Overview

overview

3

Static

static

3

老宫在�...1.html

windows7-x64

1

老宫在�...1.html

windows10-2004-x64

1

老宫在�...2.html

windows7-x64

1

老宫在�...2.html

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...04.htm

windows7-x64

1

老宫在�...04.htm

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...ad.vbs

windows7-x64

1

老宫在�...ad.vbs

windows10-2004-x64

1

老宫在�...r.html

windows7-x64

1

老宫在�...r.html

windows10-2004-x64

1

老宫在�...it.asp

windows7-x64

3

老宫在�...it.asp

windows10-2004-x64

3

老宫在�...on.htm

windows7-x64

1

老宫在�...on.htm

windows10-2004-x64

1

老宫在�...n1.htm

windows7-x64

1

老宫在�...n1.htm

windows10-2004-x64

1

老宫在�...n2.htm

windows7-x64

1

老宫在�...n2.htm

windows10-2004-x64

1

老宫在�...er.htm

windows7-x64

1

老宫在�...er.htm

windows10-2004-x64

1

老宫在�...ay.htm

windows7-x64

1

老宫在�...ay.htm

windows10-2004-x64

1

老宫在�...sh.htm

windows7-x64

1

老宫在�...sh.htm

windows10-2004-x64

1

老宫在�...e.html

windows7-x64

1

老宫在�...e.html

windows10-2004-x64

1

老宫在�...ss.vbs

windows7-x64

1

老宫在�...ss.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 21:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    老宫在线整站修复版/old/2.html

  • Size

    851B

  • MD5

    dd33c3eea3a925dbd3b789bcdd0da481

  • SHA1

    f7c270d20f2d42da305a669ed9ec43b6d8d42505

  • SHA256

    d2914b7d984d498e78dd04e534a02da8847043ed366b6f9c8af638318bb9fdf9

  • SHA512

    bbe1d45fc2bdb3a0b3a40e0f41624d73ea8c4683d7fc0822c9d1fc9d82d832b4acbbaa2eca3c1710b9bbbea57f1e9f0dec343bcb8d5ea8fcc6b100c1bdca25bc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\老宫在线整站修复版\old\2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a48f5afa76a79f36e0642a8fa471c832

          SHA1

          5f030d8bee1f36c7ea7172c5bd21b52a848eee74

          SHA256

          212525ced66517e62292fa7baa518d17bf7d3d04a5ae6b48ccb21f6e6a64dc5c

          SHA512

          a81030ae4ffb944c3b954ec5364c0233403c882e8f9617aac70387ee154ee4b7e7c0a4f067b95a31d1386d22a18403c21aadf08eac4a2f8a1337e1fa62cf8207

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fe151ef3958addd1f33175d8085cfc85

          SHA1

          f871a3e6cb44d96ea7a05d952c176ae121ed3ef7

          SHA256

          19fe087fc8315e1d5d9caf67ddd1fd43ea8c0b5e89482b63f332bd632d30798a

          SHA512

          7940fcbb36269815a80919f3ab51602e1853ff39d5ffa166b78d09c11364f679ef2fb38a0166a262d82ac49598ee0b68839590f791186e1d329d37d5d1155c71

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7ede7c78a935ef79f84836549020e2f5

          SHA1

          d3115f69ed130c42212275f7495162b763308cc5

          SHA256

          23f50fa19ec303e73737c140317212fa056ca5a2dce953d79d79c3c8be4b0760

          SHA512

          cd092ebf8d98b8d833721ecabd76d6a604f4ebb440fcdbcb0b41bea63656dfe7b4d517f02382ca67cc8b4f501c0bd200856c4d070bdf33a7ee191887b5ade09b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b83e7aefaf92e84d62585ad2544e18a7

          SHA1

          d0086e345fd6cd2d20a102a616420ce0ab596c2a

          SHA256

          dfa85e8e0807f5e0f4e326ee0d91af687c1b7d794803db681fea13473bf7a301

          SHA512

          3397341b36599b5622c5ff04c0aa61dd990bfde359ef4b87339455cb1d07a2b607f0cad68b7b351b2cff6e763b341ed749814f5aacadd8ec7aa33a6c1b1ee73c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5d2d569f99e93adbf6ea963550b90b70

          SHA1

          cd726b02e3852240f6b020d74b715e6142e0d348

          SHA256

          2edfb0eac03d36c7a3a531309497f060fc9ea548521340a0b1df35a89628a4ba

          SHA512

          fd59d1de647fd795af03e99978b2374646ee61012bced81fe85ebdd15af7ee681b3dce41adbbe298885210ab0028a9cd9369a8b05ffb19650dd6730b566acb66

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2fe894d08f75f804f0e82a1da0333a59

          SHA1

          6ea5bc86d63f141acc86f11bdecf1a2c94cbb0f4

          SHA256

          7c3711bc9dad8a1c90467968af700acc84ed66bf08ada191e8418bf5561b7463

          SHA512

          a7a7b6f0e1c3cd2e0369bfdae3f376ee7bb6be57a23234a951aa0f46adc1e99b677139bebdb275c478097846a323541a83a1c634188a7bf7c54bedc417c98073

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1cdbd165e60b3f6bce253606d1650c8b

          SHA1

          150bab6bbaa8bd226b6636964cafbf3811e6e3cc

          SHA256

          cab1186969d157dbc441f255c88e64393a1b6ef2507164dbe813de4019eb4319

          SHA512

          88761e22c91023ec0575b3a643b3e2f2dda1e2f8ac91c8b4e8b41ce97e8e7cca45262338249f0e4a77375cb293dcce55b37775ab9610eb81b9fd2c4d7f694f61

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          53e495c162292f696a9effda05b5d0b6

          SHA1

          07060856282c66ce9fe69dd3a014e896b7a2ad04

          SHA256

          2dbf98008a657752c46c1017f68c0b2e859ba3702bcacb366c40c019399729af

          SHA512

          a8cac8c0cbc14543ac3f9eed986539014e34c0ea3cf2688d52a48a97bde2aee1fadc8210c109c17a8131af4d70f13d660a4a0815926e26672eed3640ded8eca6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC268.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC76A.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit