004-x64

1

au_beyondau.html

windows7-x64

1

au_beyondau.html

windows10-2004-x64

1

au_boq.html

windows7-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    165s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    01-11-2023 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    au_anz.html

  • Size

    4KB

  • MD5

    48780dc7c6df8bbe1d89672442199f5b

  • SHA1

    c8e70e7b4f2ee51b5bd35e91866e05773d4c0c72

  • SHA256

    fa820095102b5fd816041b9d86c8fb113f0071989cfbb7837d4fd8fd817f041a

  • SHA512

    5f9de92321669dd88e7dcb74cddb04727d17c8181ed47b14425ea594c19984205a9783c71f010e644bf6c627913ce975c34ca42723c473c471e3fb94e74d49bd

  • SSDEEP

    96:gT2791fAJ4GW7NXCVBpFpCB8PRtFS+FRF79FFm+99JH:iMW4zXCbBCBsZ9r9JH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\au_anz.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d155c9ab8ebdd930ab09e83f1cbe18b

    SHA1

    4ef0ee002a08b7e437f48cd89e274d205be18647

    SHA256

    22b5f9cd44ba933ca5acc37a9ee2c877ce24d23e17bede7b8ef799b0ff109711

    SHA512

    db497993fb7398610c61dae181c94956889e018af02632a35a1c464242ecfa814f248c0202a5cc2549211c3590bfb1985b76ac31cbbd1d428a97e5c7bc85f133

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9dc591a88687a964713ec0daedcc396c

    SHA1

    8901de5f97147f52860a0fb97d5df8889cb20443

    SHA256

    cadb78d0ba1f78601276a7b8ab0d5e93c43d3ac9a69be35b8718cc3000bf67fc

    SHA512

    8e8ee6b7047328807bae19b8626ad1d3c3b610db61b2567ff6b67639abe373d082dc957338d702401917d533ddb67986d1a8db9a76d2762e0818410f99aa9a2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    362dd27d298d86d0404dcd062cf7b592

    SHA1

    755f343ebb1dc2ba7182830afc587be5a7041fff

    SHA256

    d81dc9fbf37a83f9e6b38681507b7a0502f219b0c9c314b9fc9461c1e207a072

    SHA512

    61007db90daf07f4368255af8f2ceed013e434e2a35cf6428873f5024714ae6f7bfa1c94ed03a4207f5638775085f5f6d6333a2f61769ae75abad39367272df9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73f5e7ecb4c06d57d0a65050934cb68a

    SHA1

    d2a791d8e0cf2fbcf2337b9828d69fab2ea123cf

    SHA256

    88f921e027f08f8ecf5c108f3182d8e123a15c2ac0a2435c97cc9bddde5b8f80

    SHA512

    e7b0f117134d45223e827ce63066b1d4a507ac1ecb7f66fc6ed3182ea254d6efe87c5491a22f4af3e8deb970c921699967af8acb193cfa4c95301462c96a59f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5c768fbb56a8a3d9fdb0c1e5e4bc094

    SHA1

    264ecf96bb9cba2231b99623e8571ca3d16ae161

    SHA256

    792f48063b82e70b060de4d0f6e26bad6af71a285e87d4363b7eb6e198e18fcc

    SHA512

    79799eba1fc64b67223d91053b0822d89a6c746a8b6bf563e80fec607f974b3887afd30770ca62b9bd0d896c3cfa3f7a513e53fc3ce117f422ed67d25fdf7420

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5a3e9c9b1bcff7f430f04161023f99f

    SHA1

    f4edade822917d67e206fecea27765d3a13f785a

    SHA256

    215dff068e07b0077a2dee9362f6027fbbea0677f9c5a705850620086b946769

    SHA512

    a043eed865e3db70d467d7c42322acf11cc2639dc5e51487d089ef047787f5ba13ef027183552187c9a9f889d26b849405e27156264a9354be8278c92908230c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d04b517881deb4067249111c4535015c

    SHA1

    15d6024600187d1724bcc98ca6c537c148d7a8d7

    SHA256

    a09223ba23c54cb0f805f5cef9bc9d51dd8fc0eca04926a932f7a9e6d62d661d

    SHA512

    de74a621c957a41ec59af5aa4512494fa00198f057a9542d21ade383618946be04b35b21d59eb4aac5a53f51bc2373436fb84b838ca755b8318dc54f352f8ad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9108b0c5a2e5233dc425d05b149bb2f8

    SHA1

    b1eed962c3084e6c7c7b36d4bbe02c5be5abff4f

    SHA256

    be63010a19370d80f661bf3cb81707bc454b618b798103134fea135ecc5bee73

    SHA512

    8f19c1045640e057f669d694521c0851020d8e5dca967c0d64bc1534a48d942dedf8db091883d77cdaf5f4e4f9c2b01f87ec5449212cc7967286fafd219953a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b72b17605f60cd75fd4f584a2363b1fc

    SHA1

    3f57970943dcbdd720ee1e3ae1af982703d61859

    SHA256

    75822edc37a3bd124510a4de421654c1257a4ae0863ccdd64aa56b40ca438a30

    SHA512

    3123a1b125f2d1e42a294acc27854288d50f9954f8de39ac348b2ade2c073e218638b0e2ee921a70211f00a83d8cc369de456a344db9e857a3d92b4b908f00f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    304a76806df6cfeb6b2a45eb8b3eb9c2

    SHA1

    7901e3bf3893cbab364c94d87a74b090199c3ec0

    SHA256

    dcdea4d7f1a1010f0129e34764fbe73308650ae84818fa8fcfd128172d9bfccb

    SHA512

    402c7a855e561e1b81e2a3c72e59426924fdf1542628da8d754dbc24c1af6bedcba148b3283eb427a65c28163cea4704a8a0d8f05c458baca4031c4179259060

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c01d85955169ce609c6f1d38a27d557

    SHA1

    25e2aee2ac1d2f872ce6e9df8729645c9017ac6e

    SHA256

    b3cfc0f70eef6d6ee0232d4922b499ea1eb1b25f1d7b83a9c16c3921ed5bd9b8

    SHA512

    f465278bf2c1f10bc697c39178d431bea78243ebb17d51190eafc5c52bd238dbc2bd792131bb1d056d446ce0d185591402ef56feac05131128c2191028c9f09e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db739e37da0a487bb41be8e530e50378

    SHA1

    04b90e87e0532e16ea28d1633f06c06d025fccd4

    SHA256

    cbe722ce2096615fa695c06ad1be629676b888ca6697171764d4777c6890f9a0

    SHA512

    39176645970be47bdbe2560be9b0331d9d3836cf757c29c347962df2f60b54598ecde95d5594754af2efee4862ba039ff5b8b98aa178bf0758b8d6ab8f8f7e7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF45F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2F31.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit