Overview

overview

7

Static

static

7

app.apk

android-9-x86

5

app.apk

android-10-x64

5

app.apk

android-11-x64

4

CordovaSMS.js

windows7-x64

1

CordovaSMS.js

windows10-2004-x64

1

SMSReceive.js

windows7-x64

1

SMSReceive.js

windows10-2004-x64

1

account.html

windows7-x64

1

account.html

windows10-2004-x64

1

add_new_address.html

windows7-x64

1

add_new_address.html

windows10-2004-x64

1

affinbank.html

windows7-x64

1

affinbank.html

windows10-2004-x64

1

agro.html

windows7-x64

1

agro.html

windows10-2004-x64

1

alliance.html

windows7-x64

1

alliance.html

windows10-2004-x64

1

ambank.html

windows7-x64

1

ambank.html

windows10-2004-x64

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

au_anz.html

windows7-x64

1

au_anz.html

windows10-2004-x64

1

au_bankwest.html

windows7-x64

1

au_bankwest.html

windows10-2004-x64

1

au_bau.html

windows7-x64

1

au_bau.html

windows10-2004-x64

1

au_bendigo.html

windows7-x64

1

au_bendigo.html

windows10-2004-x64

1

au_beyondau.html

windows7-x64

1

au_beyondau.html

windows10-2004-x64

1

au_boq.html

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    01-11-2023 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    au_bendigo.html

  • Size

    4KB

  • MD5

    e152cf0e9e7c28f057cf7b560dd4a4f9

  • SHA1

    2853946a7ada3ff25e22148e32cf95378cceb366

  • SHA256

    1da23e5cc04c87b08aa7516287948fae111ecd89795bba930f4a9a2f1e633484

  • SHA512

    22ae0c406ba295a7a8a7358a3d918a5b25b388c32d81213963525877fbe42348de4b14bb9de2ee5c00642f6aa73b7bf03a62178dfbc0f3245397a6e87fd9b857

  • SSDEEP

    96:DMBvu9Bwb4glCgApFpq8PRtF0UTRF79FF4q89JH:DU2gsrBqsL9O9JH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\au_bendigo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2348
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e1c272667b510fee1e3fcd32896c37d

    SHA1

    20354338c9b624bce6806b57a20a40ff4f64d6fd

    SHA256

    6d70f259ec93635fa2577171e8ba0cdf5e906ad933e3d5610de0afe7e1979ecf

    SHA512

    cd92175bbf79bb62622b9786876fce55042aa4262d0a07fd6e22e427c3f3da9a01f23c602aa435fd27219e2825478d5aed17be36de3afd7cb7cea6b554bd2dde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ae62dcda4ca7a8913d49de6aa519550

    SHA1

    a69132f6fb547e000ff7af90a93af69b11433ff6

    SHA256

    b1dc00edc23f1645d78f42b736f783e15b16281c9c9fd9a1c4560335d6c66b18

    SHA512

    150eb40c6784ca4faae727734c3cdc3508afb7123ee5b555c8c9375c1e392e15331f6b70ddb239386b132a9ca8ef30c8f36af0a1e3f499057e2845c420b73b45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a630c764836438d8db591bb2d9515710

    SHA1

    89dce68e87493c17f8cdb9519b672088d27b0dff

    SHA256

    b639e71bd1fc6a310b91b9a5c09f34640ad5811106af524b82223bc87e3967d9

    SHA512

    30ff0a32f658f6a3e6840a8528b44a03f7c799045264bff54cf10c347b040c9c43c8ed5c1b90c1255c05b48defd2e5492092b3ed0df08e1fc47495b06118df56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92c6c3723e6abfe95ae9b7d24059d412

    SHA1

    ed472cb220703692b0c879890e9537e26df9dc4f

    SHA256

    dda37112bcc5d4a0f8faf0216b23a56ecf28c4074287cc4baa985cfa4770b993

    SHA512

    375a003ef59dd7b340bda494f5d2aaeeab65d6f561686fee3ec66173dda186d1aebf89eeb00d61a221d58bf122e92c2a261581c18b3d88284bd74e2ac094d62c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b86554ae91d11a8c174ef2eb49b58167

    SHA1

    9cce66287059d660c420b9d08fbeed350bd88c6d

    SHA256

    24d04288b5ea834f3ea7b9d9aabef82fe4db49850b953a4f115d5886903304af

    SHA512

    f65d1171237cc3882d8886e70027676834e97838025f6b74799dcacb9078526f0672f774cff78d925518d1871be39c6935510a0b4978805c4dc1b904531bc897

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4461271a9d1e0d19338f5797e779e41e

    SHA1

    88156f0d1c42549546ddace4af782262ebf35094

    SHA256

    89ad685c42feab701b7895093e332d43ad6cc4b44bbc98ad6a45b37b09ecc824

    SHA512

    eedc3fd8bd7503db6d56c8394311bd8737a3b43d273e0ddc299da63592b96004e2520f44d8df372a0df1edb07ee321042bb3b342e66d8694f18902d381b94388

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8df77c3f12f42ecf3ed4e2e53814717c

    SHA1

    1be48ad71935db5373caac03e68590f7ce382e0c

    SHA256

    df97cf288f0569fbd603912cca3edde832236d875920867e6d727e5e1f5bb3fc

    SHA512

    98f7901ff993d09fc4890ad43fe207b99a5b7379f0dfa8d2319c9b36007d9cbbe3407f2028362a6a2943d9bc735559b8e6304d2cea2035b3a3f48e772248d9cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d1dbdf53f37582a8cac4b0f59dc2db6

    SHA1

    2bc514c7a29bdbd7d143173e82b3fcb020d01248

    SHA256

    2e71a6fc949c5eb6da080abe0bc5a1e8f5552e6e8f5514ecc45e51c59efd7889

    SHA512

    3c48d925bfbb1165bf3659ef913b3112178562a4c33704db4fedff5f44e05145106e2cc241d9342a065d8c0eb3465d6d6f0391d49b20b8417bf1ff05e68febda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    849d0f6c8b2833c5d8364f690fee7465

    SHA1

    eb768acfee0d9008497658198d160a88172ccbc5

    SHA256

    af2f658292c4fc22c4ef1d9f094c4fc1862c9a86c0c454aed5a6e12e876d467c

    SHA512

    ebaa5858979478d71b571afdc20426182861f7112245ada2f43ac7b4d1b096104ab5c1ec7a3724938d6675ce4c02fc5106e73becb19d8a5b7e2b9eee37f5091f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8f0e776090b8e0f7f85064e665e4c3b

    SHA1

    ae8ada8831b2f835d78a24cc88c8ead8d7d84563

    SHA256

    8e3db9cc0e8e111beaa49e4c8ae3d2b02cabaf38ea1db156a8fc0c9e43ebbf6a

    SHA512

    c35ad3fbdf332082f514bea9de814137ddb89765a3d267d634c50176ada0e15154ea85355ef559e87806792396fd3da319f7cc6252e47a468e23d6002690ec87

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD8A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar10F8.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit