Overview

overview

10

Static

static

7

c4ac30e739...2b.apk

android-9-x86

10

c4ac30e739...2b.apk

android-10-x64

10

c4ac30e739...2b.apk

android-11-x64

10

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

CheatSheet...n.html

windows7-x64

1

CheatSheet...n.html

windows10-2004-x64

1

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

chartjs-pl...min.js

windows7-x64

1

chartjs-pl...min.js

windows10-2004-x64

1

hammerjs.js

windows7-x64

1

hammerjs.js

windows10-2004-x64

1

jquery-3.4.1.min.js

windows7-x64

1

jquery-3.4.1.min.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CheatSheet-Algebra_zs.html

  • Size

    55KB

  • MD5

    2c5cccb517b741613ad2c1f7a1cdfd85

  • SHA1

    d395a1fcf335361ceffffc6804af5bc8ec6a7cce

  • SHA256

    f7e09bba5c901b4c216d77fa99ff7b79e970a0578ae32be9ee67c3daf880d59c

  • SHA512

    83dad758cf7fbadd1aa2450353c57aafd9ec3e94144c3a9848156a5b9ae37c95b5d48e86fa17b666588f1871af6a203e8ba3abbabf77e10f16836d65e65d8ee8

  • SSDEEP

    768:omnahvTUXSAYQ/zrwdR6Aml9LOOJFP+VH0G8SY0ANEn3:z27U8JuFP+VnlYTNO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CheatSheet-Algebra_zs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    282eba019e600ac47f151a3f267c7271

    SHA1

    5c9aa2c42ceeb0f91173c2d33b4c8d30c2571f92

    SHA256

    6c2b78519a526098fa0add718b25bba0d18daa18219b9678e5c2c1b770170d7a

    SHA512

    738de73e860b55b4b2b270ba4e8a99dfeca36f612be8c475da22fa188d1c40b46ac6b36e4b0fafff216ed10e824f792b8de39e707d8844c8b41b8b8bc319d24a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24732a726968bd9291a09046933d44b0

    SHA1

    fbf65ea3440110747415a6dc5e0bbc78f31ac20f

    SHA256

    872689319fc57bbbd6c90ebfe30e63088a972093ab9bccb8f9eb935c8c87efd3

    SHA512

    0eeb6947ef6a36b2f326133c8a4a9e826be3f6753cf95e828efa5ebd85a103291893ba6cde7138e5840abe5ab00837ab7c96ff11a8623f8db5ffb0d3c3807240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9056d55635af9187063487a60b3b17bc

    SHA1

    0fd209bd9a9a6bc5525712555a2f9a551f868f0d

    SHA256

    ea037ba9bbf804218c263d128992d202555abd7db70c08b84b894fc55a7f0f27

    SHA512

    c33b7e0cfa2c5cb8bc1c30627f592482ab1bbc90f16c5ed2385d704c3026ab69a163b7bacdf244cf390424f2292cc34f6f1b89b2a95e3272513c819b9421cdd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0062ebe1b1e01aa046d46388de57f3b9

    SHA1

    a5080779d1e5a16bcc9d0101c37ded7d940c20fa

    SHA256

    96bcb9fe1cb09fb0bcac2ac80a585c077ad970c1052efe847f9d7788f48f7383

    SHA512

    9e1021d562d8831eafd35fb433bf09721e580629629c7b1473b1a186e8cdb511e6f615414dc9257a65775e1f5d70e8aa9613f63363da805d543cbfce2f696d41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14b3ab8f706e746bd3770372a7401612

    SHA1

    f8a5174e4e18a0272323fb14a4e6f92e8d222102

    SHA256

    09d23d2e43ae013301bd809ea7056883e90a43676b1f97ca67ad4b75aa9e3ec7

    SHA512

    f739fe97d1c47ac8c93d57ed45f98af010475e9ee60cd7234ad63eea5216500dfeeb802df12b46a9543076e8e898c5a8ae9cd127dfaf08fb73d3a8151e499ff8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a6918229db00974ac8a3e36e1ba437f

    SHA1

    624cb384f52795386f8c9aed7f971101c2d0c171

    SHA256

    36695199bd0b0e52cf64c8502a8519c283c3f4e0c5059f3967f034c04c0392c3

    SHA512

    9e5b02ef9c8345ecced1f29cafd37c4196a7f3a283c97ad973329ecba468fc07821b453964f9364ec2f3d412cd17b4b43c4f6b1afef6c4f7846a342f0095ecbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15562a63c6e0d8ea3ac011ad8718b7d2

    SHA1

    7c24d6d6a2634a98471f6406ac11390faa05fec2

    SHA256

    e5f115f747baaef9a4a82edd5c451d3467f4d5581d79ff67bb4a1d3f85837026

    SHA512

    b4aa39c84015b86198b49c9e59ee96c5be185faaac9fffd58a5dbd324aabc4a61ff38efecec42ccd66feec9ad929fb04a26c3486bb7450a54e4da84a67e8205c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    229eaa38c8a166e3d0fa407423574388

    SHA1

    6b29daf3a69b958d5e23964db825a14db9cd5212

    SHA256

    2d48b0c50c55f9ce956b78d91493eaa2f2d6157ffaeb142d082d8c5601f557f4

    SHA512

    c9486cae91260944dc69bb9531f3a1d210de446c312ed6506106a2892eee73564f8039a1e787a911b7c13eb83aea525e31a22533b80fb85dbad67d11712c25f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7A13.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7A45.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit