Overview

overview

3

Static

static

3

老宫在�...1.html

windows7-x64

1

老宫在�...1.html

windows10-2004-x64

1

老宫在�...2.html

windows7-x64

1

老宫在�...2.html

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...04.htm

windows7-x64

1

老宫在�...04.htm

windows10-2004-x64

1

老宫在�...00.htm

windows7-x64

1

老宫在�...00.htm

windows10-2004-x64

1

老宫在�...ad.vbs

windows7-x64

1

老宫在�...ad.vbs

windows10-2004-x64

1

老宫在�...r.html

windows7-x64

1

老宫在�...r.html

windows10-2004-x64

1

老宫在�...it.asp

windows7-x64

3

老宫在�...it.asp

windows10-2004-x64

3

老宫在�...on.htm

windows7-x64

1

老宫在�...on.htm

windows10-2004-x64

1

老宫在�...n1.htm

windows7-x64

1

老宫在�...n1.htm

windows10-2004-x64

1

老宫在�...n2.htm

windows7-x64

1

老宫在�...n2.htm

windows10-2004-x64

1

老宫在�...er.htm

windows7-x64

1

老宫在�...er.htm

windows10-2004-x64

1

老宫在�...ay.htm

windows7-x64

1

老宫在�...ay.htm

windows10-2004-x64

1

老宫在�...sh.htm

windows7-x64

1

老宫在�...sh.htm

windows10-2004-x64

1

老宫在�...e.html

windows7-x64

1

老宫在�...e.html

windows10-2004-x64

1

老宫在�...ss.vbs

windows7-x64

1

老宫在�...ss.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 21:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    老宫在线整站修复版/old/400.htm

  • Size

    3KB

  • MD5

    4c3ce7cebd3a3ad7ee8a3227c8051961

  • SHA1

    665842c0d71911baa3e14eb519c04a111098423e

  • SHA256

    34ca4503cca7d98c93df283d91a2e818b9e3fb841dd11dfc1a96ce4d7f98163c

  • SHA512

    68a988df4ca6303a4c3d944f3b706bbe19ac200da5985a10e14643c056ed4ebdde522fc2e52d0684ff51b6a3590248519a5b200198310a9ca7f94744e05f7659

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Modifies registry class 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\老宫在线整站修复版\old\400.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f675134f785bd162b4287cd503aadaa

    SHA1

    ddd9c8e9f4ae06ec653ae1d0e934c7c8c18a6001

    SHA256

    825dd602abb421d95770f926954c0023c0c174e0afe2ce44d2ec9e4848a85c7e

    SHA512

    399eae3def2451f013fc4fe7ffbfcd20af7cd64d2e96aae406b63ae9fce44a3cfd26f1648c88a6163b609c4f332237d7d29cfe84bb438fa9b4c3b8fa1042f6ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf631cd2ff0f7b97d78afe509846f4b6

    SHA1

    46517d8400c31e2757509d8121cb044468ad6ed5

    SHA256

    f75408d3b3844b7033631a14c44b5458d7af4c92b07e0900ddfd8f65e317a430

    SHA512

    814f0aa436728441d90c8fa73e94309994d6a7febc93990f2ffe4a15f5f402ce91b7b2c377e63f18b6b877f09475cefc4dd8f8c51758d3118908bf5bffc1572b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd94ae02a7d83ff8510120cc8c82786b

    SHA1

    0ea5bd3cea8331b5ef025e18232ef04235f62a50

    SHA256

    34fae1d77276c29125c8313c51932c1710b0986bf0b4bc08fbbe3da3f5f9932f

    SHA512

    5aa23b463eea0b6c635f232f95d0f104468bc757ef5bd97979ae9de4f366ed37000216e848c84fb743f8d0cd856817f9ae386b4348198cc05d7122950fd3058f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddd1efef86a88ab997743eae9c9d3029

    SHA1

    f9d76315a233beb7e7b7fb34ebd6e23e8975c426

    SHA256

    bbae4e1809a3f6721b21515d1e2734867d609d12d5e94dc9ea88dfc7ff5584bd

    SHA512

    6c05077316ec3341c84b733f9cbde978077c95f45a1fb72ce7a9736aaa0f625a07fcee2ae3ee1f4b0a263b33680e6c2a1dbe7b2bd47bc22abd85bd08ab4355d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a995ee8dbdf5c715fc708141ad99a9d

    SHA1

    b60cdc76fdbb4ac027dd4386aa79abc5994182f3

    SHA256

    8639f16c23b5bb1f59fbeb7911b2655935a43ccd2c0e835c070f13be0581e4de

    SHA512

    295e14dbe2f297d8d92a15ae169d384e7b9647578a781ca5a0a855de4cf773ecdd7335f3bb7e37b2a11e703699974ebf8755d9dcca598e32fee84397a02ddf13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fbcde883d07904807a264ef3dbce549

    SHA1

    a3715a392ef33d283874c2697d9238e6bdc5af1e

    SHA256

    ee0f83079e4b12240251e46cbc30ed6c52ee1d16735e3dbc2158d195861c8e63

    SHA512

    d7b6508cbe0808b55d43b2aec4cf4a7bea8af93258fd11db8591e4c57f9e1d03597de07c32eb58176764807e5eb613de45bd9c1c2e90485220f0d5a3c01a0f9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    601da3162aa2c5f3ffadb805f491e231

    SHA1

    2bfc86d0cb8473dcd41dabdc6848087adf24d5df

    SHA256

    e886a66c65588747f15974f3a50aefaf8d9382183f15855b42bec040a10bee8a

    SHA512

    e0b1dbc8669bea38267f4e5470169ff83d6b5061f25d89a6f4a682b6589a18e908f2ccc41c759ad7c42956096aee4bc934aad5d91474a2dbc6afb0a2e89b0c9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ff6020a391400e7d4930becf71ad764

    SHA1

    7496cc8715d6acea2fbc4f157441aec4b012ee14

    SHA256

    e19679e11fee930279ca3b5ef623d0ea37b4ce39213c41f12f08becfc804a331

    SHA512

    9e56c04c6057695ac3aa2fdb16e157818215c2241970c65b3229917fbf992b7323609a275b459cb5bf2f19198ddcddad6f54e54a3310076a51759d12aaf6f1ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c899cfb451be2a90ba586f8434061279

    SHA1

    0c6d598d96251b6179ce55324e3264ac16bf6439

    SHA256

    f3dbffd7a3f5505ec70f187530233afaa34d49fd665a9149b78f9898424480fc

    SHA512

    35debce08ab5b61c11ef301b3b17bdeeca855d821052bbf7cd2afcd49c1096d10bb077846751585ecff10d6dac53d1fe7c4390a976c149a1a172ec240e9a5aaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11ff64c6984b269337a7bb6534ee8e41

    SHA1

    e703d1bb3a9711d8c93f14d941b98753bee39e7c

    SHA256

    77150c93d18563d1879b1045cf58742603c78ed6b5da7359f600dfe6fc31a039

    SHA512

    8552fd53bbc848c0895f1a1b420e749ebc98046a992c3cc42d75aa7221bd711c7f78e0ecf9f396acc4e7187eac65076e6525304e24099f906abe45e3747e201e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01bf1fbf950dfdeb477713edaa4cf842

    SHA1

    1db15d8f77a02aca00462f42f5bf53edf36d1316

    SHA256

    3f17375c9bab6bbd964c591bf77e3c9902f70b4ea23440c9a997bca154ecb00a

    SHA512

    926af7a12130942d3eb4e0b61d17503b00a79105489cbde9a0bcc56728b5cb78755803c0a27db64eda21843685051fbff42b9c93265bf0d75babf2d5046f9a14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12ddab8135bd4cf997802456da5b4bbe

    SHA1

    b5814f1e88430423c1d17ceff4b5278952cd553b

    SHA256

    e6972c73ae718fdf3dae733f8a8052d4c1a142b09442843cc4aed8c29decd71c

    SHA512

    b85727d3e36e73bb24ebd939d5bf9f87a54bd990f00802e689417a426e053b87dd07d8e29559c6f26254d0aa7635d0c4074bb5277c76a1394a03b06520950185

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60f9344bdb333306e96547121b282d5b

    SHA1

    dd97c30bd973899920798aacfbfbf872c8ec9083

    SHA256

    481e73441da2f72cce2b7b9a483839382b4b4cca33ab4935f41ea0db2421e2c9

    SHA512

    1a548750204f5883308304a16fafef67734fd17847c21c4e36bc7a3fdd41c994ec5a92290c4da1e8b5c2698d0217707a157c7113b066a7eef90bf3b0c12b757d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ae7d185f5b99b5e09795cc3935fe21a

    SHA1

    51a99efa5195b7dde7669ef7738ad4619211abfb

    SHA256

    bacdd4c9fc9f90b5e4eefb156d6610b5b68c7ad5c3cda7da1892add79acc256d

    SHA512

    3143a48e3f31f38aae4a28eaeb640ed470b9f920c9fa88af34a29eb1fb4e8d8b384ea74b583eb5aaf476d3068c030f9173002d5d6f8bec2e4d9273607e10e104

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4929d985fe7e59707262b1b5367a0156

    SHA1

    abe66fb3066fd97a127e13586716cd27860ec7df

    SHA256

    d3c86a8d94a712213ca368c0bad3556a234634fa37cb27e7f6a9d5be823499b0

    SHA512

    86f999c2c0a4e2427b7100b555bfdcb2081d174b858ee68d9c262cbe638a1da78f0ebcf3e389c624558b72b9bcaddafe8f8c46ff34e4f89977142b829c1c4020

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb714083bc9538cefb5d081583671992

    SHA1

    7e3af47fb6e663a579b70a6bdec373bc314013c9

    SHA256

    ecf91e7392fce9d0db0883aaeac5c822d53d2fb3fe01cae36532df92bba8b6e3

    SHA512

    2fdd05784be780bfbc4c7c97572158a047943dc4148e15b4bde063377ea5abadcdf057536277724e598aa517e18a2203663a9bf9ad61047d7b3eaab2b5c17bd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    240e23f1d07e70b7c1c99d599895beba

    SHA1

    f524dba0e289e846d57391a8b4df11072fbbe43d

    SHA256

    ed622fb212e00ae831cf2e925e7edb7cb53229286ae8a4a04cb1b6c01330fda9

    SHA512

    677cbf0eef6b9f4ca117133a8e71ff5fd09123b52e85a22ffce690ec9cd296519e1985714483c589f9327b806f2539f914df693d88e2d84228b65e42a9769d4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7962cdfac8d465a7377146a1f65fd6a

    SHA1

    c08203d2e45f8082cd0974ea7599090388ef8120

    SHA256

    7395362408bf8397cc2f5a236e296a7fd14b485812574ac27452fea4a45b805e

    SHA512

    c43c702cb4e8a35a3269953e86d3a02bcb4279b79c2798e1a7f75cbeb0647e3719deb8593324803d427c7f1eb5335b299438ffda1116734eb3fdd42c64db7a51

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5A3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC5D5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit