Overview

overview

10

Static

static

10

apk/cyberR...ws.jar

windows7-x64

1

apk/cyberR...ws.jar

windows10-2004-x64

1

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

exe/crypte...te.bat

windows7-x64

10

exe/crypte...te.bat

windows10-2004-x64

10

exe/crypte...er.vbs

windows7-x64

10

exe/crypte...er.vbs

windows10-2004-x64

10

exe/crypte...-0.dll

windows7-x64

1

exe/crypte...-0.dll

windows10-2004-x64

1

exe/crypte...e3.exe

windows7-x64

3

exe/crypte...e3.exe

windows10-2004-x64

3

exe/crypte...-0.dll

windows7-x64

3

exe/crypte...-0.dll

windows10-2004-x64

3

exe/crypte...in.exe

windows7-x64

10

exe/crypte...in.exe

windows10-2004-x64

10

exe/crypte...e3.dll

windows7-x64

1

exe/crypte...e3.dll

windows10-2004-x64

1

libssp-0.dll

windows7-x64

3

libssp-0.dll

windows10-2004-x64

3

pidgin.exe

windows7-x64

10

pidgin.exe

windows10-2004-x64

10

sqlite3.dll

windows7-x64

1

sqlite3.dll

windows10-2004-x64

1

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

exe/non cr...ed.exe

windows7-x64

10

exe/non cr...ed.exe

windows10-2004-x64

10

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 09:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    apk/cyberRat/index.html

  • Size

    320B

  • MD5

    444da12821a326256a5e24ba00a172a6

  • SHA1

    ff78e28f267610433a0047e0fc1987528ab3916c

  • SHA256

    500eb7dcad515a6b442d77fd100bf67365bf1ba318c88c006d75bdcc75aac707

  • SHA512

    648f5103894e9e4341ba28ce3f43430d14e0c2cb3e663a006bd29bca20bc940a776cfbcfc82c182de750051f090f5d578071943a84cd1d7afe206c53d4341490

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apk\cyberRat\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2576 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5358703ea059dde14fa671d62d992eae

    SHA1

    083ebfcd279d6bd489098cbe418882b449101078

    SHA256

    15448ae9e59b0b93cec19cbe910452b92d48ec4d97a26104ad2b476974dfd695

    SHA512

    7f44ffb4598b1ecd9d299869fb8405bf16f3fad3994d3566628effa9cd2663287ae980c5a6f48fda0e7e891aef87eba00989b14bff1829718f827b237c82c809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3308ca0d878c53e6d6b905f71f60be5f

    SHA1

    579af9b96fcb7d0af70cf8fbbe232c45d7271103

    SHA256

    c3104070a0f69c847aadc24eb9b2a123e5c0561f617fdc654fa8ed968ba57ad4

    SHA512

    006637150a7b49062c94195cbb14f32e670dc435592db750f1a3a426f8a5ad090dfc3065abe752c6fb971b037d32470e4e77c36c3790fcab44a08eb69598973d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f72cc2e5a70b733722d9e7cb25376853

    SHA1

    29c27999a2d3cdce322a0155a7dd343ec82dd75e

    SHA256

    460bd18952ebf5ee068a516ac1ca4096530d623dd885384e243751fe68bd56bd

    SHA512

    9482988990d464c943378e8c4adb9994d4608dbb9399e56463ddc301f29f93fa2ed0bade4cdda9242c76121b7803229d1f78da2a0d3ff7ebcb5de5183826ec9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00bab58df1262c40f0fdeda3546c75c3

    SHA1

    a387b47912c919d4b51c47907b160363cfe68154

    SHA256

    7188c5d7feef46dc24f31051c741f829cfe7069c2baf29b28c7d78c3be0e366d

    SHA512

    3b518f79331dab8d8400780afbf281b95d110340964f9462d6cd35b25bf5cc67e73624e674e6144e7c1acfdd4ce4c566a144c000b24ef049e68bd794486b7c23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d06fafa787e399219d8c066f4fa27596

    SHA1

    af38acaedde1b9cc3646b6298d679db22264afe4

    SHA256

    f7f50755b6545eb1b45162ea31cfff8c40cc4afe6143f5a696d09877bcd235d6

    SHA512

    bdffae754f43852f735ac55a2f56dd074b584bcb6755a4634b75122b02d2350fb7bbe99511eb92921a105213ffd25b39d514ef1be7d4a4dff5ea3f8ced6e1918

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    466fa97c509e03d9e6af65cb8525a49e

    SHA1

    7a89a17dfbce3aba8e4612abfb5edab8d896399b

    SHA256

    a252227c02aec51a138773a2c2d4d8fe07d05e1b94d553dfa29b2cd4a79bbaad

    SHA512

    6c2a7f6af79985c6ec51657d4d772a50be1cd1988314eda0979a3234e8523ee52472d0e18d66ab150ed81b469eed2a6fd02b90c9cc490d45865635635444d121

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2286e0ff1f56909442dd73e3ebe03117

    SHA1

    10958ed804b3dc12f74e8288c767685eb6b6e922

    SHA256

    8a9eac893243f65920961361f357456b6a9b8b452a7f8a4b2276f34f9b978aa3

    SHA512

    779fa0eecbd130ca9ed10a424a6e4e6530013c671ec54f4be62c7d72f4e1b72d79d6ccd2094dcebb6e5c0ab9414a244a51a72f6cc20304f1b842c616e1a265ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54c768f40e0f196dbb583f00ad4aa220

    SHA1

    14a88b5eb1eb6209dc343ad9b48900a4069677cf

    SHA256

    054134b5c1943e4a80e6147fe28a008e1ce052caff4692c70d9154c46269f957

    SHA512

    752d48f72b676eba8d43f16bde1c8bcacff28c56384497ee498b0095547eec856754f94b0529d861a41c5741ec8b1851f6f24057d160e0aba10348fb57e1d4e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da46aa8b0e2b7753c40c32a26c1a9c47

    SHA1

    56f22b37b54cb08494264da76626d68efc4c4d14

    SHA256

    4aa89ea3fa27edb2cef3bad85e65c8882da16bb186d868ac3429fb306ee30948

    SHA512

    5f834897090898812fcfcf73d6041eda83f68dd660223780ad98b01d3f1370051c3c4635d54986c59888e3b168ccd10bc1e4bcedea4b3fe7bfe15615354e5c32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3efd8307b11a8e35e52088c749fb6b42

    SHA1

    99e2c2a81f3ea49ac7f2f4bff11cbf422b6ce3b6

    SHA256

    d0f0fb4dcb9104628ac9e544d24078f4effbc3ce60c30e7eccaef1e5fd66866a

    SHA512

    3669fad6cd44d31cb17cc2909966b00e77cd532ce25f84b88e9079909e58192ece8b6a2923f0a252a44294c18295e6a92a2ef4d6c6b50aa72d00c8437d762cce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e228ed8aee12c19d8405009d5c219880

    SHA1

    348b6db26fab2da4d177eaeffb238bf6fc9b947f

    SHA256

    ce2c3512fa9b889959fedace68abcb5a49c5d1edbcfd349b95a0b08bd4a540ab

    SHA512

    28b7290af30939e159524b94326d40bc66f6bbfcfb51d4f2185c2808f450e91789874065742a450d0218ea380627e0f91494f65fc3506b6c56005967dbe07ef5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF6A1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF740.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit