Overview

overview

3

Static

static

1

企业网�...it.asp

windows7-x64

3

企业网�...it.asp

windows10-2004-x64

3

企业网�...mon.js

windows7-x64

1

企业网�...mon.js

windows10-2004-x64

1

企业网�...t.html

windows7-x64

1

企业网�...t.html

windows10-2004-x64

1

企业网�...r.html

windows7-x64

1

企业网�...r.html

windows10-2004-x64

1

企业网�...n.html

windows7-x64

1

企业网�...n.html

windows10-2004-x64

1

企业网�...x.html

windows7-x64

1

企业网�...x.html

windows10-2004-x64

1

企业网�...r.html

windows7-x64

1

企业网�...r.html

windows10-2004-x64

1

企业网�...v.html

windows7-x64

1

企业网�...v.html

windows10-2004-x64

1

企业网�...s.html

windows7-x64

1

企业网�...s.html

windows10-2004-x64

1

企业网�...w.html

windows7-x64

1

企业网�...w.html

windows10-2004-x64

1

企业网�...h.html

windows7-x64

1

企业网�...h.html

windows10-2004-x64

1

企业网�...ash.js

windows7-x64

1

企业网�...ash.js

windows10-2004-x64

1

企业网�...w.html

windows7-x64

1

企业网�...w.html

windows10-2004-x64

1

企业网�...m.html

windows7-x64

1

企业网�...m.html

windows10-2004-x64

1

企业网�...d.html

windows7-x64

1

企业网�...d.html

windows10-2004-x64

1

企业网�...e.html

windows7-x64

1

企业网�...e.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 03:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    企业网站管理系统商业版(无功能限制)/admin/fckeditor/editor/dialog/fck_form.html

  • Size

    2KB

  • MD5

    c27a5cf11dc6401d35ec70d42fe02048

  • SHA1

    0fde8204d1ccfd88d6c3af79adf73aa3814c8809

  • SHA256

    6dfba00eb11c007a29583adc2c8b7cc78430c39e82d36f490e32b152a2b4cf4d

  • SHA512

    4b5ea7b449c8428b4c12972dbd2890319e679bae49e0917ccd7b3322866eb0098d80aadb7b58ba1a8a4e98f3493658654b93ce1aaa347a5d0cd75eae753c536e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\企业网站管理系统商业版(无功能限制)\admin\fckeditor\editor\dialog\fck_form.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    03a8478b5b9b9deff787bcb18e957375

    SHA1

    6753cbbe5828e7456fbbe872b883e292b91383df

    SHA256

    900c39fbc75c355daf00d7e8d64087d917067ca2216ce3e3877021c7becc97d5

    SHA512

    8b1e9df06e50604b6994499cffdbe30bc030b62ad27bbc81e3f0ea4df874f66db7db5c60a918478d5ea41b710b107a7a3f843a201c66f9015c4c5ebe8eaffae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69d3a0928a5089dca6fa3a6b2dc09b36

    SHA1

    55a29c342ec09da7f1533ee41c6620edc5f1a3d3

    SHA256

    31596c186813b840bcaab07d1b56b757311f2e0a2441e845abf685cc3e1a1735

    SHA512

    a9b28600859e86d4ebeaf319cb949cd724a524e14917ffbc433c1250add37d0bdf341ff12d8c1ed6166708dae0d9bc2656e88f0cd75571fffa21bee8d0feb103

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79a5dc9dea060d61d47b38a696349ede

    SHA1

    d7afe2588442f86c8620505e65813fb5dd4fa9d8

    SHA256

    50ece62760f1f53439cc98fc37bbc280f0fb2030a84e27283b6409d5da3249f2

    SHA512

    a1f008a0a2a0774cbdf41d11d0f2190b5f05303d05443c4f878fd9b463748fdeff5ef3f0f885e2e227682547aa2efab6b806e87fa9003f5295dcdead098ee15e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b34b33a105f4f7785ceb835c6e943ba1

    SHA1

    b81768500ba4432fea04ad09aa75c6ce471bbefc

    SHA256

    a196d688732434d819ba7dd7f9158b33b46499b7cb0794039b90924d5202b969

    SHA512

    249ab96ff850e8108374d469f2873d490230020c2006d1a92290dfd6eb2b7cebec5bdb8c01ec6ef2d32112dd459ec1914a3168f842a570d89171e68dac3cb16f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d21adcc6c6aeb6b41a50ebb3574bb3c

    SHA1

    1d93b8c224591a089b93db0c9f0e51816a5a50e0

    SHA256

    831e9b128485fda4b866773906767407afb60d857a3039a2d4549de24c8d95f6

    SHA512

    a411faad6cf2e26dcf2e06216d3a923ea6dd4cf342e4e7d75ff8b79f20bf599fdd4b0cf2d35ad6026bf04d2da5846e5d1d914a0f3284527bf0011f441ee1f091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eba98bd80023fd0ee277b1aacbee9be5

    SHA1

    06f6d7e6dec0641a7056c0675c1d4e5715a3022e

    SHA256

    e74401cd09eb29c1bea669a7ade1b31961bd541a35c14ff72b4ede2f3021e9ec

    SHA512

    67aba9fc9e93237c5208f1d38730ef0182a8dba228f7312586d337b0b22aaacceff09e39389c5f0e76e0d14f06ab40c48c89d1ee5613b5b5e805f38f1809400f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    000402493d8047a524cb455a0e9f45b9

    SHA1

    71c52e6979420620cf87025df8e0105c657ebb6a

    SHA256

    b88cd193896ed89bcd312a398667619ec543b9d51e0b6e3bedc657870bdee2e6

    SHA512

    9454a4036e6ff8baf1d36173faeae527ad0c20717edceec1007b4e0ab055f0c620b2236d8387e10c5d03dd327f39e7019e66bbcdc53f06090bc531735228b0f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    750f4f17cdfbb9e45a16303c2116f84e

    SHA1

    6c1313c3f40b001130bbb2793993e2cee7f3d5a8

    SHA256

    ba871b0278331636578aaacde3eb6703f590277883a94b2dfe9f08cf89e02276

    SHA512

    f01cdd8e71522d615a1c956afb7d0d3b5427df478765be6a1572296ca1ef708d7ac723ca8c1423ee71cdddfa2196bdccf06c301d8864e11483129be015cfcee6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1a6527e548cd35edc2f7abb8a1a3d94

    SHA1

    94889b9cafab40399242bb4e20991972da158a70

    SHA256

    91166d9144a5f65bfa0f171c021333ede1db6a6483d083237bac91193b365338

    SHA512

    4b87b14b1b792e1d336602f76e402181f0efb496c5d0b843e2fea24db1e1b0c34c63bdc6c5183a70497891f2111a571d5a6f43f67d4999755b764998b5bcfa44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c1713450a593849e3ddfc067d81d914

    SHA1

    904dd60ae69b33c71e776e2a5a695958857e3523

    SHA256

    6a1cc229308beb514968eb2151ba8b18c7977b5cd888778f4c34913f703c4083

    SHA512

    16c830ed41899b584af02c32b6d1cd5200998423737eab8db8ea62433ef3f3d9dd4a873219d3e49816064a204033210a67faafb55024b605b22aa41fc61f8ac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23c45dde2a48a4e6b69fd08fff3c97f7

    SHA1

    9e3e3a7b6e93ffe0d4601ccac5e22c6c02e7d028

    SHA256

    be9eea18d8205cf52f19f8304ba536ac0ea73882377efe050e655a90f9d0c881

    SHA512

    5b0cab7ea31472e7173d3defa2b5183de6660cae4f13d5c293e8518891e050512200126db706f8ab6de130d446d4f74d7c238402b3e6eef7469bccca6c55e4a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    002c4789b803a0d7275b75ed9f9daedc

    SHA1

    373c4560a7ec951df3201402a00faac5081af25a

    SHA256

    6f5b1fa035f54a2a0d18dc3233f463c8d86231a50e00213ec6cec23d726f4d1b

    SHA512

    1ef80dae4af53dd1ad8cc1210458ebef2abe3fe2904c1a3a6399aa1be987b8d781a2e9ecf6d038533ab66d671d94fe38e0fcd9922c770ef5de383bddf05d6f65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2179833e2f506e054fafe7423d65605d

    SHA1

    8be38900e36cfd84e8b9c0e32e816a6b2ce2f33b

    SHA256

    33e9fd5098f81d284da785d8f4ba1fe5059c8ed78b3d7864af70e8bc5971d868

    SHA512

    7c0f8e71e2f3a416c82759305351154d25fd716ad785efcec321c511453b3ece175d4de16d2c1cde3ef8565fe28525881b5a6df2026dc61f0e12c50d386ddb56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    4987ac1f600a09b109d2f089c3db0b3c

    SHA1

    eeac7109993857e1b0d2cb68ad449ba3596756e5

    SHA256

    978c3d99973eed0b92c08b35bfb387278fc212b0713602800492251552e151f4

    SHA512

    840b515fc9cd31761d0b32f2718347806ffc00c0653f0e43a1bfdbe5ad7c2ff39675f4a527d6a86cf82d245909fbd1027fa70040f9d2bc32fb9b84b33cc5ccc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4D6B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit