Overview

overview

10

Static

static

10

2023年全...��.url

windows7-x64

1

2023年全...��.url

windows10-2004-x64

1

Icarus v1....er.exe

windows7-x64

1

Icarus v1....er.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-12-2023 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:1628
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24884210499266720fe766a5d16c9212

    SHA1

    cb92746b7e877eeef68b491aa434c955af3923b3

    SHA256

    0e65876b8e86d2cb71abb01663744664afcaa89af1ba93385cc5be6705f13d5c

    SHA512

    aafdd9aa96e794b723fd2a003f8d74f48b382d0b82149b8adab459c79b28671d964b043c4ced772e7f8873cae73ea9a9ac3da86bd559fb7c739672806737e2b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb62af8eeded486f0a4365d1ed7ef8e8

    SHA1

    e7a47a37e60dc1dcb52fb5af11bd8c7a960a1272

    SHA256

    3e4b864ed10423bb4d62f9972610ed35e5fe4ab9c99456e5c1e15fbea01b182a

    SHA512

    818f9d04926ba936d1a7215973d9d496f6077ebe0719e35d7b3a8a6d1ebd33d4653d26c9c9c0890c42465d24483ee1a3326173f59457d25f50c7ac9c755aa931

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a36fbdbc60b309bbbfe37a3886ee9120

    SHA1

    3cff8a19b59865f5645b7f7b346b7adc0efe6bc0

    SHA256

    eb16f3d9b5441b8745b89a4a0e2a74aec4a52fa2cb6087cf5a099a673e33407b

    SHA512

    9d6f7039147529a7eb0323824867a8491fe1ad86e656939e8172d69d1144213b4931d0c1d99311c19108ff01df61b6feb632a247ac02c446ccbfcf1d1714e3d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef1e2e84828d51ec711882b2444e46d8

    SHA1

    6fc13a6814ab9e8a9ae814e021974b2d3c9827b6

    SHA256

    23cae890e0b2e196a207b9159747e146a2fc15e9ba275248bd9fff5df3f3b07e

    SHA512

    d9101262c0cb2340adaef088228421c3f2efebc022e20cf5292f2e5d6f26874d8652fccbf0c68254dc48ac26fec5871478d4eb7bc369486d98677d889e17c2a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0731e4c317cd7ed0055800dc80f007bb

    SHA1

    76e2d33b7c4654a35ca8ac06be967db2f15f6585

    SHA256

    0a5b036504efb527737d622462370238495ab3176b412e4956233bbf223e5625

    SHA512

    ac1dfe0b30efe48173a0b211047aa6af8c73357183a370c10a55f42206100269858bb5f7c8cc84942b76bd0c8d5631a60dfb9ff49ecc0b029d8cf269724c7911

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c460249f1624a21d8dc6beaf4f331c19

    SHA1

    d63bb3f9633f381a562c2392023bf8069a5747e2

    SHA256

    b9a3000ebdc9afc1e35467d67c3360ef948d1c199fb2b582a22ae581b73b6ef2

    SHA512

    bbe8ffdb616c6872951305f51babe1a5cd6fbb0feef3e590f0c11054d308abae61d15c586530737c4c5959db39b718f6d1fbaeabeda6cbc138272c13dea0222d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0490d490afb5fe3ff33bd49d44c66e55

    SHA1

    8588622a5e20a1a9bf51c6bf3de7653e63eb078d

    SHA256

    58e473cde38d73de898854f2b3e6db323cf7a516b75539ef55d6a2437a442005

    SHA512

    7eae57e7ca10d030ed479a8e4e5b8a3e7af0086bf61b090d59be44b3892e9b1464d6919789dff0051b49e2d2ddff99f2ed0fa8ffcba6ec2075ae59bb8088c448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec76e442110bf3f90f38df57cf47b641

    SHA1

    1e3d3d53a306b6dbd39f63d0fc2df6a2ec965a2d

    SHA256

    3097b6a3f9f43e5b23c41d7d0da7565ea9b2cb4bd50b429b8df75c927a5af6bd

    SHA512

    35f2cbea652fbef1d35e04aa77de2eaec8251df7338eca4a62cb90ccb53ad8b2dcd6cb3fa4eda5b86f46a35777b69c9c47a6a097a7b52ea4b09d0ad59a169eb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51fb01456e72048b22102808cc4f177c

    SHA1

    c9ca1690c52a55a5b8b513c6bd34ad48f7517dc9

    SHA256

    aa1569b5c2078b517e64d2363c7391f3be9bed443752e949429e760a143af474

    SHA512

    bd29a7ae3ed86e9f5a07211fc8a0740bda4333bf2b3639a6a8b28adcfd81b753712b82aa6ebbb923aef2baddb9221b4c0bbf627b12a9800c9c50a67e92e90e89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9a507db0303bf146c834906fd86940d

    SHA1

    357a036ba4232c7b3a09c2bf41c5e1c259e4d759

    SHA256

    f30bb04a7ae5d65bf9e66c2fdb2588b28e7ed73b79e75227d33d6ed67b5e7133

    SHA512

    1bff8c20f92e636fc2f22055751108710d66ad2b364bfd01ec7c670ae4f555c0130eb0715e8c4a1717b08e5134ece7d7a1456edf1f0fd034df9cf540b0b39364

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5004dd39236e2df4d6b6c0b16472970

    SHA1

    8cd875a60681c80cbb97e232edd039b84f500185

    SHA256

    86e299fe629895880a88d428e6d0464330ce103a1f93893fbab0c2043c0ad377

    SHA512

    76de40c17231414a7c37b7d6075e43baafaa4a9906ec31efdd8a37b8427227a34f72cab3441c64a7a3cae2a3c36e4e14db50ee165440e3b3b45eb1da16fe95e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac4b2491d2e53994b4ddbe01aae6294d

    SHA1

    6c87ded52f7b74b83dd274fdc49853e194080c5e

    SHA256

    a0bd7293b06388bc06b83e53c42ba647b6b6cf9ad24b99cca1388e7388cd5540

    SHA512

    76c578c6a754ef39c9f416fe31b5b40e8c7788d819af7f90024f93ae5b7ac967829b5283756d0a0b022f2e5791fed473268754d72f6aa86a203f8c6e76911ae3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6381fd8f44bdb0ebcf2ae1ade00b8f04

    SHA1

    100e4d289a2869197683129de2701f1b53e05c02

    SHA256

    9878ae582fc5c1608fd0f85ed8dca5e55043ada3fb5ad26470506a32ebb1e2e7

    SHA512

    94daad841beb7b310eecac62c6555674ecbfad6c85acaedae801bfcce75f4f337f7b5542283130d802c1ac2cf15e53d17be88bef8beba756402c2fd36791678e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4B26.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4B96.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/1628-0-0x00000000001D0000-0x00000000001E0000-memory.dmp

    Filesize

    64KB

    Download