Overview

overview

10

Static

static

7

65f88e03c9...cb.apk

android-9-x86

10

65f88e03c9...cb.apk

android-10-x64

10

65f88e03c9...cb.apk

android-11-x64

10

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

CheatSheet...n.html

windows7-x64

1

CheatSheet...n.html

windows10-2004-x64

1

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

chartjs-pl...min.js

windows7-x64

1

chartjs-pl...min.js

windows10-2004-x64

1

hammerjs.js

windows7-x64

1

hammerjs.js

windows10-2004-x64

1

jquery-3.4.1.min.js

windows7-x64

1

jquery-3.4.1.min.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CheatSheet-Algebra_zs.html

  • Size

    55KB

  • MD5

    2c5cccb517b741613ad2c1f7a1cdfd85

  • SHA1

    d395a1fcf335361ceffffc6804af5bc8ec6a7cce

  • SHA256

    f7e09bba5c901b4c216d77fa99ff7b79e970a0578ae32be9ee67c3daf880d59c

  • SHA512

    83dad758cf7fbadd1aa2450353c57aafd9ec3e94144c3a9848156a5b9ae37c95b5d48e86fa17b666588f1871af6a203e8ba3abbabf77e10f16836d65e65d8ee8

  • SSDEEP

    768:omnahvTUXSAYQ/zrwdR6Aml9LOOJFP+VH0G8SY0ANEn3:z27U8JuFP+VnlYTNO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CheatSheet-Algebra_zs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    466a50ecec78a40f2a0e863656b1f21f

    SHA1

    5cf7033718a5e1b690eecdd3e47b07f8b40f6338

    SHA256

    d864df21f960550337cd9ab9e1fc02f0be873a897e259509532198f24904c730

    SHA512

    93d5ad29d1ec1cd2215d8ce49f3a49297ce48f8f4c37d7031b7dcea96cac71998509e375f68d560939f39dcb631f922afa8493f711b628b201071d55fcc0cd43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a9b463944648cd5b102f6fa84bb3667

    SHA1

    7e78394d6c9f471aa2826af7c51954ae4c5f718f

    SHA256

    48625594cf5fdd08adff2e0f9ed22f720f9b92590f94faf8f03a555b0cbddf07

    SHA512

    0f7b61bc7a59acb3563ff2e5e0959ffb61cf088ed14a824ba0be40f665ad598dd0009846afdcc8337ae5a3d12470ad3c1b87169f060bcb7bef762b9c6dfee3bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    459646f7065c9708b74357966b94c91d

    SHA1

    3f6d5ea1709f10b254764e844817727d89cc9f0f

    SHA256

    d07c01333dd72d205790d444694d775ebb208cc28e2d73efe13f2991762c0f15

    SHA512

    1dd05b5eed9f8805edeccff9903c0d5acda7cbc9ad0a8456165b26c978406a89a6def53ae5e7e2287de298a217f2bab02d576ac8ba8c0cc63b1fb5bb14b62c6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac019c42ab2154d7652f081b322bfb04

    SHA1

    f165c80ce569384cc61f43ad1ee713c1ed7267ea

    SHA256

    8d76e16f0b0b9dc57778a496db30beabc9c3058cf9d55547a7b797b8ff0a8143

    SHA512

    26e6eb959edbc4838d419063ca2cad0cbf46dcbf3d779b8aaee11b192326ca7cc7efd13c949a28284ebf2e40086d0ea96131f5ecb822c88d12e73c5b3d0f18c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b8e50b6feff80400c414b7b1d1dff54

    SHA1

    6ffdd121edaa009043c4a7f8ea240116b82107e7

    SHA256

    4f32b7f16a1360dbd676f17618cb41ec1e9d577b4471a229e5c63ba6fe52fddb

    SHA512

    1463a53b8f77aa3bd7d806ba4daed8e85506f536fd3ee0a0ec8dfd67c1d9bc9f8bf41987132ae91d36908f6743809deefe4f3748826545f67ceeee435db3229e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5319337ce5984c06f0b28f6158cd0b79

    SHA1

    2737e36c3d28950deff005dfe996f46fedccb2a2

    SHA256

    ed331b1b09efefd812d328703a046da898ff8e234b49af1913ba705c8c7d85a4

    SHA512

    e5704596bef71a96726bb7793a8f3a3ce336a903f26fca4f2d8ad6bf3b703cb36a95406402c00a8829c57b39c6a93ce9bbd3a95fd5d803a3b20859b6942dfc34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89be4e24e4b915da76112f495c386190

    SHA1

    a8652c731ae81d578a7fbb9d19f917955a666d7c

    SHA256

    f53b8022e9a66c97faff79dc041420b2dd3832019adb8136dd492c0fcb0c7357

    SHA512

    5d8f32504126cefc917b0d23bd31c00ffbbb99b1a6099ea98fc71b6444248601c87422cda2f8761d1ac27bbb73c83f8c24f6f49dca7e9c64cdf6ceaa9e222306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a04a702141c5c785d6424dac3ff9c324

    SHA1

    60879d63464b24badca47f81ead7f7028391528f

    SHA256

    ef36fe18936154d9c44520da254508953dc7e85e8fef65b52b67516f8dabc0be

    SHA512

    2269da0e3ed4a3922cc43ecee08f3c1c68635218ba655364c290f7bf1b83116f078a9f1c9cd3b986120307666320855342d1ded15fa649803820fe4c53a590dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a60106a046b33b15f08223ac91d13471

    SHA1

    fed332fa9bb6d2bd8360eeb0d7cc9657b6cd6e04

    SHA256

    1294dfeae32549cdd2597a21d953c155e7763f6340160de73df67e288b15987a

    SHA512

    c1c257f89c4c084e5ecfb401803fc8d4de980847bad611294e23fffd49a243c195a424385d9f60f4acea40521f8313d4e43f2f57eb6c2eb14fbb4709e8e78e0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    979024a11b49ad15cf8d766ba9ffbd98

    SHA1

    86ebec40a80ec8b8aecce4dff92d40ad3582aa74

    SHA256

    337b3c968be967c27de7d6b265255c3de6423a7385daf12da35d6ca18fa98fe5

    SHA512

    9513fb22ad3ce2cee84801ccd198443b7a373decd00f5feb6a6f722ce776d75508eaae99d79512c0bbbf4824174a4ae5a9a91970df1e9aa0c9e3248d31dffd97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84d3ed49c8efd3c4ee0866b1f9d2c89c

    SHA1

    2b4ca7b72b5aea3d5c467fca9948962649dcb751

    SHA256

    897beeea6166597988e56b34b43c5e5b3a579c5e629218a288843fa4f95d36ba

    SHA512

    1f027badaa38f69639346de692f697721bde6f51a7e0d2f730e0f36ac4a3961a9256062debbb8659fd04cacdac8e372222cb9dc59500d697fd7075aaa8d30f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35bb2dcb7c7c5103c73638c28335e18d

    SHA1

    10146227bfd44eebfbe5238f6d7ede7f3da4757c

    SHA256

    083f53f6ef24f7c76c3ce8c53c55a9706c94a52192b345891258305bcbdac710

    SHA512

    4786655e91ea94c423502400c22337aa79be910255647218d3b6ec15bdd6c7c9874cb72e6395d60f65a9c8698ffbb4e50eda7458398f8f138fae842cbfecf69e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e32525cbfa71edacd5db2bea9d3ed82

    SHA1

    ff3048a9682993d7a98ce51b3516f966581e09fd

    SHA256

    892db47401db03cc064689ec48b706d698cad934765463457bb5f6ef52f8c1e1

    SHA512

    2a560c29902839167c13f4643d25eeb4f3f52899418d3719362dd931f78c8fdee81048c1368f2d3d1c913fa78558eadc7ecda8663f4406c4d740666d9e99266d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93a8df20b01b7bffa95ca649252e5bc1

    SHA1

    8b2cade5cd0fe36bcffb8dfc03f95776addfd63a

    SHA256

    f116581146e651e360e6d689f8096070e6c7b281dc0aacdafcd113c3abd58ebe

    SHA512

    1f0df7d351de030eca78b58999f4e2564b478180d1b5c68c20f51188aec8a19185385fe6c9aec95488cf90c48ef67e393aa7580ecce8bae4d90f1a1797db36f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    455218b0f105dabfb06549b73b148969

    SHA1

    5456af24f12433d91dbf50553b166a948d2fd18e

    SHA256

    28a8e34bd76e7089cfe4ae322c4ccf756e929007602bb3287efab445a6b79284

    SHA512

    234200882ad1a08765b86740d223140a7d73e405efe661bf7db2be5bf8c0d0541c3f6f223d8faebd2f10571f802d76fa36923d98ad8293a35a0c28ee42bf99b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75dafe1b071e91e4e38d7763377db177

    SHA1

    774cda2e860b6ce38b1e17257a7f27ed1dd779c1

    SHA256

    066ff254651d5df72b4005094b0f18bd33b0f694a99d8e05aa4fcdd37294960a

    SHA512

    d60e178c470e57cd71baaebf1d053b10bb472585315b1cc891fe7371ed7268511f95015595ab905b877620be97a0c8b0b2db6fb65561850b40ab3be3242924bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    affac93b3161949cd6ffeb72a84804d6

    SHA1

    fbd6142e54c10429052d28630b07c78b0e3fa5f3

    SHA256

    1d1d855a54a4b6ff40ec76f811e58c8809db9f22e45499ab08d356deec54e118

    SHA512

    59fd958786b1be21dd0339ac00418711a51325f6c37f7869a69d5f236f7c45096ab580c1385e1dea4a9efb1695222115778125dfa4ee5fb5ce704208cb317c62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    110413c4feb35fddc2d7183be6bd8fcf

    SHA1

    c98f802b9ae0286cd46e45d1f3f767cd812d03de

    SHA256

    8720ff95a1d3814a66c2be1e801228e7864c3a99f16d9cf09b67f55250edea0d

    SHA512

    d3cd27a83c06c32bcb32feca6aa5af91da89840db121d632bcd7e70cae1d7bad7d8713e5a6c4e51d8f7837529edee9ef4225f90cbea0a619dec126242134a111

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6CF9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6D59.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit