Overview

overview

3

Static

static

3

35256345/A...at.exe

windows7-x64

1

35256345/A...at.exe

windows10-2004-x64

1

35256345/A...t.html

windows7-x64

1

35256345/A...t.html

windows10-2004-x64

1

35256345/A...oc.vbs

windows7-x64

1

35256345/A...oc.vbs

windows10-2004-x64

1

35256345/A...ad.exe

windows7-x64

1

35256345/A...ad.exe

windows10-2004-x64

1

35256345/A...d.html

windows7-x64

1

35256345/A...d.html

windows10-2004-x64

1

35256345/A...nt.exe

windows7-x64

1

35256345/A...nt.exe

windows10-2004-x64

1

35256345/A...er.exe

windows7-x64

1

35256345/A...er.exe

windows10-2004-x64

1

35256345/A...m.html

windows7-x64

1

35256345/A...m.html

windows10-2004-x64

1

35256345/c...m.html

windows7-x64

1

35256345/c...m.html

windows10-2004-x64

1

35256345/c...1.html

windows7-x64

1

35256345/c...1.html

windows10-2004-x64

1

35256345/c...l.html

windows7-x64

1

35256345/c...l.html

windows10-2004-x64

1

35256345/c...P.html

windows7-x64

1

35256345/c...P.html

windows10-2004-x64

1

35256345/c...g.html

windows7-x64

1

35256345/c...g.html

windows10-2004-x64

1

35256345/c...r5.exe

windows7-x64

1

35256345/c...r5.exe

windows10-2004-x64

1

35256345/c...r5.htm

windows7-x64

1

35256345/c...r5.htm

windows10-2004-x64

1

35256345/c...e4.htm

windows7-x64

1

35256345/c...e4.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2024 04:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    35256345/Appendix/phonecall/语音电话/modem.html

  • Size

    936B

  • MD5

    235159a9b9711b4707abd801aac14607

  • SHA1

    95a49de9a1c8a55cd98b5bcc85820e6f4ff2dbcb

  • SHA256

    c5d33ee88b3d768a0afeca0b92535c5804003e80a8eb593d062487287c218f66

  • SHA512

    f844c1c16637a903bdcb16e5ca283eef8ab310071e1247baf7a81a5f344afc429776f34ea83cab56a1d8fffa24130693fe6b87cede27035f15b562f97f48c30a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\35256345\Appendix\phonecall\语音电话\modem.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    484a930b090ab1b52e70877eea391c56

    SHA1

    b7a8d608f3ee9312bb2b604fc1e7b69d9520be1a

    SHA256

    2ebdbbd667f34658eff7340d8a40324ff5278b4ac03139eb6a6f1c10e4a343f2

    SHA512

    bd73a1871981d3d3ce233049c7aaf3c41a28d208eaa2d012ffa2f1677cd7341111d48d5c6edc83d782488e7ec6b24d7dd338e59ac05ba0ad2550b843ac17c395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb38898a547cf6b78ee4057795b74762

    SHA1

    4fabc5274c13d3beeef7e2a442d6d2e596a9374b

    SHA256

    3cfe47d3f92ca02ebd1143d4f62d68b30c090c4599233a63937e5403ca6a48fb

    SHA512

    1a3d90e56279fe5616a9f24e06710d5109520a27065e9dbec8fa4ce7fdac579c89b9b56f9db3e03bd569cb5aa29677a207f76abc2a901dfda50d16547ba6e6ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc9ad77ca661aef0afe97c846b897fc2

    SHA1

    1c973f9150126143ae54611d1391ceacea791d9c

    SHA256

    3375f5d9874370bdbba628a5ee1dab7054f869c4aab39400fd05eee6b6885be5

    SHA512

    6a5a78e3ce73a75c2970cf7df075966c8c9793717dd84a7e0796fccba7a5256b19b84c052d893a3e2f20fbc49bcff3af33f4e4e5e57cf141439443977bfa4b92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    350d7c69ff37b3c2ab020d572514d8ae

    SHA1

    cb6f9b329b369825b936f4f054476313960af31a

    SHA256

    9b49927a2408456edc00dd3f2132c7c7c04a07d26391cb460759794caca16fe7

    SHA512

    ce556b335498d49e03312d05f4a15fab289c979442c7d8f9b23c13261bf43afd6253b907f9bffd1887c13e6d70c7e5e572f51906a1f6e777add44d5adc546fb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f09887258c0a3af5b6bac8c70834c45f

    SHA1

    f0658e515686dd0e04220f98090e972c7d70b397

    SHA256

    684ef4396e0d1150db61a7a471e544a4ecbaaf7f0e428b85badbdc5e6556e259

    SHA512

    604b6b6ce0c4c5a882d74ce207f6300a820ccfd08065bcc713d26737ff33b323136380434aada8033de6c2f8d4e4235b8b5e960b16b30ef80cd7511190b4b995

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    650d2450195897800d7356639a7a0135

    SHA1

    38459a318073926cfcf3956040b54638941401d0

    SHA256

    7fa8eebcd11341bb13cc8879cc95425e2faf5a0bd8c9e7112e0f8c52c64da5d3

    SHA512

    3a368c462b155be1b75dd4bf56aec956483bc3887bc8d91d00f7bee499b242f20a3bcf79b4d999b9c2784e7a7b09cefe247afa6d9c463b53f8778910809dc679

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a06e9b5aed5843da870f0b16ee891dfc

    SHA1

    ea2b759fa906cc1cade6c4ca95d4531d2395a602

    SHA256

    e6dbc6d387dbcefc2510b0879aefac211228fe3e35940188d8f3148383cfd727

    SHA512

    504bbeab687dfc058e4ec55f1475e2cd212e0d24f4ce95dc1a98e19a4d45ac1f829e9408db77351313c15467511947a5d9a0b9e744d01a7a229f3440ab330a39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ca6ab65df8c253ed4b58c65c9425eed

    SHA1

    9df086dd64cd3f5dd5c008e23316584658f3c8d8

    SHA256

    142ec026e4d94d9cebdcc9c8fea0956eb93a8de6feb5d5bbc123ecc2118504e8

    SHA512

    6716feb04bfacd54cf34f59cb9161fc4582c0f6d88aa4a1c36564db55cbc9227ff062ce00c7b578d44ec5de8f49a02f9eea828ad806f1b8838717e650636e9c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75348be4ea9bbc1ba903068ee71b111a

    SHA1

    1385e703b6854b14c362af417cb9c3a533648065

    SHA256

    f8f545032162f7167da1c523d900bc2f62d1a6cfd867e0ce371f5db62d21fc16

    SHA512

    37f151d9d75a58274dac071ffec2bd9ea26a22349c589efa2e568440b607c63255244b5eb2c9dbf900fff00fb8c5d533123a391df14e71ee7d38360e99d2da83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a77c3706150facdee534a3e59c1649e5

    SHA1

    1a0ae9034e45583fc8801a8c9e301e1b36de5475

    SHA256

    aa7921956b794a6d85cb47bd771f5cd1eefa9ea73c41c28de55732c2f0746ff3

    SHA512

    3abd4ac3965d7af590d43f4d72f5784661812cddeed3dc50a32e1006e17dd663f64f82a65eaf7a0beea584ead8e58ef7571a4c91b1b1cbcdf16f0d566d36668d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac4bbb0cc8f9a746e3050927bfde77b5

    SHA1

    ad8263d595930a0b21f8d9624c495a19258a18c0

    SHA256

    3734930d246647c521956c87fbb96c3656c652fb0680f745e9ef0e67abf782e9

    SHA512

    4f1f103a8356f0f88e6c69a864458222fd6bd1a76ad26e3470abc78a6648ba10f088ec110098911abee821c83fd567c7c23a0f741f0e2fcae2cc54b8b81cb86f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05eaf60067877d31f40eabacd56d366d

    SHA1

    d56b906990966a988dd6df35854de261416d7eff

    SHA256

    614fd96ff40c95af8dbb2aa99bece7e9427b8ff2b23e57fc2d437577bf3989a8

    SHA512

    acda5be3834db20289d1e09d81feab695a1acc5478e1883046611926e55749ad33fa4a141fbfca85f3867b746acb2080da3e2925d4b1e19739c7c91c274b4ecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0d1cb1e34a0328706844643bd2d3a6a

    SHA1

    a8736f72beb21880b50dd54d5d6cdc833f0cd9ab

    SHA256

    63e595a73b6971ce819c6ae339cc27c6938bef56c4c798db88576faf6b5fd8ae

    SHA512

    07a6db6d797dc319f78668f7b4a3f2da0958a54cc5c3b30be8ed3b1a01db9401c4a43002dd1bf85b484892d25f01d0694a1450346931ab78229f1d49e9c5fd50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f72158f53f76484a07b7f6189ce7192

    SHA1

    987aad9ca84fd8b037edb9e4d319062eb29b1a8a

    SHA256

    3b4a0d24e260ddcdb85bd7c116f94646285ac0a803f47756b88f9898fcbfea75

    SHA512

    562eccba42336cc22479f60bcab4f9ed0644c70e6023727c4b82ba759e624c5fc2258f22d31e13d025c1a53b7e6a60b13b4f298337f4147070c0233bb265232d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d9c47a2b95bbd63fa7703979085eda2

    SHA1

    43278b1b0b3324f69eacb74f53b53a2c37489884

    SHA256

    70333f8b0cd3454abb1a8318344d11126b07eaed1e7dcb98d8144bfd45058c04

    SHA512

    8251919a4458a857fdc4b7f9f69f1cece2ba3fbc603248f52fa46e05b34ebf393334b53a7d8399b3fbf89fd339c535c8e35c04dceb139dda66982385963175dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90852cd013300457bca55bfa1f4b450b

    SHA1

    b4128136d536b2cc6204f560b986112c805f2345

    SHA256

    f87690238f19239c0f4df27b5b25613bc6d41241888a42b01e6f10fb73dd160c

    SHA512

    84bca8251edf0d69c6d2a59d9db378e4e3c44906b32769871a5e49f59a45f4185ba90e29bd7414ec37a9151018bee31f7d460da4d797fd471b0b24e9639ad043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af693b745a2787a8f60f7b585431151b

    SHA1

    b508395c69ef5719d625332454c05f9cf17521c6

    SHA256

    7ec6c3c6f75f8c20755d6fd305b4b07e02b8bd188cbc17008d8988d65d0c3b61

    SHA512

    d0fa22a9759219d47d94e5fccb7ca51419982628def453c6ddca79efc6330f960ed4537090bcfded72bb4e7db7dfe1b74a9a94f75e49d3f29e0d1cf0e5951abc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA17F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA23E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit