Overview

overview

7

Static

static

3

tightvnc-1...up.exe

windows7-x64

7

tightvnc-1...up.exe

windows10-2004-x64

7

使用说明.htm

windows7-x64

1

使用说明.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 12:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    使用说明.htm

  • Size

    2KB

  • MD5

    f167320d5d11be52e7332b943ccf0bf8

  • SHA1

    aa265bc6fb9043ac4729a5bc8aca338be0022e2c

  • SHA256

    6cff52f54f3d9c0de6e0b231d3cc06a4ea8ea4c15fe19e20f57da2ad77369bd9

  • SHA512

    f94dea5edefe16b06c7fe2366ac24001fc7ffd709a5971bae9bee5fc12164310dfc460c733ab48f83396dcde318d7948ff961d007bdbc78bcd8aa9a9101c899a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\使用说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51c4746a9490ab5bd854db15c389c792

    SHA1

    9707bf8e344dfad23fffe67f249db304d141c4ae

    SHA256

    7e33e34f5f748192a2dd212f2616dd9350f27e07893220c95adfc0163da13e6c

    SHA512

    69f3097677fc83df1bc14634a269532aef046ef13ec7197c424c11f1169165f2800bf8cef3bb6d5e5715bc765cfcfb88dda4b6f7bd7f049729cfdfaceec2944c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d952c13479e97948994e511b0c6bb9f

    SHA1

    9391ec20f436a0907028bd0b31f938664b115ae1

    SHA256

    cbdf11297db7552417ac3a574c77406946feaedacb9af4233560294d22d82514

    SHA512

    710e14d1d321d1b30cd10aeaf4fe7b4e90913e7ed82e209d81e0e6c27aa7ab8fb8125e0064dbd994b660366274d17c3bd2db3db7dacd4f8170e39f18b85d074a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f82a858992a0d5b6dcb8f89f8b3fb38b

    SHA1

    bb69f1f4ddeaa867296903ca458d267c47ba3629

    SHA256

    9fad249ed2bd554028ad7d7055fcaba998162db67ab55ed0bf4595c50f875713

    SHA512

    c85c9a1c6d2d6d2dddc120483ebf9f727c60b6b0a1425cc281a83d630ec788072446317161d776a1ae1333ecb250a9ffcb427b196e333e89495208b97d47069e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a440fe5211d8e2ebd22c490f9e45a017

    SHA1

    d23c7aef4e829e140b3fbf1582e53ba613032a6f

    SHA256

    abe5822a98502fb37c0e631a52c2c0a866cf7b7aaaa173764c6985735a050523

    SHA512

    19b75f523fc91ba58002f62635e72d1be4bb8b279f2fcfd7e4edbf4912a672ae224fa927df19fca5924419123e72c7701021c432b6726e55f1cd1886aea06e12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8ac06cb5ccc01a3dc2be6e2d02b9f31

    SHA1

    eedf74a84e9b685b27a0830daafd18ecdd681742

    SHA256

    6be9fdc768de208558db2f0473656a1b39329611fa0742bf6519e8b055cb1306

    SHA512

    25f23392f17fd48f42def12a24a08c4e72ef8a4df010419c5ce734eee7c5c50f33037df86e8c4cdeac74ef01fa2fb6b0c319298dcd945df3e003a2ff20d13154

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    888d2e2709e5bf4ecb99fa6d6b8e14ba

    SHA1

    db559f0c73c6600872d76e1acc3ce817f1f48f0d

    SHA256

    f331bd71fc3bd59e6936b2fab523e22f00e2042b5789a2544b7330d1c9d5eba3

    SHA512

    c60f6b3d22a64db176809b83fddf1ac9309d4fea65a80e1cc1a5e74bc75b31b2b1e5a4a7bdce7ee4b1ec4fd692043ea64f4bb2b3097f194aa2640cd0f65ba174

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f046886058009453a0e3089b3909ae7a

    SHA1

    32cb0ba06ab8e93789ed071897e0a26de4f75abc

    SHA256

    151ef3bb41ff136033dbeeb6b382d8b5f6a1cbafc1faf28de8f69139415006a4

    SHA512

    2f7e486ef2032a22e3d78d891169eb05622af8180fb157b0f360b0f192c974e40aab9ff860b433ac4236468aba1acf23a0aacec12992bb07bdb234f247ba35c6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC765.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD3E8.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit