Overview

overview

3

Static

static

1

IP互刷�...ex.vbs

windows7-x64

1

IP互刷�...ex.vbs

windows10-2004-x64

1

IP互刷�...sc.vbs

windows7-x64

1

IP互刷�...sc.vbs

windows10-2004-x64

1

IP互刷�...B.html

windows7-x64

1

IP互刷�...B.html

windows10-2004-x64

1

IP互刷�...ws.vbs

windows7-x64

1

IP互刷�...ws.vbs

windows10-2004-x64

1

IP互刷�...ut.asp

windows7-x64

3

IP互刷�...ut.asp

windows10-2004-x64

3

IP互刷�.../1.htm

windows7-x64

1

IP互刷�.../1.htm

windows10-2004-x64

1

IP互刷�...10.htm

windows7-x64

1

IP互刷�...10.htm

windows10-2004-x64

1

IP互刷�.../2.htm

windows7-x64

1

IP互刷�.../2.htm

windows10-2004-x64

1

IP互刷�.../3.htm

windows7-x64

1

IP互刷�.../3.htm

windows10-2004-x64

1

IP互刷�.../4.htm

windows7-x64

1

IP互刷�.../4.htm

windows10-2004-x64

1

IP互刷�.../5.htm

windows7-x64

1

IP互刷�.../5.htm

windows10-2004-x64

1

IP互刷�.../6.htm

windows7-x64

1

IP互刷�.../6.htm

windows10-2004-x64

1

IP互刷�.../7.htm

windows7-x64

1

IP互刷�.../7.htm

windows10-2004-x64

1

IP互刷�.../8.htm

windows7-x64

1

IP互刷�.../8.htm

windows10-2004-x64

1

IP互刷�.../9.htm

windows7-x64

1

IP互刷�.../9.htm

windows10-2004-x64

1

IP互刷�...ick.js

windows7-x64

1

IP互刷�...ick.js

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    176s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IP互刷平台 v2.0/bbs/9.htm

  • Size

    496B

  • MD5

    8fbdc282598a7ccf6ff892dd494ed555

  • SHA1

    46a5d00dfaf596ed5372b44a2439e97f641f3433

  • SHA256

    1d7bbcbe3bb82d1370c31c6db2a2800d53c3d41d307ff6db9603eb94a37837d6

  • SHA512

    1322092fe0364bfde18c539578fe23fba9adbf447fe7f907d9bf26cf91194de5c78de304e55a8c6e2beb2cb94e67e38af0e062a72fec0069f16a0b8a0fa68363

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\IP互刷平台 v2.0\bbs\9.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2256

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12af19bbbe20bd92287a43281a87c665

    SHA1

    94f54300edbeecd7ace4869be3e50ed2491e3006

    SHA256

    b1e0cea3887bf6560685904cc76aa86ff0699a42913bd5a4c77f136b35e3edb6

    SHA512

    f16fb70e7670f94b2eed124ef4395c13b0fbd01058574ef07efe3b71c2599c871746d53824092ba64ac5d6706313a5251270e3b380ae0eff1fa28d978afd6a98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f192b5e234ee56970dd51f586f15197

    SHA1

    d4ecb8721e9362f14c282601940bb0f68cc9ef99

    SHA256

    4ea7717a4af39159071bb026742787adbe3fb512eed0c39dd644032a0b8a6ed3

    SHA512

    813765706088b5f7406149d8bad26f69b3bc56fe82c1fef12547bcf9541c5352335794764baf9a37c0f4159fd93d5b293fcdfd04e8db3c8c4d97d8a8859ece7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a23c614385e70d1d4aabb823f8bc210b

    SHA1

    654729920021c663e48968d898159ff30006e992

    SHA256

    3e14a146a1719a50fb3c6b2917b6d8eaa88ef755d8fe071dfb2d556e47cf02ab

    SHA512

    b0e9c37689babcefdb5cebc1370938090d0d05e8717e0b0ea07acbc505403511933ab4adf13711c8b1c24426d3937333bf34792a62ae21883b1db21530db4b23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c06e7a976d8172f9f2aba1cbbb7e6167

    SHA1

    4b125550d1350fa32fb7967613c102c4b54573ac

    SHA256

    66e62a1a047e639ace9e333a14eacd7a4b5ffdd916141b12d94c7503747f59cb

    SHA512

    bcce65e4e2448a856c3891fb6e778c437e0b3ca7d2932ff4b4b47b6e44ad95ce2695e20d7fe466ec2883db60b38b182816dcd96d44793cec802e424e0bbd9aba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32e25e93981cc2cf8d0e897cf5080e14

    SHA1

    a3fb6b4c61ad6d4afde31ff59f17b9f3ee9743c9

    SHA256

    01894e2bd90d69fde4615b2766b02019902c330da27117789bef1033d1b44ddc

    SHA512

    93d358ab5d3a8d06b858ce28b0d9f822756271d538afa9112d344fa87c0300ca8690a12cb16f7f315c9715f8febe1bf4bc9d875e99406c11340d7f24faefb370

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    603fcdf64aac4757b67e524cef39b99d

    SHA1

    96cb11ba19f4ed7642a1c9fb8f7faadabb5284b6

    SHA256

    2466de25bda4cb8e0507e3c2cf3a17add21a1d74bb411ac6afead088bbe43ee3

    SHA512

    156936defe950dffbfb5058a5fdf661fcff973d4919c0153e1b993e75cb308e7ca90b72a58e3688469e827bc4eee87bb6b7007aea97b10a1ee8d1c3fc7f5ae3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71111ecbd905c3126c384e271ddc95b6

    SHA1

    b9a9d78405b39e024b24454d2165b1050e02629e

    SHA256

    f01e94c6b06c0cd19112626e76206662c4ba8fa98005a0e21de00424a83bc9df

    SHA512

    bbbb3d32717217078c82cfc7633d5313d65308e12bf530243c5b309e74947af88240ba4787c38e49bb8cbb5a130aa47bc2f034558813e4d80bf01ad5fb97dd25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d6511a05bacbb8f19008c5812c6866a

    SHA1

    34eacab2d298dfdb4169943da4658689b54ad3ab

    SHA256

    95e42e863fb53cf1295caef6d16eaeb1d1b4cfc3de4343511614cb40d85cb25d

    SHA512

    f4f7ae976d6c7d53eeee3d97a7b316ed231b5fac6ab67145f946a9ffc2c09bce2cc6e2ce6a80bc0debf5fa568d19c6d540376eb91ec92352832ed7184116265e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57af8acd6c0cc7b04c49c16a45b7e295

    SHA1

    7f7bfa128dc3b004a101f18c276d590055cf6378

    SHA256

    829f86ac56647389bed83e5976e7108d79b0fbb08c85fc474a18f5652ddc1a3a

    SHA512

    91b1f37808135cb9b16692901bfb6e4c79a9f6f58c6e8448f751076d3a58127657c5f40ee9ec4f92ede3ff1368671466848887fece2433dafd1d23089690e702

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd9679be6c3e7db6ee397696e7edec46

    SHA1

    361bf4d725bb9ea52144a2a68e43e5f27a8c2b29

    SHA256

    7c564a36cd9e1bf701fbfa23d116a47a1e4b6d0f12ac36cf59931843fa9ba78c

    SHA512

    eb79a55a42751594fd3f036447417848b3d4a06b6da04af98b651ee94c73ee1595b7b90b766beb2bcba9b408cc0636b6d534e6ab9477672cf1efa358ce89386a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f00aace5200a239d96e9f6874674f916

    SHA1

    95ebbb9a7ccb7dbc954f7b07b292dbca0a0b44e5

    SHA256

    a0f2913ee51f5b93d2eedb4a5d49e7ecfc90cf6e98b85b1fe723b20919212e9e

    SHA512

    8927d647eb4801d16533d0a060931e7dd33a017bea3bce03a29b4be79cb817561092b78285f2ce3fdd986749b66847c09241f8ec0f3354f6bbe97d592fb1cdfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b5f21175930df786549391275fe71a0

    SHA1

    d0f2eb423113f867bebc9b660d7c256d5c9737a9

    SHA256

    f93c06609f97a328e429b69b653d136c25e631bb1c3ebbe38e1385d50559ca16

    SHA512

    42626e0d630881ba85f4b06ddbcfc17429f877f2b1cec2d7dabb6fdb59f1294b059ddab45fa49c2532a3fb8a305353d9f91acf8efb0202b281ce56692e3a9f37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a2e8541af79ac519d7825722139ffc4

    SHA1

    d4dcc9fcf9d31452a0987273af83f4366e48cab2

    SHA256

    3160c6fd1922e519556d7943d16be5556c0101324eac71b6b7c4dbb6e5339f90

    SHA512

    6431ba2cc3012312b627b8412e1762303aee26e3b71312c82fa9558ae986e95e0ec5d78d94f27a825d81e46fc6d169adf4a201e8d88819aac9f19b7b2937c190

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0dd40966aad6fbe9bc2822c431e4b757

    SHA1

    2cd01e1bfd4d9358262a91171b1d3f9e454e5050

    SHA256

    bc009d02e5abb7c60e420f4e838dc4f5fc19b354342b8ffd8cd430142e8f7d79

    SHA512

    d651bb4739f481f2bfdfedf44a139cef134cb6fab52a4b8920f9ab4d86ff63972e2ae1fd5829033a4b50fabb60cf305602408375196cd3ea635b71bd392b119b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6AC6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6BD3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit