Overview

overview

3

Static

static

1

taoaisi/Conn.vbs

windows7-x64

1

taoaisi/Conn.vbs

windows10-2004-x64

1

taoaisi/ad...ut.htm

windows7-x64

1

taoaisi/ad...ut.htm

windows10-2004-x64

1

taoaisi/ad...ot.htm

windows7-x64

1

taoaisi/ad...ot.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...ce.htm

windows7-x64

1

taoaisi/ad...ce.htm

windows10-2004-x64

1

taoaisi/ad...wf.htm

windows7-x64

1

taoaisi/ad...wf.htm

windows10-2004-x64

1

taoaisi/ad...dit.js

windows7-x64

1

taoaisi/ad...dit.js

windows10-2004-x64

1

taoaisi/ad...up.vbs

windows7-x64

1

taoaisi/ad...up.vbs

windows10-2004-x64

1

taoaisi/ad...ss.vbs

windows7-x64

1

taoaisi/ad...ss.vbs

windows10-2004-x64

1

taoaisi/ad...nn.vbs

windows7-x64

1

taoaisi/ad...nn.vbs

windows10-2004-x64

1

taoaisi/ad...es.vbs

windows7-x64

1

taoaisi/ad...es.vbs

windows10-2004-x64

1

taoaisi/ad...ex.asp

windows7-x64

3

taoaisi/ad...ex.asp

windows10-2004-x64

3

taoaisi/ad...tch.js

windows7-x64

1

taoaisi/ad...tch.js

windows10-2004-x64

1

taoaisi/ad...n.html

windows7-x64

1

taoaisi/ad...n.html

windows10-2004-x64

1

taoaisi/ad...ut.vbs

windows7-x64

1

taoaisi/ad...ut.vbs

windows10-2004-x64

1

taoaisi/ad...02.vbs

windows7-x64

1

taoaisi/ad...02.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 12:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    taoaisi/admin/SDEdit/HtmPop/swf.htm

  • Size

    2KB

  • MD5

    80352a30479bffa382b662fc891dc48d

  • SHA1

    0a7fb083c196cd6eaf39d02b9d46392d4ceaef07

  • SHA256

    64952b9ee7dbcab64e458a8f031f8ace0011b231a05c56ba0421c3891135e3f8

  • SHA512

    e314a448bf353f79fb0e0a6e1c41b5530cb7e248c5ec13ac973d72c88bdf8d8211c70e86e80d90a0f6347565fef94835094f7fe99de9d777c9c12ff5f515ec8a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\taoaisi\admin\SDEdit\HtmPop\swf.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2128

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81ce2ac60b519e8b0107df38414aa7e9

    SHA1

    169397f2202dd8b5b7d9dabf3d39cee2960d2f88

    SHA256

    4111ae5c70dbe3b420d25ef6af95627aab6f1791146e53fa6310a25043dd858d

    SHA512

    f3db0812724b322eb4c78c6fde3827d7bb174dc73cd06292ed5754324be0943ab94eaf8b7789f6b9b36cc73ad24ed6592d6791c22416032c2a17b0cb19643b8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    42c83e62a1bcf1a45abaf6d7dc10ef55

    SHA1

    255ffd0ef86efe35a82381aa7743e406ee223797

    SHA256

    9547b936e711c911d2617a71ce39cbdde28677a630763431fceb54b277e35d24

    SHA512

    00d886114f8a113d8e8a17a8d989113db152c23393ee613be2097eb5ae0c0fb3a8952a49b84353c60f36df699d86d42384b7784193c102cd129fc9431c528d71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b5352c0b0813b1d349375059f925229

    SHA1

    8e31b10264427bb9bdd0adb82eb4dc930fcdc5dc

    SHA256

    cd34e3347402d08f0c9d7c4d2f90b8c5e0210a5a04063087365672821c912e07

    SHA512

    304b9d3fbb25e0c0c3c9367c913a1c3dab61ddd5734769208648d2101e93013f51c9a8caab116c87ea4326cefb3d27087f291466c7c65d0b00233181d1830d8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb96e3a2c958260bd0a38c529c6cde8c

    SHA1

    3cb4603a7f4e71a80be3620e5ae72b543dff83e5

    SHA256

    97b47c1a388b726ae5b0d33315ee6227782eab3dd70c50bc7a9520f5ec3098b5

    SHA512

    d5290b12f0f32d5a1b114a65a323933437163fc303b2ca00fd3acd9b7627e9392b244af39db55d101be5f45a11f0ddc4f6cd6e2966a7682a10314c60a5780270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72014235fd3e23cc95fb8ca35fdb56dd

    SHA1

    d5ed763eafded84c14130dee6bcfdec3d6cd0da4

    SHA256

    aa5ba520f39bb0753a62ca82089c543183619b7174ba1d1019b24f421f6c06cc

    SHA512

    2cc045cc4a0cb807e6ced15a89222c8d2a52a6999a6ffacf7532c0744404deffbba60c47b99a455af52bdc60195120a7f59e25f8dbfa223e4b1910dd5e133e23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6110615ae764ffe8582302993f3c3cb

    SHA1

    96bc32b4e878b03556b3d3ba2025a08c3e523cd9

    SHA256

    659839a2db6f6800d82a91238899198d11447beb631df107d850dc78efa7297d

    SHA512

    a6b397679bfdef8c62a4e52413b347ec56d30860ba0e7447691d2f0dceac12fab771c5bbe57f73f3e4917a28d2e834d095afd4b543291a7f3d5ba37e092864b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4552d7c0a52065a4a7b4af12a9671990

    SHA1

    7b6fc8d5af007b932a447c56da68e6fdd01a77a2

    SHA256

    66c98b75360f6fa09ea8b41315847b4077c853bfb7d46b5de2ae335734d507d1

    SHA512

    37146b50fe8379a68c88e4701c7eef863955d1d6428997a33bfa4e89ab8e252e847e7f396680f52f86da947039279b225d8a6140edba1f7f51fdfb637020658c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7efce701f5ce1536082cbdb4001f6be

    SHA1

    738be9c79d784a71f26c503a8b24494919351cff

    SHA256

    5a18316b578af0fb6c47e89e1bbc0a761c88eb06285c5b7f8afb96251d926172

    SHA512

    2909fe801483de523895e3454effe10631393c1c4317fe68dcf275a010cbb2aa092da3ca02b9abf062bbcebf9297a992aef7df2f1613ee748bf5fa34c6bcc8af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc0e5605602bfd8b9fc482d8963b7445

    SHA1

    30ed628c0d6d9f16dfce465955938f0ab321419a

    SHA256

    4f6aaee08c73bc0c2a9f212bb46885c65b07a515c01c2a65e42d02ece7a55c9a

    SHA512

    4d20a9e9d4134c94a7e36129d8568353129d124dccb16bd137daaf48289246ce6b349c3a57c39c7dc023b667c91074612f67449c5601d75afe5bc0e78f54e6e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed2e21f5dbe393b3aa5dc482cad2ce39

    SHA1

    9b495739ac78729109d6dbb7daebe881e8ceec49

    SHA256

    9e8d736004772b8ee12a9e20f185f16ae805999613706b1519ccc9667efda0b5

    SHA512

    17d7e5ff2910da1aebae530b85e39d971e51fbeeca85c53e5ff0c776abd829cbb171ea2dc8edb087d521c9042558fdc0795386e19b7d252c1366962b2f367f75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc32cabc4fba682f893c9526bc547746

    SHA1

    8aaa674814f375513ebd1f89c7d423ad6722b18a

    SHA256

    0a86f26126e9b0f80a311f2ff1d74c70c7a9ae847aeca241c496e10b290e4b7b

    SHA512

    de45a7aced1da0641e67f2ec3c42853fb7e42ea42e322a5c14175116b80be8c88dd828552c5a6bb96144b82f7f687dff609f5e598a35fd858086edc05503f6df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a57c416aa1edcc6536078f10662b2acb

    SHA1

    73936cf77f6a88f58ad856bc55825f0706b6ef90

    SHA256

    888bddace33898674869e8a0ae23000cb860de4bcc81206dbeb758811df6c711

    SHA512

    328490948127df1ce79c11e613881fc781923fa457ce5a60c97edaf5a6c2c8f02c24ea38d3a41b99149b00062230bddd9e968ef74a03e4059b59fd84bad40462

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91c936b0ed21e2852d95e7526d5bf55c

    SHA1

    73dadf37b48ecf05aa58e32b5fe22abe9c66b825

    SHA256

    f9f89b822bcd584e0a0f6ceb041e07bc1293dda9e6fa8d3f6a41f2679cdfe735

    SHA512

    9b07231c1565af9ae4e472471fa05965748ee3fb15590558d6c75dc20417320072d6203402a003bcc016847ea72a4a3bb7159415655f84ed31f76b15d1e8a306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b022226bb8a3643855b77cc7deba0265

    SHA1

    48a338f94204288ee78d954701b39085e5ed26e3

    SHA256

    2dbc44fb63aaa6634e590063ffdf5af087a87cf7e30282fd87692661ac17bae5

    SHA512

    38dbeb2a4e6fe325424136b1eaafa32baf583d663469f6e7bf9205a13246d017443397851fe300f751ad291ff9dec86a75af9a9d8300e9d8e9c5633f797bf61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75145781e2cff74242ca61dc698c9d1e

    SHA1

    68022ac0320fd6427a550cdd5d78822afe9cedcf

    SHA256

    fb697fdf59c1f5293b5378d5763ca51ca237335262787e5986c39d9505a1a49e

    SHA512

    e8762fc81b0578ccaaf6e67d514f481a065360ba9480d95f64c066d70e5c00aacb55d9010a4ddfe406e3e8f9984a68dd10b988cd1a5918330d6e69b9020d1c6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7986.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7A54.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit