Overview

overview

10

Static

static

8

APT 37 Pre...˜Έ.rar

windows7-x64

3

APT 37 Pre...˜Έ.rar

windows10-2004-x64

3

KN0408_045...˜Έ.chm

windows7-x64

1

KN0408_045...˜Έ.chm

windows10-2004-x64

1

KN0408_045...호.js

windows7-x64

1

KN0408_045...호.js

windows10-2004-x64

1

APT 37 Pre...„ .rar

windows7-x64

3

APT 37 Pre...„ .rar

windows10-2004-x64

3

LGμœ ν”ŒλŸ...„ .chm

windows7-x64

1

LGμœ ν”ŒλŸ...„ .chm

windows10-2004-x64

1

LGμœ ν”ŒλŸ... .html

windows7-x64

1

LGμœ ν”ŒλŸ... .html

windows10-2004-x64

1

APT 37 Pre...„ .rar

windows7-x64

3

APT 37 Pre...„ .rar

windows10-2004-x64

3

APT 37 Pre...02.rar

windows7-x64

3

APT 37 Pre...02.rar

windows10-2004-x64

3

APT 37 Pre...1).rar

windows7-x64

3

APT 37 Pre...1).rar

windows10-2004-x64

3

APT 37 Pre...ge.rar

windows7-x64

3

APT 37 Pre...ge.rar

windows10-2004-x64

3

APT 37 Pre...¦.doc

windows7-x64

10

APT 37 Pre...¦.doc

windows10-2004-x64

10

APT 37 Pre...1).rar

windows7-x64

3

APT 37 Pre...1).rar

windows10-2004-x64

3

APT 37 Pre...2).rar

windows7-x64

3

APT 37 Pre...2).rar

windows10-2004-x64

3

APT 37 Pre...ce.rar

windows7-x64

3

APT 37 Pre...ce.rar

windows10-2004-x64

3

APT 37 Pre...1).rar

windows7-x64

3

APT 37 Pre...1).rar

windows10-2004-x64

3

APT 37 Pre...ne.rar

windows7-x64

3

APT 37 Pre...ne.rar

windows10-2004-x64

3

Analysis

  • max time kernel
    100s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21-03-2023 23:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LGμœ ν”ŒλŸ¬μŠ€_이동톡신_202207_이_μ„ .html

  • Size

    365KB

  • MD5

    aadd9e71e5a5755bf1ffef67275750e2

  • SHA1

    9a5e1a09087d4146fbeddab7f41def5e1b3495b1

  • SHA256

    58d345c54a2a8a8781e39405f5495b4b35ac83eb6331a8a27b31adcaef57c450

  • SHA512

    7d09829c2a71d5a07608a35cf08c7fbf54629a97da069b995e1639ab2f244dd581cb043193917ae3498473d5375e36750ce8252c1647b94c99c7632bdcb746bb

  • SSDEEP

    6144:7tdb2jWwtY1HwYDeJG5KPLm8ee2SqY98yxYnXziu2CWtUsu1TnYl26foRxHO4:6viw3PJee29EuXWuJW/u5y2VHD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LGμœ ν”ŒλŸ¬μŠ€_이동톡신_202207_이_μ„ .html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:468

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c2451515638782affea8c272293831e

    SHA1

    5c405f921a0079075b245b8fddba3677ad176d0f

    SHA256

    dd9dc837623871defee9279315fa0a4cab06f2e3f4b602595e27b3d3634df269

    SHA512

    8711ff5600dc758e2fb8649b59cee209a599155dd670315cc2cfc45b2326d099beecd8465a4a0f16005e3d13d10209d5cbf8073207783b85e65057e001a7f1a2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c7aa8a520cb65cd0de9f79171209a63

    SHA1

    00a2f8997665c0d5296cb0994e36611510054ed7

    SHA256

    3d19b2c5f9a737668230c4b6a0692980639df2ad6c7b17e7737f484265df8130

    SHA512

    731202b69a7258717d77654f8bd2aecff254c6ec9d2eebba5e634b7e215c6920f9f97d78f21cec9f58a22a7da534a7773824ec9e971b4416a5e0763c84560fc7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    330e2cbaf81fdf43551217ee1f80cd86

    SHA1

    7ba4bac7ac7bafe6a37af4d402f6f5184f0b7d2c

    SHA256

    56d7dba3c5d42c37281773f5ae139c2e44e8e1b3c1cba1b7f0fef770f11985c2

    SHA512

    1365064d1ea2a6789d3a1b5e018d848b8a2da94d1a7e7b2bcc8e4aa6ebe0b8376bc067ed13bb4f0059c322c4597cbf3b81439a9878dcfeb331bac21873fa6151

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9aa677b27cbc2d6423d79247e5bf7de

    SHA1

    0fe8f228816e57b24145800dc53c4655a87861cd

    SHA256

    836a77ed11ac06c496605047195ea87f2257bc6135afa6cfbb4e059b223170aa

    SHA512

    20d874137b2505383a054dc715e67460179f19b13280bc1bd2c20386aa99f7d17b36385cb26759657b19e0841dc305cde107dc15b361fd169045e8d242c9ee18

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b40550426535be0e3df6a22eb56fc42

    SHA1

    4cf7153ee063072373c829d3703fdc6764112454

    SHA256

    ad6167ae751a2ec304ea9aca1285a87d8db5ac3384efc4611894603e2e076004

    SHA512

    52fef6c89887d82e028a507ab8b18d5fe20c85206f7bf2d1690e7909ae6c7de083ac863879c127daa3e2fef4d97fa57e5ae9f878b15d1d5f9c1b940caa890018

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26155cbe7affa83eebbe0a0cfc2df9b9

    SHA1

    989ad5f8f89ad99793a14d87b8ff2c035f797243

    SHA256

    9ce901a3134d491e09d58d04980373468bc56c4b074c9a6fb829c6865bed4167

    SHA512

    145f520d7d55903be385cec299cd484015bb63667c513f9ca0f058000c2716c0ef76c75d75c82c659318284e691b5805fd264d9f24ec3b597b082d3811ac12f3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65a2cfa22259064c008d7442e191186a

    SHA1

    d6af08cf790a9c3edd007e9951839c549f46d54e

    SHA256

    27819de1101a9548252dc158e72bed4a8c7b0c085f2c42f9a4b0dd0e94eed98d

    SHA512

    ab0c57dd682956fe01d8c152ad6f9511394b2bba28b2afd1fd746b4ef3d5e5bbdf36b25f17e750fde4454ab3f11c3776f1b66dd5e14c12fdea90c4e13ad3e856

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae0e169f751fae46cb7ed04d2d0096aa

    SHA1

    14e2be9e18d089e0e1161212eb5afdc5651758ee

    SHA256

    343d95d012f2b3caf5020ba2acef5d481051f73b51f12f708bde76bd53368ebf

    SHA512

    b79c1552edd36c4a253000d968ec65d83f1e73f937fd519fb60adb8a41bf198f01b19838af4aff00cbf35bebddd4877101d4051380571d2feea36f750ee81130

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZTPJYNO\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3AD1.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar3CCD.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZDSV0BRW.txt
    Filesize

    604B

    MD5

    8d57e94770d26a888ed0c65418e3c595

    SHA1

    9fc6afb37b1482f30aee2e3700cd9c77decfb85a

    SHA256

    59d3eada74cbaf713c8885785779654611ca43294fa94b093ca7bd6ab4ef23a1

    SHA512

    91db852fd0e0e0469ade542d77cf1ab255d2d8643c3f5d2098e5f3c262f4afe0ac50b14c4173ad3c3bc28ce175b893c812670cdcb325e8adf995f678581b379a

    Download Submit