Overview

overview

10

Static

static

10

apk/cyberR...ws.jar

windows7-x64

1

apk/cyberR...ws.jar

windows10-2004-x64

1

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

exe/crypte...te.bat

windows7-x64

10

exe/crypte...te.bat

windows10-2004-x64

10

exe/crypte...er.vbs

windows7-x64

10

exe/crypte...er.vbs

windows10-2004-x64

10

exe/crypte...-0.dll

windows7-x64

1

exe/crypte...-0.dll

windows10-2004-x64

1

exe/crypte...e3.exe

windows7-x64

3

exe/crypte...e3.exe

windows10-2004-x64

3

exe/crypte...-0.dll

windows7-x64

3

exe/crypte...-0.dll

windows10-2004-x64

3

exe/crypte...in.exe

windows7-x64

10

exe/crypte...in.exe

windows10-2004-x64

10

exe/crypte...e3.dll

windows7-x64

1

exe/crypte...e3.dll

windows10-2004-x64

1

libssp-0.dll

windows7-x64

3

libssp-0.dll

windows10-2004-x64

3

pidgin.exe

windows7-x64

10

pidgin.exe

windows10-2004-x64

10

sqlite3.dll

windows7-x64

1

sqlite3.dll

windows10-2004-x64

1

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

exe/non cr...ed.exe

windows7-x64

10

exe/non cr...ed.exe

windows10-2004-x64

10

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    apk/cyberRat/index.html

  • Size

    320B

  • MD5

    444da12821a326256a5e24ba00a172a6

  • SHA1

    ff78e28f267610433a0047e0fc1987528ab3916c

  • SHA256

    500eb7dcad515a6b442d77fd100bf67365bf1ba318c88c006d75bdcc75aac707

  • SHA512

    648f5103894e9e4341ba28ce3f43430d14e0c2cb3e663a006bd29bca20bc940a776cfbcfc82c182de750051f090f5d578071943a84cd1d7afe206c53d4341490

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apk\cyberRat\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2708 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1728

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e435124836f1b9a663ada21edea26fe

    SHA1

    6dd1002551216d9fc0c34ad7f080d2389dc4ebc8

    SHA256

    16ce44a56a4617b1a8c594509e2c1c3e2eacd34ccce363c4bde2b29575b0daea

    SHA512

    f7655479cf96b5813a42c068ac2bc30e4338a7ca605f4cf391ab13b6722a129b42140d285fa88a5f23138c285453e1e7b338bd5d229da69983d25cc6b55fb9a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    beee196a8583496a325bf703bba082be

    SHA1

    73c240f17a213657af87cc1e426f9e1db61adced

    SHA256

    fafa606dde788bf96f7200c895ee42b94c151f4055b82c96a73bac405638661e

    SHA512

    b2a92f9d19a197e6b754d4b21166e91842e526ef68eab7e388f1e532af011e251b269145353457628a13f16d2ac5c2472bd1001d1a16d46ab9de74fbf6778937

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b027ee316af199f7720995249a668df

    SHA1

    3d486bf6efac1a5fae921b96d4d20a02edec4fce

    SHA256

    fefd46d5d7ace4a7922386b97b19ddfffef4b3f8e048ae0419aedb6727b6b15c

    SHA512

    01887e56c19d4801da26a0eef967f4822b2db3e645be9750fff62d2e633ca1c088efee409d52e21060527d84b6cd4b07971ed7908a1f03170e6ee18e0ec58c75

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3dffe2e08e5f48c400db04c6cb2dbf40

    SHA1

    a6db220fd08b793b69a25864f033ca3eb891265e

    SHA256

    71bb5968101d04028c1ecfed8f148976d6477c07da8f80b581e57be780cab020

    SHA512

    19d7dae28a8b71e7f5a5cc94b009682499797589037fbbe8919e51e56138b8b7231c02f27166a0bfbf11add8d64855fe89fef7bfedc935ed8a8a839e27975936

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cbc4e366da5e57838a57d167aaf1631

    SHA1

    f15fb5881f096d2793eb7244bb5614514ad5c9e6

    SHA256

    a13aad722cad4b990988d98faad1fc7227e93e4a399170c48bcb97488f4e4c42

    SHA512

    0e3f3618ff796e303aa5c1dd4f24af618b0abd55950ee188ae601738f1e662eb94c49f0046bd0045c9e2b96214b5fc35c044a74f95fadfb7bcc29080edffd6cf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a1b9edb707cde3cb081cd83503d42db

    SHA1

    800316b51c08175087e17e2cc8d9ea71314fe05a

    SHA256

    95e8c68390032fab96bffcfbda00320d4f6e7e693ad235ed9412eeed89716836

    SHA512

    f96bef67bb088a19911d70e9a4cbe7c63ce872045a72bcbd067ea606023130282dd29b3c0e552449993e29e97510ab14da55bf7f8cb4bd57941a94decaa5876a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5fd24b870b5d42644104c1ea8ea25fc

    SHA1

    a23df8b56447239240440ee094955aa93d7be29b

    SHA256

    042aa0969258e2e59767342775246002d04aefbfc398068befb6e69e2bc87edb

    SHA512

    b6b23abb0b5eed6f26edb75b88b18858fb507882a05513afa7821db54230a8298b6523456c72705db197eb24c49933ec4e4a55cf5c77cb0c459bbabd5d9e717d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75cfd11f716311b57a303f68a3568380

    SHA1

    977b1c51a6f1344c9c12bb65c7ebbb36fd1a62b2

    SHA256

    cfd903d4d56265c6f6007cdc800777a757ece53e0d9c145581acd864c4b2dace

    SHA512

    12068a2a09ba07c7401ad02d0939a9feec3ea3d400c0d4cdc2c493a572f65ff5da13f87876572aec0918b3f0892c7185c10d676ada70fc331adf0b92f00dab3b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39b17aa8a4d47c1f2e5f90d739b15e87

    SHA1

    0910cbb28d86d7988c52b6d96750ae321720e957

    SHA256

    66cf4f63b18e9928d95803818c52695e5028b5b74648f1dacd0bb03351eb8d2d

    SHA512

    cfeda9f4a399108534b1b24c7bbb7884f6919914a54f89c9e420aea886cabd1cbfc8909ef03f78aa7d69b2a8527269f3c3e343f3e83b005ffe9523c2ab52899c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e37beb37314602575b4fbc97c5be287c

    SHA1

    e24cd3cd10b363c01743b8b368b99f4e138554a2

    SHA256

    f368bdf334a5d549dba6cf6394e723628b89e07c05aaf01ea9dcabc6291f622c

    SHA512

    3f1f384fce2bc67b2e66cbc759efab7a22e91a9f7b81afebcc932ae74cbc426746280bee89677a319778c0886d6428ec1dd20e45d13999f2f1e3f00c391e94c0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40677f634b753bf3473e63155d33eb9a

    SHA1

    fada46f8a76e4e4c2ad549797eb32d11fbd7a5bf

    SHA256

    872f0c4d364e06794b940da77d41dae90b85e72089387009eaf6bed579ba12ce

    SHA512

    83d7faae7dc9472a18c4c0dfee9507cfdde7268a452a78b59611a91d7c16e5d5df042e3f1ee07b59e80ae0dbd087dc623ef38fa4c3fe26297c0c56e5e07192d8

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabDDA4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarDE25.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit