Overview

overview

10

Static

static

7

71ddfacd8b...d2.apk

android-9-x86

10

71ddfacd8b...d2.apk

android-10-x64

10

71ddfacd8b...d2.apk

android-11-x64

10

license-ru.html

windows7-x64

1

license-ru.html

windows10-2004-x64

1

license.html

windows7-x64

1

license.html

windows10-2004-x64

1

UserDict.pyc

windows7-x64

3

UserDict.pyc

windows10-2004-x64

3

_abcoll.pyc

windows7-x64

3

_abcoll.pyc

windows10-2004-x64

3

_sysconfigdata.pyc

windows7-x64

3

_sysconfigdata.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows7-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows7-x64

3

abc.pyc

windows10-2004-x64

3

copy_reg.pyc

windows7-x64

3

copy_reg.pyc

windows10-2004-x64

3

genericpath.pyc

windows7-x64

3

genericpath.pyc

windows10-2004-x64

3

linecache.pyc

windows7-x64

3

linecache.pyc

windows10-2004-x64

3

os.pyc

windows7-x64

3

os.pyc

windows10-2004-x64

3

posixpath.pyc

windows7-x64

3

posixpath.pyc

windows10-2004-x64

3

re.pyc

windows7-x64

3

re.pyc

windows10-2004-x64

3

site.pyc

windows7-x64

3

site.pyc

windows10-2004-x64

3

sre_compile.pyc

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    license.html

  • Size

    18KB

  • MD5

    57d40cdb2111f13e40a7c92af27d27b4

  • SHA1

    27f72955eb424eef52715ccbde22d1cb5b23f622

  • SHA256

    7dda06156acbe260754bf5cb0ff2acce418c4b2a7ddf4176fb4e2c892dd85ebc

  • SHA512

    8fa42a10812c9ef10327caf5d8b618cda0bfdcf477f7914e8448175024cbcde7ae1a5ac47eb3e1d4500ad1cb7e904a22e97c2e1956aa274182753927cddf5b0a

  • SSDEEP

    384:CwQfL6d89D4eefdN7aEGJ6Eyz6h9rx3pc/:Vo6d5eMdNbxEyaJTc/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\license.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    017b703d494194c7cbbec8e5f53826ee

    SHA1

    cb550a858e3826eba9dda7ad1d36fb353ffa396c

    SHA256

    1228bfc08eb45c5c2fef6baffd8777959420772687b3e82604837c7b3f695e19

    SHA512

    e413acc89240e26390ca32b31de4d05eb01f489912a18377d9bfbec57f371a1b2571b7b8886f902a2ad40da6e29ff46b0aa4b3f523fad2c767361b11147cae12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae592a788a2ef24bd1142362df1a3d10

    SHA1

    0df5bdd20ffe3a5b4e9f0a6c2152d0994dabbb8f

    SHA256

    3fe6351131a7b3ab2dab1b5f6bf2ce11cf020e61a15559342f0befcc1c17668b

    SHA512

    d2483b64036580c9bb623e5eb3ed061da97235e4fe62daeb5a319cebc4cdd331c2aff62a7571955d5c93241791ed0d8bb458d81b415dbc06737486bf7acdfb0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52525235cf928fcbde78b97d15852f97

    SHA1

    184f7e7504eef535f0cfa950bbb5e2d3eb498a14

    SHA256

    3a1aaa8a717e3bacf897a662fb2a08d4d5a6c0d41f811bd5de12811a13721ecc

    SHA512

    e44fce6f2de73457887966e1bbe16e8bc2f5f8a37ae91265d17889092024948f80accbdf89a89164c0fb134e8c4c4c1d15fe3bb47ca6450a428c64a4ef9cda69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47714b8ef5f16e07c2f55df7cbaadaf7

    SHA1

    f7fa3914da429cc7f4359eba176bce88b343ab6b

    SHA256

    bceab637f987c22c94d9461e84478241dd6490885ef94e4915adb16e1df73e3a

    SHA512

    b24b9254b029f62f6b490b2164c6cb8a7bfc5896b7eea413c5ee7edab5336b7d0b037073578fa6c522421892a008129925794d174f70a4bbee17ffbde3a02f19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0d942c3ca5b44438c866f90cb1ee3ac

    SHA1

    1e49d956b393af5477eb7fe0263bdce3c62bfaf9

    SHA256

    526716cce8be10841297eccace111dfbc8b3e52740d857de91bde2a22c62d356

    SHA512

    efac850d48b10d6a9ad5e81e94a972d7f90d8b22a49a3b81d7cc0f6fc6ec1b37f8db149b032f142ebaec464420c857fd78600faca53db3e3eb12e8e185e1d565

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba2f0260516fc005050badf79f233cc2

    SHA1

    ed82b2072d511fc340ba9566ba68be39fd74b3ab

    SHA256

    b5fa5468665feef6721eedba5161a28e6041cedae806f636b7602ac903e12994

    SHA512

    4b6dd0c68d92ed89444c4af2c4e7199c5b082d49800d24e4261bc3ec28c230cb2e4b0ccb176d2aed1dce7d2b898908ba4fd377f39d810debe39b2d8dfb6fee16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31b82989aa465df87a8740117e990734

    SHA1

    b1c1b84e9d2a572f3cfb7f6a91e789847e0dad62

    SHA256

    637daa8d4d74f43dbc43841ec29c995b27748fcf942e1a4f6b095d5abb7cd07d

    SHA512

    f709c24d6810cfd40b657c5d4f0788eaa40ddcac177027ab56bdb47af8ae225dca8e8ab429aef4a9b8f56e36f13265f3c1885708dce8f933e2adc32c79cfe161

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0484f100cc54f2fff979569ea2c18a6

    SHA1

    ccfafa793d2cccd3a7f63953f8f887f16a5fae5f

    SHA256

    7438ec2a898b0da50cfdf9b4706e04166f54272f9e5c701f3c783e7deb0a309f

    SHA512

    86f975c32176229f2f9253842d5b8ba282f33b71e63832c959ec88a764ca9c9d443ee9fff98c3d37d409c982ab2c97ea981ae78efdff0cf2b96455dc7cb4e05a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    669a776adb904f5108f308ecb0bd4e60

    SHA1

    4166b450d41f62a413c7120d8ef6f1682174ebd6

    SHA256

    cdd7fd6bb3b2893abd6b790d1cb60d7aee789b1fac051f8362a32d8c9c0b1d02

    SHA512

    49136a9d37f4b7d497306928293deb60aa815bdcf47b0356719afd4149549b1e3a709d565a3cedb231bce6122187996e170c36cd1c0f7f7421b5c76199446366

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c9996b1fbf5e10b5aa54012ff4722bf

    SHA1

    1321265dd283be37db41bb523ae42b37ce6cb760

    SHA256

    6f749abfe0fdf4f3ed8b761299026e51ec2f666a61dafd21a7aafb44f2bded49

    SHA512

    468aa1f5c210385c0086c9a03ff999749f3a0e07966d49298f6ae13683d7af6fb166d07bdaece543b4c771c6659d8fde1157917af4b36504cea00dadf85493c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c59d3dbe7cd5580b67088b3eecd7ba6

    SHA1

    1d04f77dba18e7f76592bcb4b2333c9247340c49

    SHA256

    8f6543241a6fc47ec599034b764aa2b123655c7494bca00f2ccf71adc44a13b3

    SHA512

    267247cafe56e1123304a3994de63a15187c45197ad0f0d152ed38be2a25a9c530401636ef819b1351f72b7410b199895c0c72afd693acf08041af551ca6ab7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66a1e0d7bea7fcdbc9e03fc9dd7763da

    SHA1

    79fc6ade8b7c0e5d1574d6b7b48724c945148d80

    SHA256

    ea8776e3c1769c0015da1b8e56dc87660f511f47dfd1ada227ec14746575fe14

    SHA512

    46be7013a38538d18845b9577b6db2b89e6928eb7d50a61a530c5d2f628fcbd1c1a28191401e3e6c6003b1e28084ac99ef3a7493811b5264d2445285d99b78d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc5d2ebc4cb7656b0fc1141a0d03f429

    SHA1

    5ed2fda5f3456e81269367dfbc17a9dcd6ccadfd

    SHA256

    ffc44011f43eb156cecafa3acd6f66734c4a1ae2ffa2477d66f6ac479da14462

    SHA512

    48800d00f676a4ace4d7316f0c8b842fd10b2e78a5f3cafeee7770ffe3663eb58c51eb85118e90a3a3d77baefac6e6106d95c3c8f988618e34aa556323702ed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81a50f7720f32a97c6b9d024a87d6332

    SHA1

    77bca4c754759ec2cb0ca2292e99f7bc4a3f668c

    SHA256

    6b627a78e105464177dc96f2c18555cc1d1cc614d9e5369f0cfb890d5114dfa1

    SHA512

    bbd2c42eec93ee001e14fd03eb557554c7a825f108caef5c6a7657c927f02d47c1cd98660061db16addeb257df608db44e8f5bc12c0529c43a041a0d985e6884

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78edf5b8fe85fb0d16b737bf163ce64a

    SHA1

    365336cbe3a81d947546d0bd9bad673f90b9e26a

    SHA256

    a03fd9d83b37c03d4c95eab052dcf071db1f404dad9d19a71589780f563d9f79

    SHA512

    c7507500e6f03de0f73308ebaaf7b9eb33e086b3d72ffab603d8465b3853e3ebabf277852effc93b64d91b80f54ea35170a585bf3a8ca9f5edf590fcb4f433ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    459fedf3f5fd62664dcf2cd964908c74

    SHA1

    d4058600fcff4cdaee78c95fc32971682fe327dd

    SHA256

    3e0e3612e4de556caa42c63e160edcb0474146ec4123b8380f47eef25751d062

    SHA512

    246a9b180a2608f99c2ad5eb05df69ac0edf2715c6e74a416a7cc97f6afb067d985eb834ff067ce1530166f50a0affc01096ca02ba7e5cf7ff589107f985e407

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc097a0b6b63081099b1fe9e8d03fb25

    SHA1

    7e72330f0cc2da9a3ddd2fe5c5f3e2ba61f42b12

    SHA256

    0e8de53d514a4bc3e65b9bba93f8667ba1d62ba98dbd226b6c0b2398da82d7bd

    SHA512

    0b898b1bc52e5131908bb426116a7556114b9f16046cdbad036d44a024d7b090ca94a032c28d61305a059afa550f179bd915cbdc03837eea4159b1850a347eb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d58eee61d58b2cf1b82a401eae28a0b

    SHA1

    203ee8c96892581cbf610f618228f597dca49af0

    SHA256

    f80a87ea37ffc56a791478e0f0ab555cd0b192a89495f027074717a0433c73f9

    SHA512

    164c1b14fe156ee9c43980e63f2289a45b2ca34c937271e314edd72daf6bc1a9c4128f417c353855102b2a3db4c56651b1b63baed1a37b832a5ff94f55f654b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01fb59ff1592932cfdeb3c8fd5a71b89

    SHA1

    ad81064ac553a066c7c382d06ebaf93cdfa765ce

    SHA256

    72dfada018e674df7bc0eaf554964aefebfd5dbe5255d939a4822228ad431e7e

    SHA512

    3e4b764c8915031a2345272c0cd372b3ea4cdb55dcda36a1a6d2fe7a20f4e4d8c3161b5d02c546b03fe6db034c811e73ea3c71d5ff80b1eb74bf50d23e228595

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7908.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar79C8.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit