Overview

overview

3

Static

static

3

老宫在�...1.html

windows7-x64

1

老宫在�...1.html

windows10-2004-x64

1

老宫在�...2.html

windows7-x64

1

老宫在�...2.html

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...04.htm

windows7-x64

1

老宫在�...04.htm

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...ad.vbs

windows7-x64

1

老宫在�...ad.vbs

windows10-2004-x64

1

老宫在�...r.html

windows7-x64

1

老宫在�...r.html

windows10-2004-x64

1

老宫在�...it.asp

windows7-x64

3

老宫在�...it.asp

windows10-2004-x64

3

老宫在�...on.htm

windows7-x64

1

老宫在�...on.htm

windows10-2004-x64

1

老宫在�...n1.htm

windows7-x64

1

老宫在�...n1.htm

windows10-2004-x64

1

老宫在�...n2.htm

windows7-x64

1

老宫在�...n2.htm

windows10-2004-x64

1

老宫在�...er.htm

windows7-x64

1

老宫在�...er.htm

windows10-2004-x64

1

老宫在�...ay.htm

windows7-x64

1

老宫在�...ay.htm

windows10-2004-x64

1

老宫在�...sh.htm

windows7-x64

1

老宫在�...sh.htm

windows10-2004-x64

1

老宫在�...e.html

windows7-x64

1

老宫在�...e.html

windows10-2004-x64

1

老宫在�...ss.vbs

windows7-x64

1

老宫在�...ss.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 21:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    老宫在线整站修复版/old/HTMLEdit/inc/MediaPlayer.htm

  • Size

    1KB

  • MD5

    16bad7af15295bbe653ca4ab6d19d2fc

  • SHA1

    a558a7b66fff86e4787edea371dd51b0dae7d7ce

  • SHA256

    b76d2730403dc9109575b020b90faffde0681e8779e65d6498ecf905a8c9db26

  • SHA512

    ac5d0a336554d2e8e6ddd8189f9a04abdf9bf8e06f349aed3bae6c4409b081a63b312f82c483ded655ed4f9123fe7cc290fdcec0761bcbd65259fd98ed74b561

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\老宫在线整站修复版\old\HTMLEdit\inc\MediaPlayer.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3918d6d841239ca01f7b42068d4bb8ae

    SHA1

    b6956551e4f36c0128070bcde7118321e5233c5a

    SHA256

    2a0da6d7cbce3225e38d727ec2cd7e91f607381a4de42151b59bdc9977060ba1

    SHA512

    637674a2a7230c6c3fd414661ae4a3170a110b337e3d4d3acc0af3264f4c400adef539b16e12a0bb0feb70e4dcb3e375eb010f5faa8eecd223e2a79495f38580

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8e8ce39510a096c0486841e4fc1b775

    SHA1

    f53e0217b610c113886dc32137e8dddbc45723ff

    SHA256

    d9e7f2d652bd4b150844d0aa8c8326b03d3340bb339faebf091df8157c8a907a

    SHA512

    b56efae0a57267fc2c0c9435dca6c8720c4ae71f3b694b8fa99a57b7a8b45bf8deefa10b7e758ef427320ab650bfa97891d88b6f5623b040962227e005c0299c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cdcb569996bb05aaa983f2e53c6e480

    SHA1

    ccf101889b411fe36bcab3d0e70cbc506ceaba0e

    SHA256

    3cf1d0416e7d10613da2e4fa6c6ffc1f4457e7b1760f268b4136f025d5027969

    SHA512

    45b490efe0efe31700cc84f09bd2c57136ef583797fa88dd28973038fd3669784825bbc2ac647be4f965df50c0e6aa6ba325bf7370ea054111c0da3d5a4fdf3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9adc4e771acf441b0bd52c0446932c1f

    SHA1

    7338a05e883be15024e314caa976281aaf1e7cf0

    SHA256

    898e980e79d71cb33df0c62e1ead3ed9d2ba9ce75f7e08de30a3cc8914368d7d

    SHA512

    6dfa87cfbc2957b8226f1af1e0ac2829fe51f34a5c61afa7879a3d354724e6c263a004fa6aff586a139bf2532ebae24f98d95d4a4ebee99ddf743d5c72584eb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edc4bbeb08351f3c86c11b3e67a259df

    SHA1

    564bb293061e80def5d9e3bd582a2d36445070fd

    SHA256

    ffdc334f5d5ce219feef91eb1abc3067958a28eeb5c5771c7f54cfc0baf2ac95

    SHA512

    63fd32d9ab9b26728ff867c49c17784d6b5969082440b74dc57821ff1bcab9ebc74e3375928c80d913e15fcc37d636584f73ed15bab30495b9864f8f7d75db01

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab52F3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar54BB.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit