Overview

overview

7

Static

static

7

kinemaster...om.apk

android-9-x86

7

classroom.html

windows7-x64

1

classroom.html

windows10-2004-x64

1

libfrida-gadget.so

debian-9-armhf

1

Analysis

  • max time kernel
    138s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2023, 01:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    classroom.html

  • Size

    517B

  • MD5

    ff28760867f416f792f570022ac87974

  • SHA1

    01b2dd0349eb737ea3d43be36e0f610ddb7eb70a

  • SHA256

    cc055d1486aa3f323ee3a22ee16e343619b98e538b5cf7ff960bc53e0deb72e0

  • SHA512

    829f8cd106f8532cc7c5a477d68c9aeb440af3937ced4d82d49289fce786f64233dbff9d722f8d47d5b8eb0714e49832f53053041ec3e27345ff1ac345fcd0c3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\classroom.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c1acb976bee5b86e6f417c4310dde44

    SHA1

    5c220aad9d174dad4a8d57860b60fe27529cee14

    SHA256

    7c8bb16a6a84ba77587185c5960b71bee1525f217f54d0d4395c5ad4cbcd320f

    SHA512

    b92a8e0a6aa06c8719895bbd37bf480699176229a39cbcadf2b573cd6b8e17844c8474ce3dd07e7a7ce81b76e2e9672c71123cef0b82664448824410118f43f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e96d35abeba9f0a22396497a24fda398

    SHA1

    6d456b321bc9d8bd7869b774ad8ed73b45b0a6e8

    SHA256

    e940c037678e966cdcf7d50b8cad9973b90602436776adceeb9b8c28e03e3ab6

    SHA512

    f89ae4ba26e9288d636e4b4621ce2e40c091487620977216bd207bb5a6b8e621f3e544db4065a550a4aa8dd2fd5206bb352e45f4348926c66e41ea7166d045f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9aeea445b2658ab0b3c04891c09887d

    SHA1

    ae4ec2d370cff6a1024e3cc50486fbf5aca153fc

    SHA256

    7c77c11351c4e4a4e4d296680f3ab00b17f7a5cc3ff73686d0ca587daacd8164

    SHA512

    dd1480fff9f7efefb5fddb3cef05821d802792e82cf773e55f5420aa58ac939d49532d4d9fdb8a58b7f74246b3098020187d7c1c1d038703b9a8f2281930987f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f9d4e54d6d02e086c73cdb79b754ca1

    SHA1

    9cb28a60b0062f6cb6326b8d0242fa78184768b9

    SHA256

    00bf81133c6fc402bd99e29cc02261415ddccbb8751d34c2ffed6c81684ba4d3

    SHA512

    e7f1f39210911acaeb076e71a73a8f61cea216180f3b24bbfe01489e847740158e8c11b658d24cd83e393efcb0e77b3975b6c31f5997a43a48bb1ed42f61f541

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a66259bd4f678a4dcafd1ee93f1f3e9

    SHA1

    8528157e4064e66a78a9b024935fe3d7daaa2105

    SHA256

    b0e2fe9f5c303e2a92176e527dd854116cdc96242f973ca112ed5cbe082e72c6

    SHA512

    43ce55be754c556a5bb819072b3268d89224ff5d6f600be4d744e97b39ce216efce534832b9287b5a811270dc0dcae33e090495ca6521539b96bb7b58526bb27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4898193d4b096f79396507ecc4f0db5

    SHA1

    d595bd74179ed1fa29c8137662ce7df5e9ca300d

    SHA256

    4cafeff9e8a287e8f3679c35b91c783dee8a64c6e7eeab57a0d86e3a4b037abb

    SHA512

    2ac08c059d9f8339897164e4990efc6a6c4e61bbbf1b5885b409305845317524d34c7948337b836b052bfb248766d9412edeb546d36872263518db14ba7993fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3660951737b3797afa700f24a9b346cb

    SHA1

    c3ede11cb49203b0954b5c04af0802aa70a99826

    SHA256

    9f8dba1a2afa983d7f360756e4afcbfe5405f13234d8bbf9a4514c977c37d8aa

    SHA512

    4e43215bf60cd406f1255bb8f997e75dfe9b7684835b8c24d7c08441b64b20325ea939da72b415b21f0f6948058bd2103bf4f406113a8d51e11c40ff429fefb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    210c78c31eef168ff982cc6576aee9d5

    SHA1

    0f1ca8a9c6b52688f70e3e5cf3d1d6cf5b4d5b2f

    SHA256

    677fc246a1ddb288877ca218404b427bb9cf26262be524dd0ff15dcffe6e8045

    SHA512

    a765fa518c34abdb286fb845405dda84a8f2ac5767f68b0f1d76bfbecb9c0fd17ab8697adea19961b2c562a987374d09af5388d13097ae98fc1b6af599d8c245

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    229c57b56609465caf1a38ceba216ac0

    SHA1

    d2873b8a73db75a622232cd9a5a4094da7d48502

    SHA256

    78f82d494a1aef34baac7d546bf7688078caf2d129501469c44b69f53fc4fdb1

    SHA512

    601b0467cf598dc7c53259bdc5bfc9db90bfa62ce8cb368d32a5413df44cae374606f1730bf1042c4193789c60045194f1d92182702e5320c84d0698e1d2bfc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40a34b18ee6054a4106f17b348dadfb8

    SHA1

    0c52ad33b9c55cacd871d4fb554c143b02e26426

    SHA256

    576a3b80541f2f812367f742535f88516b29fa8c023290b81c2bb25294cdcd9b

    SHA512

    36f0b5414cceb3897041561a4b98785b1fc177b6c58dfb6c28f766bf43fcf42dbaf875c4338f32c8e221438e4ef178b3c17d40eb1f6f6eb814ae5c5f19762c56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    349e4c1aba0298d4c01871ae613713a9

    SHA1

    5abed92038870d3553e811da0d2e64e6d3bb1b11

    SHA256

    cb3bb81142b8c2cb96f6181f3f42b10812af8b3c8523fbae9137f3298a3ee3d2

    SHA512

    58cd90aa8bac3ecbd4aaf453193806caf4772277c9e5c1fc4a707dabba4bf4d4383bbea157f7df221c9c0f9968226b8f821936efee1e53ba2279ac1e076c3375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    872399d4e1973e0c580e4f5b3ede5a15

    SHA1

    0c350345a77e05fed06302e75dc6f9257431f06b

    SHA256

    7bd9034422df76f9f8900629bc0462bd53e4e0d0e06379531a5b3239b46fc232

    SHA512

    cac494d2632fe4105cf3de300e709d580e8a13f19946fcdaba4e2dfbe8c4047baf4ea3bb5864cda9b8bd55d379d659f798d0ba42c869e3f13682d63801cb7176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    427233c36c25cd569a8267b4e0e2517a

    SHA1

    86979c98a10fc41597b55b7e8caf35d795f4232e

    SHA256

    8deafd6ee12ace5a8add6a29e8b63284998a35d066111dcdf8413e11c5f4fee6

    SHA512

    78e144fe61fb7306ec2a5fc073a0ae07ab8293ecb83180760a474b99998c2d13882b3252afafd9f4b60800116f4539b238a3a8326812e40b44e0ad091fa4f2de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b7e615e9ca78030d4823fad6d83843b

    SHA1

    cbb12cf14539eaad0dd53444def75df4e1589ed7

    SHA256

    c659727281af5039d5d95f5205b3726119b23176360ee9b167baf6caa1d5b82c

    SHA512

    87605fe956c39399cdb2cb41bd934ffed0b9898c98372e18988efcde652b92a445049e0119b3426e1987dbc2abba1342c5092a5202cbf785b6b5a23a63c34d75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d7999e5a0fa73aec047a5bc6dcc3eed

    SHA1

    8da47c0a515985f6e8e91238fa6811acb6cce052

    SHA256

    08bfc25bfa76989ae13b22f300f9e2711ed7b0443baf38eab6faa5f1689ee73f

    SHA512

    e6d972ba9ede11bafca1753eccad83897bde2bb441633a034e86a34d6a781762d32919d419478d9cc28d0063e834a47723a734917c7e5c6d2d2708ab5de647fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f219b0ab0381c87bd8fec7a7ea683d4

    SHA1

    1b5f174db27f9ba7755f87f859f796893509b717

    SHA256

    b2128816a2b8f271aa3b2e22b930d5599b09b778a0e88555c0ef088f196f7a47

    SHA512

    2d429655f4cc847cd6ac7b82725c88c29c6c69d3df7f504f908fc7aad81887365b2d2b3cef2f893babee5b72bfa085d88891a3edb88bb6d819aa694c96433652

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a8b7afc4a301062781fb60b3f9ea8a9

    SHA1

    2fd42ed52de9461ebde648cf8da819591a79d734

    SHA256

    3dbd934dea13223a5ab5d0dd2b02e898b4afa6fdfc4a5352a7a204bdf547fd6b

    SHA512

    82b8248fb43570385b870d674f2370e869663b6f5e082d202a4a58a6508580b3cf04f0154d12672bc1b2b12acd346af2bff82f8cccc1c9c4f74306e83a2a7c96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abcd901397b6d55aae1f4765840da8bc

    SHA1

    d982a39fe67c06656a7be4320bda09e016abc022

    SHA256

    00c56a7338a1b329d1ab6ba8a6a305e3115388f322420cfa4a26f9c91e631f7d

    SHA512

    8a0225e7d6719085b171d62a582e5119861f52f4d4739797e19258636076cdd507afc275ad3d58983db0b4caa563426fbec83a8d7f4be66e5e0cce67e878f857

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9cc2cf41abc907d1c2a72d9e5bd4937

    SHA1

    5ebbb580838a31e390a8877e15d403c2f7928944

    SHA256

    d39f13c6aacbcd329a9233c1031ab32c78070cf65e49aed879eb1edbcb7c2f8d

    SHA512

    5f47a3b8ced4fb1c9b5c84f875e49075cf31c9d66ca2f827000dfd7d6f7f6f7d76813d6c837ac9c2e7ae6d387b3f58e4b19b3ba8c889234289b7777e2156cb78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b64fdb1ad94182fe7bc3b82b4064b79

    SHA1

    40804121e022d55af32c5e55defb531e6d8e9052

    SHA256

    39e155710aedb03e67cc182bef175916002830fc8a171e1254b60edc1ebc20dc

    SHA512

    ed10224bad3f723f4e76732a975a42a3abd7b2e80015abcb2021545eb991c53902269adb7556cd34ba3049873bb7a223725b7802b6bdaa68a6ac76a1acfc640b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYJJYCDH\cb=gapi[1].js
    Filesize

    63KB

    MD5

    cdb36a850d26fccb00efbfed7d979ce1

    SHA1

    9c55aa9dea8adadf4492720a10a9dd247850b021

    SHA256

    d127dd2279301f5a78a378d3c716874f4d1c87fb320715231fcfb48619479e04

    SHA512

    b96f7ebf855d7a1eb2a88c06ed76afa8eabbecb3ee59fdd5ab001d4382b0efb00e6056717fc88813f4162760e6ade549865f996cc5e3b1fc24c3c1dd6a07c740

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OE1L9TUT\478691279-postmessagerelay[1].js
    Filesize

    12KB

    MD5

    92169c8a0fbf6e404267d0705cdbdf42

    SHA1

    a5cd88b74ca5ced239cdbfb458fe25540d671f46

    SHA256

    dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

    SHA512

    8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3NPL6GJ\rpc_shindig_random[1].js
    Filesize

    17KB

    MD5

    156bf4f08d76591f5d6d5805cab18b75

    SHA1

    fbdaf1e18e5dbfe807cbe745f4ef1c20549578a4

    SHA256

    d654ba61eb4a272d76a9584f27d09926c1e43014913d867f2bc01c1427176de5

    SHA512

    202bd47a3321b11be69cd6230d0adffb5aa81c8aebb240da42790ea66dc93e06c37e3ffe5db95c007bd774081ef0c79d4f81a692d41ebb8e4ab6e5010313149e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC19B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC1AE.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit