Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/8.htm

  • Size

    496B

  • MD5

    8fbdc282598a7ccf6ff892dd494ed555

  • SHA1

    46a5d00dfaf596ed5372b44a2439e97f641f3433

  • SHA256

    1d7bbcbe3bb82d1370c31c6db2a2800d53c3d41d307ff6db9603eb94a37837d6

  • SHA512

    1322092fe0364bfde18c539578fe23fba9adbf447fe7f907d9bf26cf91194de5c78de304e55a8c6e2beb2cb94e67e38af0e062a72fec0069f16a0b8a0fa68363

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\8.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87e201bce350ac9ed7ac3614575a964d

    SHA1

    20b27b94adb67ca9d85e6d6b1461b5ac711176a9

    SHA256

    357bbd5c6ebad9a9da8297a69d6ef63157d2aadbb32a1c56645a291aa53cd66e

    SHA512

    561a585312d0b07df3d0314f4c4eb13de04334d70d31f3f5aebe92e915dd1ed1b3dff3ee3ba28704090041bedbb5de8084f6c603fdfeea1e7fde13988f32fc27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4139e2fca39ca2587a235fcc3855b677

    SHA1

    b0caa11b3d829676a019746bddeed498059d26c3

    SHA256

    fe9aac93a02fda0d04bc21ad17dabf745640c8dd76bbf92993b83c95ea3b4241

    SHA512

    1ceb1283823c88d3a7ca5e02dcc320af34bb02c53441fa68043cadec0623ca905f8c03d18cafbe9e38f8d83c386c48a9835d7cb57d1e9575e8218b6e5f2ea579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0e9f380b8480c8508fc298d7c946ea6

    SHA1

    b4031549743f4ab018d04f15474b3cd6a42e9f94

    SHA256

    871be950b479f239763de4e008208449f0e5d00c8516702f6b7df7834db5654f

    SHA512

    7a3d8aa613302586422ce4fd31084db9536558732a1737642a3a9315839fec0960a0f65118e283df3cbe725cb5e237193bc8e39ff3a51864afc8e3cb615f06c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39211f558ea9b20d0ac072bc61043e2c

    SHA1

    3ead76516bceeff46e8f3ca6a3a80e90d2558b5f

    SHA256

    b6348799d1800df2e2021a9b7595e7a5648140d020f4750caf2094b178bcbcf7

    SHA512

    ed142b523e554624d1da9be133e21b607e88668e75f472d151b14f430f35e9d81f4e107a73f720c9d6e941db0890d20d22cf794fe54cb1be11c1c655ef07c05c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e83f8e6749970ea388dfe217448b6a2c

    SHA1

    324c59c2599ed97653e0b1d96e1e0edd33e572aa

    SHA256

    a86723843110b48b15c5688e2b7657854b92e0aed0a415ad743dc9048e658c46

    SHA512

    f6af216950d9070dd241ce1ff20e5b0334d1bfb7524f5c3fdae09e878e621d81917cb0f4ff6dc3129ef98992328d1fce05f132d78f2698d68cecec41a35a30b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0dfde4a9b2c667a2310ff3101fa456d

    SHA1

    98504b166c17570d8f0006b1add172bee5600401

    SHA256

    a53e73ed276eeab1ea516178f3e48bf52f97438f8a7b2b4150c61a57a5521aca

    SHA512

    9fa4d7a41141243fa871b7e43664a6e5a9176b814394e07fb23d799fd23a36380ec4461a3cbad6d66346ef65b18308534f39f1985c2b94f34ddb4ad166233708

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecc97162088f15d6fdbb979d06e124ed

    SHA1

    0f044c351c7ae9f95785b8692913a63827cc805a

    SHA256

    ac09f1e635de6b5fe95815957224783c7d0d32e75a58a3768c8154efe4c4892f

    SHA512

    34d90b6474dc0a4be78a602c7cad70be8ccf5bbfed795b05ccbe596204179ec2b0655d591de1d1bfd131e6f97105ff0869a50bd6077ab5e554ae2df65ba40a6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3c01da8e9574ffd5eb03529b5ea490b

    SHA1

    3e654b34e193020e115aaec905482c03e55d55fd

    SHA256

    0720d4fc8de570ca96a3e4cc09f398b18b0ff099fb153307364599c8ac189598

    SHA512

    ee0587c00906c6a34679dfe8f6ea074d187ee256bc6d6997a99f18967658bf66f8cce5d08c05e96459989287c7e9dadc855407b40cc143e4a0198afc92a7d583

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d070cf6d1f6fbf1923f8b828e6e6bc68

    SHA1

    503d1055292a6b30d24db6cdc8bf9ebe0c0014cd

    SHA256

    8d08a5772903840504da786f81852a72e0b6f0c7d034f13fc75265136bc3471f

    SHA512

    5e6ddcfaaf3dbf61907956cc14bf289bb7c96750d68d28a5cd89940d0d4ff4c31dccc80527cd0e6acdabcec86e66357c3ee2df5572bb68e568fcb590a7bfa508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e5dbef47844bd18474d110cf65926f7

    SHA1

    172794b19b2a683ad5d26b0b5adcb41180994fbf

    SHA256

    f4d8c0ca2fb9cccae6d442ec068716ba0c70154943f064909de3e73e023fc32b

    SHA512

    66f3e6e6a90c7ac64ca1f8ddaa1e28233ed1773a4bd46054eac57a6b0d7ae786c30458cb7ed425a5babf5ecfce2e2da3f1d02d74c3bea02f30abdf6fc326f5c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0328f1e187d445ea8f8263a920e0d08

    SHA1

    41dc65a275319dbab3bf4a0ac67c9388e61fc49f

    SHA256

    7d4721dd7b428d2b8b9840c4a4bb947de9a85c7c44dcc76b9dbdae5e2cd38244

    SHA512

    ab817878c8eefb21a618f16b56141da9895b65e793a82ffa38c174c1be9d51c18226588215ca008a219158f5f5cc472ffeeaf91a18dc4c79a061b96fcd0588b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    00392f3940d5777efbe2e644a2d30771

    SHA1

    277367b049f551c499ffdeeed775eb83e3a6d54a

    SHA256

    74263943d1ec4fa7fe4b0798f3cf90b62dcccc75f05fcdbf06287f5d1c13b59e

    SHA512

    26f7a5b90e06092e4f317cf12502203391a8e6dbf0a4fe50f7960c2f13c124b3cb34f9b9dad44253f5db83d3f147e1364723d6ed2b9f28337d2ce0fa8b1f797e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBED3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit