Overview

overview

3

Static

static

1

com.samsun...om.apk

android-9-x86

1

_clapping.gif

windows7-x64

1

_clapping.gif

windows10-2004-x64

1

_thanks.gif

windows7-x64

1

_thanks.gif

windows10-2004-x64

1

_thumbs-up.gif

windows7-x64

1

_thumbs-up.gif

windows10-2004-x64

1

baseline.prof

windows7-x64

3

baseline.prof

windows10-2004-x64

3

baseline.profm

windows7-x64

3

baseline.profm

windows10-2004-x64

3

cameraassistant.png

windows7-x64

3

cameraassistant.png

windows10-2004-x64

3

clockface.png

windows7-x64

3

clockface.png

windows10-2004-x64

3

dropship.png

windows7-x64

3

dropship.png

windows10-2004-x64

3

edgelighting.png

windows7-x64

3

edgelighting.png

windows10-2004-x64

3

edgetouch.png

windows7-x64

3

edgetouch.png

windows10-2004-x64

3

goodlock.png

windows7-x64

3

goodlock.png

windows10-2004-x64

3

gts.png

windows7-x64

3

gts.png

windows10-2004-x64

3

homeup.png

windows7-x64

3

homeup.png

windows10-2004-x64

3

keyscafe.png

windows7-x64

3

keyscafe.png

windows10-2004-x64

3

lifeup_en.json

windows7-x64

3

lifeup_en.json

windows10-2004-x64

3

lifeup_ko.json

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2023 22:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    _clapping.gif

  • Size

    9KB

  • MD5

    ca6d50731c8835d220459482388fa2ef

  • SHA1

    b3b7dc54af8ce607fe7cefb6ef389964faea6a94

  • SHA256

    980d3e8700309843580d50a485a8ca0f7e9380361b9595b3db9438bd5f0ab6bb

  • SHA512

    7fe783ae7b02999875edb4755b635c339810769843fc4e668b58dd1d563f9d41621d4c4b6567fd96a154aac2e8e9c445bb2d38cb7255b5ecf5245c3977248ac2

  • SSDEEP

    192:ASsahqWGsaL9PJYTWffEsDBTAzs4MVrWg8/YtmtuGnenx8:ASsahq4aL9iKksDBkzsLrWfGG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\_clapping.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e2364bf7248de65fc1cc755d9ca101a

    SHA1

    e42edc232b775bc47553956a00cdab6ff7917a8c

    SHA256

    6b94d29fc4f82f9edcd97891ad0f98cd551d6e961bcdedf605f90b3fe8bb957e

    SHA512

    c6b611e9afe598b8111d5707dd9d4385666da123914b225dc533337fb39d208fd1b69ab4cd024dbbc8ae1a4c342e3ad1b02d245f6fdcceac7e1a9760b505e0ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9491d599e34568592df72c1f9135700

    SHA1

    1513bc9e981759568b745fb6c7f20797f32d46e8

    SHA256

    cd5aef292ec1d0d2ddf5b307e8c08c006c1dac9d79d85431ec409f21c51d61f2

    SHA512

    ae30b57beb985f597b0d4c8f37cbf38fc780c269f383830dd77a77bf42392c78c1f4ac06217739138b35fb516a27911e45534060e91e25dc25e88971578ca2f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a90c5cf03d1eb039538d5580203414a

    SHA1

    09aa004d5023fb5e96ed7487492189ef418681c7

    SHA256

    be58257abcb15bf4048f700ad4a685cdb3e16b2ba2274a7f880db09ecb6c2d1c

    SHA512

    7ee42a74654119ff502d167de5c29692a20e60f11f4358c4fc8be5d5d2b1c971a956de5007d270d0248b4d6b4c0f70014a21b07715a05101417cca9343153428

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb08b587863e267ff442d1015cc744f1

    SHA1

    fa1296139243937dc78ba3b5d6a4304bb01d5e34

    SHA256

    466093e624d408de0b4f5b2fd82b0a1a5099ba9fbb5e10f52a225444aef62e1a

    SHA512

    1b76fab54806720f92ef39af2aa8ea05469abc90fca1f6188290516ce6fe48ff7c894411d972d8a4b45506c6c162911f1b21cd4852cead0d745397623cbe40ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c90e9ed229374bc6c9345c7078b25a0c

    SHA1

    0736af51e4e9dccb06d5400c00303168c4c64164

    SHA256

    99bd0e840d03eb92257de54dceb8151b7d924b0d2c109a72d8147c90e6c42cbf

    SHA512

    ef9014c6622a2b5751c66b6fc3de1d084375e30d4fb26e8d859552e2b15bb808104494196691374022af08243c34822120cdf4d70fa9408118e1a142d2b07091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    869f5690a52422609b408f2e4e005c06

    SHA1

    6bca83c72a5767e2d29f5d31f9cae4921ba2f6f9

    SHA256

    0f4226cd4cd2b6cdf791d619bd19200423b8bf7f47fddd62bac25877e4f4e88b

    SHA512

    4b4dbd487495b1010fb6e553c831c20eb1e5b2785d1bae27012afb59a971eb5c64c3a7ead0d43c720a35a77a07fd7b14f6767254e2039448373d2b19033af975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f283ee8f259c9a8814d1bdc64a9522ee

    SHA1

    d6b55905e723c24b3b315aafa1e143edcedc53d8

    SHA256

    f7e5c40258b1c80daf565463a36fecbe798d8400bc5b8258d23e63f1ae338de1

    SHA512

    5938db3baee1a6cd9230f565b32dd4b7ea222c39226e6dffc3f0d3a16a461ebf16f0dec4700a626a923998a0b7145613ce24b6786a1e6d25324403eb4241be6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    196c7fde0838862aea088d48b13f8c84

    SHA1

    4f092a6f1fcb036758f1e2719e93277a5ad2b1e4

    SHA256

    a1d8cdabcb7642f0f36d4096ed9a9690bf9f8951ee0f42968a5358c142f1882a

    SHA512

    29103cf39530ace2c044043c4d3f1ebdc6437a8b515bae8852ba73b66bd11113e70ac2db88567cff9daffa8fccf10815f43a51c88d5df29e936dabfead3ce135

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89d624680f10cc4b4b5ff92657ab95bd

    SHA1

    79c97248caa55d836aec862183200e73d22f8feb

    SHA256

    213d207d1919a766b5bd4004b70fed304470dd83e578fc75f760bbd113b6db2e

    SHA512

    6dff4db8b00c0220d86077f47c2a50b42a2a368161b6d8fe1922f3520789097e847363c4161658f2f54e4b5a77ab546d88dcd1f20cd813d3a96482aa56e4a33f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    123000d8c910f85dff7368d6fb2f7264

    SHA1

    be54cd53cd620c2b6edd24ce38289f9028f9613b

    SHA256

    1f5b44b02ccbcb8454afc61d55aaff802464c299775d1e06f579cd033ab77f08

    SHA512

    e637bf53e6a7c2118266f4a6ad4cbae614632f8593d5d1da205025524472aff7f940602f0ad387089a7f0eea31de083b58d16a67a15257008ef5028f7e4ae4fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0cd07a2fe1ec4a936265f16e4b8877a

    SHA1

    145adbaa327652401bd4283a21527a48e2261ebf

    SHA256

    f11ae7a6eb6650e6a56528fa12e886af24d8b2bc684e44fe15f686c43b85f100

    SHA512

    9c3aa3a960becf026a3b8ca9f28ea4a67dcc41384c0f271759228414dd682175d614ded9a027eace590fc36928df189b4ba852052e2d8b52ddd677c7aaf50f16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2eb86d366c79394b1c6597f2735b528

    SHA1

    d380b71754f1eb0f28261b411bc72ad3c301467e

    SHA256

    cce2598e06804f543ee67c57c225741453ec3385a4866d35d18b9904abbfc282

    SHA512

    7781e992b7c92be96794e151ff717efefd4fa1d22c8258601f7c054b7275069835c3e5a46b63d03d64b79486de33f6a4c4033933c189aaa19742ce8e3bde7074

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02594ed2f07d54b35dd8a2d3079f09c3

    SHA1

    1d199752079357e4a26861b20d3273dbbfe8da07

    SHA256

    741bcde9ce669b89888c724c5dcb473335cbc44aa29ffc1a90e42dea2e18ae84

    SHA512

    eb8500585798741be1a23549ba17eb24062d50e79d4e125ffd392cc8926086008b41f88391133c8e15a06fee40a330fff2afe6d8a071988b11abc7d502f4447b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    201dfe75518ee3e74905ed746efc7036

    SHA1

    6b83f612d540c814d3d1539cdf639502bff4f43d

    SHA256

    e91bc5c42b902c97f833a8884c96d1f0a970132c961b37b67900b860ca0ad029

    SHA512

    9df57a78bc2c5a785b9730ab4df7b8bcacef4d710e0c83db706aa4651f84b87ce5510de7b97a1bd33623473c706393bb1eec8036236c2c5c100b10a163b70f94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aab1e8c5dd1fc00399406f9704ee2f89

    SHA1

    34e47333c741c6e6eac935c1a28cbe5a7048d53f

    SHA256

    044b064b641f6a4b5d4aeb6f586d3a1a38dc7fcac195d4355def52e9e5bd7c32

    SHA512

    0444adaa3b968363c464a1802bc1547784267351f53ceb7fe1389316e2079bdc2bdbc05feea92bf98dba8a479cf81549c303882890fc1b0fdef702e96c2b409b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35e91f2fa961f8ad95d1a1cefa96e5fd

    SHA1

    8044e6dda467daebd6089b5afe67dea013a88ee3

    SHA256

    53b6d3dbcbfa9f6aae84fecafdacd5bc71ddcef9a874918e64209aa2fb1ed728

    SHA512

    92f36998a3bf04d9d2dd2bda3e11a5e9ed5541de2e050a571ec5a1775ac31310623a7860abb179f70ab65b28d111a110cb90429180c98461db9659de9beab2fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c862d8d8894b25c5c611cd23196fd9b

    SHA1

    3e93681e59aa4d1fc466bfb44cc9bdc04e07b0f4

    SHA256

    a8e1a0fed0377e491e187cc8f4bb6e03695ce2b8d2af3895d4938f05673b61de

    SHA512

    d5e2aeb42c12750f759d4c2549a6a4e3f15a8dc27c5c7408aad39c60568e068066b689f54b48375e788e776c792237e4c262d87121aee2cfcc780d09eb83c898

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    352e6d13ede5197da6def2a25a19d138

    SHA1

    0466d5f09045bfb35383db77d4b6f086142ba4b6

    SHA256

    75837d3c21318768d90d230a86c5e2f627fd898d6b14dcc144eac8e5739c3e55

    SHA512

    28f4e5d634e57125855095d53f11897a348838e3b210f90225a0fc74219b89cf803c760107e2442d48386a1e00281eb2a412050efc94820727f63830899c4819

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcf43bf156e48af641b8f343b84ef61c

    SHA1

    b8752b0a0dd6fbc23dda2282bd1568574b54d9f3

    SHA256

    52fd754af2da8f7052263346b86c0b371d868155f21a1db9214f4762e758c377

    SHA512

    d2859895ac05f2f1cab3ed4bc33b0d4cd1f05232bb533c872b282a8f80ba75f5413157101d11c048606a4257870bfeaadb20ff75635299ccc4b6453c3e038e24

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5B6C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5C2A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit