Overview

overview

7

Static

static

7

gensmnq/ge...ns.exe

windows7-x64

7

gensmnq/ge...ns.exe

windows10-2004-x64

7

gensmnq/ge...nt.dll

windows7-x64

7

gensmnq/ge...nt.dll

windows10-2004-x64

7

更多下载.html

windows7-x64

1

更多下载.html

windows10-2004-x64

1

Analysis

  • max time kernel
    20s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-01-2024 03:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    更多下载.html

  • Size

    410B

  • MD5

    7bb7ae902ffeb8c37fe00b88fe68c1e7

  • SHA1

    c839f12d71b57aafbdbd7bca481e9438e8801579

  • SHA256

    8d518dfe520c4464fe9fd28724ae8d9700ab0a6e5a648f9be8a85a526b095c87

  • SHA512

    46ccd91f2d826b19b272c1440b5f8ef7c96261e0ed8cc40d064a0ddc547400e8c35831280999ab37fb7df2a525c8c88d1d5f3e36161b0b633249c7f226b66803

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\更多下载.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1272 CREDAT:17410 /prefetch:2
      2⤵
        PID:3740

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads