Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    130s
  • max time network
    212s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/10.htm

  • Size

    498B

  • MD5

    22eb177a8ee2f93c6326d32e3366f696

  • SHA1

    6cc7f48f90c28916f942a692d90bebe350739018

  • SHA256

    7742d621847cdb96a84e7be3c04b18da2f29fb4483bc6c6387fa038fb678045b

  • SHA512

    970e6a9f23fef656217bad4dc08d2d96de977634c516bace1a326ed43dcf24d04a7fc6e9164282d682d4259be25eb34557bd04cc711dca347ecc32e140517097

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\10.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fbb7461eba099d95fc8fbf85b3bab73

    SHA1

    b8313300e1fc659b33c0363477797c9e3c81f780

    SHA256

    a0139024e0ca00474641aedf2f7276a4671c389855c6868b5bc3c42db1e970bb

    SHA512

    d5be35a85ae1919559e553883e60825db4ffcba25b5e3181413cc4d5f165e14d86d15a95dac7a19be951e239fd1dd8cfe8e587222d460538601261be8eb6183e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0123763b15995e9d72ff361a7b087127

    SHA1

    06cb545b6bca307d51c5efdd29682c4f4ef03b57

    SHA256

    4b13f5ae8982ab08fb2dd5b51f8d0d33fdaed767e85e9760f392a683e725c644

    SHA512

    351e56f3ae10d2e7ce41963f26f93ad50f00b7e5395dfe25d77689fd40449b61e208e690060f67dabe0f98c6ffc3e9019dda0491ef59901d337645a848d5b81d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a6bd828d3e1017531d78c46daf219fe

    SHA1

    433f1df143f85aecbfd5de1abbca1e002d703f4e

    SHA256

    cff588c9a9e68c842045b85e7831a7fd5963d13af1f6695e8ba93b6282e87375

    SHA512

    e38bcce1775cfb8ace6a24847f47bf7cf56dc8395537237896e52fb7f7e2a0d6ff19d3c051f0d2ec665a4f903543da2405144a1141f6472ea3919a6a0d6c5adf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daee37e5e4673d07e107321b46e1cf67

    SHA1

    6b05f57dec31facafc5592a46ce262d6da6981af

    SHA256

    afdcc8ffee437e4aa5469a205c9f4a0fac032e026cb0b0eb31e12f550821a4b9

    SHA512

    e560e5a7171d413066e4cc3b3508300ed9edef4489d5ec207a8e807eec986bcd6a48b3557892d998b981baf2999ef4a2a31faeef225bed775e744a9e2be0cd6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b94c51e46f4e2ff7df323450fd6a87a

    SHA1

    b1962fd7063564720439d05596f7d3675d300654

    SHA256

    723492667063cf62c1b2e89240490f5380dcafd87a6346514f46bf73647028e4

    SHA512

    279c0d69a515857d7e747f268c6937a21b9ca09b77c97e1c9052972b212311607a6fdced8b6f6cf06cfc6193c0d571fbb81470971d7a408b704287a75f878140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e03facdfa6c115104c7a34d7231159ea

    SHA1

    61423b439addb5f023cbbe71e5299542297ebc17

    SHA256

    4a5c779b02e1ad86f39b3ead5ad0fa1626692008c1742526d602f16916a27392

    SHA512

    22de08089ce08f62577f1ea4225d038b91fde1c17194591000084b5b31de9495781f01ae3e97fcf5e56b3dce97531850848205b5132cad0ec90d7372f6e6e407

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab742.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8AE.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit