Overview

overview

1

Static

static

1

readme/新...��.url

windows7-x64

1

readme/新...��.url

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/ded...it.vbs

windows7-x64

1

upload/ded...it.vbs

windows10-2004-x64

1

upload/ded...dd.ps1

windows7-x64

1

upload/ded...dd.ps1

windows10-2004-x64

1

upload/ded...do.ps1

windows7-x64

1

upload/ded...do.ps1

windows10-2004-x64

1

upload/ded...it.ps1

windows7-x64

1

upload/ded...it.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2024 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/data/admin/index.html

  • Size

    3B

  • MD5

    736007832d2167baaae763fd3a3f3cf1

  • SHA1

    7ee737c83ee689c96ef37d3a029068c390ebc8f8

  • SHA256

    2b64c6d9afd8a34ed0dbf35f7de171a8825a50d9f42f05e98fe2b1addf00ab44

  • SHA512

    6beba489cd62566c108b652b7143cb97e007396a0b16ce250d2d0ac6e51ed999e41e96eb497b29efa99d2a15f276d6d531aa9ead15e2c13d77b3846ee45f64ac

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\data\admin\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff117ce77be8aaeeb59668a96fa0f9a2

    SHA1

    2df358b0aeed97da144ef983a8d57bea67722e6a

    SHA256

    3adf315612e45f7e91500930173fd8fc0acfcb451f2ade9c76b14fa4b44c1d57

    SHA512

    3bfaed0d02d27a74fd170ff0ec62263cf2d12366bc85a90518f446744fd78d714157d893520ad5f5538852156c2546f3aecc791ebf3f976c75401629f1151ea8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be199658066865ed7655c90bb974201f

    SHA1

    baed198ca14c3a051b5c1b38d4a19b60f982fdaf

    SHA256

    5895027e72246f8e483191a537b4a6be45b21ccb549a8b6d983da9c91fc30320

    SHA512

    64bbca7c3eac20cbaa7ad8ae30bf89dcc72e1b3f3d198d9daf218606b6c6f03925ff846c4fa60c75ca8fe7bc0d29f8153c691ec6d8fd9608555bdf146bf1090d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c061522c569d1007ca4e6d65908de1b5

    SHA1

    25aa5fcf9da5d29722fe5689a59ecb7a597dabd7

    SHA256

    c4ecae1cb748781b49b35cf028ca223bd0814fdd26d3b4c8c6e86a5eddfae756

    SHA512

    403957915e1f9d3452ea4caba5e12383f8e7b9d28c43459fbe0b4a404b2d8fd8032fffb9de404117dbd212cba2a8f35a72a3c6313695300327952361a5390065

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    922a0cf961b9f87a715934028cfa78ab

    SHA1

    e72c00e88c38d0e5d0650ad01169a60678b55ef1

    SHA256

    bbf876f3d80f017540ae0e31c0cf92fac5d5dbcfa38f0f1913e22ab07f39d19d

    SHA512

    eb28c2a2ba47a7ad2a9cb04d1ad1555ad70d3573b17e93765424b4de1a48338d683a9d7e8c5f5c9f5335c389dcc43955c9539053af25521f704d54855511c4b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f433d468e91c06fe66fa5f7d19841be

    SHA1

    7cafb35ad6a081cef5258dd523e7593edd68d0b1

    SHA256

    40bfcf63fd5fdbca75d42b0f2dff5dc106ee75da95ac495aa0092c08b12ecb66

    SHA512

    fdadd59ab173031bf0da4d4334d70fda41248450b6225c86a713f22c2d47a0c68b701e48cc83dbd7d532532aaddc07af4417e641a1ef4c41e1b9495c1d88e4c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    620e275a888d2de1076b5c0183223fd0

    SHA1

    ce74e66ad305f60e0184d39b98bab116ffe0ac6b

    SHA256

    f83d9b267d06e302327b1052869505a684d4e01d0fc82421369392254fe14fea

    SHA512

    b5fbee9f5869eb366e5b3429b41e84d5fa94e8d6143deceef3c0c2b4247c1b75996faf64325f002f2a17ddd2649988db6e27cceb9e61ec0cf0994a5d1ee006fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75006d37dc0d8d7c013e834baa711163

    SHA1

    1eb1e78f01f726f838a71fd442081fe0ddbb3383

    SHA256

    51fcba95e0966fa392a9a634c68030e1b0725d4ee3146fec4d28c6999becc44f

    SHA512

    e908083a85e9abe30f15de5b00b77973fd29bcdfb0fbbcbb40826f9fa412eb4cb15b3d7f2c58c324586286d8bacb14101effaaeaaea870065be8870e8d7a0677

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d403ead81830554d56a575c792691448

    SHA1

    3e1d842796e55130a9d93bdde795173eb1b20843

    SHA256

    ef2d01b6e7d42cd5e045f72bd79292375e7400c676d1376a9ff0ac07fafb5522

    SHA512

    b6e534e4da5b0d2f621ffd9dafec7590926bdf5796844359259a7d00e9461d54dd28e070693eddb5614a2efaf16bf9226d68819837563d2567f2af40210b1c51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    507bc7f8f66c21c8c79b99d04800a359

    SHA1

    919fa44633cda2416af8892bb78ef6d781f90b37

    SHA256

    5d6adde4de4ec305c64b3d64533e087f5a519376956c5a36415a66e89f5a6f55

    SHA512

    7fecb3620cbe0a71a42332749f393f8e290e72d7ca4cbee3faf6f91cbe8e25d17b687c0cf93d64345e9c4cf77410778641352b86f4de1cf397c0cda2c4a20b6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05ff94080e524df7c8873ab8bf76ee5d

    SHA1

    187f8dd9e77cc2a552d488d5dc3da4790438d834

    SHA256

    f3c0ff93674937f073b727f2139add7469479896313c6dc75c3dd10637d9a826

    SHA512

    7e7d82918e1a7659be31f27e5ad49bfdeed033c6f88347ea7428a1ab930e54c163641f1d24e6b3342d11d1063e661655781e7477fd80e63b81d72e8a52ec05e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    994f701fa89f30b8a3602eedf9617ac9

    SHA1

    6b19b1b9ca79acded7b29448d42da606deef5fa0

    SHA256

    ac2fea019c58ed6e07b6a962923b3467269547bdc605b4b03ef6dc18d607f828

    SHA512

    8c6ee97d42f093899b570bbd9754a1a3336ea92e3d5000b293df914c74d88262109b3fbde4c2da2c341f68dcf6b886ace306d28a0bddc2e74d95f120165d756a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d4439eb0fbefebb54f2d4f18900d5b4

    SHA1

    f8dc487276abc30ce082c08f0bbdfcd9efe59b15

    SHA256

    490771459f6cd8c78fea7f3c1db15a1c21aefc69e1f54d38ee5f3fe3f78c9295

    SHA512

    b356c8e786158014674b5f73d3fd6cedc626d6af9f8a02d33c15cefca3ea95037c8c27a93270cce5f349d507cb5e327ed7cf222e61a01b1ede4a99ede4ea6a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b562d85832978d0c8cf87119b5349bce

    SHA1

    6bc38fd276a8f04a67b02d1b2c9675910f980d76

    SHA256

    7bac61b6cc7218c3f077a397cc244bd21384f01823e4f2dbffcf5896442b4467

    SHA512

    e3db77ed9d2856e12453deddbc0643834b9777f3f4eaffb963c83bcb22efc41ffd99c281c855a7cda4d731606cb2a0faa065ebd56fb19aee18dff9da6943e419

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2682cb5bbfedd207f4886145992cab8f

    SHA1

    56abc09b500994cb4bdbad8c4525b35cfc928f97

    SHA256

    2e23b66d4afc1c67f8304b0f933870af4d42db0e984d23293d51612dab6d1deb

    SHA512

    a57ceaf8e871f52c276ed02031939f0dfd1702f7af222bd66fbfd4c7dceaff64b495d2f60810b020f9506d98c73d3395dda3947c0db9f5e0b71882332431297a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    684a56b504554277e848c3797b268522

    SHA1

    4e140dc555fde4d5561bbc56368169a2c9f651b9

    SHA256

    466e35e75c85ef0f4a9202dbaa090acef41603b3cfc0154e28df90979aefc3ef

    SHA512

    69bdc28bd1e609a17715af3c7a28d3dc23d92950816e44eaea133b764a2ed8eb1683e6f9f17e60a451068a2e614ea9c41abda5267733eec5e906332171e30f8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd34c704fa557f48a242792a17c1bf2c

    SHA1

    ffe098c6432d2f07a3e66a32e0341f3d21bad4f0

    SHA256

    73f666ad197c149277e837cfba34b484bf08882dbbe5b2b5064b484bc899eb13

    SHA512

    368bc8fe207898d0e29296786f3ef3c3ba954a08a8f821d92f8749e9f1c15e73697bbb008a29daa3815018a832ec825092297a3352637044bc0c2cef7055d91e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51f7f320064c7c359eb89237569b00e9

    SHA1

    805af4cb5ee4011e579d64bc67e28effaddeefda

    SHA256

    bbb0aeb7747d7d69551951629350c016ca44749b1e4a5660d80bb64693a00896

    SHA512

    d2c5367db87348eabee88eda0283ae626370cb9a6dccfe2faf97e2b72275726c7de008cf27dac14c46c387022c7f3cd0e10fcd11aa2a1aba7dc591aa25fa86cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    565f2ab682bd0e19258be0a92d07a25c

    SHA1

    4be7e7bd546770c612cd82c363bdc514c627d621

    SHA256

    960862921757e1030afa2c099da58cb50878c846c9025e3f6edf8b198d437662

    SHA512

    4c3397eba4d8096de7ea73add8e75dd406ef2162ee95de287b440de4e160e2c52bc7a880983874970f94b8c4558b171f4ca83ca493b61a5769c36b685ae17900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef65891b977ea5973b3d8815afca5771

    SHA1

    8298bd2b19f9e63a5e8bc3631a4151c7178acdce

    SHA256

    65713fa86bc5c5b08d0a9b6b3a1447062a0c19b72886caa4938e37c3ef33bb0f

    SHA512

    f26550025096b95d6dbf75d7e1bb3751db99b6f5e0877ee6f126d35fb3cdf62d12296a7f304e584b324770778d88e9ddd2c7ede20ec009b8a793ce69894fc882

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab48E5.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar49B3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit