Overview

overview

10

Static

static

7

7142344ff1...b0.apk

android-9-x86

10

7142344ff1...b0.apk

android-10-x64

10

7142344ff1...b0.apk

android-11-x64

10

aps-mraid.js

windows7-x64

1

aps-mraid.js

windows10-2004-x64

1

calendar1.html

windows7-x64

1

calendar1.html

windows10-2004-x64

1

circle1.html

windows7-x64

1

circle1.html

windows10-2004-x64

1

dtb-m.js

windows7-x64

1

dtb-m.js

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

libc763d2.so

ubuntu-18.04-amd64

libc763d2.so

debian-9-armhf

libc763d2.so

debian-9-mips

libc763d2.so

debian-9-mipsel

Analysis

  • max time kernel
    135s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    calendar1.html

  • Size

    605B

  • MD5

    0b2becfce83dbcd774148db25c25e0c9

  • SHA1

    35ae6b30163ac494e4bc55bf638d42e42389c9da

  • SHA256

    4cbd0bb1ef23270a42844d84f91d7be6df5fd47bdbb09a82145cedb968418f36

  • SHA512

    3d87493a8b778139d0c559b1961309f3a62505b81dd52fa473eb59db607261ade291a99b25d724a22649b82d02e7849aa78ccff5b58d04053677ba739f596939

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\calendar1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cd108e36760cc4b25f22dc84acbc8bd

    SHA1

    e3effa7b976b1e728c39f6a15586320613a62960

    SHA256

    cb63db3c52c66cde0055c9e8e7ff2589fd313aa7624f9a0a558d44d1d644c592

    SHA512

    ad3a0ddca6a75aaf6fa53195721a3762072132f3af57cc8294451f9628e7b9cfe3d1a5ade35d551880da45532106e2b1cdd70ef6b39ca7153520f791d021afbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b55cbbe6304e9114cb01a238d00ef798

    SHA1

    148bca63acd46d901475d94d20398f2a98bd4d41

    SHA256

    457fa86f966185564d3fe106f662599abb7a8fb5b04543c9558d25617d0923da

    SHA512

    5a1d96f98dcb1afd53f0d48000a717511b0b32737674b7642adf228d66f11d9165bfc3edfef6ac4065495a5318b94bc1c9a0cff792d569eb830423237961cd84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    453c94825b9509b39a1a9012e42cd1a1

    SHA1

    4b2bd2b0b79dbe4613ebe3d0184181b915d24c9e

    SHA256

    4680fd7d4876a4070979d7e7d594789845560a940a7eea830999e6e4960ed783

    SHA512

    1027c74f03b844b68fbb98d727bc3dff56333416960b87982667c6419aa31da16f92dc2e544a69294260e5bbc88b70f8657780f52c3eed7f358ea979a648fa5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc3c3bd58f82121de52410e87076d843

    SHA1

    e3f1a7efe4e73a332548ca419321dbf58dac12da

    SHA256

    14c86fde2fff552bbc3f7336434db1911f211a4e8aca619217da4856d6e87096

    SHA512

    e0d6fda11ee493524dcd08a69f22c4a9c1d09797e44868286461e2c97588649c68accfb7b9bfec2289f11bf18cb566c3e2e83c0d74f785157b333310619c643f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ed44fdfd737af0786e42a25230d4526

    SHA1

    e55c6fd35e4d5caa3ea2d4544a9d82164c5260c7

    SHA256

    6271bb348161d2044e27772fbac055ca33b25b3f0b6bdd12e1d9089ab879fb10

    SHA512

    dac3380389220c00df495dd0b8dadd71d60ce99aa094de88e4eec864b220fecfaed960b961c0052237c016036e98c628557da0a6d9d0adb00f261dbcd79dbfa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb144b94fbe97ba306ab4ed051f0001b

    SHA1

    f6e6e90a6c017dfe7066fd0f564927c3c5930a16

    SHA256

    8c871cc69ba526f5b90ad595a4ea8fcec6369268e517a8ebf00238d62244bd47

    SHA512

    b14dc76271ce08d09b2674ca508d4ec275eaaa4c02b8a7e63b2608a2aca0a25b4d65b606d25ccfb3c5fa84a6601de643b603542065680fc90ad076246957d240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6add199d01947d11379503361c58b45

    SHA1

    4a6472bfa9a0503a19c91ddcd6b3a0d11fe5fee0

    SHA256

    2eb72945d34d84d6bbd443128c76aa96e5d631d6708e0e7a71ac75df2e4fd16c

    SHA512

    29cc85bcca5a942805837dd667797d81001bbc11488323de0a5e215dc06b775165774cb2eca6cb5f6eb62e75cb228a7331195a534013f6a26a0ae99c72dddc27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2df88809a6009f66606ff5e9ac0ab11a

    SHA1

    4d389a3ae8bcb6438aa3d9fe17dfd60476a8e2c0

    SHA256

    73ef14ea2b03c59da3fee9164500221eb899e7ca9d1cf9b76346d7f0e61fe2db

    SHA512

    ecd16327ec6405d13ce6611b0a438e009193fa119dae1e6893be0e286c315d829adf60a733cf894658be2d3a049001808746018311904048aae6d0c2bac74a6b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF7E7.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF8D6.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit