Overview

overview

7

Static

static

7

05053f2a14...e3.exe

windows7-x64

1

05053f2a14...e3.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    200s
  • max time network
    232s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 21:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    05053f2a14552390a5bb222d3fc1b9e3.exe

  • Size

    1.8MB

  • MD5

    05053f2a14552390a5bb222d3fc1b9e3

  • SHA1

    e3f484e0ba4037999bf84a42e8822f3de2a64263

  • SHA256

    e5fe560369c76c158933027926490eb2ee6ed15be7d5302750024a23cb4eed42

  • SHA512

    e95978091c10a00e1013870f91f9d4caca383ddd2a2c64f0d8ec1de7c0742ac4b7e775773942a1d680b013fe89a63625ec95b0c3b07b71eb921e015e3846eb93

  • SSDEEP

    49152:I3gpBaX2YkaeO5ca1SG4hld9wOj3mkQE0MCOIURmgx:I3IBM2y5caILh79j3nQlET

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\05053f2a14552390a5bb222d3fc1b9e3.exe
    "C:\Users\Admin\AppData\Local\Temp\05053f2a14552390a5bb222d3fc1b9e3.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://blog.sina.com.cn/baxukun
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1856
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1856 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d791e4e5e2403b9433532148662f4f15

    SHA1

    e3572808469b47b88fdd5550c557abae4d40f7a5

    SHA256

    b9e3eb092fc37c4084999e42b51247911ca0e3c209295ea67ced7f1207250282

    SHA512

    bbc5c7737b8755f439087146f4868d4d8eb8f4425eb548bc603f6e1bc37fdec8601aa78e0716260398160df87652d0293183f6e6f42c3931cbc96ef4599cdfa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dec8006d44d06f2196ea396e88596fa6

    SHA1

    e4fab3f19e093a5b569e1675623ef85869458dcd

    SHA256

    b8caa68f53ec78fb5b91dc753c3ad48c7cf0b83fffe142690335961b4b908174

    SHA512

    4aa75e36b2c3acb022f67bc66b7045ef464e9efd09b7ba9670f89b923ca6409ef395463a844417ecdb7481ce4bae73427e54ed537cec005e34e5229832ffc7c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca34aa291ddba0798ecd765247315d5f

    SHA1

    2300fd73802a422bd0a61ba610bcae8beba629d6

    SHA256

    2b6205f91a11192d9c2574529773635c2465e63e9b1be3e2005a15d91b2d234c

    SHA512

    317d3617898870dceb00035c8aae70dd26f598baa59aeac7bf9daa59abc86ac1d7990b375c3ef2b4105782fb847ac96f5a72fe5ba10c0818b238ab1d37548089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdeb4a32aabb46a62d0ca3bd7375ad8b

    SHA1

    409ec27b8b71fbb0b07e7912d7beb198adc7d35f

    SHA256

    c2774ef9d9525be89c359f04d7b9a4ed317474102f3d0f819f2cec642d5ff95f

    SHA512

    7a2ad7b3b1ec154ea5ba7629e41a90876ec598699565ea56ea22014fa127aac8024c392723e8f88c0838aa43f8a56fcc186a01efce1d0e1ce8fd5e992487aa4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb2d88009a3bf9875e0bc0a9f018d4f2

    SHA1

    d6e32d84539aa7848627726957fdc4b01de52ec6

    SHA256

    c41e06a5c41dc31ec03ceb018aeb4d03d6a8af792190691041d407e8d051eef7

    SHA512

    4b4137460fb783b8d03ec340b27c5e13de750fd376afd39b25827ea6107511cf228e611d287ecf1a84967c30905d7f69712696765e11be555433c65bf7a9434f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf494c4e7d74d27ec440140a63440255

    SHA1

    ff17245590baf1c3fd51e36dac703a54bb1f41a9

    SHA256

    92031c3f6759e4031621fcb88690b32d22069bd9ddcbe70c07645177b1d68ec4

    SHA512

    fc584a5ab5d16889b0a2b9d99d5568796ddd50d663421d033e2a890063b5fd92c071b75eb2290939856277b568ea39da8734de770ad220313f485cad3ad95e6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d27f12bb6baca52ec59b69fd5b085021

    SHA1

    4eee7ffd3c68997941db94e4dca050675acae2b9

    SHA256

    c5774536e72edfc175f10991132f954ef996302c921d20c8cc8edcb83d0936e9

    SHA512

    0bca8e7afe823da1652724ec841fa80c776382357a5d76a95b986026ec08d05c2852cff80b0e8f20e2d9e833dad51978f488ce0b5eba01965d6cc5ee10a8de41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67d1408d72f89153e77a452cf7ffc340

    SHA1

    3fa6b6025147bc8a2bacbc55a6f4540f3d996518

    SHA256

    a64264d5c65b6b86c542e466970f993d14f2448082034664ac98dec76661929d

    SHA512

    de7725abcebd52d2062ad17bbad013df7956c5c833491514dec8c356c89e0671874463e58514bbb99cce32aae68fb88d93affa809f9694175e99dc779fbc030c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    876a08707d5c799dd289cbe7245d7b28

    SHA1

    32ab0b699ba7fa21eab7eea9033e867ead3c7ade

    SHA256

    c223f4509a340cc49fc86cd5450f605deb082e2314cfe29c016861d2a47baad3

    SHA512

    9140e572ff28ed260b4c64594898d4e2beebfbc51deb631bbfabc0b9d64535b7557e5d747e91f508abae89cd7bdee9575dc250e3fd0813f20787575c34e7ce00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03f44c4fafd69d32acb106be747c1dde

    SHA1

    d1440a682b74dd6fdfdb87d8327f7d4bc3bf2577

    SHA256

    18aea947d0f36d1b19c1a7068c8c2dd113ecaa91e2e4ab6c2348795e4c7f8636

    SHA512

    12b5ed34aed7bc4f3fcca9f83d5843474aeadc20f2ee44d6990222e86528bf0cf1e85849d48273abf0443a0b5eea5d85e8641b628b5fee76e0bcd7e29e1cc0b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d1b6c7b4af646bdcabc31b8265c6fef

    SHA1

    ed1f65b13d9cfb35dc2cabbb3def126e4c113c96

    SHA256

    c1e87c76977e393b38ef118ae578945153f4ea394b0fb85ee2e50cb2c2084fd2

    SHA512

    2bc3b755ce6c35f91bc9d1e94245bafd360982bf7375ad485a496312ded40281a215774506611103a633c555eaefa03e49af35df7d200024b3fc59a36cb9d75a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e84a22fb23f563a48f265c682f0c629b

    SHA1

    223c862259eeea4ba45ea9cdb9570dc98ddf0625

    SHA256

    e7729e2e6db1d9662238865d248dfaf83f64edcdb75c75fb7dc1cc1be08b1227

    SHA512

    cf6dcd3babf2fb8b054777206c672297b2ad66243f8329f01bf5ec81423db63a7422963c830399d7cbcffe47c77e94891a327f99b5cefa026a0cf7ccd9f9e38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4074fa151dcd163b5eaef74d70565019

    SHA1

    eafa7f453736894512c329d34032a58eb127714c

    SHA256

    7fc54f332679eb1d472742615bef4c3a3ae5254d89205ab15034fb6fc80c3607

    SHA512

    c541209f07e9349e94633e6983c0ab18f729132306370c4f0db47bc695bb6f0fecdfeb11e6607568722e48aeb450e416c50da48ed2cd7e544de9fe5bda9fd0d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D9E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5E3D.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/1988-5-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-0-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-1-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-2-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-3-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-4-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-6-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download

  • memory/1988-7-0x0000000000400000-0x00000000008A6000-memory.dmp

    Filesize

    4.6MB

    Download