Overview

overview

7

Static

static

7

com.gstarm...id.apk

android-9-x86

7

Account an...t.html

windows7-x64

1

Account an...t.html

windows10-2004-x64

1

AddFriendInGroup.html

windows7-x64

1

AddFriendInGroup.html

windows10-2004-x64

1

AddOthers.html

windows7-x64

1

AddOthers.html

windows10-2004-x64

1

Angle.html

windows7-x64

1

Angle.html

windows10-2004-x64

1

Annotation.html

windows7-x64

1

Annotation.html

windows10-2004-x64

1

Annotation_arrow.html

windows7-x64

1

Annotation_arrow.html

windows10-2004-x64

1

Annotation...e.html

windows7-x64

1

Annotation...e.html

windows10-2004-x64

1

Annotation_find.html

windows7-x64

1

Annotation_find.html

windows10-2004-x64

1

Annotation_image.html

windows7-x64

1

Annotation_image.html

windows10-2004-x64

1

Annotation...r.html

windows7-x64

1

Annotation...r.html

windows10-2004-x64

1

Annotation_line.html

windows7-x64

1

Annotation_line.html

windows10-2004-x64

1

Annotation...g.html

windows7-x64

1

Annotation...g.html

windows10-2004-x64

1

Annotation...e.html

windows7-x64

1

Annotation...e.html

windows10-2004-x64

1

Annotation...d.html

windows7-x64

1

Annotation...d.html

windows10-2004-x64

1

Annotation...h.html

windows7-x64

1

Annotation...h.html

windows10-2004-x64

1

Annotation_text.html

windows7-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    12/11/2023, 04:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Annotation_revcloud.html

  • Size

    1KB

  • MD5

    d58e289d7777486ca1b90fe828db7134

  • SHA1

    c69219b46e8358a11ddba526f8c0eeed64193ac6

  • SHA256

    4d28b30f70a3b5ba7683fa4bacff279ee945275cb7b6762b119a5e5105e635d6

  • SHA512

    3f6cb1e9bfda84e1f1ec18225dce5008930a63abca0fb0dc0cf94622c673ef925dfe3f4f1b0afd8901aa8481f1d35eb6151112b348f7bb89fa03af8c02f5c288

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Annotation_revcloud.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2112

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6eb13f502a462dfa8089de3a9d1b2165

    SHA1

    163dddf7dc9fb2e1091b0aa399bb5c12c1a0b342

    SHA256

    9d3d24e07164c9e298560ca90761ff664eda08b27002c333843efc7b3d2ce0d7

    SHA512

    f6252d90896476901c7d9e3dd440fbe9822f9634c96e1dd18ff0e2ab918c42e74267658af977b6bcafd13b0d3fdeb773f331ee9118d413b53867dded1369a3c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2cf7cc5562d769df0eaaed6a7550873

    SHA1

    a8f4ed337e75f539ee6ab6b69d6999b63c120588

    SHA256

    a912844b7eac7b1655b6f9fb0956b436c3d0c877794e545cc7cbe996377e8361

    SHA512

    4156f8b2cb916a6ca5ba69eae5f9150c5272820f3def8c507c3808d80a606c5eb30917ac5a429140905273d6a932f94149cc3aa893efa09e8b40075ca3209f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d43505b1fc783b5fefe2780472bafb5

    SHA1

    7077dbf52859adb2ee5a72fb84477912b04be5a3

    SHA256

    19dc165a8622da923602cbf09ce78becbb61093f83f49b3529d993d4b7ee9493

    SHA512

    584a0706e1071e799a243c337d98a3aa430c2ec394f14a9f01b474e7aa46ab7797b56cbffd58070751bf8f5ebda46481c87b9436f02dbbf494539c6920e25313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1edffdb1b4c6236fb4adce2f244a0774

    SHA1

    0513e8821749df4b9c914e279335d4aac89741f6

    SHA256

    55d6ac14fef17831500cf4404a5ff986d04b4a5358710043006395cda171511b

    SHA512

    5bb5f3ee49cb114c81a75f8f8bd967414f34eca82d62a656ac4d21e78e53b1466d2d18bbb06bc75e4f9a046f5650fc25f15ef36885d7f4ad822356073673ce3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b547308bc87946296b275eb3151cf25b

    SHA1

    d19c3ed841f2eb0d0fdc162b542d0fcf71294ef8

    SHA256

    e83ce43ffd5c54ea13417e12d651003e7b89379f51c07b2ea786c0157c3830ec

    SHA512

    22bd0b1db12881d4df91a7e3b02ec777851a35fea6df1b7ca846dc5bd9dcca2fcf979253cb8f05b34bbcaa754528af8766bff865efbef2c9bb39bb42fba0663c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29c35b37540d6ae5d854c82d0856a387

    SHA1

    e713f1d869590e3c43b775425de5424c8d64162e

    SHA256

    7d5165a01215cab9a6a79f6dd21809d2d6de6448ec79f4d5d6206c8b2bcf57f0

    SHA512

    6a93865e6100eef9c70321e00ae3e29a86616009635f99631c7aae87ddf0cb3122d4366c8ff9835c3b346dcfb4d53bc550e93fbd2973daac415e04c212d88c12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b49a284f101107e227da44b461db7e52

    SHA1

    998f7af1b5eba12cfbe8fe5b5a063b637aaf7b76

    SHA256

    22e7c871b7f36c0ba5f1ef3fbdec8f81c5f57d353b48ff94c54585a0c8625c15

    SHA512

    6828586caced36941692790df6deb7b0ef973ca454a285af04f03d16c0c314d6ece8cd266dae5a036a805156bad66c2afbff55cf48d04f7cfaa17f371042a9d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10650f60311c2caa81b61fa17aa05858

    SHA1

    8c420d342bd0b3ac51465ead40adc09a6ff2e440

    SHA256

    a4e97ac0cdbd10a1413d93ac2770bc7db44589d42debb890b5e3458f7a798f8f

    SHA512

    d82bc119a087fc256c0d04cccae75481f6ba9a7e4e0caf2f402c248668c0e5a3ec8edbd5af008c0edcba6485b3c7c2d39566cd7f9c08e44a50d6fb53625226dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0366792e2c8ff896777371b505ac10ab

    SHA1

    1f69ef54837c89eeb49f1555d8aa3a65ca4334dc

    SHA256

    78a499822a367933522e456ada16155e45ba1b16dcd7d22ab517b367c3fd5f41

    SHA512

    01ba9cba682c42b46647644f39a72ee1589642ca03fb80fcbcd55e33c85ab5c322b422e27ab10b144892cc56519a9e83ee4642ac3213a285c85bc1dc9eb9e402

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3b1a128fceb14a20a5a61dea1e795e8

    SHA1

    16f863cb9fd4dbc71fe66df81b1ce8559fbf3a91

    SHA256

    e7fd90b16f6d43c0adead85a4590955c17885758bc107563fbc97bb71c3961a9

    SHA512

    2e8945f1b7c23230814ff861a7e928f4a914027eb1a23f023a97d06100b62ce6fa69e496a94fdc632bf1dc9096e494e941ce6d8fdf9134d0c49da06d4be30200

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19da3d56d3cd55c7fa7f2e3ed9d7f660

    SHA1

    5d3768c16466505bc832e5ca9e0a82b5a7655a87

    SHA256

    34443aa41ef236a333312cbd983b5ee8e902fe4d24c094902fa28111212861d6

    SHA512

    b3184e18846961b78f2091393c2d3cd8aa65daf2256a34d9ed3df3ceaa073186f7468e7b853eb96ee8de97a136b376b25830c175491e3b1aadc973667ea2d86b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd92f38c99f149fa88faeb3a831f4d2a

    SHA1

    012198d77c2dfe04226ca5d294d472b3defd777b

    SHA256

    4979e4f80684cc23d07fef9225f40dcaa751d9d1ef69733673ced4bb8ab453ec

    SHA512

    42b5c2b8695f046efd9612af1b508d46332a0955312bf66caeb2198d19ba14d43480e0557549be02651a6f8f8b666ce3126908b4a924f4d55ca86eb7ffd20aca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7F60.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7F73.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit