Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://linktrace.ctr...

windows7-x64

1

http://linktrace.ctr...

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 06:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://linktrace.ctrip.com/ctripetracetime20231226/EventInterface/map?t=41768046&EASEYEUID=9098939-381428-168-25572&yiyeoriginalurl=NB2HI4DTHIXS6Y3UFZRXI4TJOAXGG33NF53WKYTBOBYC6Y3POJYC2Y3BNVYGC2LHNYXWGYLNOBQWSZ3OF5WW65TFNVSW45DTF5TGWLLYMYWXAYZONB2G23B7MN2G2X3SMVTD243IMFXGO3DWL5TGWX2QINPTG===&enc=1&i=&s=V3-0D9CB716BE4248CF12A896C13841801D76B38209

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://linktrace.ctrip.com/ctripetracetime20231226/EventInterface/map?t=41768046&EASEYEUID=9098939-381428-168-25572&yiyeoriginalurl=NB2HI4DTHIXS6Y3UFZRXI4TJOAXGG33NF53WKYTBOBYC6Y3POJYC2Y3BNVYGC2LHNYXWGYLNOBQWSZ3OF5WW65TFNVSW45DTF5TGWLLYMYWXAYZONB2G23B7MN2G2X3SMVTD243IMFXGO3DWL5TGWX2QINPTG===&enc=1&i=&s=V3-0D9CB716BE4248CF12A896C13841801D76B38209
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    826e4ed47825e9ee5c55bd594abfa633

    SHA1

    3225545368440213daecfb2251384f497890db05

    SHA256

    7af990c9615040f4a2865dc4754f4c4b00cf855b24ff2e38fdde1e7d0734dae5

    SHA512

    bd03691726e915ccfe642583371fb7abe46aa64f92011fb86104022e93fe58a4ee86e933438fa2d1bac22988815728ce1a33a911b259cfa1f110d2eeb364b220

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e8f1eb5890df0add3b62dcc5cbafcea

    SHA1

    9911011f2268b55408a22fb5e6afa26a0a8df65b

    SHA256

    53a86613cf49ec1039cf60fc4865badfaaac74dc88d9e03f109af0e57878954e

    SHA512

    174a7b47de06c9c7ed3589e1f449ca197673768f241e209dc2086b8534f676e1ad2a7d183844b07d95778dd25e1ffdbfd2ef68e668c8a1a6b288ccd4cddaf950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b46203048072c922bb3e4eb837fedd3

    SHA1

    dd59a0673f9085e186e242a2bdf8f0f2dbefadb7

    SHA256

    d9d7babec7658fcb981c1a3ed3e786ab197beef5c64b98c4c4fce5f0d1123e52

    SHA512

    775551a63fc69b2fc7b6ed1316e80db024c614966a10761f4d4cc393932214c60df6ad628a52a3cda022cee2ae0e9efc21be8645d2701224ad1c4d148b9d1273

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e568c137eda92c908865847ada7150b4

    SHA1

    0e88b4362c931afe2b4842b74f0980ea6dfa742c

    SHA256

    b95ee4c65d9c22c87062e088a8f39ed9879a7f77f7ff91f880ef32f442dc6c6c

    SHA512

    280e15e0c8151a051ebeacd46acdfa10a1f046f9e868a8f59be823c1b289929319867936be76ee57060b42676a6b5b16ca2c86a46ee272b0b8fc35db2942900e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd2b3bc00b6372de3746d67059d42f3b

    SHA1

    f38cbf69f9fb1c0d13a948c67dd4bd159bfe726c

    SHA256

    821272424a7cf01a788f98c42e417e871dd822c2a63a4556f5a8dba33484ba6a

    SHA512

    ea59ff470b13f6bb7db5841c6f2ef50d6411df6493571ed57133f6e83bb463dcddcb951ba73112d03d688e9e6762fab694d60c571482d8ff91ac61f5f71a6684

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a7422d4225ca6432a2957e53ee5ea53

    SHA1

    b6ed042111efd155050c591a45cf651d279caa77

    SHA256

    376f260040db7c5a5daa9957b69a5c8e7a35dbe8cefd3c7a10a02e349967dec0

    SHA512

    05c333c1fb58bc984c2fc63e47ed57845304ac7f169e4c99b07b4132507cfd2bb47cda04e866339143da0f2bdfebe3d74cec2e2917799d97b31b660eb0cdb4fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5089acfe0c0f3475f5177a3bcd5d0cbf

    SHA1

    aed0b3da26626c0f0a51f6b43de5d6e1f897d349

    SHA256

    cfd6814ee3625d7752c27bf087a1f0936db60ac5c7bbd5144e4f26575c3e068d

    SHA512

    7de663b67e1a5385a018902cf626d6f080cadd8ca6e09073cabd8e2a99c34abdbf0cefab9278a6c5ba4dcd2588298b515b2b7753076fbca7dd0ba696af3be86e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF8E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFEE.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit