Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-12-2023 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/8.htm

  • Size

    496B

  • MD5

    8fbdc282598a7ccf6ff892dd494ed555

  • SHA1

    46a5d00dfaf596ed5372b44a2439e97f641f3433

  • SHA256

    1d7bbcbe3bb82d1370c31c6db2a2800d53c3d41d307ff6db9603eb94a37837d6

  • SHA512

    1322092fe0364bfde18c539578fe23fba9adbf447fe7f907d9bf26cf91194de5c78de304e55a8c6e2beb2cb94e67e38af0e062a72fec0069f16a0b8a0fa68363

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\8.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:17410 /prefetch:2
      2⤵
        PID:4432

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads