Overview

overview

10

Static

static

7

71ddfacd8b...d2.apk

android-9-x86

10

71ddfacd8b...d2.apk

android-10-x64

10

71ddfacd8b...d2.apk

android-11-x64

10

license-ru.html

windows7-x64

1

license-ru.html

windows10-2004-x64

1

license.html

windows7-x64

1

license.html

windows10-2004-x64

1

UserDict.pyc

windows7-x64

3

UserDict.pyc

windows10-2004-x64

3

_abcoll.pyc

windows7-x64

3

_abcoll.pyc

windows10-2004-x64

3

_sysconfigdata.pyc

windows7-x64

3

_sysconfigdata.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows7-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows7-x64

3

abc.pyc

windows10-2004-x64

3

copy_reg.pyc

windows7-x64

3

copy_reg.pyc

windows10-2004-x64

3

genericpath.pyc

windows7-x64

3

genericpath.pyc

windows10-2004-x64

3

linecache.pyc

windows7-x64

3

linecache.pyc

windows10-2004-x64

3

os.pyc

windows7-x64

3

os.pyc

windows10-2004-x64

3

posixpath.pyc

windows7-x64

3

posixpath.pyc

windows10-2004-x64

3

re.pyc

windows7-x64

3

re.pyc

windows10-2004-x64

3

site.pyc

windows7-x64

3

site.pyc

windows10-2004-x64

3

sre_compile.pyc

windows7-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license-ru.html

  • Size

    34KB

  • MD5

    ac6e15df193c7135c916f85fd48afecd

  • SHA1

    bc11e538662c15a478b3cbf8cbf0873b8f19ec9e

  • SHA256

    a1b20292621b8ba67ddfb61802bd12bade68f6b930ac6ad61e89c047a1f91c22

  • SHA512

    bcd3d439b0b25ba3de815f00ff92bf3545578d90d53adacc2b272b60ee8bf3d65e460d87fbdc56eec32344d8be567b1f7384fb9c8b0934b24cec39ce05b7c8e1

  • SSDEEP

    384:8JF/uQenaw/h+pMNbK+v5AKVjZI89GThAKJPrLqCu2WVgqxk/d1NDlCPjOB4WUen:4e9hDbE4nGThAUTDmI4WUE8Z+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license-ru.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b356666c04dcdc3c77396072430d2948

    SHA1

    29bccdd1e6febc1fd7259fd52f933c6d6c5c9d29

    SHA256

    dc916b2cc6833561f0914f8e162af1960b6b5ac4466b2552ee295c0bb56cb303

    SHA512

    e1cc111e258bcf48d5c813b4496a2b7779157d9238eb49cfc04b8e138902688e660341f3955052968432e035c2c4996a8c5e629340bfe015ac900e22520399c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    738fb1d5e76c1cb750581f6423ea8746

    SHA1

    4abf54ac862bff6f4b7ca3d6a7cc4578de089f51

    SHA256

    9bbb504ebd0c7871421f865c68d94bf5cb191b66b26ec54de74ffabe1f781b62

    SHA512

    33f562c4a18878fa55ef3d9eafd24fe6835181b403dbf262eb2fcb553f390a66dd1564571728d094a6697f621dfc60b08a4c034d5ff8e380b7706b17b1c9c40b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6114690846e59e38d807947c11781f8b

    SHA1

    8e16f1c9fce5accc60c3e61711356bb00b5facb8

    SHA256

    8ac0797ba885c5ae13ac11c0b4aed764b29050a77b601a01bc3aac02470edb98

    SHA512

    ebf4dd0aab1e1246afa01ea6d1aac4d431cd5c5d5977d16cc3b3964ac46e93d748a7cf99659b18087f5031a070c743b74625db8a1c5adb2d09defd1b676d3cc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54f81e98e5a7995a6074a0a1478ec9ec

    SHA1

    d7acbcf6fc3ae7aa5e146d3b48ca0a2fdfb2385c

    SHA256

    91dc8c1acc22fccefbfbf5a2e23c35f95f1ee1b1f967a346c8086195b274fb47

    SHA512

    dc4316fee97ca3c92c37d10dcda20f8b0136ebbd8e5cd686755e5b5b60caab0d190951c5e8b05951c33969f4eb9b147a4ac4a0cf37b54a9877d89aea5ec1ab42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac9990cc547abc417145507f4a0a3f2f

    SHA1

    b243ebed693c5af32d534c089f75fd472f2822be

    SHA256

    202a89382967ca3825f39c989f0f4557e47e244aa1f47e3fbf1a4ad553302671

    SHA512

    b27fcb0340e05a76627b213b5e9ebe1a0aec35b3fdccc502c776c466936112371478f3702f389f8e7f66b8d71cf8471a5a66dc14d172bf9ee39142de74e0c438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    880ab226b0f9fe67b8b9e4d20ef2fda5

    SHA1

    47ce19893a089b79b68d27bc08cd3299f4bdefbe

    SHA256

    812aed3895970450d28c38e35f8d9bf69757c504355d74cc202c685b408b7e3d

    SHA512

    0082d92091a6341d66dad6816136f142be402cff97d43cc5a2fc9e043bda55e714f26b3a5e20af4cdbc59869a0e5d7a68fa03ffbf0ee0c39a934084f4690de58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64d1b6e63ffc5e836a9041560503e5d0

    SHA1

    18ca9f1d7c8b313ac456bc153a0cf878d5b90c5c

    SHA256

    f02c0a6d20986cbb766815a63404de0abb903d82330c7a3412752441ef7208a3

    SHA512

    a978d1c8816518c26e8e05e03e5e1e8c9105216d5c3b871f072ff8cd8690ea4dbaa4f4c3cd1345a9609f4575b5f31ca804553f30b757810bd6420f03ce401a17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5a412938410909c4641be0937153da9

    SHA1

    b8ccb8c97f40d4242f6a8428309122281ca6eae8

    SHA256

    92b4435cadf0329a8a4328cf261fb917ee298b7edc2fa9a2e067eeb9e97a5f1a

    SHA512

    0dfdfddfe9f931b6255332f3a096c127229471fa3e4438fe2c766c3cd8d43fd92bc6fe6d4915fbd1ddb3397c5a5827c524a4ba676a7aaa51a1978119cdc9c475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c71ba1846fd66408597f2d5f577334ca

    SHA1

    dfed9efcda5978b414bdafc7c0d6a7b7b994b47f

    SHA256

    a9538a08b72c1d054f86cb5e69ac06862308f922288cfb8a51d01b72e6f97b0b

    SHA512

    090176cc47e547529f80ea683d837c4cb02cdd884a78a42a9aaa8ddb1f30ea2ba2156a2f59a8f5b02276c0143ae5b0fe5c1ff5d72dd6f834e0392b0a1113219c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    001463e88138a0619a7efb496a2b360d

    SHA1

    7bea25350318b51b4b4db17a543ab681ed40e7ed

    SHA256

    5ba8e3e2f12f98729d55c33dc03e94564a4e1c7030ea11f20c6ab226cff50448

    SHA512

    f4ebc89eeb69c259136afa05ed2f3e0d12bd97fc81ba5812b6f0158d55913dd689bd8f2af436ee67b72060a55536b60e3c2798fe960e95e3ebc79b4a5c683e63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0d4d59ecd7eb4c2bb3e3ea5cece77d3

    SHA1

    e01a897b941d08fbe8ce82deb0f99b77816b67f5

    SHA256

    2b54fe1405924a1e836a8387c4e1118c8bb2dbe6aadb4b834eb76b1cf5c914f0

    SHA512

    198418ed3a9c14d08c3d1dddf174828be7c7d617a3b01b35d9186a5c73fe4dcb77c64f5c6f65acdc897e681d78d1055bc872349eb5818100b2952d9286fafd2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b59f7ed4ec661cc62b1eb16e15713832

    SHA1

    31eeb104c68c7bfd63d2736a0f801ccb568426e7

    SHA256

    6b5cbbdff00f897faececea88cdaae0d0575be95e411a2354c8e4374f3807215

    SHA512

    cb5b308f36c1dba868268c803fb5940f9a8a745c2cc045b597bbaca8c0ba5da3fb717bed9bc4304ae95ba86925dcaf73fc32e3384137a5a805b5bc0ce2693a2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c5fe507b76690a161a0183d5a29ee78

    SHA1

    fd5a6072bb25ad4a847f14f3269b346afe11b34d

    SHA256

    bb427562359ba08a7fda4f5610475a06db221ef5440e74bed75b9c04ac55f287

    SHA512

    cf3def593a40758eca9fadb6fb4e50099c410fa59766d82f742fa98ae7c69906c1711b35d8a965d8026a4c4eb65d06c66bfcc2a5e7577d8567c05d503dfe5af3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    145cb5c92f00015a147d5a53be457919

    SHA1

    162ba91bfbc115b3a57b6833c825bd61c27feb2f

    SHA256

    1362d049cb8a595a27d365b95adde6b22b9f749ab2b4d1c958d3d2e028e3cadb

    SHA512

    668504cfe5ce134df676a85517fb2fe49dfd7e4b876b8f62ab9a185dd9f75b45bdec234a975f085e8ae03ce9880191756393ca0064ac33178b5fdc644214a0d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21ea1ff4d0ad4683f1cc5264d9882373

    SHA1

    f308a3892f14012b9eb3032d84b7e24ee2030776

    SHA256

    b0ec3854cabdde8f9fdf7111de472322bf2711779d40ad0c3c10f5aac340cb27

    SHA512

    9175efc4284d174225aabcf0cb989cab1975d8db48ab2370b15520182e2353ac4f994fa4888840f1ce260ee234dc6964a25559f82b1e8df1e4fc030a0eb074e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c26a7293c81abe35bd0688c41cf2b23

    SHA1

    9808f848f9a65a69d374c87480ca160c08967f65

    SHA256

    246dba5218bf4e6ecaf2e86b8c19e2c0464c15b44b492bf57ff791bc2804974d

    SHA512

    49ac4eaf391209a7ee7cf4cbb572520082bf99ffce8acf63013ebaa8d634f011c31bdb12400ae5b326ef547ab3d34c6c1930d5bf4f3fe1873710dfef05330127

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7CEE.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7D72.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit