Overview
overview
7Static
static
7MiniIE/CN_...ch.htm
windows7-x64
1MiniIE/CN_...ch.htm
windows10-2004-x64
1MiniIE/CN_...ch.htm
windows7-x64
1MiniIE/CN_...ch.htm
windows10-2004-x64
1MiniIE/CN_...ge.htm
windows7-x64
1MiniIE/CN_...ge.htm
windows10-2004-x64
1MiniIE/CN_...ot.htm
windows7-x64
1MiniIE/CN_...ot.htm
windows10-2004-x64
1MiniIE/CN_...op.htm
windows7-x64
1MiniIE/CN_...op.htm
windows10-2004-x64
1MiniIE/COMCTL32.dll
windows7-x64
1MiniIE/COMCTL32.dll
windows10-2004-x64
1MiniIE/COMDLG32.dll
windows7-x64
1MiniIE/COMDLG32.dll
windows10-2004-x64
1MiniIE/MSINET.dll
windows7-x64
1MiniIE/MSINET.dll
windows10-2004-x64
1MiniIE/Min...re.exe
windows7-x64
1MiniIE/Min...re.exe
windows10-2004-x64
1MiniIE/MiniIE.exe
windows7-x64
3MiniIE/MiniIE.exe
windows10-2004-x64
1MiniIE/MiniIE_2.exe
windows7-x64
1MiniIE/MiniIE_2.exe
windows10-2004-x64
1MiniIE/Min...ox.exe
windows7-x64
1MiniIE/Min...ox.exe
windows10-2004-x64
1MiniIE/Min...fo.exe
windows7-x64
1MiniIE/Min...fo.exe
windows10-2004-x64
1MiniIE/MiniIE_SDD.dll
windows7-x64
1MiniIE/MiniIE_SDD.dll
windows10-2004-x64
1MiniIE/Update.exe
windows7-x64
1MiniIE/Update.exe
windows10-2004-x64
1MiniIE/新...��.url
windows7-x64
1MiniIE/新...��.url
windows10-2004-x64
1Analysis
-
max time kernel
148s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
05/03/2024, 04:58
Behavioral task
behavioral1
Sample
MiniIE/CN_MiniIE_ErrorPage_Search.htm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MiniIE/CN_MiniIE_ErrorPage_Search.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
MiniIE/CN_MiniIE_Search.htm
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
MiniIE/CN_MiniIE_Search.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
MiniIE/CN_MiniIE_StartPage.htm
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
MiniIE/CN_MiniIE_StartPage.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
MiniIE/CN_MiniIE_StartPage_Bot.htm
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
MiniIE/CN_MiniIE_StartPage_Bot.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
MiniIE/CN_MiniIE_StartPage_Top.htm
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
MiniIE/CN_MiniIE_StartPage_Top.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
MiniIE/COMCTL32.dll
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
MiniIE/COMCTL32.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
MiniIE/COMDLG32.dll
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
MiniIE/COMDLG32.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
MiniIE/MSINET.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
MiniIE/MSINET.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
MiniIE/MiniIE-Capture.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
MiniIE/MiniIE-Capture.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
MiniIE/MiniIE.exe
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
MiniIE/MiniIE.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
MiniIE/MiniIE_2.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
MiniIE/MiniIE_2.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
MiniIE/MiniIE_FavoriteBox.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
MiniIE/MiniIE_FavoriteBox.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
MiniIE/MiniIE_Info.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
MiniIE/MiniIE_Info.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
MiniIE/MiniIE_SDD.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
MiniIE/MiniIE_SDD.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
MiniIE/Update.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
MiniIE/Update.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
MiniIE/新云软件.url
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
MiniIE/新云软件.url
Resource
win10v2004-20240226-en
General
-
Target
MiniIE/MiniIE.exe
-
Size
204KB
-
MD5
9d94d28ba02d8ca5618aa2522890fd50
-
SHA1
69fe8c955c91eda9cf177ea7b0fd77a488cdbf4c
-
SHA256
164abbc13f5215abf952931611328a369cdefcae681158d45c17adb98b444ffe
-
SHA512
c4f5a1713d348e4eb0abcb24fac5a23afe0162e339ea425cdc818996731afd8dc228a7a3a1acd94d80aa44b99ea53dad07918d94add29c1fada7386a814e35cb
-
SSDEEP
6144:tw+jHXPmIHnqxnEmw2hjJ05bOTN1B7nSWiR:tlm0q1/b5J0RQNLMR
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main MiniIE.exe Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TypedURLs MiniIE.exe -
Modifies registry class 64 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6E1B5150-DB62-11D0-A0D8-0080C7E7B78D}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{58DA8D94-9D6A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MSComDlg.CommonDialog\CLSID MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.TreeCtrl\CurVer\ = "COMCTL.TreeCtrl.1" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\MiscStatus\ = "0" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8A4-850A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F4D83600-895E-11D0-B0A6-000000000000}\ = "IListView" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F4D83604-895E-11D0-B0A6-000000000000} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\MiniIE MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\MiscStatus MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6E1B5150-DB62-11D0-A0D8-0080C7E7B78D}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7791BA50-E020-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8B0-850A-101B-AFC0-4210102A8DA7}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{48E59294-9880-11CF-9754-00AA00C00908} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\Control MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7791BA62-E020-11CF-8E74-00A0C90F26F8}\TypeLib\Version = "1.3" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E6E17E8C-DF38-11CF-8E74-00A0C90F26F8}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7791BA40-E020-11CF-8E74-00A0C90F26F8}\ = "IButtons" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6B7E6391-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E6E17E8C-DF38-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6E1B5150-DB62-11D0-A0D8-0080C7E7B78D}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8AE-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF877894-E026-11CF-8E74-00A0C90F26F8}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E6E17E82-DF38-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\VersionIndependentProgID MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E6E17E80-DF38-11CF-8E74-00A0C90F26F8}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E6E17E88-DF38-11CF-8E74-00A0C90F26F8}\ = "IStatusBar" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E6E17E8E-DF38-11CF-8E74-00A0C90F26F8}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BF877896-E026-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\MiscStatus\1 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.Toolbar.1 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\MiscStatus\1\ = "131473" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9ED94442-E5E8-101B-B9B5-444553540000}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7791BA40-E020-11CF-8E74-00A0C90F26F8}\ = "IButtons" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\Programmable MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{58DA8D95-9D6A-101B-AFC0-4210102A8DA7} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\ = "Common Dialog Open Property Page Object" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF877892-E026-11CF-8E74-00A0C90F26F8}\ = "IListItem11" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BF877894-E026-11CF-8E74-00A0C90F26F8}\ProxyStubClsid32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\Programmable MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.ProgCtrl.1 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\MiniIE\\COMCTL32.OCX" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E6E17E8E-DF38-11CF-8E74-00A0C90F26F8}\ = "ITreeView" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0713E8A4-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F4D83600-895E-11D0-B0A6-000000000000} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{373FF7F2-EB8B-11CD-8820-08002B2F4F5A}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Programmable MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\InternetShortcut\shell MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8556BCD2-E01E-11CF-8E74-00A0C90F26F8}\TypeLib\Version = "1.3" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{58DA8D90-9D6A-101B-AFC0-4210102A8DA7} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E944-850A-101B-AFC0-4210102A8DA7} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9ED94441-E5E8-101B-B9B5-444553540000}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe -
Suspicious use of AdjustPrivilegeToken 34 IoCs
description pid Process Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe Token: 33 2724 MiniIE.exe Token: SeIncBasePriorityPrivilege 2724 MiniIE.exe -
Suspicious use of FindShellTrayWindow 4 IoCs
pid Process 2844 MiniIE_Info.exe 2844 MiniIE_Info.exe 2724 MiniIE.exe 2724 MiniIE.exe -
Suspicious use of SendNotifyMessage 4 IoCs
pid Process 2844 MiniIE_Info.exe 2844 MiniIE_Info.exe 2724 MiniIE.exe 2724 MiniIE.exe -
Suspicious use of SetWindowsHookEx 13 IoCs
pid Process 2072 MiniIE.exe 2072 MiniIE.exe 2072 MiniIE.exe 2492 MiniIE_2.exe 2492 MiniIE_2.exe 2492 MiniIE_2.exe 2724 MiniIE.exe 2724 MiniIE.exe 2724 MiniIE.exe 2844 MiniIE_Info.exe 240 Update.exe 240 Update.exe 240 Update.exe -
Suspicious use of WriteProcessMemory 19 IoCs
description pid Process procid_target PID 2072 wrote to memory of 2492 2072 MiniIE.exe 28 PID 2072 wrote to memory of 2492 2072 MiniIE.exe 28 PID 2072 wrote to memory of 2492 2072 MiniIE.exe 28 PID 2072 wrote to memory of 2492 2072 MiniIE.exe 28 PID 2492 wrote to memory of 2724 2492 MiniIE_2.exe 29 PID 2492 wrote to memory of 2724 2492 MiniIE_2.exe 29 PID 2492 wrote to memory of 2724 2492 MiniIE_2.exe 29 PID 2492 wrote to memory of 2724 2492 MiniIE_2.exe 29 PID 2724 wrote to memory of 2844 2724 MiniIE.exe 30 PID 2724 wrote to memory of 2844 2724 MiniIE.exe 30 PID 2724 wrote to memory of 2844 2724 MiniIE.exe 30 PID 2724 wrote to memory of 2844 2724 MiniIE.exe 30 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33 PID 2724 wrote to memory of 240 2724 MiniIE.exe 33
Processes
-
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe"C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe"1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2072 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_2.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_2.exe FirstUseC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe2⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2492 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe3⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2724 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_Info.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_Info.exe MiniIE - ÕýÔÚ¼ì²é¸üУ¬ÇëÉÔºò... 1 ...4⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2844
-
-
C:\Users\Admin\AppData\Local\Temp\MiniIE\Update.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\Update.exe -filelist [T:3][U:http://miniie.com/MiniIE/Update/FileList.txt]4⤵
- Suspicious use of SetWindowsHookEx
PID:240
-
-
-