Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://mp.weixin.qq....

windows7-x64

1

http://mp.weixin.qq....

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03-01-2024 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://mp.weixin.qq.com/s?__biz=MzA5Njc5ODE4Mg==&mid=503140252&idx=1&sn=4c5249a9024aa5cb6c8b780df4647474&chksm=08a37b153fd4f20338a80b4ca9c3c2f175e9501f3066409a430948c60f28f68839ee90a27c17#rd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://mp.weixin.qq.com/s?__biz=MzA5Njc5ODE4Mg==&mid=503140252&idx=1&sn=4c5249a9024aa5cb6c8b780df4647474&chksm=08a37b153fd4f20338a80b4ca9c3c2f175e9501f3066409a430948c60f28f68839ee90a27c17#rd
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2272

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AD5F118F7897046E8CA970AE6A6AB70B_9B8670363F58B4643EB28A4A03EE9887
    Filesize

    471B

    MD5

    e9c64e84b158e9d1525a642563540d1c

    SHA1

    4b5be23fe2fc14125da12aa146255500cdcb796b

    SHA256

    dad859281bac35c7fccc8af4ac5eda13af94d5103c4699a0a3f191bae0273b90

    SHA512

    56ab51504ebdcb97ace7c269c16eeb847273871ec36695b9164ae3c08b8708ffa2c0a4f9347b224d1e4718c63ef00e043cfa96953f9b3639d96c10ab641003a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28309891b410a2c5777a64c0097aa389

    SHA1

    2a7d55316a00bc23c6d9fe683eadf87cf0943cdd

    SHA256

    18624e127301ea42f43a61cb154e910c6db86de6d5517d27610d5df726a7b9ca

    SHA512

    2233af0058d6e295d7f88f379d862bbf405ee629912969c264c281d9098a0738305aee3d42d3d9ac1210c97fcc27aaa8487efe082e39e9ee49313c005da589c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fde653e1d32e4c1c329e8a3b69295a0

    SHA1

    a5a61d77d735879be408fb666cdb6ccc2ff2ab32

    SHA256

    22785980801332727f2525e45cc39067c9e829905209b5a8e938fe84d8e2ad6b

    SHA512

    7ac6792b6cca0450f92dbb0328052dc2d0520ab18257a71cffa7ed41132a64336d7a5671b168f42852ec813d8cb21ea4812a4a7050de1cddd37fddb1123d9d30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22935a6e1e184deafdf83881d1a5d9a3

    SHA1

    4c1bb0b27a794b2796bb6498d73b7ddeaaff8cd8

    SHA256

    ec7986ab19df7dcb6b9b1e4c27e6f2f04dd45108043e9ed5d6a5cd66bb23bc23

    SHA512

    d641ee8c2186f2a72faecd55cd0db3460630379800e49ef8f0a44e9584fd8366d4b772dad6628df7d4c38a0cdcd5419a644e9f175c17bb3a5f66939a1f2e4418

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56f5275a6300a947d27ac736a8a37308

    SHA1

    66000a5ef85163f6443557d769ccb12bb5cdcae1

    SHA256

    c600b48569816798e5e27e56bb38a47c90209d151deb8927fb3a9e433be9b59f

    SHA512

    02beb88df31d1c3691485379a15e9d0eb85f9040cdd5bed2c2b02c0355b5df36497c521879e3904511a1fca937f611330ec0a07bbaaddb09945f8609720287b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1461515480fbbd328c2ba89f07da305b

    SHA1

    0d185212bbfc20a527a253201bf9d1a86a6fb8df

    SHA256

    8515e6ef9bcdd6ce0469a26f82b604383fdf5ad8cc390f4402a7523f4be2b0ec

    SHA512

    db84cca9366315d8b82e502f87c87298a3af40ac72b939c0343e8c4fce8bc64624fbf8d8bee9e535d48018badb907fe78ff6b268f0bd8b15fad61d19e158a0d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afb6fba9760a4b342d2b778d12bd1b93

    SHA1

    d812041c15f3e174b9a9f1c1e8b0db3cde615345

    SHA256

    05cc50e5d8c70856463d0abd309240f53d558bb5a34ade8631a1c0a18a038fd0

    SHA512

    60dbb5196aa6c06558ccd077c60bdaa6121cfb5b6f4f4aaf6bdd494b19392af2e880fe97585334a8338d86bf69bda10f0eab41ae9b8d87735f8b127314d8d3f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39eadb6f5e4e5ce3c5b3716825d3d08b

    SHA1

    7c3904ed6d5515e90c8ecdee3381029657df1b8a

    SHA256

    dd131eafd529e5784bea3c634734fdda56828cdba00d286a551118b0f93cfd08

    SHA512

    231685c0d8c57609efc0f1029be866d346720309c2c381bfe39b1a1bc171ab9b602cb729157133b08b95eb239741ae888e76baf740abe75494c91418f511e577

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5981bcf60adbb687e346404f36a63ce7

    SHA1

    60e769d25289ba1f5119254a46a72b61b2d6f791

    SHA256

    cc7ac8d3748d7a55a166bad8467bed6a22f30f8be2d55b1a1d1e177d5ffb7203

    SHA512

    a248da3195cbe2aa92de81ebfd6f776a01fd252bb3d37149905937e026e98e0b869141da7e016c7f65f61488dd1d8a42acd7c6be670d063e6901a7208d50e2d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ffe1f3608cea76f58acb500146a9053

    SHA1

    063d48997b11fdea95870df7c15052eea2d1c736

    SHA256

    649d32b4be39c682ba713edc6aa5175762747221cd76e0463081fcd4fcd382b9

    SHA512

    b622e4596d4e8d6bfa4d5d330ffb41c2d4d6e3ad735f476313d742799482f133df25493fc77f40daed8000052407dd0983b526b1ad6670a24ff5902cfd4584b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db96b539a63f419b3cdcb87133327f31

    SHA1

    fd11a0ea7019b646367db9610e1f7fce7ba64e2c

    SHA256

    d9fba3c3fe91e36121a8f65aefd74f2b4003434abf97b61df9c470a1acf6dbf1

    SHA512

    890856d50e997c412effd3249511d0cdc3fb2dc67f28641c1e4a8c06668449fe329ea6e6b4f606d0d1fbc928c842d6783254e4ed7a248133da4b7e6238ae476c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ca98277939f92b03fdbe83029349fa6

    SHA1

    e9811ba22c7c95e4d9de63c0fbd5e87bf69993de

    SHA256

    a7a22ecb7e3a0eb5a99d40e1125256e92f4028d61af1059736a9c143e59740e7

    SHA512

    5470d69fa2083ab6b791c590f0c6ba1bedf8949584dfe4c62f288e881b32bcf32dd8d0b775685631de7c744b5d4ee174fccdf2e0c07503b0b79200db60da68d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1291f10aec5b9ad642fee5c07ab68d9e

    SHA1

    8f2ac945fb5ce8639190025e9cba32f2ce79a942

    SHA256

    529b636972217cbb4f867ebb923c66cc5a98427e354dbc325ac524f884e1f6f5

    SHA512

    a724bfbab8d9b7b3923c0e44d9df7bf5c34ecd701d0023fe8a7138c15a43d66b30efdc296585ed59c9c67415f0f19fdf2d1cdc2db46dbbee40169c65ffa5874a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e435191d392ae857ae3d98af033ac153

    SHA1

    330234331979ce4de9c3aefb2c6ceb3bcfc48102

    SHA256

    5983032cca87fe7a86acc8c08fef3e7e9e71ae842178a225e6e992891657b101

    SHA512

    7c20b5975908c01722eebc48f134eb32dc3b144c9ee1d55796af86be0f31ea4174ff37dbbaa38deff59457df57682806de4c86e2e0fd4b72e09bf3b012bb08a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78d59465a8b9bdbef23767aea6ceab3e

    SHA1

    24832af02d1ed80cdf1c772d5eb5e43b78335cdc

    SHA256

    e06b0988973f30546ce51f818981cdec2bef91d823dd272b1f65e3a30f814092

    SHA512

    ce3d0b9e5359529a61ac7010a122237fdd83730bc711374ee9a497d928e494526ef608546065b5bcf890745313e8b190349ace6c30c0544b18a18cdf99ee1230

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    071194c54f42781b353912a410b75a5c

    SHA1

    b674b8b86b3a31e4e432ab0b8311c7a2eec89009

    SHA256

    c666a6399c73fb2b50b25c76be8ad511a1bc0b1a7f73e10fe8f392cf4ee0b13c

    SHA512

    c68cd4882680ee2feea389b86698361ccd85a7ed3a87f8517825e5a86d653cc6900a95e3f637536e140ccf1218d9b653506f7227f7b71db3a466dae305e23b59

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\VA9842XZ\mp.weixin.qq[1].xml
    Filesize

    663B

    MD5

    3b542c70286f5e83d94258fb8f14fb68

    SHA1

    a3d928117ff9caef05bbd4a1f449e28005671a58

    SHA256

    18000aa11b21ba6a19acdcc9f4aba931bdb0eba87e9fab65b7064987f9d83575

    SHA512

    49c3a08cae914f80e30ed447184e5604b0cc48c0941e6e0ae07ba0e79547088570341b3ee4f7a47f497bd083fa483fbdba67e05d30b3febebe43cbeec5310473

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat
    Filesize

    981B

    MD5

    ccc4a1a3dbb1b606421a6d60ce3652f4

    SHA1

    e60e61a17b44e23e30298eaa5f5dc281beb2c0b4

    SHA256

    12a5716ee434920cfaf775bc17fd9457d34b3e6c0e7c087e933aa8020391bf64

    SHA512

    76279a2094fca0221ed322cd39ac7c5f1a56d518cb6e795be4a2827decf5c983bc45822d9d6908422dfc207bd09d01e40bb24c784bb03b428342abbc986f0dbe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\NTI4MWU5[1].png
    Filesize

    827B

    MD5

    5281e972ec463897022f56464011b5ed

    SHA1

    2a719c124449e0c31a0166cea7867bb1a44780bd

    SHA256

    a62d7d84bd02b1718106d294d1f2c8387f9967239696c1e8b446201b63f34dc7

    SHA512

    d5fc5821a1ba50f444665b01d3004ebd7546ae6b6a696c80ca4601c1ecdaed6632342381711055e65b86703d103bb38abd3a591fb21254ed4c934f0e41968b40

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2F0D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4ED0.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit