Overview

overview

10

Static

static

7

d494040139...78.apk

android-9-x86

10

d494040139...78.apk

android-10-x64

10

d494040139...78.apk

android-11-x64

10

medialib.js

windows7-x64

1

medialib.js

windows10-2004-x64

1

mintegral_...t.html

windows7-x64

1

mintegral_...t.html

windows10-2004-x64

1

parse_movie.html

windows7-x64

1

parse_movie.html

windows10-2004-x64

1

parse_online.html

windows7-x64

1

parse_online.html

windows10-2004-x64

1

parse_search.html

windows7-x64

1

parse_search.html

windows10-2004-x64

1

watch_loading.html

windows7-x64

1

watch_loading.html

windows10-2004-x64

1

ytaplayer.html

windows7-x64

1

ytaplayer.html

windows10-2004-x64

1

ytaplayer.js

windows7-x64

1

ytaplayer.js

windows10-2004-x64

1

ytaplayer_...sis.js

windows7-x64

1

ytaplayer_...sis.js

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    234s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2023 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    watch_loading.html

  • Size

    2KB

  • MD5

    b5db82519180523f4b799e541169d2fa

  • SHA1

    f9580a7d3e2610c035f09998d17e1f3f1764e459

  • SHA256

    a3429657515bf003197922ef24b1a325c1aafea1dfaf750864e3f18610565c54

  • SHA512

    60a5ea2462e07c4b35be8fb5d7f13d57abdf68486b02b9644517ac5774ac85b334525a816e09d705bfd345b05b79c95e5046339411d6df9220636ca4fd525020

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\watch_loading.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bca9d1b35c95747268d7547b51f1aa5

    SHA1

    e1a54153a546885e00e37cad643f307b71c6c933

    SHA256

    767e5ce5bdd5deb2c89b1952b4946e86ee7ee5732bd33efe8615afdce096827b

    SHA512

    7e39c0f1ac70f0428773ee62a132fbdc7313c4acba4937e9c9ae6f3491c587e93e3e1e34e27e277b42c3b581222b64229f83d09146589a2c4293dcc4efdeb24a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc76cbb190cb8ec27bb45f1ae87cf3ac

    SHA1

    7934f3eb8d026a9cd13b7a3b0dbb339e5639534a

    SHA256

    a6b322e9fa50d58e1756eb0354f63f5d68ec4a2c938254247ae83ea0f3788781

    SHA512

    426792d2cb6ac074db5f17b3f50b77203baed50c111ea2c833856caeb35755caa9b7596fdc2dc284b8097a2f58cd67f1b3a3bbcd9a9ff4f77d9ecea4ca6123fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e586898f92d991952e466905d044e7a

    SHA1

    b483ec8f416d48adbc9dcb5228d44a4485084eef

    SHA256

    1e3081bb2673cc821ee306ec99a59de71e02d4b11edae93981cb11110a857218

    SHA512

    e2e1185514797b17f096ae5a2c94975a4084a8aefd57d7c5ec3c0f44fa525183588b1e0fa4dd1d865bde323b4a154254f3b4bf84ab6d798404d2a668403aff93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    555e98b908e20fe782b427ef3845a783

    SHA1

    2e8ae063b8842a16ae6d11d88e242bff091f4e35

    SHA256

    b48aa88e3c19be17173344f01acdc7a7710e9ff1d48039171aee1659074ad0f3

    SHA512

    8f2efdc0bf57163724a6207da6564962d569dbda3450ce9da9d46d284ac18d45fa1146cb928de43fdeb8a7b1ebfe5c450eea966ca880b057d6329f8cbce0546e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e13c1c5b30914acfb3a9059a1d63fcb

    SHA1

    562b455ce29ce3cfd2c227752f4320983bebc52e

    SHA256

    8351c58e3d9fe040e81479d68be10de01cf7f8705710f1bd2d7f4d73314abb28

    SHA512

    da2bfa63c83f579393be17484c51581c8efd92bd115d8489b21f76203a56b5459acf8dd04cf4477a66209b04d7014f151f048c24bfb1250f2c7651454bd8baea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f17877ce6e3d1d7b0c1483aefda76ac

    SHA1

    2f8da94da7a2ebbdf2da5c34079ff96435d78e1a

    SHA256

    d2dfb475209d4ceaed26c959b9784d0c4785961c574ceb84c99103e503841484

    SHA512

    971cfef088f17ff4553d2b73e2465628ced5cdccde6f38995d1093beeeaa6ad6feff5ccaaa644f799c56082fd3fab2b81e4cbc24bdd90078fb9e70175a22fd38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c79a6701f444e60d21e51c168f5d0f9

    SHA1

    a6a4060213c2fb011035462ff067eb08ed52b68a

    SHA256

    cacea383153544b42de4f1535dce1f899eda56b0d933df861770679dbda43045

    SHA512

    88651004eb7652c469aede35ae94a7251aa9b1651eae0b4c62adeda821265f95f877c5ecf24fcd0b39fc9da3389d09c4d26ba36b1da492cef54e876a538a8fea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48a551074c0a219a5200653234e55bf3

    SHA1

    b5ff8e6281b56f14537a46a5121e0c2f1f9f6eda

    SHA256

    891695438951fd4ac4d9c0b20f28d547d06d53296dc936397b051fb0cfb68bd4

    SHA512

    ea11826092244a435102fc305a7e1a247646aae18cc0fe9ac063d2390cf4082926c7050d6b4a9ae490c91c64c4f0e41c36a8a8d55242bfd61bdb4b79796559be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e711ac3c0f6ce0d41838c07c4e65e5d

    SHA1

    37d9e8f0d5d01c8cebc5374ca03843fed16f1b33

    SHA256

    41dad4ba5455008a9bc0b25fdd954581c2c1d0b532fe7d58e4909016f59efbf1

    SHA512

    4d8f812df4f005f5a73a88116dd85fbcbb3e6a7cc87ac157c0a785206d89a241f4d1241bd882ba4c6e39b42e29dd95ca3c20024b55af5c34c5c340b539f4d644

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76ab38e70428dfec339eabb4fe3bc1f6

    SHA1

    d429b8fbea2fcb421966d8ab8ed8f8bbc4c4e8e2

    SHA256

    039bb986076d41872d86ebdc5d4bb463d8313e1e43488826d9607f0060e67dad

    SHA512

    fbb411409315fb09cfb59efe8826a4cc31ef89b84ee873e09da7ec91f7820c7d299309182263d820025a17205ffa3a96174ae3e7d0bee5890df4e6d26a1dc464

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce5f02b2e26ea066b347c40151b48f83

    SHA1

    7e36f3144310c13d4046de96e56fa7ab36834f71

    SHA256

    bd5e5a2df99b3fc215fc6a13b169c6ff67d0adc130e5cd8c9428580fdb0eb604

    SHA512

    63679901cbf86a48342a5187d63e2cd0cc45b0c582361e1a6d7abbda14fe9988954cff58226b1d72675a4d62a7ce911cd9610e02ea8ff477af3a57c43a2885bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d241e1b39169195e4685256301e05cf

    SHA1

    f4b1e9567c4cb9707dddb814162ad244f8c6e77b

    SHA256

    8d6161728cab0df7d493ba2a14b205be0286b0f3815fd8737fbf40445abdc746

    SHA512

    5baa264d61131a497ace3eeb48c5eab009bbea950373923f84fc3b5fe9fdf31ae6ee3460dfc1dfe0d3a1c40f4b709b7537ffb8a1a00811dc3fe7c57904ebc695

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45a02bc8ecdeab1f9c0cd61b0e6fd1d2

    SHA1

    01c6a556926870fbcd5fc4c03259bd9e1867b0c4

    SHA256

    33235a86444f3814ba9391cff00f251ca138f23976ec9b5eae87af550694f496

    SHA512

    2e5382fd6db5107e592676c0c73916c606c9bb999a62a78c0aae506de9e9ca176b564a1ff82f9a389c46210d46fa2202b9957844d0cf729244010bc363d63b1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    440bece40e17da191086e3c5bae378b8

    SHA1

    e731a00a92c97d53b1ea53eb7d080b6c4701b4ab

    SHA256

    a5439315b2f4dae13059ea8c8b4e5739c7463e0569646232505a31dae9cc922e

    SHA512

    8ccf0a04f11312b1aa097d9a68de7afd7af58a9fc35aa0dac3ef31236c00cfbefd5fb9d0363a0360afaea8cbb26ce50a98c1430031ff0621eee9d373960c1617

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94e54323d7840f9e76f5c4476a689f22

    SHA1

    b9cea83b76e4d4a799e1ae4272510b682483a157

    SHA256

    c848d6793b77456a1a17d60206cfe8da07b6d82a93ec7c6256e6d155322121c1

    SHA512

    36c82c0b4d975eb903d14787f46177041410045e8a07d1ce7662c392825aa735cf58d05f307f62fa1fb9ed21039d695c8004c3eff6936cf281b984ed5bd7b3c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf4a9e837edc2bff688f1e401fc0a091

    SHA1

    d176a9ae8c0153b7108e2e3d2856d98be0e6662c

    SHA256

    a32fe44f92a74675b33b755d4af9092430eecb0ee5119e0268aeabaee838888b

    SHA512

    8120687cf38c44ec733b46da385abfb5395140b4bf1bfcce41e70b217934cc5178013f9d49ecb08e57acde7b2b1ad20caee982674e0ad17ced22626bfef8a6c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97869533e06dfd5f5652743623ab19f3

    SHA1

    0c2713ecf40b403830c2500b703231a09f7adcdd

    SHA256

    dad3ed8a50b4c665f930cd92f6e1bb90e01a17ae225fcfab64eeaaf98b746250

    SHA512

    9be30555a3ea8177db0b7210f156dd991d8c3a80b93e3a1c3f7d7155b272e4cfbf7700da550303c6b04d1732f29e809aebaa76d95726b85224a524d82da5f222

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af54f1ba068287fd8ef5d3eea522db84

    SHA1

    e120e2d650689e6e4a8dc602b03fbc30dd1c9142

    SHA256

    4d6c4784432e02931fddb9fd2939ac0ca3ae7d34a3337fc617c0487d5670c540

    SHA512

    3732b8581eb1dcb07e8f6e7670d00a095a8270da04b23f3e4aadf49f1ac4d8ff0c4436fdccd9bc4dd583cd0280964dcc84273112ce3d8cb25bd66966170036ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6e7b5ab6be65bd803142797bfb4e18a

    SHA1

    132412107929b24c21816f6d497718adf22e0d06

    SHA256

    3b479e891bd6985ddf147d77bcb17e2f878ebdcecd7f9a5c98033a71cc8e154f

    SHA512

    3f1c91cbd66b6fcdedd9d78c2cad167757011c12b8b34992208f6217631a586aa6834334cbcf52df5684e8cf4f77ab9c4a01618ac757b09655b85b92829d21d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a57c94a084e0da2a4111cb5a7129def

    SHA1

    dd63e688199c23255711f25bcc805e7fefa2bfa8

    SHA256

    564edce7d1fedaa8b0f15aa3b70a3ac23c06785cb7866c22494d9c91f1ab2d47

    SHA512

    64346691b5d28c845f6ebb9c0ae4f0e46280a50272bebc42f86f08c708d7a3287cfb2e96990e718bd5534e36883cd34a5166d10465c86de1318d5891a8eaccde

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab590B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5D72.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit