Overview

overview

10

Static

static

7

c4ac30e739...2b.apk

android-9-x86

10

c4ac30e739...2b.apk

android-10-x64

10

c4ac30e739...2b.apk

android-11-x64

10

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

CheatSheet...n.html

windows7-x64

1

CheatSheet...n.html

windows10-2004-x64

1

CheatSheet...s.html

windows7-x64

1

CheatSheet...s.html

windows10-2004-x64

1

chartjs-pl...min.js

windows7-x64

1

chartjs-pl...min.js

windows10-2004-x64

1

hammerjs.js

windows7-x64

1

hammerjs.js

windows10-2004-x64

1

jquery-3.4.1.min.js

windows7-x64

1

jquery-3.4.1.min.js

windows10-2004-x64

1

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2023 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CheatSheet-Derivatives_zs.html

  • Size

    51KB

  • MD5

    474fb21ed6466ad2aed3f7a5d3cc490d

  • SHA1

    24cdbaec78c1c2a3b409af9253f0e896d28a9f71

  • SHA256

    2c7af38860a1c0b8430499d5ebf66a2582e3b71c50687c304faf4f1f4b4463a6

  • SHA512

    cfc6721a73e96059ae7f95e32635e03fb0ab64421a62c527ddeec153e283c03013f413a065b6bc32d9f716e75bb21deeb291a1b15697d996d9d059b354a20bff

  • SSDEEP

    768:omnahvTUXSAYQ/zrwdR6Aml9LOOJFP+VH0G8SY0ANC:z27U8JuFP+VnlYTNC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CheatSheet-Derivatives_zs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f79f1f4ec563b57df3fecf4c58c73c7

    SHA1

    19982a1410b5a8b3a2e94e496d087fbbf0ede00f

    SHA256

    0838e233e07b5deea930715aae2963dbdfb663798581276cffd6cda5f6932ba3

    SHA512

    dad5dc66c3241f0ed1a2d10b9d787fe93e2149720644d105c966e2d59609c7d3b875cc13329917dc64b630132f72d72f62330745cab737f611ef06257ac4f700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27ab10888a56920705941729863236c0

    SHA1

    c556ded4a6c42c2fc208874817f63b57a888aa53

    SHA256

    581f6c421084368ad876a7792b8974e591c3f7174f1d2ac9a46d0a0f2aef5e5d

    SHA512

    9de9ef1a7c9396cb5ba6453c2d3b9ae5f4ee8074678ef8df83b5c42b840e738f4eb303a86f0252cd6a4825cb0533fd949ab4ef438cce1b45a310713316834323

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fdb76f3d35319976ee60850722f70d5

    SHA1

    99dce1ef4b657bf2c1af6ac1121065d98a6e4c94

    SHA256

    ccac85629c3bd864799d2f034f37030ab93e8057e0e8b6c052e791fd88926633

    SHA512

    be6f9b46ea6fe539bb4360e4fc09fc8ce7f37a7af091985a0f177d7a891d66443711417642b24a23725066dc8a5c553e8759302de76e08dd8ac8cb160fc84c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49786875f227794b4c46272dcb935558

    SHA1

    d13e010cb560efc85af8e6f3498f8d7e77ffcc2b

    SHA256

    43721798a876564af86a03b8b3370a582dad9174fd40fd07c3304eb93eac1ab9

    SHA512

    55c742b647d052a267780c04f2179f97495579562a473cf67248c33f2fffcf15887a2a0a54a31553ebb7df7a8f835db5930401c345ff8e52ea1b821f2717fadc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ff076ba4f376c1d76ac645aa6e1d60e

    SHA1

    e00302833cf17bed609f393cfe4b7fe3d1b28886

    SHA256

    979693a9035e1c6d6f025091bb876571f6fb99e253517ae8c9a0bf33415b29a1

    SHA512

    904feb92c34b4a0057f31ecf852fb208061b37c2f3daaccd49ca74ba1241f52c63b5e52fc9f6711283a6430c71e98f4f9eb39758f0e14cb8975ce5cadc06165d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0644541b19fa00259045c1e104bd6c8

    SHA1

    bdf7531cac6cf1a9cff0c7590aa1e35d063c6497

    SHA256

    4a91282bfa45ff0058f32f275b28faccd899d0cd9e296c1c9cca1f6853ed3f10

    SHA512

    7473ac10f95c1cabc22b5e9089c221364472aa45ced1ba9870afadd27e42d71be98384eb96033c08b7c5e8ff7e7d9fe208e914c2e9c753418dc2deb86cac4ac9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa8623079cbfec70ce7e91a654f8eb5c

    SHA1

    a65a19b071a08513042bd2508aa7577a8b6c067b

    SHA256

    989a9f41e4886eef105c54b96f576de3e4c27521c2d4650e282a37aa4fb1c210

    SHA512

    45e109a9acf6ae8f4da7c4c7a2e906f1dc6aa5715e0e966751797436b6214847f5440b138f0c0c2506d9267d703505b204bcf41c1e213b1c5c9c36ffcda0ef90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce9d91c1a477e5894aaaf3cd5280b1d9

    SHA1

    f2296b76504c7e53b2df71cbc611c05a9438712a

    SHA256

    7f8b7e72432d0fd23ed94d7543c807b09c3bd444a3a3e1f8c72855a61999df25

    SHA512

    bf802becc64a183004e0d18d20c94f2c9c96cd574980e8708713416b6f31dbe4e1774eedb9289972709a425cf3784db20d7a9f360bd71466933286fffdaaf899

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19b8945f2e36fff5a37601729f3dcbae

    SHA1

    c4ca3e1cadba67f7105b448efcebc5c52321552f

    SHA256

    3efc6192a0c2c74772ba38744d654115656885af78f044d89c2d88a020ee738c

    SHA512

    5e879b0a96ae1a2ef05b8811f4170178d9110ab4bd13a4e8ec30e8b522d0b63778f397dfc047962c5654bacceddcf79988eb09a8400400d723eb63aab04a0535

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F88.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6FF8.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit