Overview

overview

3

Static

static

1

About/about.htm

windows7-x64

1

About/about.htm

windows10-2004-x64

1

About/about1.htm

windows7-x64

1

About/about1.htm

windows10-2004-x64

1

About/新�...��.url

windows7-x64

1

About/新�...��.url

windows10-2004-x64

1

CHAT/CHECK.vbs

windows7-x64

1

CHAT/CHECK.vbs

windows10-2004-x64

1

CHAT/ERROR.html

windows7-x64

1

CHAT/ERROR.html

windows10-2004-x64

1

CHAT/EXIT.vbs

windows7-x64

1

CHAT/EXIT.vbs

windows10-2004-x64

1

CHAT/INDEX.js

windows7-x64

1

CHAT/INDEX.js

windows10-2004-x64

1

CHAT/KILLONE.vbs

windows7-x64

1

CHAT/KILLONE.vbs

windows10-2004-x64

1

CHAT/LIST.vbs

windows7-x64

1

CHAT/LIST.vbs

windows10-2004-x64

1

CHAT/MAIN.asp

windows7-x64

3

CHAT/MAIN.asp

windows10-2004-x64

3

CHAT/ONLINE.asp

windows7-x64

3

CHAT/ONLINE.asp

windows10-2004-x64

3

CHAT/RELOAD.js

windows7-x64

1

CHAT/RELOAD.js

windows10-2004-x64

1

CHAT/SAY.asp

windows7-x64

3

CHAT/SAY.asp

windows10-2004-x64

3

CopyData/css/i.htm

windows7-x64

1

CopyData/css/i.htm

windows10-2004-x64

1

CopyData/css/js.js

windows7-x64

1

CopyData/css/js.js

windows10-2004-x64

1

CopyData/data.asp

windows7-x64

3

CopyData/data.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    About/about1.htm

  • Size

    2KB

  • MD5

    b6d7ede1edf40b0a127e86b8c85172ea

  • SHA1

    732bfcf6329f780fdc17971b324191ccbf18e21a

  • SHA256

    8aa22a4085a82653e0067383ad3aee0d4f896178432d4d503d22459fda7096b4

  • SHA512

    99d2a116fcd44bc91fc9fad4eab0e205cb005c16ee9aa49704402d128f107cabfc55de95b97fd7981ebd8a7e0c68adaafbd43384948ede912f7a0f7b702225dd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\About\about1.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cae041a731403bb87ad36d47e797fcb6

    SHA1

    04f9488e8de0d90af46a7f12ecf62076c93b0e23

    SHA256

    cfeab8fdc72e8aba5ab8da9c1b4876312ef4e3cc4cab4f59e6309ce6221ad783

    SHA512

    c0117e2a36b7e18b6dacf47f4b9a5aaa63360b37ab25d5e4fba599d2ff4a28da162daa14ef49f62138c6064b4074ea1d3c1c05a1652a759f4f957621c625077e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    268ce6d57a831d2e9b9817e43e84072d

    SHA1

    a93eb3ec8723ff866c2a4871b36dcf167d4a16cb

    SHA256

    44cf303810ae9a012af1818bfe0a18a533f28665791ba365a31bd16026358534

    SHA512

    63a567aad77c67519401edd53df6b8b57a0037b56f08c399faa89b8b7e695f746eeb2f88d5767df4590a23ef9f38e8d76b2310fa64f970291eab00a6481f8741

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42d38b85d80754960abffda7d768562d

    SHA1

    cf6c7db540e9403026bdb77e3e3301499d8f5941

    SHA256

    e58d7e495af05dc5da99a4f7619565d7343f50e0a6bc0926fc966aa58d6aa25e

    SHA512

    b759835f43219717b0293cc32af69a1be8f3d5aa6a89541b9421cfc558c89df7b9de2c14595dd456f661ddd124fba9e1493a667494296757b173d33d098caaa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e1389c226d15627c0f1a847b7d8c42e

    SHA1

    062c08d2be097cb7fe977a433a991d24e0455473

    SHA256

    d4e187f3a5c0fa90d213d9f3ba7b78c102081d0224916c74bdf16a7665ff13fe

    SHA512

    ce8ed27463f51743cbc8c2b9773d1814f441ff6f8593d6d245389a8971ec39e50b9294e44b9d75d0d6d1db53f307d5bae1612d003b86ded49eb781f0281ba7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f30c668152bdba82f334d9a122d059cf

    SHA1

    1b2fa198849faf3cc7f3dd514853f28d25e5efed

    SHA256

    736032eeebf1421a1a1042682d0c6db7d70f169cdc6ea72fd1e467f67e584b06

    SHA512

    be89ed581983d44b39d67f074aae6b4bf05a52cc7c0e21284b3db5efa4f2a28e4a3a3d2828de52bc3762b168f407955a69df6f05474b46e2042ddace2eea8d11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45f7a65ef4ecf6dfc18347c7cec62a64

    SHA1

    6c1ed74bee6c928ff2dfac2b48dd6a9d1c3ddb4d

    SHA256

    4583756d998e9c8c02184dbd592ca1c74ed3dbe79ffd2a3c5eea99c9c9f14773

    SHA512

    66cd1d12903d382817ac184d48dff327a63a20be2a4f7f06adc5293656c459bddac52e1bca4a32420c2b20de6848e48d307df7feef291828b45599d17b9cc9ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db44347ef9c01d07793f3333eea37403

    SHA1

    6abda65d124530de6fa253d53d849411785ec49e

    SHA256

    5f2a4adfc09853adb65525fa09b54826867b9fb9c5e811124216185b6c4d2259

    SHA512

    477432b7eeb762b86f747ca4283489a9232fb7d2ed5309606668f842edfcbb637935be8651b822847fc24004e5d7ef364e4173e7d422aa992ae366c86505aa50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb3952672fbe3dc0ee41d782c21cf15b

    SHA1

    588e5c7e6702beb30021262831a4fdbef4fdbf76

    SHA256

    edca400d966ef95952871113610d788a4763fb23d498b343abe09388ae4904b4

    SHA512

    4e6544df7d615ab015cf3be95b0a77ce8b6b29ffa50552698a4c3ab29b956fe63d465e907537e0725d737ef2d2f73a5a46f5115eabc3688f5f69378c773e34e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8c5c965b7d3717a2598a2036cb905a6

    SHA1

    dcb3534dbc60c0d40e888ad31bbe607c4399eb87

    SHA256

    7ad7164e4449ccaf68cea921f3188b4859c931b08cc6ef7feb9b8d69065104d1

    SHA512

    8f2f994aac918a6ffc2ad06c539c82fc91e3c121366828b456b1c6135e84a6d37f1377739203fb97c6a38cefdf6cdbfdcd471e237326df16a236b849ad3b71dd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFAA7.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFD97.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit