Overview

overview

7

Static

static

3

Images/新...��.url

windows7-x64

1

Images/新...��.url

windows10-2004-x64

1

RkSrv.exe

windows7-x64

3

RkSrv.exe

windows10-2004-x64

3

hrk.dll

windows7-x64

1

hrk.dll

windows10-2004-x64

1

irk.dll

windows7-x64

1

irk.dll

windows10-2004-x64

1

jpg.exe

windows7-x64

3

jpg.exe

windows10-2004-x64

7

使用帮助.html

windows7-x64

1

使用帮助.html

windows10-2004-x64

1

键盘屏�...10.exe

windows7-x64

1

键盘屏�...10.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 10:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    使用帮助.html

  • Size

    8KB

  • MD5

    70b9a1d209b3bf2536dc91c6accf3d13

  • SHA1

    41aef6f617e7e6a8a9be30f9e55669909f9c4d46

  • SHA256

    8757516fc55d7da58772fcafeb1bb33c25adcee0fbaebd0d74d3b53b74189d98

  • SHA512

    1407d4651db36279699aa84a3678b4a9b4a187aad852b75764bf45d945e44856173d352fc40ba553aeb5e486c7fce395ce65218738d60f958f682f61a46d2b8b

  • SSDEEP

    192:1iuQAI4XATSuDv9l3yH82LsjC4p32LVpKTiglFZ:1iuQl4XATSuD9l3qICs2LVEiglL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\使用帮助.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2468

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe5732598da9c360f51f1fa03399403a

    SHA1

    dc0f7c82c560ea352f84bf8283fe151a89b940d1

    SHA256

    3c8b1688dc511a7945c40efc9b51a984532267cd73dadb07da4be542a47dd3f0

    SHA512

    749830e0b98bc0adf346f62aa7e6c2c1f10a2df62d8f998feff92b2eddd9511998f42e85bd28a3ddcc1ef40afc625d7cbf6564c338c1c6228060fa8496a4bb0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    749980e123a036c0804223d1423eff63

    SHA1

    0ad69398be45fb3955773ef4c24e7f57aa5f55b2

    SHA256

    0099dd03d2235ee1fa7c3294ff97c76d72fc0b68d3eed4e556f2f681fe29bb66

    SHA512

    4c55708001a45735767f55f298a319a911622a19ffe6dc3198c0b2c13be70af925a76903e47d278308f4c503bf2207235f2d1acfe8b9bc0d9a803945642ec089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ae0fa25f554667f2ca36581b5e2afea

    SHA1

    dc968ff2c64e5b26994e35a2c7d63beca0bd994d

    SHA256

    812df719bf3cdda69c0c134ed65f5c2ec7ce1bedec0b558270ef31f3398106c6

    SHA512

    df8acc23e2be4b31bc82cc88d299fc8b4b352dd85b3d25309c87decf7efa3b163162b89eba520b1104063aa51e9adf8965c2b68c86254a29e1f8321472114a09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bae1455fd1f205402ad94e8c9900653b

    SHA1

    e30e207a538c3d9603413550891f67793daeeb88

    SHA256

    147bf4f8e156452b8881a9280861c60e92320619e264bd182b329621d64c4561

    SHA512

    0da5aa2bc47309789652184fd39de8fb0fc91368cd3c0b4e09b22932d94d60c6d1f08940fca3f87abe7a157c0acf913f9dd3f52af06520e654a3190d8997c956

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    980482e6766bc033a02cbb3731e54fe0

    SHA1

    bd2a1d0c4d58340439e76be490e874ec2a324824

    SHA256

    4549b00bab66b4daaa495e24f07094db573561004edf98f7855af34e6e54f35d

    SHA512

    840dbd0b4af698261b746b77685191f0a147f80fd1d910a7f44f557effcce8f862db7caf32eba1072ff3b079908bb7d86dd8928564c2cf7f471930b4c369630f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83ddff2e3f18822877df38d334a91ac3

    SHA1

    828b7d81d4fb902b49ecb0e65d09f44ccaa897ea

    SHA256

    f223cb35042bdf179af24a95f1adb30632c1c2da3a0dfcdd4bbfd9dd4c14f0b1

    SHA512

    eba4759c408139fa724204550bb908c6e1e7f4810553991df39f3b83375bc6905da11a72cc9504d195d818f056b8692057dfa073c36a8d5b4023ee3e175f998c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8ff0c9cebf5deef558540e8104a8074

    SHA1

    5593932817e860c7b0a1936594fb81999d89fcbd

    SHA256

    e7f903a05a697465700df8e326078804990d21f1f1d13f9b3ea99d2bd5b69b4d

    SHA512

    69feb51720971397b4c6ac726b5082962033a35539d54f1d30c866b1fa3e2cf32abfdf29e47fabc33cf91665ff99c6194837230bdb8fc642dc5dd5fe0c226c9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57b567b499dba38b260e5cdb4e6f1155

    SHA1

    51472727cac8ef549ad1ed87c687aee8a2126658

    SHA256

    f734effba2845a7dc86b88b3ccb5bf0d867e353c726668dc7374d022d4accfbf

    SHA512

    8bb082b23ccb6fc08cdf6271b5080a23b501822b95f1bded3890f6a9a5169570f73cd6d1d4634ee758c52947a764a322a8af909b511025b5e283e061aaee848a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98de47000db5811dae36a40db30cca06

    SHA1

    c657caaf805c1e31119fafb0540bfedff32bdaa7

    SHA256

    daa60393f2e3d665023bc85313bea1a33a2a20d0545871e22b7ff685f34e7882

    SHA512

    e96b9f93326571e42a5426e8f74370598d16f66b701b6712ea85ea5816209e838f2af140be5462f02ba0ab2eaf29870b7f49db0b23c58e70c061f02e8e376e80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7134d7670e796d78ee958e046091c6fa

    SHA1

    96312b2b61e227dddf283a86847961cf652ad508

    SHA256

    eeae941fa59f5952d5529f12b9670f57202f57227b302daacc38b85253aa02e4

    SHA512

    1e4da24b77067ab7856fa50330acafee45c622399f33b3a882768f7127910d06761a48b8e90e6d206418ef15977bdf0c9dcd029bd41a38328a08fe5fbe49211f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de2f19e23ec5368a8354a5defabe4772

    SHA1

    1c1e9d267425cc8fe815d13aad56cd1ad0ed401b

    SHA256

    6840a629d7d9c8d1a80441094daaf018f20aa73725323bba900f9df11b0e21ce

    SHA512

    96befa0c0620c7d609f11aadb7ab45e53e2a3a83719a7ece7ca8bad42a540dfb323a7e6f151aaa1434436a6d393e177d2e28d31a6db8845ee551585d243fb72e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42FB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43F9.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit