Overview

overview

10

Static

static

10

2023年全...��.url

windows7-x64

1

2023年全...��.url

windows10-2004-x64

1

Fate Samur...er.exe

windows7-x64

1

Fate Samur...er.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    24-10-2023 04:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 51 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:2984
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b09ec75782fceb94b9750cd4106f66e6

    SHA1

    44fa08021396a7f8cf8db7db3995c1e5feade505

    SHA256

    18c27e0c554e900e7a9e704106fe316742115d4783c6f994f5a5ed1fa458938d

    SHA512

    d5dd6d31b2ccd6447dfdd38ba03dc76b32fc93f72cbf1e58dd27013e03172d01226c4a5d9170b92d203b1e1f6a15812645599c945e5f9e09f08b4eca16d7183d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b0b3f35020dcc893c8fb75a899248f5

    SHA1

    19f1d61a9c4e4b5eade0f9d2c7c91ec9dc7f2823

    SHA256

    f088f2b7ebc2163c57e62259d9a13c51e085c9006286ed377eae0d521128a6ac

    SHA512

    f7cd0350f3f1c33e5b8be5a768392b32ebe91ee6a60dab693b7efb6f6a8cd522390f4550677ea8e2953ee062952594d9148e17bde39b97137ba5cebf73a7dab3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0c98f6d377cb733bd1f9653ffce13ff

    SHA1

    d796629a39e7b43c159402421db4cd1dc95b6c9c

    SHA256

    b8b1237cd412b76c7f167ad024a5a787e7afb1e000788b8a885f351a6b9f9749

    SHA512

    685091c514d973536a0d944a5e6d2a5d45e2d19bac2ea3a2e3aaeddffb8164b6a69d9903c0eb0985462e4faa2ecfa2e7058464d04071e40e9b20bc4630e7b542

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fa72d461ed3726f15d4362d70f18d8c

    SHA1

    288bef2473809113214eaf1980f2a18f0035339d

    SHA256

    019b27bb251d00d8f583c1a9ea7caeadebbd41089439fe1e80bcf2d1fe644776

    SHA512

    d89be2a051e3f791234cbcace9da36573a7cbd6afec2838dbe9b0c3f61c7cbe8293d0db2f3d625d80da6207425c4efe273aee5386e9242916acf23c1e7678ff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a518547ee4c7579df4ebde11cfa073be

    SHA1

    04f505362cc693df71713b10bcbd16be775dcb36

    SHA256

    f769d59dd8fb9fe44e1df25610ad925b661478ceee38d1915f2bb4c977512861

    SHA512

    8a7ae25cf9a5b6596bc5538e67daf2987bc5de36c8dd99bf016b8fbf4d0918804dfe3b0bfcfb4871c4f0488c046006be00ebf916cb4b69ced4ab164559ea57b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    429a3fbe0ca6dc6dd66e362b838a18bf

    SHA1

    527d59b355314675d176ba3d1768ad7192c9fc2f

    SHA256

    b8cc75330fc3e95aeb650595d7d65bb1dc9c6a17efe082509fb79cd079c6dc62

    SHA512

    e1a50502db640ae70efbeb30138407e39ee14aeb2a96254948b50ed9882fb3b647b55d437fb495c650c49e800f18756e3c675ba3cb2220a2fd2811fe3fb24d8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cceba858888f5cc80e09a71fbbf2857

    SHA1

    174e0e703c9e25679c650b6b13d3d42bac8e684a

    SHA256

    87a1edad166a7caf255d1baa83b0686e329e8955df831d26e20d9a8cc7878cf1

    SHA512

    dfcee93694565a0e398c4ea442b676a75967eca064b536b063e5a02a4989868ef528a82a4c858ffed0912a8984311059bf215b9be853a1357fda7a5ee60aed7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f30165ff049b72e7e7eecc2c120f75d

    SHA1

    deed2530fe01a93356c8daedf6d3c24002cb312d

    SHA256

    230cd4d1ebdd86b9054eb5fddcb47cd502ebc8c220081d57f0bcedfdeea5e838

    SHA512

    6d53528f58e01cb5d47b8766b63be71086f147eac8a35f9953529e0e24f5612b98bbdc831e0ad6b427ebb59396e9a111642dd5b59509a82fbcec3a03fa2fbaf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34537027503323d793237b9d9e252f9f

    SHA1

    8ce2aa9121c638d68bb8b36afa402b403ab19ad9

    SHA256

    426abc35aa40651530734f3373da5ff3e53c0599cd38038a0c2c8d2661f3c947

    SHA512

    b7be6003ba9bf842fa25b3e82a057e3018a17cb744ad06beee6c854c2c1451502ea87d165258df03edbeac80d75af348822fdc09b6dcf2bafed57a59c0e52258

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8851719b0ac6f2fa64de206c62876b62

    SHA1

    73857190c01550e7f7bfe53cbe45fc458830d5b6

    SHA256

    caaf9821f9d6922894c45ffd1a462c5d5bf2de70275bceb689f38f3438c1ae40

    SHA512

    65496e9c83a06b5394fe2dbe0bb01bd69f71a05acf2a4c9f5ad26a7e579a404f6c0c66dde7d69a519a4d231304edac8984bdafd0da810c6b5548414d8e4f53ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    090626a9b9c5ae16934ce2a8b0bdfa5f

    SHA1

    9f4fd403e62b84dfa870c2422e125757a9963660

    SHA256

    b7d2dee4b4d9d7c1d7af9f21896648a62ce146b48c20de35cfa20a30edd4824b

    SHA512

    21ed313a1054d74fb56447262d9c1794a5cd2a5ff981245515faaffc14a0715ddda6020f943f7ff1a93984041dffd6eb6398fe5fad810d679a8b8ac79d7097ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e9d2bcd9d2edbd3ee8ac375b5cf5a89

    SHA1

    967e3a1053e0bd3d428e35abd36dd8992ed0bd4c

    SHA256

    00842e95b38e406a79b7a86ed577d4bb9be770924adc56a6e258229d1f093116

    SHA512

    f4bebcecc2cd7bf107338873ecf83d49ba926165a6a13cdf37e73e613c9d3341d66a55a63528a13a9bd4923a362a7b78d4314ce44e699af7889d363df4075e86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7364ded4db3172251c46ac29787437d7

    SHA1

    c2b48171727b7782008311e6e793f1e7a5cd3fab

    SHA256

    6c714a4bec228d2db38b40b6ea3a54e03f4da3ac42c41959782959c3de1bb872

    SHA512

    a4dddf689f9523e411ed0e949d06fe91f3462cc75d6b5976686634415e54c1d47be0c29696a9437b8133f312fc9ce35a1c4ae057f956695b38b875d23ef8eb12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ab048accef746ea59650934ab66a51f

    SHA1

    1dc5a98c9f613dc1eb61e01628678ffa123d8afc

    SHA256

    2036c0a1637f0d6f4e9bf808b87f15b7d2f6c2eb4ee72c0a9e1445c722931451

    SHA512

    3842b71e5b95041165bfcdbe39e151b9330ac30b4bb9705f12a1ea5e920281c8cff3a42985c5273ecc371671770e3f5d952f7b954a0dc77201257109aff59693

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a16d33d2abae5fbb8ead946c4104a17

    SHA1

    ab5e67498d3b42dfe1a8e27f5d97aa3a95a70f84

    SHA256

    62de5534edd144cfa4a377ac61ecc2d1724a22209df0c5d3a1f5345037d6cd6d

    SHA512

    2becbcc74f7cb656271e8421971553a27970db52c6d3da2c3bc95067523ba3cb0bf58e19bae739ebc87d3bcbd53e78210e87d5c90e9835c8588fcead2bc12c3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d9bf464ac350a1ec59c77113c1db725

    SHA1

    b58b96823a21fdc356aad08553496e81cc2360fd

    SHA256

    f7954222bd7f2de3cfe6ebca207daac29c77f234c4f0e9a1a004ddf3c25ee794

    SHA512

    db861d273680788f23ef0bffa68cdf6a3863086fc64a5d200dbff3e5bc67191c84fbc542718bfae6c332b8cd62500155f02c8b0cfdd2d69be17ca18187c53e37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ec00a7e222af37f78551d0a2ac5ba0a

    SHA1

    1327d2c365cacf79710156ed50566d5d63b00075

    SHA256

    542dcbc46a8c97d0c201440c39b84d05eae4bfc377bf83a2ac41bc6191dfa1b9

    SHA512

    159a78e60f03f09cd8bac27a34603bafa207f8573ed5822d6bce07209a24bf0c0f7bcb5b0fc0b5577896cdc96751a61df1a3d9ae9281513f2f240419dac146ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be5d214a19f91018ab5c354e380d6c32

    SHA1

    5a5935854a4eae9612a273c033bdbaa29b305d8a

    SHA256

    8efb44d0359d412fef61160be10d992a591c61e8780c26151222019e24a36f30

    SHA512

    a5daa188e9f8a72eed99c2d53dfd32ffb1629091a7b20e6f61b4c3029e8ec36c387e057f2c34bd2d56f963faf19d5a19d021547771354da8fbba98ed4210e327

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfe95e7f178286dc7f8c3483da0a690a

    SHA1

    2aaf3e2e6a7684ec9c10d467cbd470eceb4ba486

    SHA256

    51ab13fb5b8aa6c917ce7ed917ca961db16dda1dfbdf96e4f6792d9bae4292f4

    SHA512

    e803ab92e1e40061e2bb39f86d55f8e7745d68489b101010b579135be2bf8b47bf39850471d33c8acd0397d5798ef6314391ec9d39d316abfbe0fd4ae7ed23d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38e8891704cb7af2c222d7b92dde01b5

    SHA1

    5e42c3d25ade22f5e183e3a49933506bb11284c1

    SHA256

    202d268339925cad7f70fe383765be6c3dff29b0f713def986b62fdf6bf6f334

    SHA512

    9b799aa9f87376aff66892033bbb01b1e2fbe6b383223efdb2fa026e64edd8032d287b085862fd5eb74315c05fff34f6c624a8ec14d7f42b63225ef410c43092

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92db8e6dcd616d588db394acee751222

    SHA1

    a71a82d2cc8b89df0497e560a4248f902145352e

    SHA256

    2d469bc6609aac384cd4acfbc4f12d08621ae6e3a3d8ccf3c058fe4b5e25e121

    SHA512

    96508887ce43e84d684bc3f05caf03521dfd929037ba64384c563d4449dbc783416ecbfb8d1ead229bfed38a4b88409dc43fab81107c61ea44c13abccd4b4855

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\0VEK4Q0D\captcha.gtimg[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\GWI03C1S\www.3dmgame[1].xml
    Filesize

    366B

    MD5

    552e97eab7f7897d7f6f674cebeb0b40

    SHA1

    18210d6e36cb27527f3b2f2753e4921a1a12357c

    SHA256

    99e606c5877b2d782f5be49959dd6046db8c45186d1d6e7285ce802e28b24b97

    SHA512

    32806c0365a5116a0e0e2b457770ccf324dcbce2f6d1c0eb54f97dc71b7eb3bf9ccbc53efe1d28a382e530cec74d1b9fd240b4b48163700e0defd152fd58af79

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\32uxyeo\imagestore.dat
    Filesize

    1KB

    MD5

    d6be0476501b056669f64f8df4024faf

    SHA1

    f8fb5012327f2d14ed33a6d6d89c437d530e22c6

    SHA256

    4330b7e5995a3d31c93b42d2a2346683d8bbdc9f6b8ba0e0d200040fbe72c4c6

    SHA512

    9e1797a0e8684da68b6092a7a6f1960919ae102231967700dd64ce347f706e6711517b6e1994ead4f0d6fa08d09d0abf3177d3cd983b942c585d53984e831574

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WGHIKMU\favicon[1].ico
    Filesize

    1KB

    MD5

    b62511a2f7a054b05f7cc6b3d5a45a3c

    SHA1

    5e9421f05125cbb7fe90e80940ec370a392534f9

    SHA256

    4f426cd2a3826f5cdd4ba3dcfd90c66ef2742ac2281ae5a067f74fe4db9634d1

    SHA512

    3b40a15873b60667b25e4beecd62a9fce66937ee17be4b1af65ce08da5c800bab503e81edc28cf1e2953151343102b22aa13c4ce0d4768604cbdb93567ac0fbe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X62LAKSP\se[3].gif
    Filesize

    43B

    MD5

    ad4b0f606e0f8465bc4c4c170b37e1a3

    SHA1

    50b30fd5f87c85fe5cba2635cb83316ca71250d7

    SHA256

    cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

    SHA512

    ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD442.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD4F0.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • memory/2984-0-0x00000000002C0000-0x00000000002D0000-memory.dmp

    Filesize

    64KB

    Download