Overview

overview

3

Static

static

3

点锋高�...uy.htm

windows7-x64

1

点锋高�...uy.htm

windows10-2004-x64

1

点锋高�...ter.js

windows7-x64

1

点锋高�...ter.js

windows10-2004-x64

1

点锋高�...der.js

windows7-x64

1

点锋高�...der.js

windows10-2004-x64

1

点锋高�...ll.htm

windows7-x64

1

点锋高�...ll.htm

windows10-2004-x64

1

点锋高�...all.js

windows7-x64

1

点锋高�...all.js

windows10-2004-x64

1

点锋高�...ro.htm

windows7-x64

1

点锋高�...ro.htm

windows10-2004-x64

1

点锋高�...se.htm

windows7-x64

1

点锋高�...se.htm

windows10-2004-x64

1

点锋高�...ng.htm

windows7-x64

1

点锋高�...ng.htm

windows10-2004-x64

1

点锋高�...rd.vbs

windows7-x64

1

点锋高�...rd.vbs

windows10-2004-x64

1

点锋高�...nce.js

windows7-x64

1

点锋高�...nce.js

windows10-2004-x64

1

点锋高�...nce.js

windows7-x64

1

点锋高�...nce.js

windows10-2004-x64

1

点锋高�...er.asp

windows7-x64

3

点锋高�...er.asp

windows10-2004-x64

1

点锋高�...ss.vbs

windows7-x64

1

点锋高�...ss.vbs

windows10-2004-x64

1

点锋高�...ex.asp

windows7-x64

3

点锋高�...ex.asp

windows10-2004-x64

1

点锋高�...in.vbs

windows7-x64

1

点锋高�...in.vbs

windows10-2004-x64

1

点锋高�...st.vbs

windows7-x64

1

点锋高�...st.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    点锋高校成绩查询系统 免费版/Help/buy.htm

  • Size

    1KB

  • MD5

    9e04559ecf63b8a2a92e92193d3d6633

  • SHA1

    cd4b5f55619906272ea8070ee3af6356aadca16b

  • SHA256

    00c56ddb08261dd4186b14d9e4e96af1b2d74c026a4af3d0eca46f98eb6bfbd3

  • SHA512

    94b320be99acc526b2d3a6c1defbd03671b8ecd3496c75f071b600bcb712887116a76ebdab504ea33c0129bc645d0f66e229c67916b260c13b2796a03956e723

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\点锋高校成绩查询系统 免费版\Help\buy.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0d963f92670872bcd7cd647e9bce05a

    SHA1

    e905adccf4e64e439cb5b1118acc2a9ffddf0a6f

    SHA256

    f3dc979852333a68fe897ed6ec07a94baa7b8df547b60cc3a86d8ebf535189b6

    SHA512

    865320ebbcf3ffef4c4835ac9a80659a6c6648825053885a6fae33ed758cfe80caa423fa09c8678a6532cecd6ca43e482536d1e332664ae9ad3b60b58f5df1c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15c18c9bd1fd670983592d80498db8b5

    SHA1

    a36f6c69ae007fa05bacc9dd82396778c9bc0c81

    SHA256

    b39d51614fbb454144a54c7c3c7ac5c597bf6fe1ba230741616193b887e6cdf3

    SHA512

    80cdea4f76153d1801714fa40ebe09149a3a8950e1bc453d6b69e4cb6b80b127225f249e3aca9975a2a6f7c9df03a280cb8479ee3a3315d0e3eaecaf55ea19ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78b960d40148355e64517b187f1d2af3

    SHA1

    7074fd96945c5c362a28343e6b233089a5c1df72

    SHA256

    bff0c10d6e6cf8cad67b1a7bedfbb0d17a0a0acd86573981eff268a327a95fd9

    SHA512

    8273fb0ca7b5447bee1e92352dd6a6ef871bc462b853643a13528e06be607d1660f2957d9b18fabfebea7b34479711d902559a4c59a58b8ed8a1e9def8a291d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e050888bbd888310792ca02ca45509d

    SHA1

    fcc44a7aa71c0f691282d540f792cac1c52f936f

    SHA256

    83b91ec3a940f56ae3f51e679f4f8f6fdf7c5b2544e8b7818e9e00b0f79d20b9

    SHA512

    072c71d74b430b7a4b6be4d83717668f2c46daac321fcdc0ce872409abbff0093327f83dedcf983542bd8efd3dbb33902791fd46c3d69b0d9ef6c2880ca44fbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50641ac0685cfa54ea7e113c4e06c7dc

    SHA1

    e8b2fd2e218a78c1d58a919a51a2fb7675f0460c

    SHA256

    b4c09619855bd6627fbb6096603661377364157e35c912a7e682ace72531321a

    SHA512

    72627cb0378f2f07d01076ea67e292332b94c7e847ac2f913e6c31d90c98526d863efc0c92d9f8cf94022ea6a90004576df09229dd7143dfa781beaa99cfe1ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e608b6a5a2b27fce0e24cfc189aa31f5

    SHA1

    09e88d1af6f8eb67a8d230d9fc02707ec6b0d135

    SHA256

    eb7e7810236829f948788f1c40d9b697bfaa0de4ea96a6e1c929f79103523ea0

    SHA512

    ccccf6609a3c2db540a5130f9b3e871c6c9efc611fa3c6b2423ec598b44dc57817767860bc997fbf6d6fa18e71619a3a1041b270218d5cad6ecd7616a6745cc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5905508f3f5db31eea4bdd0041a86ff

    SHA1

    695c8233ed57300a4ecf250bb5de4c02f1729ad3

    SHA256

    4df5a7c62e0b7d2af1f0d17f3dbf067c7439601d41f98ab42848e77f23ebac98

    SHA512

    10390592d17d5d6480990491cd0b0d3be84b9bf48cd5222093cb2f09bbeff1fbebe403e2a1ac97c73dd4db5354452270229bcfbb40e52d3bac7e4cf42a391071

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    923065d8cb715d1b95f67bbfbd752a1e

    SHA1

    62594e3a31b5dacee6ce335f446a833fc13c134f

    SHA256

    4c8c65105de55ea81cc7821ae84aa89cb3bde9025cf581fde63fff1167a1b61f

    SHA512

    c6ac490d2aac9253548ef30546bd2575b9f0a2a8ba8c9250c9f669045ccbb8a607444f1685d2649c6682ec3539bfd31c26c175d27493258c204cbe9a3167db2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    569355197345d008307a93205bb20671

    SHA1

    a53fc3b8a8ad7fd36603808f4596056958d143a7

    SHA256

    853d1c68164162578f02aec4ea64dc8f4fb6f5ca0561cc08a8a3aac871b93314

    SHA512

    38a622b2e0966c93927a89e4ab74eb900b61deefa9fa7dd750678b1cb423bf7b433ac1ce763a434991af767eb125e774414b633fece0668ea2c312210c74337b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71b36f3c519b3a31e98a828415c1ab76

    SHA1

    75e9f9f55381567b8dcfcccd5a18133a14fdd99f

    SHA256

    d1890265164ef8ed5bba7f240253da9cea3b239462f882245a920678d9042625

    SHA512

    b12a724d2d2add275994722fa4af739eba62d18e0c458b1eed428426dcf05d325cdc967dd67492630eda625c8451480a6c292f95c9aa70d9987849c47bc08d0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8260b8007bb8e3f7d4d4d65cb3597576

    SHA1

    f4d05b7db700a067917a5b575f19891860df8c4c

    SHA256

    cd1cc9526b62899ef768f47b6b543158ef005c9c101120039169bdf1aee40245

    SHA512

    464a7598defdfaa00f42ce0cb44c1a540453f26338c907529691c04617006855899dc21bb09088d8912f1432bc724ff54d60533c5e1580bead58ff5df557fb1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8402.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8897.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit