Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/5.htm

  • Size

    498B

  • MD5

    22eb177a8ee2f93c6326d32e3366f696

  • SHA1

    6cc7f48f90c28916f942a692d90bebe350739018

  • SHA256

    7742d621847cdb96a84e7be3c04b18da2f29fb4483bc6c6387fa038fb678045b

  • SHA512

    970e6a9f23fef656217bad4dc08d2d96de977634c516bace1a326ed43dcf24d04a7fc6e9164282d682d4259be25eb34557bd04cc711dca347ecc32e140517097

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\5.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dd9a329a2ba5ae0bdc90cb11c7564a8

    SHA1

    5ff7634375313386cbfbb62ad8e4ae8e0b250a33

    SHA256

    f856fe7358779a56d27186cef4342f12da25df3d200b4736fc71860f690d87b4

    SHA512

    4ccb68f76fcc88e65425146cc7f0251549c211af74ec78b1ea181d283982b1da42c2c0dac58ae5a00eb03df51e48c122867c16074070df30cdb88124228dcfb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9db2ad3f531b4bd0ee0ec930ec6bbbc

    SHA1

    c335814f6ade12f6845329b8b86269011893d37e

    SHA256

    400a4a8a573c3271d23acd8e1502bd95e59c0bc84c3616c88ea635922a71ab24

    SHA512

    4da6afeb53c26c30783df32c1ef3f90824f184aa32532d8678dd3cf892606b6bfc531d6be749213a255757e5b94036f4e81d1877da556bd0b000c31910643f79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4eee1c1975bddc4ed703341a95a1d7a4

    SHA1

    5ec43de7c1ea0124822af87102613e0a140e093f

    SHA256

    c3eb0b9769e032db4290b603562e1069e02d0055b225652fa2ba8b5f55ecf993

    SHA512

    b261a1004be429b5a0303363ac97daa5a174c9da16bbb02b870e9eba2a2e250a1816b617a37f3149715e1ce61db5d4b29eb820f29ee64573bdcf13bd1291b364

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9c0d191c90356f19acdd4c9e8189363

    SHA1

    9cc837d97f208345c3dd77e5ba14a141a0682679

    SHA256

    54a38028b41903e34633841426f9582f9f4412e24665783da4948d3f007af08c

    SHA512

    7ed5127781471e9183b7de82f3bde5e4b442db4f2df2cb5225d888f94f6402407bf1d6b4d1e2c4d3578bfbb5a48f50005e9c9f45302b17e54fdc4e65966079b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdacaf5587eeba9be15d6b8403705a22

    SHA1

    6385d270b6758d9af998a0038c1308d8ecdae4eb

    SHA256

    f5c8c360eff5e47c86c69e3c42fd65c16c1a937206211b04a6cdeba54807c4ff

    SHA512

    45eea4b127b7e69e3e4ef28eef3da1af5f3c5312d7ce507eabbfd21997cb1fc7e0649840541d18c2b238048f4f52b802bf08810d1c1c1ef4c60e5885bbeeb73f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59705b5d65c18c4415e46b94142f9d17

    SHA1

    17a1a3dbac6835965c966a35115e51fd1abf609a

    SHA256

    f32cdaa81a932572a2f4a0c49ba2f0f70e26962d99218ef3f4297835ac1a413b

    SHA512

    430a868d2f97513e595ebecb373fb2fcca8f49c204c035438fcae3b5270e0adcf091357f47815bd6144deb5b776d3cf868c27f95ee699f98acb3dc1b0779cc49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51d008049b5260a7186e6656153a083

    SHA1

    c90268beceb9ce1668995afa6b4911b9c624b7fa

    SHA256

    cd9152c50d8fa5d83252f3a08d3ff25d77bdb57bd77335a7f6b96579231d8849

    SHA512

    4e2607ba3924c8802ba98e2d8416e8b7574e12acd9b258a22456b4dde595e5e8851deff93a891c7f546fff5d12cfb946e63a7af4e7e08a71bcf134b52791028b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c4cc1d0780144600d4944d4f31a5072

    SHA1

    1b27c84434b723a705d4017dd132e6c0fe9a87f0

    SHA256

    92e2f19bf04cc2e04174a6ad9dd18980a22af866335552dc9f4dc98948eaf2ae

    SHA512

    7157cb6452928f98ee945393d590f35e8cc564701a0e4e82e1a79b6ea9aeed7d33e5ba85ed733767eff5615b3846af6662ae88524441b81f2477b5c701df10e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6bf81ec82f8fb80781dc666567b696a

    SHA1

    73c20d945e9d66d8cb116628d5b19dad56e8f4c3

    SHA256

    7b5ff3bfd1ec359b958c86772ae105667d693e1384cc489a49a1fde284c48e96

    SHA512

    28fb178d72008a243c49e690f760812284694d0fd6f65f4d00af280264fb3f8d0fda930e86b22b320b9e7bff97b574abf5984a9771cba039a08419e1c291aaec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0aa41581af67ffdbca8472b2298c647

    SHA1

    4879829e2467284c66d66e1c170d719cc7e3029e

    SHA256

    f168033169a28436b8e80701e3b5635e53ca7803e0d3f70b35f158c74f71ee66

    SHA512

    2c119148932937ad785983d4234505b957b7dbd624a92fc7bbd17129b90d7421e6ea91757b65806884ebe20fbaac85aaadbba6f6a9f0607c193cbefaa39aba9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4bfee50ed47be0d71f8bbfef000ece7

    SHA1

    11b7b0377c72905763dd27b9f0b61d091f2da8ab

    SHA256

    abf58cc26299a549209143fa91c7862de807658de90b2bd139352f0bd7c796fe

    SHA512

    1e32f0890222646047b978a2d4eb004dd26c6d253a5a2bad87ec210f148e242912e91455f1c6ab7ade3222ff5315a9e5abab2eb3d9c2be3cf070828d39277f8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61d3ee8b454b6127c1223f2b8fd227d7

    SHA1

    f3542e9f1c542cccd4144b2bb93c7d68b7e7007e

    SHA256

    f383475cd09a7cf4ef00d1f39e030f2063494aa64d5a246c66b4a5e443cf9bb7

    SHA512

    a6c92134c0cba69308e78c8ad504afb9e4254078cde3ea7fe2f1406b8d00c5e32fb32f19a5d80c462cc20dd89bdd39a9e32264fc6654445c05efd19a15b47854

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    316bf7c13b327a3c65f28f49130efab2

    SHA1

    d84e473d5dbb01c549515017dc8dd6e5cd06e554

    SHA256

    cd6be98ca14dd014f3bec2c3c0752940ad2fa62382d532c5b52ec034af1b3e4b

    SHA512

    e99414c7cd56a4acb24cb39dd7a5270da37d775b52cfb8823cc60c64683dbf7bd775619044ac420c2fc1a5596a09d5b3fb7e2327bcc90f440556b49e1566b262

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63cdceae5b48557f27c60e9b753e32e4

    SHA1

    8c8fc59fb9952cb30a0f09c8d0a53b356a747602

    SHA256

    2f4610a4568989317599b8a710322c9f438422969db07f4171ad11172600f6a0

    SHA512

    bcb84323da04e721c173b80ee1ae807916efcf1030eeed4280b54a9518d0e791741e3ca4c5d2ab5fc1eb0b243df24100877fd0e2d3bd2a4194ca112d2a36fa4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    961204c6dc69e34e890eaec160417612

    SHA1

    c48bc7bc1581adbeeffa351a55695742d398b420

    SHA256

    adbd472912bfaed3c795e7d62aa6c82ed6561300ffeb37f3307f9c876d7f7a91

    SHA512

    7e6c427f6e9083ced3dec756b27c61af6c78b3e65f8e10df53a43d996220889028d84683991c49423eb134d741864f8742e62c7b06b32cf5107286913ec7fcf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fa295aa84b334add6867e145e675ac0

    SHA1

    820cebb18ae3feaa08cad2fcd5ae64b59e9568f3

    SHA256

    defefd407b46dab4819d60dbd67a37079cc3699ac725dfe8f4062f16667ed459

    SHA512

    3801ec6c4a4d6cae25af896f703d4fb0e3679d25356df8e7bc4137462c129d8324a4cc907e4cd3bca1d88c51e63498bc81eab40b59614ad3027240234d0ccc1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0058588ba0ca85371f2a6cd461c60bc6

    SHA1

    621027ded7df1deedf20b420ee0e832d64567b5a

    SHA256

    8861c8eff186ff85a229a3923b4fc8fc50dbb99577e74daa9d36d047643afb9c

    SHA512

    c685e0162f83613469adda4ecc63f5624e8a869d6f66252dbf520f0033931e24dbf35869c0c90a715937e22fc226bdfe6b6113bf0b4993b5b5c04da15ac397d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7B88.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7CB5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit