Overview

overview

10

Static

static

7

d494040139...78.apk

android-9-x86

10

d494040139...78.apk

android-10-x64

10

d494040139...78.apk

android-11-x64

10

medialib.js

windows7-x64

1

medialib.js

windows10-2004-x64

1

mintegral_...t.html

windows7-x64

1

mintegral_...t.html

windows10-2004-x64

1

parse_movie.html

windows7-x64

1

parse_movie.html

windows10-2004-x64

1

parse_online.html

windows7-x64

1

parse_online.html

windows10-2004-x64

1

parse_search.html

windows7-x64

1

parse_search.html

windows10-2004-x64

1

watch_loading.html

windows7-x64

1

watch_loading.html

windows10-2004-x64

1

ytaplayer.html

windows7-x64

1

ytaplayer.html

windows10-2004-x64

1

ytaplayer.js

windows7-x64

1

ytaplayer.js

windows10-2004-x64

1

ytaplayer_...sis.js

windows7-x64

1

ytaplayer_...sis.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2023 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    parse_movie.html

  • Size

    2KB

  • MD5

    16e55a288dbbcdf5ebf301716beef02c

  • SHA1

    0b87695d2bf106db0c3e071f6c0a50af82fb674b

  • SHA256

    f34f9581110b58ae4bd6414ba916a1ea8d879655fb60e22ed0cdb2c549f1d90b

  • SHA512

    f41383fa0e8c6053c3aea67883f7dec53afeccd97deb27882611ece0324297d39a32a8e620b8992ff91622daf5bbeff5f610e396c3657aef88035511a0d8853e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:844 CREDAT:275457 /prefetch:2
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2288
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\parse_movie.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6027663ea903ed3604c7bec6f643b5e9

    SHA1

    a6e1176e4ff07d972400cb488167ebb73cc92728

    SHA256

    1c38804f20b04e4bba5fdf51f53fba265518f37e5e2962c8251b568b2755564c

    SHA512

    8e47299f90ffcee867c6f685a7130e1eb78ba3b27588c418241327ca66c5b519467c5a2e0935915df625cc8cd4e7f11153d2a00dd45979426b1f2e7906ff2d83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63556f99dd5b0b61ced1aa09d8c030d1

    SHA1

    19131d3daaaab9fb27a468aaaf74dfac78e4996b

    SHA256

    282c7d52b3280d0a1ba8ca4d4e80b5898e3b61478c8375edf8a3ab0030620f89

    SHA512

    03be13afe7965cbd5ebcd62d4ba8e7aa16bedc49b727e410ba261889c14b34ac82fae706952929ff5aa49d89b8eae0500c474b6d00024dc4a65ab4b1768f0697

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b77f4d4cbffa0e87a5de998c471f0b1

    SHA1

    53a247528e6ba8c6e404f28b86048657ebe2ba5b

    SHA256

    3b9ca9a6a75f1ed5cc219494a854eedbbdc7453ae6d3a98c0640bca042915ceb

    SHA512

    bf11047fc04f0e670e72a9e2a213f5cc4b605020c3a387bc8d39f0252aaf39b694c3a7bf0a307bdf6cbbd9c26109574bb0b7d9b61550dbe52291a5fbe04908f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4b356533dc9e89d6bd22f8cafb2971c

    SHA1

    2e78bfc8f3cdeafc034fc81485a08ca11a8475b9

    SHA256

    7f3f7136bb280fb33e25a41b0b150a0a33e17125a4a87dc19b132f63eb70897b

    SHA512

    f4ce5fb5af964388ec4665cf651768b805b2ce7b92abf7699536ca9495d86d7dba5928a6bb39d34c7496326ffaac9bcd32aefb4b9866b5b6bc3d6edbb538f105

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fe99c7d7e3b0cd1e4401719dc23e1c6

    SHA1

    3178a5530eb9d5793ed3f362f621ceba4374b4c0

    SHA256

    82fbeb36460fa4da40f58723e4ad9531c402e95200d562fcc8ce9545a15b44a0

    SHA512

    9292257c4c78625eabcf7c4cefa0c36e78ea7035d7b266475000570de83c59d6588f5a5a0bd626859af7ed966859132f6da5c19eabb766708282ab8bf4eb0860

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fdef8cf32433bfc6ba6bf51219340bb

    SHA1

    129f737a669112a755e81e08138cbbd22426e1f7

    SHA256

    e9e1fed0ddfd388a0c2ac89096cd88ac90b08f5ac0d5ab4ff10b6c9a8a6086a7

    SHA512

    9ee01d6ea30a2288fc41313e63527eb2d2f0207ae2dace39c1c1843afc59d2b2ee15646e80decc05ef158d9c71d6583a499382dd1148e52449eaf7ed998f2dbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7180220ee0810c50f338437253025bec

    SHA1

    4ed61df5cb35da65f7e6cc417fcbc3ff5683036d

    SHA256

    74864d947651dfc1f146ab0b7bba8480a9b058174d3b5ccecb2cf20bb4b12463

    SHA512

    44052813a5dfcbfb528b4300ec06638c64c333ac77e7ff7c420e504ad35ed0eae6f9de3c97450b9237c4e904b3f355c9d81d3b91e225a2e2bd7adf54196c8065

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f045b35fa976d583dfbbd56b23221bc9

    SHA1

    afe83a4fb67b04b295642f6d5e2c4769238a9442

    SHA256

    322f56920db44b14dbf5387ade2dc1eee0b28813b588fc742b9ab6b8f800bd03

    SHA512

    6209399a6ba72cd728b2d73725af5863ddac8e012c33723ff2cf32a0167727db964d6ca3f9fa361abc56a134c7e4a4ad1e7076a09e60bbed57737dcef119c193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38d2499d44e89e7372ea2ea93847dcf3

    SHA1

    fec3ea8d69c1fddb94d49039e7bf9ff792b2a01f

    SHA256

    01bd8f98b4ba9d9f5b5470a80f3975160b2995b784d27806ace279f416ffa8ab

    SHA512

    faa7a156999bc720b1d43981ccd6b0669c415caf1a4ccddc1bca4405fc178c4b380d3ba33e96e21043ce2ff5f7d75351ae1c4ab25c53ab9e6cd107b3caa2d771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45dae4dcfd015b595c25fdd36aa6dd32

    SHA1

    e12dc29d3826fe5c1b7c53804db57610c10bcae4

    SHA256

    d788d57e5dfa81506c4923b5fe91393f395896f396b0e1f74e5cc0141f632afc

    SHA512

    ff0bba81e7e3b919805faa4bf9e93026eb75cb613d664d125182123b685bf2818fa6f755a20c4358ed3abe400a9db50d1e3f26f2d132693780c79f1e76bccff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c54d91942d3758ca59b1edbaa35bcbf

    SHA1

    b165427417092902a842799f7305a0ff85fbbf9f

    SHA256

    d68aaa3b3aef24581340e364ef9c4df36aa06e1e257e10a067ee6d967ef00c19

    SHA512

    eae062cfff02475f95d3296e83094b1e669325b1323984d67239f2243faa5562f813b5bb81cda68f440e6990afe1e34a4b3db274af65e9c1190177a177e61c29

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab62BA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar637A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit