Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/6.htm

  • Size

    496B

  • MD5

    8fbdc282598a7ccf6ff892dd494ed555

  • SHA1

    46a5d00dfaf596ed5372b44a2439e97f641f3433

  • SHA256

    1d7bbcbe3bb82d1370c31c6db2a2800d53c3d41d307ff6db9603eb94a37837d6

  • SHA512

    1322092fe0364bfde18c539578fe23fba9adbf447fe7f907d9bf26cf91194de5c78de304e55a8c6e2beb2cb94e67e38af0e062a72fec0069f16a0b8a0fa68363

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\6.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cb7aa4722cfe0f1e6ba1eac8b9a93a1

    SHA1

    21fe7e8ec433eaa3e861d0e6f608b36662b2bb2a

    SHA256

    fff08a475fb6dffe6f4c46008f4bd0c71701518f917ba9b60c1a848169c89cc0

    SHA512

    1736499c8c801cdddcb095b85602033474f118522948ef63898875ba1a56e60461482ce6ec1a8f6372963f6629e002f3aacf8cd602e6ccd46d050a800f7ee37c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fd0468197c76830864a4a877e77f702

    SHA1

    1d4afed38ab9b0def22ffc53bcfcc706044b7ae3

    SHA256

    c71d0159bf6c37cb186eb503d298c4978c4497be48cfa23379fe2d73a4d810f9

    SHA512

    df9f5dfee162c5a556d1c11f7b44df985c30bc5c9a30112ac25a92bc33476a1b8161eb987ddb19610f74505f8971aa15d668b731d72bd64a14659fcff51d863f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c52c4d0c1e44a5fe1991d93a55cc7f34

    SHA1

    693fb158e7e4c3d5c0e9f40870c0efc12384b247

    SHA256

    7a21393e6811a3e6ba113d0eb62277fea9de49daff716e171fdb02132d6a3093

    SHA512

    a5474eb44e60448397ebdff60fa77d2c6df46831dd5e1ee0f38f87fef32bc2e0bcadfea0bae8b78da9ff421c805a1cd71aa87104c370dd9874b2821d4d6dc7d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef5660ae54967539697d065814eee7ba

    SHA1

    bd946ac014975f39ca5bc4355f70a7b905136a4e

    SHA256

    88c1e644c5d16dae75d21085cb13f7d99171e9a0f386c992359c2361b8e1bc6b

    SHA512

    90215f9559d04ac6c92a11fa60a0b6460a1daafaf36adf7208c280f0db145eaecea083b8a3ab65feb13f3aa9182dc717de3e332989b4c9893dc58d4d32ba9cba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    035c0f1506d9f4506d021acfae5ab5e6

    SHA1

    0c5a38de7ebd11f7f0db29b541bfe9454f66bbbb

    SHA256

    2f5241098f23f3ff8df1b7fb5b05dd9791d1e7dfc36288df5289205a18280154

    SHA512

    04a2f7b130a933912386d43090a61726380c1cb322502bcfca59afb167bad1f808e31bd9b06cd1a8a905a9317da674d931b0874754ae45f447a92f860308061c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57c70a133474db50c0674692e4c00518

    SHA1

    44318a52e7353bbfe6f1f5cb524ef5f968ff2346

    SHA256

    d18b1bd6b35425e99f37d5c10f37bb2bf59e3e3d57022461a68f15141c79044e

    SHA512

    d907eb46b742fe130667642a0b942fb4c77277412d76c031ecc6b2f6a998bdd9d8b05698d18dcc1873a71b1aa7fc3bda6ac2ac31233863623fff5b965edc4f64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bbd0c7bb2ccbcd86135352d436748c7

    SHA1

    3398ccb0aecce0fb6b3704e922ed62a8ec9168dd

    SHA256

    7f918b99871954eeee0d3f62d400367a74b77a1c19be186b507304f01e109e77

    SHA512

    3680e9f82f0acf7a987c2cc05bc41c50e8d52dbd533f42e501e020ea5b2e1887545a837c19061372bba25d4ffbae8f104bc79b72806ba747285506ead81912dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    707ae6220542d8319b93220e208ca681

    SHA1

    2bf724c07be2d6ef5628da84456dc38c4ca6a414

    SHA256

    ae37aa37482e477f5a3fded41a41c2d5b4d337d8da3fd6b3a02f218db2858f6a

    SHA512

    f1815a5bbd486196e6215d1623c484bfcec0e7fe8fb990c5a63e325770b2cc1fb34450fc62d78e7cafc82a5682f3936d4464e24e70dc8ce30a45b501f7d28f4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e02c8c75224be058922adc8e50c26f4a

    SHA1

    8285f610a4b01bd602e1b10ae834b23370428f56

    SHA256

    f9a7141ebe8d0a8230c4960a55394e7f4eecab6d83fb8a2fa7be7339a2f118df

    SHA512

    0113d71a893ac7515aaa0d482050ae9069ea80957bdb0cea9c25b39b78fab65de2998bd8b401828d3d800998f2d996807e9647f9d0caee6d8171f744b820b752

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c43029d8daa151389b11f386f105e26

    SHA1

    ad32e23d2fbcf3d1448faf220e39f43bf04d22ae

    SHA256

    744fac8358772306ff635538d7bd0a29a4edf43ea7532550b860f6bc4aced47b

    SHA512

    9a44d15ed247f20426e2a8bdeeda5d87c267624cd609f55a0e5d80776125addbfd0ff3f3d130cf2d91e9abdb57d499e9804b1cfa1234b5c9493283ac33541353

    Download Submit