Overview

overview

10

Static

static

7

3f39c2fc43...5b.apk

android-9-x86

10

3f39c2fc43...5b.apk

android-10-x64

10

3f39c2fc43...5b.apk

android-11-x64

10

about1d.html

windows7-x64

1

about1d.html

windows10-2004-x64

1

about2d.html

windows7-x64

1

about2d.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

scanning.html

windows7-x64

1

scanning.html

windows10-2004-x64

1

sharing.html

windows7-x64

1

sharing.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    19-11-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    about2d.html

  • Size

    500B

  • MD5

    d24878534b76beee9e9d1418bbdf44c1

  • SHA1

    4b0d80de54c5bda3717347047295bb499e9e10c9

  • SHA256

    4d47446de41089c864ae38f6c91296f8b7f0a2f84d8310ee077cd1f8a56f5810

  • SHA512

    e48dbd4d084b43c568bee15854d214920181c750a4b0ebf3ae217f0ec6b73c44c23127a930f38f4630ab8f2dcbcbe2479c82c2b6fe6a336f1c1dfa1fa9b16bf3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\about2d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9ff01c4b803be6330fd1566948368f3

    SHA1

    3e6e9bcba79a0442ed9d205fa057c921ac31c9fa

    SHA256

    275bbe16cc3d0b6c0e630adf9a078badc225038b86bb2881e2d2a50a954b868d

    SHA512

    cb84cdbec822588c2f69172c26cc639db1e24d93fcafd883cdaa317a1c6c668992ed5bbec79850cdbb6ec886282ac57e9ead961f24e4ea3c11cff095685cb5c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a522d807202411ea4f3f3d5d771f6af

    SHA1

    c5a2aae5d0ae2406d993560dcbfef734eb3fced9

    SHA256

    7fa0db4f1abfab99ee19d3202650707cd459500fb51e8e49355a11935b36a6fe

    SHA512

    e1cf1fde9c6650f1428f4eac997c260153e9f4d275c96cdf709f20e13cc5d16fdd4653d1f8e9866d8e0dc07f94d9780f984fc6b54fb1046b713463f035cc7d41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bce38a26de8bd3007a2919941b9f7e26

    SHA1

    9a430dc826503b1b6e0e53a68eeb1dd49b8cb8f2

    SHA256

    fff2e4ecc11906adc22179d2a1d35e73cbb689a726fdf7868ede366f854d8efc

    SHA512

    0df8ee628f545f27c117feadfdbc92383555eb8c9694eccf2cfe0849e45ce4044c2bb766e86b2b495655a10a01de72290058d0ceb35350bc4d4749a55305e935

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    accf7c45ec93598ca7fecd552cb6cd9c

    SHA1

    1ca0545e02f97c86fb1c12421ba4bb0aa399f69f

    SHA256

    88a6bc0eb08c633acd5821c439d334bd6f446f1e03f9f2318a663371d04270e2

    SHA512

    63c1b22ae30d2563036150ecb934622f25aca33a8e03553f91061ce815b5146220bfe3bb0b31ace33c2ed0b41cecfb39749c4664cdc8eebd497b7b130803dac6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24ef1f669893ca6a706a1426bca28ce6

    SHA1

    28b4948719a9322f96399ec51fa3f5436ff4d0da

    SHA256

    a07a55d516a2c3b9a516e06cb3492bdc8dc98dcb382b5c5753f4b9efd6527508

    SHA512

    db8957c3b8bc2d2750b5f8f6e1edd0f7d4b6f96dee58619e1e49aed8b7558ec1088302d561705572f35d0a40a47ecec5130937befa390f822453e6c75d8035e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b76d6993fb208be2e3ec96d1274214c

    SHA1

    081b95cc265e7c7fa83a8d4e8889ec7b85bb9dd8

    SHA256

    14517509702903272bf196f34506271c852e6f789dffb553f3e3d4e392e422bc

    SHA512

    3c9185f9e50539c694b4a7a7ddb7c7c546eb4af35ad2f51ff206bfba1b8be74f14d98a1b77149ad4f7844b75ba20112d807e831ae5dbc291853923fef1883ea5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9867942227c1eefdb801cd5fcebe3ca

    SHA1

    152565896343131102e037659ca79061d22c7262

    SHA256

    8cc4738cdf32cabf23f82abe22303885cb2f3639840d4538d811119fced3350c

    SHA512

    20484ec0f63731c214c50db1f13e8df35c06727466430aa30cd1320376cb3e5dce4ffc7e9cbe71d66efb9f9ca8524c3196b3136030ff7ca85439862e9fd318fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e67f7390a25a9c4056961e26268106d

    SHA1

    f2d3af8c4e82c959234e7132fe32b7de9a8c5c38

    SHA256

    ed5bd4c536738349fb6f963444d64ceb38f32c90c506ec69ed27dd40c54782de

    SHA512

    b39db0c886644c00641f75108e5e77bab8549f45534f7569ec2f9b06390876001d80341cc2fe99f53986d108225f77334ba87a4b2b8f8266f18872e3d74b427a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    838d35029d861426aab3f717c8dab19e

    SHA1

    9948fc64a4133a6bb0ac5a093091d05bc344f720

    SHA256

    5023b7e8d5922512632446e1499ba14a4b6765aaec608a97d467072160db9ca0

    SHA512

    cd7b13dfba4da60b15d29ff91ea47b1c8fab0cdd1f6e33098c4f912fc9a65b6fe503b91296de4857a94cd0835e2229c66a903eb7249bb5f6c1a42d1f1e5d9016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6A3B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6AAB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit