Overview

overview

3

Static

static

3

点锋高�...uy.htm

windows7-x64

1

点锋高�...uy.htm

windows10-2004-x64

1

点锋高�...ter.js

windows7-x64

1

点锋高�...ter.js

windows10-2004-x64

1

点锋高�...der.js

windows7-x64

1

点锋高�...der.js

windows10-2004-x64

1

点锋高�...ll.htm

windows7-x64

1

点锋高�...ll.htm

windows10-2004-x64

1

点锋高�...all.js

windows7-x64

1

点锋高�...all.js

windows10-2004-x64

1

点锋高�...ro.htm

windows7-x64

1

点锋高�...ro.htm

windows10-2004-x64

1

点锋高�...se.htm

windows7-x64

1

点锋高�...se.htm

windows10-2004-x64

1

点锋高�...ng.htm

windows7-x64

1

点锋高�...ng.htm

windows10-2004-x64

1

点锋高�...rd.vbs

windows7-x64

1

点锋高�...rd.vbs

windows10-2004-x64

1

点锋高�...nce.js

windows7-x64

1

点锋高�...nce.js

windows10-2004-x64

1

点锋高�...nce.js

windows7-x64

1

点锋高�...nce.js

windows10-2004-x64

1

点锋高�...er.asp

windows7-x64

3

点锋高�...er.asp

windows10-2004-x64

1

点锋高�...ss.vbs

windows7-x64

1

点锋高�...ss.vbs

windows10-2004-x64

1

点锋高�...ex.asp

windows7-x64

3

点锋高�...ex.asp

windows10-2004-x64

1

点锋高�...in.vbs

windows7-x64

1

点锋高�...in.vbs

windows10-2004-x64

1

点锋高�...st.vbs

windows7-x64

1

点锋高�...st.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    160s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    点锋高校成绩查询系统 免费版/Help/using.htm

  • Size

    5KB

  • MD5

    458cd80178cc51c30635430bd34044e4

  • SHA1

    c69bfef0ac33b6694c42a3d106c16174bb8b4320

  • SHA256

    9e1ae9ff4ec2abed0a4caa4420b841dba3b9dad51b4f74df0c21e419c2e9982f

  • SHA512

    757ef4a9b0ea0a75405e385faf7e131c76462c66a5461cfe45ed449fa3bead0db5cf626dc23c2734e6ac8f9b06bd7417669c80814596267257b1a42a21d2b15c

  • SSDEEP

    96:F1m2dddddddddddddd5e8ymzddX5HLqpQ4Mcllqn5vMDLqGoEvGJbns5LqOtS59b:F1mQQm8rutJzBmS5X4k9g0BX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\点锋高校成绩查询系统 免费版\Help\using.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5d1fdb7581e024baa84ec597766fbfa

    SHA1

    4decb756733b130a2699b3bdee4fdb12caa8d2c9

    SHA256

    5eeacb17c1c6ec7a403e2317d0f947764550d62bb8606d3c8aa669fc349d97ad

    SHA512

    6ebf048cfacaffffcf84c47aa2c298214b6c1a191c30b58af6ad754957e8af7864a6f7cdfa1b14767d527b7ba841f7d5147ab491899284c59b5ef455d21c0613

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4b9c52e7891666cfc8ed118f6601a0b

    SHA1

    5406cc921353f2363665d29cd6f58cf6259e81a2

    SHA256

    dfd17a90925db8f6decbf0bd66b95ce5b0306d4acbfe85cff6f667de29024400

    SHA512

    266bff5b28bb3a62d17747bb85ff53c16a2173039586f02211641981671a686e97df71b5c89d2467ab54f56d5d32dbfb11eaea9f45b8756dae61463fdceafde8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a73b7588b940d85e217f158d26fa6f29

    SHA1

    b3f0175a925f671c385d3fc51e9d69d6e0f99c82

    SHA256

    7632250b0c6cfe6233b72069a153891ab55a6c4c4a3576542629ed110fa3adba

    SHA512

    b0caeaa0d3809af020c55be6469007762b3e8e3c2ee84c578d3d291715f488a76442e9e39f627c754b656e6560b0e995b2cd427502bf0c103bdab72d31cb1f70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7442857fed0f25f9e1062ba4cf51614d

    SHA1

    b2f6ed60eccb3f4b7a7275c5c132310c689e1dfe

    SHA256

    0984117b7ad63aeeced58873b6c69826fc09a3f5c7b7128ca93af9d928bc60dc

    SHA512

    e68fa0e6ddece8c5fbd1ebf901bcdf139c333ff9ee5640399d3c903352c11c6763119aec92ee383086cc6de3ff2090508e31a78dca703598cf425eb35fe41618

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fd593ab1449041813732a108e645cba

    SHA1

    4bf67821741a27d2d4aa324dbd6f29efd9487942

    SHA256

    78a32357cdf694f14711539c32303a11178c037d63a7f17323268e142ad45e27

    SHA512

    ce8151ab341e28ba0de3099b9528e93881c2e09aa64477ca23b6faa321d2471aea2981e7240683307df49e596bc0a67484c0d12b00675fb51f7d9ea77d745e66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16ca168bf5406e0fb34a7f7c501850c6

    SHA1

    38ee701df52716f1bb821fb4b49b754083346b17

    SHA256

    94e54adcdb010a75b45290a56620934711e7eb1cf8c59f383f8ff65fa82f737a

    SHA512

    059cd066d168ade0cb344dbe00501d5f8535db285b20689bba12addf15ed36e3cc814820343d9c2d7fb838ea38a693235fb78b1fc64619a92f5a09a8508ec955

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93002726d830bdd1ff5fa8f2572a3525

    SHA1

    00eec9ceb14ead55e3f2963f1ebd78bc678b9ba4

    SHA256

    42e4d6157d55913d85d7331506d3c8624d21e599073be5496076c3f187612e99

    SHA512

    94a967a2898d1fd124ebb08837a1180bf0c6285a9bbf6b99cd4981a46d710526baacd64248c75313ed32ae0397d8dfbb48437336043668fdf12073ba45d171a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    929d3e092e0d4a5ad90935f4df3dcc2d

    SHA1

    7280ce345b4c57d93b044e9a19a1125f81807ed6

    SHA256

    10921cd045c193187446784c4ad90936d7fd34f5b64dceafd5e0ed3c2030e495

    SHA512

    44f091555ece28f07a58e8722d07a2fda4547cf6540cd37fe9e45475b6e5c027b2ad60047d5756c6558f704a3b2ed1f61b2a070fa7717a7a0a9efa065dafa187

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb399ce0207c7c97ee8abd17afcb38ca

    SHA1

    73f6b2bfd260c879671273e233a4980d52968039

    SHA256

    4c1e98242c1aefde63e898be9877c0a866cc9c6fc2a999a8f47f5d355052c09f

    SHA512

    6ad7dd1c708cdef4803e5c3c83ac7035e7776f6818f7a1d65cafecd9ad2bd18930c1000cf38b27db4860c67abaabda243308dfac9b52540e48648a29a5f31452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b9d804bf692ce3da36e38429e7e5813

    SHA1

    6eb5df6764b9fa0d46499e34476127732eaf3d9e

    SHA256

    bbc5e3c2151c7d20fee2a7f1fb3e021ac805179de167ff47e530d41b67deffb8

    SHA512

    aec84e2a406e7073a99f1b3bd861c764a400644c705b1c481b0dd165f8b6415bf0cd70785e3524734d23bd4dc9a1bda052fdae0bd656f0c054082c9b98a1dee1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a37a4ad98f9b785dfa8972f87f497f1

    SHA1

    aefbeca16143d98211218265a3d0960a4386c676

    SHA256

    bdab6efc08481edb16ac9c7d6583ce9237fa65f2393a18ffdab9b1a38ffd12c7

    SHA512

    f892b5013cda5f6397998090ea553d09be073aad7bf44f09e03f880722eafa6c0e059ca053cc46ef6ecb668128665398f591cbbf6783b00b04ae83bf0a307151

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f854b0d9e7db1dc8bfa93436bdaec9bd

    SHA1

    cf0d5088f437b95a9af5252ecc5a96483446e632

    SHA256

    0fc936795f636cf0b921c75d910653af59e77d5d8b1ce8631c69226777fe3461

    SHA512

    6d795c8004bd3dd2862e64030a1403cd08854fc974474bb4e7ebc471891a7d2e629ba3c583967731cdcb7f20e0792c7bf30c21b4ae949f48f2bcd77fac9cd2e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a64d6b23bdcb4b70f7fd81c67de79b7d

    SHA1

    745d937b3d3b93058cac623f49cd112110f9c1f7

    SHA256

    13302cc9dd0e4e8c6f2cbacf8ece562851962a5cde31807105fc3ade35555fa0

    SHA512

    69a19b060d6189456292ad129b06cb3f93e987e9f9a7643c769b63aec90480cd456dff87e97ce0eef11971162379074cbfaf33830c84eac50ecd6951c1a59fb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73077cf5257bba608bde6146f74e1e31

    SHA1

    d9e725759fae08d0c6d6df89e7ee43979e769ed0

    SHA256

    148726f930fa9a0885008935a27df468e383574b291b0fd120dd3d63760fd2d3

    SHA512

    47e221b6999781a107995ac61f9db8c097e52e5313045db7c77d877fd6bcb4a634e030db654cd0660f5787b1c4450b914c056cad0a1a09433d880ea5828e6ecb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd42baa651e0813d04aff50b14bc9a89

    SHA1

    3136a121f3351900953ab0e853d7b1d80da28edb

    SHA256

    05d27d392e608c2edd066082eadf4962b72e1b68cc50786c733adb8baf4d31d0

    SHA512

    fead03d6929c8c6629bbc2d83b714123c7017747db94ef96042c5b01a67b5c09dfe8f7b16888daf9b188adba349a1e03b0a420d8a5564472572f3f2a41010928

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA058.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA099.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit