Overview

overview

10

Static

static

7

f6b896016c...60.apk

android-9-x86

10

f6b896016c...60.apk

android-10-x64

10

f6b896016c...60.apk

android-11-x64

10

closebutton.html

windows7-x64

1

closebutton.html

windows10-2004-x64

1

core_wrapper.js

windows7-x64

1

core_wrapper.js

windows10-2004-x64

1

lynx_core.js

windows7-x64

1

lynx_core.js

windows10-2004-x64

1

nd

ubuntu-18.04-amd64

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23/11/2023, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    closebutton.html

  • Size

    981B

  • MD5

    c8efa039f4f84b2705a8e3a3b31da61c

  • SHA1

    669749429feda1599c4ee980cfd67fbb1a54c1a4

  • SHA256

    494693c2ac56ecac1a2588c25631e1bf71211fb0f06108649a983c879315b1aa

  • SHA512

    db6c9817469c937a41eedbbbdaeb21a0860fa5228258978fe59d29c75ab1497b8d1a0ceaae2b236206d6935e186deaf0d83a73791658fa68a985dfc5c314aed2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\closebutton.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34fed7911b8b313eae8d21bed112b13d

    SHA1

    8bd90f7afe93538b95d1767c4ba6b0202951cf43

    SHA256

    1b5601b01080a09589183a50579d63aaaff7efdee00896f1a3b7787f210a4744

    SHA512

    1afd43b98054d91fa220291217dbaf2df0b7f248aa3cb4ec7dbbe4c94861e2b116c8c3fc8d9ad7cfd41f3589ba9569ec5c779ee181942b6a864b091897feccf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4ab1bb41d06cb6bd8d35b736d31952a

    SHA1

    1242034d53577649d00a73df3066b15899cab95d

    SHA256

    58ec8c7394e6c483525bcf2c1cb55321a49e13afa1e144b0cd81c1857d99e497

    SHA512

    529bee412b4df075b1a8b329ea82514756195b97adace432fe771f779717de39e775d12dd728fe91774ecd57c3fea3c4a7fb427ac2dbf3451e386a12f2514646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a89eb137ecc028d391d098e892cabd5

    SHA1

    3b7d27f8302957eb6ef41a541b40db4f3be7eaf8

    SHA256

    87103fa5d7a90ce3e7b5890fc966974149ce6a273244a7068c4a96f66d474e3b

    SHA512

    3c5a90f7bda389545341582266b794484365a3a42e37263e7600cb9ddc4296c8253925d63511340f3fa25f4d2084d934e10234a8efb18b63a8e6ed61244682c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28c99732b991573a3f839d97c147fdab

    SHA1

    3e7d8e872c5b4db4051023e81a16ce7acc507ff9

    SHA256

    fe822a9f67ef3444c0339aeac71ab96ce1a8ace006bcd1c49a82e87a3b0a91ce

    SHA512

    fd9cc7963614457ea532662ff88544b1e59467182383e85d26bdc617ee3f523e93a33ce8841fa8d053f13b7399f22c9f3c5f55fdf73fbabebb520d199fc5136d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1bc7732bec727fe83c4efe7d6e75528

    SHA1

    c950d1656633713024ac1a724ebf4a517e7c4cb0

    SHA256

    44483511d181c9dda9fa8191a37538633948fb2c064559749857a1fe75d5ad28

    SHA512

    e628efc0b570679e78f8b28b62fceb3b0e2b8d5ca7e18d18df790db8806ea500a84f8bc7a2f62af3ac1033dd9090b564f8369dfc92a4f7a297ebd2709a7f5630

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5457dd11a80eac38045309f45ca5b6c

    SHA1

    e41fe347fe4d9b0124c8bdc6d92bffc5aded3f6e

    SHA256

    009102608e20abfe1cd9c56698c29ec47f1eb1a59bea82f295470e3bd1610715

    SHA512

    13571206313162c0f965a9ebbabcd97e3766c22fb3bcfc1297e3b2ad709c986a666d24a33b949e23895b374f9743d312116dfa6bd63c204427d010569473076a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d843b44ad298ecf4e805d0050557216

    SHA1

    9a98f6ec2c0b75bcf2181a23c58f0cc1be33cd66

    SHA256

    48b1ced799d2d6bae9bc573d8e20100b3be044e6739359bd56de05bbb7c551b8

    SHA512

    2d8cf13ea87fdb0cdd8dd933fd72ec117ce48ee424851d4ac72f95f2146426863ae4135256c4c107a460368971855883e0d761adfe6b08b19bb02e21c33b2bc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3eeea67ffb58787a8a17b24cfa65a3c

    SHA1

    8fb8d9fc841552ac7d78b9e54abac03cabe1537c

    SHA256

    b285839081bf6c2c064b512346ad63ff9c4cde4f92489cd8693372fbd1b910cc

    SHA512

    f484bece09888621fdc2539d15606d22e9c2810dff05f2bfb97ec11679aeef400c5c4065a743be062616254786be28d83563938727ba8870525f5f1173adebe4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    531f981e83d763addf2f841cf4ee0c9f

    SHA1

    ac8a576712397512ba801281ba9b44668e2421ee

    SHA256

    fb3b391e2e96002dcd341a4696406baba731511d0ee97d26ce5ba5ace37a85aa

    SHA512

    d58479a829f866edce4c96b1caa5a99a1174ab391e2d88dd501aaf4399543e4ddeaf0be5fc8ea674c6cb647848806af54c1c78b304a6d1d53658ee9946724f4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf5efdebf3d40c95093a2d599586ad51

    SHA1

    4082299ddbe48cdf7386ecfebcfbbbbfe4cd34b8

    SHA256

    8bf16d7de41b0e30bf4240e9c012112083f3bf975bbf667aa36b9a3afe370ffb

    SHA512

    115530354d337580a5beaa419f8894bf5400b349f70ba5545803a9da9d624da85e0e3fda04cb5887f541a7aa7b02a5e384224a6b518cb10099f32128da9be6b7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D01.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5D14.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit