Overview

overview

10

Static

static

10

apk/cyberR...ws.jar

windows7-x64

1

apk/cyberR...ws.jar

windows10-2004-x64

1

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

1

exe/crypte...te.bat

windows7-x64

10

exe/crypte...te.bat

windows10-2004-x64

10

exe/crypte...er.vbs

windows7-x64

10

exe/crypte...er.vbs

windows10-2004-x64

10

exe/crypte...-0.dll

windows7-x64

1

exe/crypte...-0.dll

windows10-2004-x64

1

exe/crypte...e3.exe

windows7-x64

3

exe/crypte...e3.exe

windows10-2004-x64

3

exe/crypte...-0.dll

windows7-x64

3

exe/crypte...-0.dll

windows10-2004-x64

3

exe/crypte...in.exe

windows7-x64

10

exe/crypte...in.exe

windows10-2004-x64

10

exe/crypte...e3.dll

windows7-x64

1

exe/crypte...e3.dll

windows10-2004-x64

1

libssp-0.dll

windows7-x64

3

libssp-0.dll

windows10-2004-x64

3

pidgin.exe

windows7-x64

10

pidgin.exe

windows10-2004-x64

10

sqlite3.dll

windows7-x64

1

sqlite3.dll

windows10-2004-x64

1

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

exe/non cr...ed.exe

windows7-x64

10

exe/non cr...ed.exe

windows10-2004-x64

10

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2024 20:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    apk/cyberRat/index.html

  • Size

    320B

  • MD5

    444da12821a326256a5e24ba00a172a6

  • SHA1

    ff78e28f267610433a0047e0fc1987528ab3916c

  • SHA256

    500eb7dcad515a6b442d77fd100bf67365bf1ba318c88c006d75bdcc75aac707

  • SHA512

    648f5103894e9e4341ba28ce3f43430d14e0c2cb3e663a006bd29bca20bc940a776cfbcfc82c182de750051f090f5d578071943a84cd1d7afe206c53d4341490

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apk\cyberRat\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7e7db4b41e481e85ee21648d91c0c2e

    SHA1

    02c72f4fa3a7814d089d6e3bb140d49c8c892239

    SHA256

    ddb5823b63d3a9e2b48290225740a102fc7b8844f8e5cfac8bafe644f52d5cfc

    SHA512

    5372c51ebc281754e26f11bbf0216c7c5a9c33d09a08d49beac5e45b7204c909f1e2eb5078d255d604517ce1baab67c3fc2a8c7fae6bd78e1e96d061a633a642

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e54ffe777c22162dc651169060fd7791

    SHA1

    c7fbba615275e7ce679b0e24da43d4695781d607

    SHA256

    584e2ee30643e25ccbb894ae600d425e572e6815f44a20fea36d2154a074f47d

    SHA512

    c174a3a57c972e276c2a8d40df2d8f607c799ba310da60b4141bc7b8086f3bf142ad34aea635327f359d2abf6c008f5a1706b4e23dd9dedeb4ad176d40195820

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    660e37b537458c1b0c04994c0cd48408

    SHA1

    787d334c41712825333fb19217d7d66929f3cdd0

    SHA256

    fa16f693d2126407a17a88720ebf8f546652c6dfff512672e098705968f26eb9

    SHA512

    5b42701b6288b999563ff0cc99d8a0d2dfdcf3ca307042aa020b1c68b8e99bdb0a8b8857068749aa9222654ae3dba7253a03c9df16e78265662445a6d9edd53a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac54a2e44f4bf79425327340f152ad63

    SHA1

    aee6c01989431acdc776ae8a10aa2631ac215426

    SHA256

    0d40227225a65d863cef71cbb5ff4af1dc7219a81a52888c02e974e610b1adf6

    SHA512

    930184fd5526b1279c61a85cb59d4e15ec5be0a60eabc6d8a83eef3c0075a85d2974719a7881dd1313dfd04c3de0c540539ddb2186938a5d67bf1c40c163e8a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e68b9cc7af619984352d9278520733ae

    SHA1

    cdcc4d1a529df847faa2e3e7f244fba82f54f465

    SHA256

    face46a4e4557ad767810f142bd8be3c48e1426aad3545e304fb803f75bce6ed

    SHA512

    396981753dc9043be38eab83d20e4ae9457bcecdc3a0a54acafd443702fc7b232fbf8f0f991c68d8e599b99f51cddb7231084d03f85fa3fbfef2aa04068b29fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dcdf29bba549755057e1093626f773b

    SHA1

    5a4c941b88534b33f71ccbe5e5f04f3425e2a6d8

    SHA256

    ba99c2c0797aaba06d15a222b346abddbf35f6495d7823d2f953dbb9f8bd2147

    SHA512

    4399ed056ca92054ab1fe539dfc59847559929211bbb2c9e4c5f9defe4835493ec79b6d5996031f8e4f9619912f6015f1cd5db430c06b0f48b73b2dee9cdf57c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb5c0c7f64d9cac096afbc815b8db5d8

    SHA1

    c0307ec752751cc838116fd1215114b909152101

    SHA256

    fc0434478b949afa83be4f6f101acc39d4f6ff5cb5c67a42ef2060aa07fa741d

    SHA512

    f66b7d937876b233a83a44ab58cbae88cb064a954e078a81d5e53c938ddde1628cbd7e92c99517628e42a9381d033780c282a41556370f293df835e952d6b4aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f5ce958b2fe9d96f5daf50cafaeb8e

    SHA1

    97e9faff51d8b2e9a63e6bfe3abf9fde6af9c850

    SHA256

    07b22cbff8fbfee53dbb67c377b835db1e525173780305f43d8c966518da4a5d

    SHA512

    ccc325526c440d58b953a0d7b147aeb135ec3acb853dd2f3c9263745284030d00a249689ab058ca2987ed90a60fd31eddd49c92cc8b3db2ddfcbf96eb9093083

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    217a50091becb0ba585df375c7d84ecc

    SHA1

    2d7c385a13e8ef71d5b7654ad0e72917f725fda9

    SHA256

    dbb8d8442f1e91e2fe1153376327dd9e6baaee371c5b930a1451ef29ad674ef9

    SHA512

    33a78483955ed2fb5fd8b9a6618edb28002cd601ebfe0e2522733b2a8bae2fd519817e99bf68c5fea6b61a83038a500e58cbd38b3e42bf2bd1bb18c0b3de6d38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21bf059fac1f70ba6b0be01359f24a40

    SHA1

    502b68ae8b2b97754b965711005f54c4d73654d1

    SHA256

    8187352aa46fe244869ac7e3f444d3a76c8022187182b5587beb6ed032e26ef2

    SHA512

    32d0b9547468085ef52539303bdf882c75bec85645f26af718f8fe7bab6629f6f85a288667aef97d42c44e6b351c6b3da7064e2d738c6d0d1ec8a994d93422fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    036de2946bb042ad68bdc5025c8884cc

    SHA1

    17d15cc7b7891cbccfa83a060b1994b4d0e24b61

    SHA256

    3743c36b8990f304adf38b50f3826c790731ccd4fee034eeaa8a7a1a458327ff

    SHA512

    3030795867b70ebf239edf6d11c337579d48fc476c0a993e6faac4da18396fee453d2b33dd5a36dd4a2449be128b2141abb84ab29d3af02d2e9e6d817a35e188

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab23B9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2439.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit