Overview

overview

10

Static

static

7

4dea018509...a3.apk

android-9-x86

10

4dea018509...a3.apk

android-10-x64

10

4dea018509...a3.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2023, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    216096cb652675e2c0409e513e65ef66

    SHA1

    547f8c12413ba99241b2bf44a589f1cc4af954d9

    SHA256

    35e87611421fd472306934db7aac64559533382359b9fba10cd897f5f1f2ac5b

    SHA512

    7c191af0160baa4f94abd596b55ca344a036826384a67fbd4a32adc6d2ef84a5c832bb49fc9637b5f23cdc5d5f65e33122d686aaa53510ce7c63478b35c888b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45669b50d143a74af2af32d77041436b

    SHA1

    ca1d3de9ecb4b261d07d60796f5e7ebee68fdc68

    SHA256

    98186ab1273e43de75759aefc1513ccd8829eccf863c5672e7e80ceeb4ac08f7

    SHA512

    56a87be9a39d416fc4324e220ef7399ef09a1b1311a4e20e3f819dfcc0482c3dc2f1f97d62ddfc9d8bdc134edd83cd8b73bbb90b4c58004c164ff61713156851

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dc6ddc3333a1c5344d17c7ecb571c1f

    SHA1

    92143a8115c1b9c8ba5408299165de87d59a20a2

    SHA256

    07d9fc4121707daf39c376517c2109d05136a56eea2dd683a437299d13aedcc7

    SHA512

    e704e008c9894562b52662b41f978050aac193f67ac0022c38dca46504aa81e8fec9e53e5851238617c9a9118e80053b1b3e393499303b7905c82476bbfcdc1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3123ea493261a212c42b0637bce5406d

    SHA1

    119472d5d34585bf31b44bfc7f4d55e521da56da

    SHA256

    23222d8ed317b5389a2215315c8dac63438efde93f1638b46de02aded1fa3b25

    SHA512

    a14ef09fb832f465f4053c6eef75653b9f1c8664a031008a49376b11e0162592c33723c2cbb7c64812f3c11f710d783bdbbf387dd03fb54135ce858893f141ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b545129390121ba8b2ab162b4d30bdc

    SHA1

    8191f087ba42a8772d4c2fffadef14c8e08bcd63

    SHA256

    055815c095108f723fa16a01d9feb6192a24e8a29503ebad190a0abd14f9905e

    SHA512

    e84ab16e5f3eb794810c829e04f7b9a6ff9f09411bfb5eed18afe33f827cbd873411e0f12f4b7879212f7153c6af297ee6775d5f0d424d3c1e147ea9baf9fb63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06b3c784ee32d0a4239161b7b158c7d5

    SHA1

    e49331661de6eae940d90af43cc0bd8bf0f349bf

    SHA256

    425d6349c5546b299f836bc8075762210a84f4f497081ae96493161bd54ddc59

    SHA512

    482a3bc4ebe352978774cc64f6ee856fb2a7fa04ac1edd61b15a444d19eaf173806fd7e13ad71bcb6d65dfa170f124508cac3b331831eb9fe55e2d68c53b8c29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3eeb975ff4c738cbe6999aa83a28c5a3

    SHA1

    cf0c9791a3957ff5f473d318a8301a1e4e4c4cf6

    SHA256

    40b8ce024b8e5cf2b3b1c8c85ce6113b2dad9a652a4c75e4a0742f5adfe08484

    SHA512

    d6227a09183e9f0c4f494d438eafd18d9924bd00c433ed0c8b9fdf731cb423db47fcc5fd45ad27d3f08826035ef4cc91b4b8d4adb77c33634bf7a740ab6531c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb1efd07c05cf7eb927454a15d641314

    SHA1

    635c9ce01304cbf705928cf5ff97f61100893564

    SHA256

    f4b55213047fab15f355e982032bbe3d152571fcabe3392a2ca1c6a0670db319

    SHA512

    189f965d6c334b35004bfbef57612fd9134bdec288500191579b47282f8991c80cb6d21f98b05240846ecc81e07bcd3e7b7395bd10705a67a88e36f1c227ae37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e70d0b78d6fbae143dbd49c85dd0d9b

    SHA1

    b10dbd6f7cc231da771bdee4fc754783bbf680bb

    SHA256

    08ec3bbeed6343dd199e7f2e43372dafc8a134863c384448d7945c72c18e5126

    SHA512

    6b084bbe3d94951541fe26dab0dfa21fd903debee223aba20208b5035256f55f632bdcd4266c582f8a35bae167f140a1584b59f20e32b3507d5dc0a7d3d6cfa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b6cd79be39a6dbb833311750b7800d2

    SHA1

    0bd2786792691def78030ac2ffb30d3f3f7cb22b

    SHA256

    cb72f52463ef752a0913f88609d7739ece76eb52c2ae3d12240865c6d22e1099

    SHA512

    98c6984112c0c4cd79435be3ad3231e619b67dcdb12d30a433715fbe1659f3524d6de79da0953ef59bfd712960b07deea9527cc540869750efaad9029d5327a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d20584ae80315211f5dcad6570a93e8a

    SHA1

    0948b2e0952f72fc65b118fd83ad3e42fa135de0

    SHA256

    43373bb363d421da71bcc5fd3df7dedb571d89abf8c0108dd2f9be122dd02de8

    SHA512

    ba42f77a1290402cda780ea9aa0221d29befb4ae90d3ee3324b9240f399b753c6eec9265dcc52a1b1de3135ca61f2277d02c73d31312227dc31ed1ec144a9048

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9ac266d9cdebb00b9bb43cdeea483af

    SHA1

    afdba84e6c47edf0b21deed93e5d995c3a601b09

    SHA256

    ff0248dc3b7121be1d7326286bf41e9528bb4a862353d5328de1dff3fd3d8130

    SHA512

    0f22658aca7c20fb66f04b6a76dc672e310a04ea17f3b945bdb19b94b5a25230d14fc698704e1e14fe488e01d90d3571299d795edc26b777b453a5d2335cf4fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44e6661b8d3f3c828fbf4e5f2cf473d0

    SHA1

    0eff354767240c2250ac5136e94f6e2f9ac7c8c8

    SHA256

    5e202b0d67a526b04aaf9b8804c7d319ecde7f3fe984c2c9c35e8eef89b4095d

    SHA512

    14b145ad3257e42fa5ba1d58052ae710dce10ef0176406e78c6023c5ac35ccc8e3d000b11ef4204a23f39350c2af76cd2ff4c4e49f0dee098d4e49d73170f2f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c73deec5c7bd67d1500ef283e1bc7485

    SHA1

    5f33ac4aa1bb5383b34f68dc7a2f03cd471b0043

    SHA256

    2e5a2d80ce8c7e23bc9d1ef69a7e3f860223b8fc4afaec395cbcc355fa9a78b8

    SHA512

    4bfc121505869ec924d01d41d2926e48fcdfcdb5cd54dee077fd4ef11e345a0ecc861c56d2bf117f4a3074ffcdc1323afa3281ee4e356ee4586ca42b322dfe07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c90fa16a8617324165db84f843a5a30f

    SHA1

    41946a683e6b0ede3e9e728752ad24ccebd9cd1a

    SHA256

    bf6c101f1bbb5448456656dba46058ee54c1772925542c6de5873cea39f58f2e

    SHA512

    4bcb7d1323de4fe36624f9add67d5bc9bc2530759502765abf9e6847a39dc588f43f046aa339035abe12ff08ec3327ecb0da9e2be054c90351e8a2f2dcf7b0aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6225e4da5baccb7c6a94a3ef8242d431

    SHA1

    26fee25dd90b7423d8abce3e28c2f610471972a6

    SHA256

    b70e4c77fee147060f9616704e06ba9c3a10ce7cf7c80c07463d8bbdd8593b83

    SHA512

    1e126568079cf20348587e3f178965292187edbe1ddedee186a2fa550f4787022daa6c516ce2b48f974ae494ead52ea99cc710f857bcf86030032882b8d05b94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36b2ca3cfa54386888beb9f7b729295a

    SHA1

    91382a27f89f5b05c4b5a95d3da4f608ed0e2225

    SHA256

    140b21239e6d8954e03c61281e94224536f265ce50ee5d2549f5f90e3145265c

    SHA512

    3c4c0157e3b70ea9d9367e5483967af4b0231d49e568f336d5fe044b1167632f83023e4f9ba99c4fc3fab747a963991e1082e332f95f430051a3e7f5f338a944

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebd11705ac84c1b30b2169f2ead6c062

    SHA1

    f6034e43c7f5c2b30197082d5de91d1824623931

    SHA256

    80c31fae80c3be2a0c16e4216b3a66b4e2b170ef7df63d3dd81259095c86632e

    SHA512

    4386ceb4596d4eaa6587fe13dec5d37708104587a88cddd0ea3c864ab3808fa5e3563c5908ec1c4ee4d2acc2fcbd38492c1b3d8b703194d0e4df607a520bbf28

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab840F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar84C0.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit