Overview

overview

3

Static

static

3

免费版/...OX.dll

windows7-x64

1

免费版/...OX.dll

windows10-2004-x64

1

免费版/...ib.dll

windows7-x64

1

免费版/...ib.dll

windows10-2004-x64

1

免费版/...ta.dll

windows7-x64

1

免费版/...ta.dll

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/...wn.exe

windows7-x64

1

免费版/...wn.exe

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/NiniReg.bat

windows7-x64

1

免费版/NiniReg.bat

windows10-2004-x64

1

免费版/...eg.bat

windows7-x64

1

免费版/...eg.bat

windows10-2004-x64

1

免费版/...te.exe

windows7-x64

1

免费版/...te.exe

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/NiniWeb.dll

windows7-x64

1

免费版/NiniWeb.dll

windows10-2004-x64

1

免费版/...es.exe

windows7-x64

1

免费版/...es.exe

windows10-2004-x64

1

免费版/help.pdf

windows7-x64

1

免费版/help.pdf

windows10-2004-x64

1

免费版/...in.htm

windows7-x64

1

免费版/...in.htm

windows10-2004-x64

1

免费版/ninicom.dll

windows7-x64

1

免费版/ninicom.dll

windows10-2004-x64

1

免费版/...��.url

windows7-x64

1

免费版/...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 06:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    免费版/htm/main.htm

  • Size

    4KB

  • MD5

    130d226498c8b78dc6d9d29e169f4505

  • SHA1

    229befd2752f622ddaa4a54a3b187ee4f679222f

  • SHA256

    32038e6823debf2580310547cb25cec55d55f4b2dd61a2bd78519d1335326666

  • SHA512

    6e205495a6d0fe722abb3692c510c76cfd3237f83ea9e685367218a19c8f3e07dcdc04eac7e9db2435c40c2e617459533e4a3ab0ce979aa1742ee374b5ee334c

  • SSDEEP

    96:iXnJpltkh1+Iz1sNIzbt8IiO9dt8lIHOlMGTcV1WZ7t5kNEKvaj0XI87lGqQ6:iXJu1+ICNIzFiSGS7DXI8hGqH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\免费版\htm\main.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a99472e74ae7f4f560c66e3f2b4f0866

    SHA1

    440880db22f8ae54c32378e802d33df2a68c7b3b

    SHA256

    e490ab9ef3092382ba2fc382687de9c00f7b22f13345d1ec8f6f6367e0516d7c

    SHA512

    3229f31b4fda97799d05465a708e1d14f96539c9df4fdd03fc31a092daf23b15135dc93b0dfd9abfbf249ed290cf7a9d529d4ed570a52a7f0dd40ae5e17d1941

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    141903d516d9c0782857a681708501cb

    SHA1

    4e38922d2c894bdb338af646880a9762690266f3

    SHA256

    7023c0837bd3d8074369a7f3e50f49ed2296d9fffea9bb6a750840555d4cb32d

    SHA512

    462a2f0e3fc971335466bd6df588608c7314f2318309822ff7ee177b17dca1059111cbeb91a0ccfab9900cdca9d7afcaa01e17771bb81246cc6cf67b11f673d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2b94d788601be9fa2e28f6cb22adecf

    SHA1

    1e86c57c293cc52586c75d3c0b5e95fab1b95277

    SHA256

    8e420872ad7742ea471b8c136b8a91d9e4c1ee9f8e20ef701e831fddc8a5ce55

    SHA512

    ef13430a909b186641c15a1293a368458fae09f56477448e65ad6fedab4c176ce21c00631006be4b18e1b80d59d39dd8f6827622e07bc2cc2f47ff65ce300971

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2786c42a6205ee5c2c993e186f5cdfa8

    SHA1

    7966662ff23fda1e3b9324114c2b0b52d113e48e

    SHA256

    343a29eaa942b9c261835bfc24141e33f3355a019ac3fb069281714541511868

    SHA512

    eda67aad03df95791ebc01a540435d7b45bc16feb178a6789df39e7b3e593a2174c679753cb1c7155a6f8d6d3e41768d0c5e43c4dbed8f3d6843e75f34204745

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72d1ef6c71dd023f62085512956bc775

    SHA1

    e3047a82c47096431ceaa773a1c77bb4fc5658d5

    SHA256

    cf061224ebde2f6b07558a7dbbbd71ab2c3a6d20480258bd6f301d4e03a797bf

    SHA512

    cf12b9fa4078c397ebd5dfc23bb455eaca02f04a5a299475194bf057876cd2f1c59a61758de4e066f98f24cfd7b7c136adc42fb849864a3af46d0605f9cacb0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cbf8dd502b859e09a3eeb65d6ae933e

    SHA1

    a8bd79497e20c81a2b3eb8c28e082d833d14b9d1

    SHA256

    52b29e7c541b1aa69e4a21af47ce7391b1e5f72ae0b559b31186b9faf90e4649

    SHA512

    a264998c42333254e9b5fa1fcf190ee3c56620651bd5788e308959fa70cd4d6e5de7689faf879d71ee9fbc0d16533bc32c243ca77218db6c163cb8e269dc4075

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe1d176d69fe28848bed2f59e412439e

    SHA1

    52ac67f3fe6cfe8c8f0b007f1191eec0ca1e80bd

    SHA256

    44a6e5aea0e2328d19e57b0dcc515d568fac0cce4259572fc0645c656ddf2c05

    SHA512

    c9a8c7872d06d6805c1ba72e00a74404efefe4232efb71391eac0ceeeb81efe6121c0e1e932057a0fb2b4ed31a689138658b9c577997ba876e8c4c5041d53171

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    450945c16af7746500475da249b6ff31

    SHA1

    fe9e3ad33fa4d72a4cf9748cc8319023dc38bba9

    SHA256

    50e01f0117bc14760ba19c3f913ce95e413f52d9cfa2b4fe9924bd432db80d45

    SHA512

    de58e9c85a8ad5218eddfa876a7d4778ed9ceb21ec48048f2c9167f7b88db7c9e5a6f3faa71748413adb3e6b2e5d229f39885dcb1160e504cb641c7da2194239

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b7ce040e711a34c57c03e64f6d09f42

    SHA1

    f3dacbb7a1db753f00b7470fe12b92d6526c1033

    SHA256

    675aa5bd6c5c7d25bef4368c535cb2d525dfd58cf587642d82736edb3c629871

    SHA512

    7a30a5f929eeb151418129db6f5a9a346ee6d02d454fcdc8ccbd2d3958e4e9d4cfa93a1eb5198716dbd05af2c630439bceb4e8efa83b69c4ceadd2a41a60e61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67f6b4a1df7661cd8c3b7f038d16b06a

    SHA1

    736f36a4d3fcbd61650c4088825629d9ecf4984e

    SHA256

    c2e9ec64614e8ff1034cadfb4b7abd6cf4faaa758bff791e994c013aae25e5f0

    SHA512

    e17df9b46f927a417fb09a6a041d30f74094d0a249a7e8bcf1e8c24ba985f9b77cff99bc2150998bffd2795b46ea6c515e52f4d18bf3ed524e8be9df6b4e7f7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5694fb1f7ce55c95adfa4f6f651f816

    SHA1

    70d5f6c5eb115e2afe825be13118099531a90336

    SHA256

    bc223690d3ec1adc8823428adf6c3c1bcf1f5dc05b2136a3df2eb84f132c140b

    SHA512

    c4656b883dbb14a88ea0c40405472f2976e337e4f4caee306fdd4deb18c9a42720b29719ab5595f37daa40502640c2492ac1f0e80f9a8dd343f732c6bb86d0f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10b9a95fa820af9f7cc1d8bebb38eac6

    SHA1

    d79f5ed2e1bfaec04ec1c47b3be1885a6aa5a3fe

    SHA256

    910bc3b6a2f9c893d14c4639b480c11c67b0ffafe1c0e969ad52fc90efa99584

    SHA512

    b333a79819ded78f4bb4bd20ce1f5b636ccfefa88c8f50dff6f6db88d0b88994cbaaf57b33196e6a1b60c55a0edf33b6c0bdb11287bef78da90d01b657822d08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee68fe069d4300ab2a50f7d4d577452a

    SHA1

    c2a945b213f7250de54b1437c8969e64669afd83

    SHA256

    614b807a592f32ab0b95d5657bc8557c861a00596003a69838e4829044c5f8cd

    SHA512

    63587621b009d8e323e30dc10e3c0fd8792d7c4a1886378dea9c0bd748aa1b23f8ef16cf6a1e9ad9e9ea3e7e8bf47a7cdd5443beff0ef540a7d92e3d8633e758

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07b8bb267b8110b4d0ec82c07e152497

    SHA1

    d61a72f93c791514b11089ad551e3b1f547b5247

    SHA256

    bdef7b929c198ea18eaf349724a9a2da412f9e14533337ff8106473c48bfb10b

    SHA512

    94f95dd190718ab13a6393764fc4f09e7787b860b817682c86e06c10d9ced3fab24f6b0d99867a5f7ae9b7631330d10aa5c5f56adaaf0526a94ab586bdd1796d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a65082a5f5b2f8af83de0aed087c8179

    SHA1

    939c736d82c16fe996aab8624d23ea84d8885c1a

    SHA256

    d4ade2b3e8b1f60c3f97757f56c0546c66801ae4795d4788d2eae256aedfac56

    SHA512

    fd132205c8e2bb70bd48aa295d5c34233d0b21e14685df30a7b23be764fd13174a95c0426c178bf21ca3d09d1c9b845af58d9e8354d7127313423b30033cef4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f2c6bc2231cbc8b63f9914c67f66a89

    SHA1

    460356063bb3ce02d82b3e784a088e196878257d

    SHA256

    126c5f37391c5b62e1fa396225b4ee14650808ad1cb453f4f1c68fa7246391b7

    SHA512

    a18ba2ff4e5fca7183b4500a75cf47be980fd80e839625328d2f416b525acd7c0a7320c66606da9c167cd7c9f6a7a9c117aee45d1107f0275f59938a90f2181e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5A8F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5B40.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit