Overview

overview

10

Static

static

7

6457c9837f...ba.apk

android-9-x86

10

6457c9837f...ba.apk

android-10-x64

10

6457c9837f...ba.apk

android-11-x64

10

noconnection.html

windows7-x64

1

noconnection.html

windows10-2004-x64

1

policy_content.html

windows7-x64

1

policy_content.html

windows10-2004-x64

1

slardar_bridge.js

windows7-x64

1

slardar_bridge.js

windows10-2004-x64

1

slardar_sdk.js

windows7-x64

1

slardar_sdk.js

windows10-2004-x64

1

terms_of_service.html

windows7-x64

1

terms_of_service.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2023 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    terms_of_service.html

  • Size

    37KB

  • MD5

    fac701b30a0710cf8a8621cfea47425a

  • SHA1

    6a18b24bf095197d1bcb101a99b44d5fbcd247fc

  • SHA256

    74a5c8ccf4a38f31ca60eaa550583756f2c4022b174f8899316de83847902914

  • SHA512

    861ed00900efac68e36ce60e6ddef20208c6b12fa06e4d0f57f39860b8e14d93ea8a9e659f8bbf7237a856a50d3332f3bf3b59ea522d3ac947fbb52f0c2945b8

  • SSDEEP

    768:3919uv44m3S8RaYwkwr7y26DP3eUvEUggAw:3Mv4b3SsaeW7y26DWdUQw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\terms_of_service.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c90f25d420e6c42d11bc27941b91781d

    SHA1

    a0e70efc5e341452cf5a194548546b568b464f22

    SHA256

    711763e67f4cb1a02d1a694758bbf2e8d0937d05041fe257712ef38c63e121e5

    SHA512

    7fff8835154b34e33a05a9c6157eebe30662559ae30c9c327dfd3a879c7350f8f594e30cfb52b7397b0b7d6a2b44ef6d62b8f8906f286312bb8bc939d1ca5613

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91a6afbfa0ff089472a4818a87e10435

    SHA1

    4b46e095e15b56312f4713d88e0e976f3ca42a58

    SHA256

    7a06e96479479b5350af665e680ab128797b0793feda7acdb785a45b2d612028

    SHA512

    d80cd55e8d509063918e36124e303a367c5a1eb63e7dcf6a9ce02cfa16ba6e73a1dc31ac98bd7229ac5123f39637b01e4af9bada3582d6db99aae0941e9ad890

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f4cfd2d2c5f464a81099017bbb47d89

    SHA1

    29c0fb8375283ada48d9803879a94e73d2e6276a

    SHA256

    3e046f4d7c98e99d01ff463820c371e2989384872f0172dfee571fb6be6c654e

    SHA512

    33a130bb7fd0e5cbb76ef6a1e4a6647a08f611b9c54c824a347dc931af91f21cd6130d28606ae32714246d06afff1d319e93a70a96cd06859a9ba8ab792c6123

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b9a72a84cc261b12c981715617e62d3

    SHA1

    9adabb81ef0339f1e4b5e9c0889bb1a8697eed18

    SHA256

    1eb8523f73b54f8807a2f725dcfb18b467ff64ecbb4dfb91685b29a86eb1f784

    SHA512

    2f10ed35aa6e0354527429a9dcf39d9e24e6dba90c02210d95a1a852092ae9d07b907794d541fca7a22b89cd46c4c100b167c471d197e2525f272567c8807553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccc9dea477b8611c3ebb5e64e8d74579

    SHA1

    82afaad602b5c3e86a665ff376e20170b7fce75a

    SHA256

    2fa78f98170b25a8a90a01bd86a432e5467e17ef609bb00e3e5d18d9356376e6

    SHA512

    9fb3c705b0f75b78db36c705702ea01c9db02d229fab14d518df5d68e8568c45fa6107165e757d93607d81347a380ec4beaa28f246e90600d2791ac76495d265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    350658173f29a9c28d80f0d28f24a00e

    SHA1

    19b193900d23e65e88b161fcce9cb1318a223b9a

    SHA256

    d30def5c7e96364575816a5c667d0522e9a6cddeaf45f57c9dbd77f117050acf

    SHA512

    b18b6b0aee0945a7fc240ffac948b03d12133a492b522adb18d534628684a989e7f513bf0d8907b70fd96faf068b1a1d2da7f4e64f70918344035019af150a8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f192cc964d04b5f9b51fe204d03c0d9

    SHA1

    200c8a88a00992d1e47a19ca2619ffd5a6b89d1d

    SHA256

    16b60ad1cc536e992f952eed41b4e26ce6929f2146a1e36e5df4de4616ec0c41

    SHA512

    aa3f6f1b6945efdeb96c2a14fa4fa52e00e420a5525a131938a3ddaf2c72b196b43a72d3de19b56f3d962cc97b9bcf555f619214c6f464cb403baf28ad5af3d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08cfebe88c75e38a2e5a606aa47ebc27

    SHA1

    637836e2926a189edea41c49eda1387c838bd467

    SHA256

    83175b2883c04dd3614c8a53a5d05faf55ccf2d8a106eb2bb58de432a6b1b529

    SHA512

    39e98fc2b8af97c3c961dd72512c18fc4dae743b197f6ff4ec3251f83564859d2e2b63f7e299e70a4e9f80bd729262803c0a4360739e03fe66bfd06fd8085440

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    534f3a0767bd190bd13c99991a81698e

    SHA1

    d6c62cad3ec67b73e28e1654bbdeefa5d37137a0

    SHA256

    f5a9a8da0579d6b5967d88038ad830cdce6f38b8f77b84be97fdedabf62bc021

    SHA512

    de27db35b215fc1dc8e09bd8d49faebaa61a45f604c3bca77d6825eace0c488f27bcdecc2998c95b9494eeb5201497b788058daab8d0af010e221fdcfcd8ecc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b83a7a192d36123e736aeedb2589f1c

    SHA1

    1b56e5f74ab02f44f3cfb47111fd4f7e3be99e12

    SHA256

    0fb20e43eb44c3da0290851dbd8949aaca3ae6685fdb120524138be41b58b421

    SHA512

    5f4b6e241e923d02f9e3e6176475e2b286e0b00f478f3e40bb9022909d8f064dcd2e1ebcf00791bfbf7d7cb8bf471f43e162a855f6c4570eef296397a0c90209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed02c011379f2b8b081f3dc327d10979

    SHA1

    fde362d69a1bdd0d11449e9d59c10ad628077560

    SHA256

    451ecc71ef188c16c6f07a240db96dbebbe6e10eee37b713149dc5ad306c1d33

    SHA512

    99b85b24bec8d256760da61f0ce709bcbae8a2af7eaa0166015fa6452cc8b60f6132920d787935790cb23767ad81e5a158cfa012818ed8bb828af1b437b9b811

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ba3b4d6b4b7a9622cbb93f28a9c1341

    SHA1

    c0de65e37b7fa75791cb7f67b03b0ce69efa4bea

    SHA256

    b848c998b06f8c1ed3b2b4fca2f6079feb0df6b41bc978ebd3c6bb2a1e662e9d

    SHA512

    e2bdae68b4abc46a96c0b8e935e10550fc55cbe173127cc62064d88482638fadbc05a48ea714449f8b271c51bd6d29fb7740173185a77c38e5bbeb67a694ea59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    179df123db21eec43ef8e919d37e5169

    SHA1

    0dda7a44ac28329a08aad61cb9aa1c8965431316

    SHA256

    1e8d3afb144cfc3efd141ca3ec6b8628c09fc99ec665639203be74c1b93ad47e

    SHA512

    7b72e5b45a51cf3ea7b3bde3a97bfa43d6109a0c43fe0daabe47170fba157e06d8869b4d8b980ebf3a39bc62f0eaacf06652dada319d96223f4f71cf52454864

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b3411e5dd4712b0f48c3132b3d696bd

    SHA1

    0f4b8eecf046d8aab0f007cab85e82e5cf7e6010

    SHA256

    83ec39a207206ee6e469bd51dff782a61e6dbb6eb253b13e8b4f775f5d1605dd

    SHA512

    9cb18ea079f1b012d088bdc3d10b646ab297db9adc53c4d2739d9d8e59f2703361cd69608c47d2474a53ab7348a803b56a07c98fae0086f23da3c4fabd4e3e86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    febd549fcdee5f89493bb54c65ed02fd

    SHA1

    a7e979ff57d9e76da74d2bb37a739756df0f521b

    SHA256

    e7be2163072c2e282ba30a5f45c1e852482a144c1ce5a6de90c058b635d01514

    SHA512

    2776b0c5cfda69fe9fc49f9369fc30ea25c830de12b171503e0a73a5514d28cb9381243d51fbdc1a92d5f0f3b80d9111103c749294d3342c2a4ddfb61b32bd64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c04170ac890bfe3f700c74b034e66399

    SHA1

    86fc004103e56aa4f096f2b3bee9268b6a67d3f7

    SHA256

    31b5126466ed8236bdbf3a72581abc4ae140264d47e4bad445e20a17094ec590

    SHA512

    111fd620fba762fea145330694fda4f8bff881ba875e0532b54b0d8887c4743dbf7ac57261b263ff281b43f4c456b9fad6ad40f62b66d4afcd4c85b47be59f98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6010d8c8074ca5c52ccb1c1106aafd8d

    SHA1

    07fc7ac21dd773a8f19be33310a27d40c7a56229

    SHA256

    eadc60b27e19e20f6efe5e96a3c17c94ce4826e568b969b47f115384f93ce839

    SHA512

    04d4be476576f9acfef8e0ee7d48990142ccfb68db5aa8038a1a7c6b079b3bbeb82898c80b5c2ccc25898415880ffafaaf0e809ab74c08fabc03c55fd45a750d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48c565082bda4ff08d8bf3548da5add6

    SHA1

    c301cda5831633b34f41f9c61dc83129aa0976bc

    SHA256

    0065456ff152bbc566e21321a02757e1c7aaffd1076582606dda86c7c6cf214d

    SHA512

    78b2c90383187acf67da3a3d7224b09a9c1f8a213fd2f77e172acfaedea363fa65e90c3efd035261ab1cf3336fa459780b0ada9858bd9a658428ddede5f027cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD2CB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD33D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit