Overview

overview

3

Static

static

3

mtkjw/HtmlView.dll

windows7-x64

1

mtkjw/HtmlView.dll

windows10-2004-x64

1

mtkjw/eAPI.dll

windows7-x64

1

mtkjw/eAPI.dll

windows10-2004-x64

1

mtkjw/iext.dll

windows7-x64

1

mtkjw/iext.dll

windows10-2004-x64

1

mtkjw/vclbase.dll

windows7-x64

1

mtkjw/vclbase.dll

windows10-2004-x64

1

mtkjw/必�...��.htm

windows7-x64

1

mtkjw/必�...��.htm

windows10-2004-x64

1

mtkjw/手�....0.exe

windows7-x64

1

mtkjw/手�....0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 14:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mtkjw/必看说明.htm

  • Size

    5KB

  • MD5

    9174884f5b12a55f6bb35ec48ec818ca

  • SHA1

    4f8cd9922a00e0c6ca4ed1b1418d81069dc36d4c

  • SHA256

    29feef00e78c042896602098ad1f51555185ddec83b107e1c606019270ad9d9f

  • SHA512

    cf35ac9bf3e14f16b0fe23a6cdc70153da31fdd1ee1ce05af61dd7ba68042a0b5afb61b3ce6f5d0f89c5decda69eb49fa3b317ecaae3d16a97897690cbb41987

  • SSDEEP

    96:eVgWlXZktTuDndkYWuokAbVXHISaQN1exgemaQNA5FaQNGmaQNNgA:eiiXFDzeXdxfx2Fx9xP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\mtkjw\必看说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3abef6612b6f86545ab63d6e720b274

    SHA1

    e2263b9d7168ff079ce664f8e1dc509cfb24da3b

    SHA256

    ac7b468c1a69e67175a0148a9a12478d798569a78ba5babb26014ad98f5e58a5

    SHA512

    12e2ec1aa3267183214e135e201cfa2134787b529ad53184034937db7f6650abc4622f9b3ee82133d551f9de781f6d9b5d2863e68ea76fb82167800e762710aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b4ce4b9a80e22fe4c72a2f7e5dee7b9

    SHA1

    b601293fc354b8eb94873359232d8782f91a2abf

    SHA256

    c05c3de0d6ca2cdfe2bb804e43ac6f25534ca9fce8bc00a8c2cfa9bdaa0b617f

    SHA512

    6d5f075b32680ca4f2b57a753ab5a0f8e36725862f26dd01cdc38eb92c72c8702f5b254c851615b03aea1c28064a36b0cde19a69239ae0710234474a67f2365d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89bdaec947e54d2a5c64b4b90c235bff

    SHA1

    5fbb22c735c8fee773aaf898874ef027542e707d

    SHA256

    8b7839b86812cadc1c7ca88eef5a390ee814e4fbea2a508306298ac02ffd22ac

    SHA512

    913c6518fd0b0cb21108c7f0b5c833a39c10463f6b6bf20e3f4204f43e99c2cda1526f2bd21eb67378a53156e05aa52f08f2c817d689c56ed8d11232ecc42033

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2cd9625ed508fb675e8a25f3eb2fbd8

    SHA1

    cfc56c6dbe241064a3dbcd5d0f84247c8cfbdbe4

    SHA256

    3d92c7423c4ddab3803ed14cfd954f3520a1b903ebde31f56532a4d3c07706b9

    SHA512

    28283a5b6d1ea74964f050a4e5b9e48dc897e60e3404013b34051b12f9016b6a41184272e9e3f2af64acddf1ea98280805a3f88a90b6c723e772e18ea6339975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15720f7d11f9c68a7cd45c256aafe64d

    SHA1

    eb31990de6fbca9ab3ae199355a597d8d81393c5

    SHA256

    2f4a8dae06a7de0e18cd264ad31b465b5b42bd3d44b8ce3eb341ea232c5c9a70

    SHA512

    6cebde8ae7fb67da029c97db7dc42da3f1f154b38817d74de8d0ab01b73c5ae0142c3f51a265bb7b8e5dc43f0cd72ed1ced63131a0100d7e0a6a32c106f6ed32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc936c9a303acd6e1c771fe36d2ad3c9

    SHA1

    8497cb6fd98ab1d0717ad00357aa196e96902210

    SHA256

    110fd371b76c5b4a630c2bfe11b11b9fdb4c1ad048983dc7dc7682ba730e4c5a

    SHA512

    bce893688a411063cb4e3293ba5339178ffb77ea8420f997901c8c92748d984e592b1d06ff85ae38739f7238701be837d5308cb06f5c776ece1056c73c09768d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d263c03e3bbca4f798b48927622c8c63

    SHA1

    5b88d7651c5b20f79d11a57a466875e6030082fb

    SHA256

    f360dec30bcbb686604a9f81e677df51d3e752b9e91f3fa7af4eeb2eb7fc1c9f

    SHA512

    c79482a613b50c6e72b4a794facf5d99da2b3e2989b987679a0945e7028ac7f7afc5559783712ce3019aedcfa4fa143573550c7cd2d86e78ef86ad1c268e7c27

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3CD5.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3CE7.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit