Overview

overview

1

Static

static

1

客隆电�...ck.vbs

windows7-x64

1

客隆电�...ck.vbs

windows10-2004-x64

1

客隆电�...av.vbs

windows7-x64

1

客隆电�...av.vbs

windows10-2004-x64

1

客隆电�...d5.vbs

windows7-x64

1

客隆电�...d5.vbs

windows10-2004-x64

1

客隆电�...nt.vbs

windows7-x64

1

客隆电�...nt.vbs

windows10-2004-x64

1

客隆电�...nt.vbs

windows7-x64

1

客隆电�...nt.vbs

windows10-2004-x64

1

客隆电�...ew.vbs

windows7-x64

1

客隆电�...ew.vbs

windows10-2004-x64

1

客隆电�...op.vbs

windows7-x64

1

客隆电�...op.vbs

windows10-2004-x64

1

客隆电�...TE.vbs

windows7-x64

1

客隆电�...TE.vbs

windows10-2004-x64

1

客隆电�...ode.js

windows7-x64

1

客隆电�...ode.js

windows10-2004-x64

1

客隆电�...te.vbs

windows7-x64

1

客隆电�...te.vbs

windows10-2004-x64

1

客隆电�...le.vbs

windows7-x64

1

客隆电�...le.vbs

windows10-2004-x64

1

客隆电�...le.vbs

windows7-x64

1

客隆电�...le.vbs

windows10-2004-x64

1

客隆电�...ut.htm

windows7-x64

1

客隆电�...ut.htm

windows10-2004-x64

1

客隆电�...log.js

windows7-x64

1

客隆电�...log.js

windows10-2004-x64

1

客隆电�...lp.htm

windows7-x64

1

客隆电�...lp.htm

windows10-2004-x64

1

客隆电�...in.htm

windows7-x64

1

客隆电�...in.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 01:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    客隆电子商务网站全智能管理系统 v5.0/WebEdit/Dialog/about.htm

  • Size

    1KB

  • MD5

    4738e9c10e361761f9c4529e58109848

  • SHA1

    1be5e37d4a830d30afc16a9a50d07fcd7392bab2

  • SHA256

    0e75c08d1834e696425319e55873e2f8d913db6d7f159741e36a2079374e5621

  • SHA512

    3ce3ca5482be20a48d8815567c05ff357fb545c49474f1df9f18a04c53770c37dae9352427268f67e4b66e2481ff38d64e3b28e02e11d24b3daa78e375859b3e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\客隆电子商务网站全智能管理系统 v5.0\WebEdit\Dialog\about.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d20200639e7ba7cf59d64b464f7ff93

    SHA1

    f3a79fc142858c91f4ed254b14e9033479f6ab26

    SHA256

    c6aa2f5cecfcc58b639c8e80533dd3881b54339e9fce129850251e4784fe304a

    SHA512

    af9f7d5f6d3a8e571e5dfce4e309e9ddfc1b4ad77f0f6c39fc472800b3bed3f678ff49cf9dd666307974d3f7412a14de48e2891bb160f789691c605164b85e53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7898a38fbecef75f5d6e95ce96c37878

    SHA1

    f13cabefd28b29c7a7861e6d4616e314018def0d

    SHA256

    02a0c0b9eef7580df717a4a3242ed058ff07447d1a0b94d3eec7ecbecb083d09

    SHA512

    072929db1bcef28ca673a1631d4f3fc8055db3d5dd043c4a823dcc0acd4901c0947c9ec8e06d661917ec203a9009829f3e3ff4c934944896b0a8946cdee226d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96b47cb7ec37259f06afb8fa96eece30

    SHA1

    c49cc23fd5cd54deb5b6b1bd60b2a9f59b5baeb4

    SHA256

    ff2d35fee1aac51063e4ffe8a5119d042040eb6847cbca76b56804ff1677ccb4

    SHA512

    8b43085979bc056707f6a1bd1e5e0ed952cfe9013850d733d7f17602e8ade2b195d9c66916b9bd17a4c08f570be841f52a4bebd49d6c4df952aafd470339906f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d28384b833e89dac2d7569d86cfadec3

    SHA1

    40525cfba9b4efe3a6144a9dcea1c6cb850bd742

    SHA256

    4a194631dca1ad8438ce73d017b57f16a82196659557cdbb7da35f4ae17cdaa7

    SHA512

    3ebdeaeb96a5f571ef151c4dfa785d4f5eedd1d227d9821cbc2a83b884005f6940186597f41caea519d7b79a0df7676f2cc12a7ad6fc28738f457a80a5767494

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3843cfc7c7161e194568e37db584a00

    SHA1

    d0127cde9219586f6cce044b16b1969c4cec0dd1

    SHA256

    406c766dc0152c955c5067e3907ce36329749974baec3770141221a7e2d2da1c

    SHA512

    e6b25cb9017a72d1a2af97bd7bbe6a64be99a758fc5b7aeb7b35ecb0a389f1dfdc82221ca984dd80756425fad694c9cc44ba6cddcf7db41db8af94dc27e5e5d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d9bfe30b3ace5e12cd9e40e8513abf9

    SHA1

    bc77a88867fa904cc0f5c28d57ffcef94715881a

    SHA256

    85436eb15ebad6c4991933b2325abb47f2ee34c22863c117feb5b7130496f7e2

    SHA512

    b818ee9b044cbfd4baf37fff660f6a967312fe62bf1577f83d62c0fc14db22072874c39a4739ac5447121510e4ca78d5fa1d2492e3907384378bd2c60359e2fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a64c53d92a54c6b1ce20d6bb201a463

    SHA1

    c81fcd4150c7032891140979b8acbb33085db844

    SHA256

    778ce04016015a4fc30af2b04cfdbd7f091f7d90b915cd9af458dbe6cbcab0f9

    SHA512

    52af9c81af8b913e2f2ea92fd55a2beaa2b459bdf463e4e7d9615d759977639f74fe02060b910c29d39e172124b22e881aff9bf33702daee4d251571d684ac8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ede81cdb6de013344010f57705a0459

    SHA1

    c6ae795e31ff929d0736a477ab512932772be793

    SHA256

    b01111ec4c59b092e090e0e52ece9eb70d0e10f4292898332b99f3c58a93368f

    SHA512

    3eb77eccad83553abbea5c3e609ea9232d11fc1df7017fd9b15694a542caf265573da1cb7197a64b17a87cbba1c64f035d61c3a2743da8122ff0e1509d2f641d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9402c722d1df7614d52536f22d0f877b

    SHA1

    6ba24a616460cea77555d26eaf8426511fcdca6b

    SHA256

    d2ba2ddc7ade87abbc53976ee16b574e17aa9c3d08d68cf807172a8cb46bcb35

    SHA512

    9d5a102ed3679586f0f1f05220472ad412b90e098323a85f2882f824d4413df44d3e032f0cca183ba3c7fc49b2da9e61737eb5dde2f2311b44737b12fad380e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e739504ea3de1383bbad9d569410d5c6

    SHA1

    cb837a8ffe6a5146cbf02155fc2747fb297bdb4c

    SHA256

    a05e598b79f16de94243a3661f620f156610b0f981a58226d76e07407cf1e16e

    SHA512

    ae33e88a1ec2619eabeb2342ad0588d750ce083b31ce44b8dbae760b4615089dc466bb16350a68201a34a83c86ebcd962d90742642a0ac38a3330cb006484e52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD980.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDA5E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit