Overview

overview

1

Static

static

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...are.js

windows7-x64

1

upload/bbs...are.js

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

upload/bbs...unc.js

windows7-x64

1

upload/bbs...unc.js

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...ex.htm

windows7-x64

1

upload/bbs...ex.htm

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

upload/bbs...nc.ps1

windows7-x64

1

upload/bbs...nc.ps1

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

upload/bbs...inc.js

windows7-x64

1

upload/bbs...inc.js

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21-01-2024 00:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/bbs/admin/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\bbs\admin\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    cfcd56d771621df63462b135dfb4a049

    SHA1

    8208bc1cbc2ea45d43b4751e6e17071ce0115a7e

    SHA256

    e2e009fbc0c0b5f4d9274d4a6f2602c2d4e1d4a968573b4cc7135351c956eaa6

    SHA512

    090b2bcaf59218f763851e9546448ab3ac9f6b146af95c4f598fc4fe85ba0237be4cde0c449d1a5547ee96344f35785344a0fbdf9d5a0f7bf42b350cb7effc5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73e74e01d3af948e606885519392a3a6

    SHA1

    646a84f4817a38919e1c0fefd7f741bd72c8fbb4

    SHA256

    ee41ed079e5bd541d464c014d96f72cd6ec58780d3f7ab0ed2e8be8ffc9117b0

    SHA512

    e9f2e09be0b68b8c0e32d75465930e8a72ae387a514a18514f284be789cdcba024945dd0aa9a7e6157c890979155aae9766400f10dd40e0995044b6a69ee0aa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c8347febd2d00a77bf0c3760a6b856b

    SHA1

    73a9ccce8b72769bf3fd89a5677cb02f8462a1df

    SHA256

    e165a8c2cebeb4c17c78abee4e0c447c809affa5314e0b120adc6aa710ab9801

    SHA512

    afcb7662178d0a9821e98db109e6358bf846741f3ead6cc8bf5c7c9d415314ccc320cfce9b9ea0fc97776ea6f6000d7249b359cb9362117d4afeb9f55d56ebe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    612fcfd26afef84bb9e9595f9553f98a

    SHA1

    d40aeb72c235dc34713f31c8d114502e0e102f12

    SHA256

    09ec430214728c1c089ad0d11060a4f94f611b503caf401227a7d28a5ddbb3d2

    SHA512

    cfc92d4aa3e244d6c460968e21dfa486f739ee0a9fd8737c08b7c3d0e6b472f4d40b65608e90a9aae543b0fcc07271f106e5e7ff87899f1ef433386609f85627

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2334c07a9ea783e69c702900dad0fad2

    SHA1

    563ab65d1a6c8c43262a923304d5a6d2cd1ad3e6

    SHA256

    2105db6d8271f8f727cef953102eeb801da4d76e1f7146e841b1f425f4e5c404

    SHA512

    61d66c0fc2765262a251352690416bdc736dc5cc4859ced2246105f63964b174a8b2a4ad0bdecb7f23306be8e2c30bc9a6f4e0457c0dcfcaaff6c10444cbcbe2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f969e876e467f5f9fb25a7b98e842081

    SHA1

    0398b0e829f0076864fe0b4de40a1d505116d2db

    SHA256

    87a0092cab6e8bdf95ac994f441ab51843c64727531993369790b6929f2f8262

    SHA512

    ee5034414403753cca664ac6013c282a1d4c3930f02ab408a620f610a1efcb5a7e0d820acee3f1a6fc8b8180f24fc9eac10e2bab57dfa222baf6c2b253c498e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e97d9289055f8024c3cff7ad52f51147

    SHA1

    799c1df8cacd455a60c2b03cba32fb66705cb483

    SHA256

    88a6886ade098f6c1c47034724bfc5011e51d69ceae4509cc8f391e919ead8a5

    SHA512

    2427efa91ed6fa90228ffd33542f853c208246418779aebf0720d4b25e0ff546b0117373e0bc7582eafd7b4f8f4219df06f42a4cb9a24066f3c276eb205b1e6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78e0ca19fe55b12b2be2787b9b331a3c

    SHA1

    bd153bc847ba58f3d3514b0d2923263f5fa535fd

    SHA256

    5235d987a47a17dd80bea73e1127facabdb91fc3a1aa7f7bc83a5afe383df09e

    SHA512

    22246077267f1a8db84897a8744f2217ccdd003a01b99e21e86bc8687e58b3279c91ffbd93a07a3355c41ebaa11af77f5834ec5ad984050a08feb6e647c37d1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a7bf3568076ce4456ba9df8d6f38ed4

    SHA1

    6b530202b917ee372162ce15729a104644b62462

    SHA256

    dd5b28d6457326080be31741cf968b94006842fb33addc09852544f760a81ec1

    SHA512

    860abc652a0e363e27282a2d6b4e6fb01b326af8a1fd81d5b984ce8aa45ac90bde34345458e0bdab1ee77eb3ff9cf63b459fac2c05633a96e7d38ef854b7be90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b188396bc656b35b0537d54d104e65fa

    SHA1

    37e3c08c06d2f06e22b1cdf66e82e09eccb5fbff

    SHA256

    44f6abac7dda3ae86cac82ed8478e6693403ec01b24d973c1af541bdabd5676b

    SHA512

    961e205ef61a2fbd2db5ace4f32f524390919fdcc991cabcf3cdbd2d5271c279d95f95e724e3c19ab8aecb65c5ef173c8771f8d29563f7860a3fc33d34f70571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d4e40245d61b0d95e120336ddbc0346

    SHA1

    a8f3a4def306d7f8c7820ced4a02b92deeb1e9fe

    SHA256

    bb4e732bc977d89afba88595064df19888df46d25712708ea3c3eed3a23bc071

    SHA512

    7e321814f9567d2235dc12e5fe4adde76b88a0286cfdac1b85fc86c299a7017615d2b1c5ff8e47082f83f263ef5f6199321eb64648a995cf0b8aec643ac6b6da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5f50c5f26e80055ec2c98a55eb4804b

    SHA1

    6c4f6953e531ec618a34d3bc9c34cbd6672786a2

    SHA256

    03e4e335e74f093b4778d93df227262dabd12c3f28aae711d3612d1e952da4a1

    SHA512

    524b4c38aac1c84695b18a33cc3cd57b6a0d0a9f3ed96213c4d3e87f1d96bd41785f4e3332c8e5d6aba7044b65aab92033c4bf0d8c78c8d29c7f4c43a99ef67d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81c35375fa59a9fc75879bb74af4a43a

    SHA1

    8ac1928145e6cbe5525f6ba63d545ae0ed88360e

    SHA256

    d29617b19dd07e39ba33e2932a6d3cb35bcf4fe4e71e1dffab3da7f1efe2e489

    SHA512

    2dadfdd2dc54c744fcaa1b37678fdd583e6a69edcef9b6128726eb9d22f5aecb05e064860005fe4e022d9be29096c92780f64d4377d0df226bc95ca2371b364a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    38cd8b54505a04586ce4248f2334a454

    SHA1

    fd2a0d664db80a1b5b1e66a898b068841147029d

    SHA256

    7ac00ca6cc669150bec231fd964db4377d2b02e263e304029b2fc7e127c3a278

    SHA512

    0a28d9f3e6ab54981cd9b6b0ccafea270b479c29538d5dde679e14df8700ea454df805524511d7f3493d7f93c236825a7a84962a877b8725454434e5652e5c1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3817.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit