Overview

overview

1

Static

static

1

网络同�...u.html

windows7-x64

1

网络同�...u.html

windows10-2004-x64

1

网络同�...p.html

windows7-x64

1

网络同�...p.html

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...unc.js

windows7-x64

1

网络同�...unc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...ex.htm

windows7-x64

1

网络同�...ex.htm

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2024 18:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    网络同居程序/bbs/admin/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\网络同居程序\bbs\admin\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18b126feec34c8ebc52e9bcd6767d84e

    SHA1

    c7ce2abf1dafe645c2d23934555bc3277d91bccc

    SHA256

    3a1f3cf7087304f09948e0ff7efa7bd2406408725f9409b3291bfe3fd6bc2ff9

    SHA512

    0f69c36e0835f8908126cac12b77a2af2d0a030a1c7ac0dc7e6076e7a9ad6e6243642effeadae16eaf3c47d6c8bd014c2961d8a3df0c5ab3f9d788714af36ab4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3c4ffbbca63a4cdd51398ae2123a211

    SHA1

    5b447cf927286315f497517bc5df149548fb03fe

    SHA256

    7eebbd73a808e2006dc3fadcd970ad42dd20eae72d30bd0a0a880b7d3cf0a6d4

    SHA512

    e41cecc44d63c64da17a2e707086cb3174760baed626dbd29bd728ab49c6470be3328992f63ed9e86677796fc776b7608798e396c02048879a9bed8cedd5efe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22f067ab838a03c85675c919f28a62b2

    SHA1

    d068026f3a43a4e18221b587f3953401416b40ee

    SHA256

    28443951121db5dc3d02d68f0cd96a83bb476642bb4f812338bd24b732b68b1c

    SHA512

    8e15a7a8f564f0417ba392d169eb47c5e571905e2ca5c28702ebb7fe93d40002302bdea8a3a7da9c5e4b22aa79e13a8faeaf24fbbf88ed42f54c6ed6afd694b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99b5ec39b62651bb9c54c71988fc651f

    SHA1

    03f391ae5045c981f451a94ff0da12bd18de2692

    SHA256

    b399997c0694021459879b9d83ce4018cddf0a12c259228708072f5837e4bf99

    SHA512

    e5820f67a2a1f7f1b6d9f6f3b8c4ac19d9b67cdd90603f74379fc0089f1592ac10b8e1d737dfe748bf880ef7249a346e1d071e2a18f9340f43a58cca653166e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a49f23bd7d41ea9d9bcfc1f163ac71d

    SHA1

    d1706bfaeef917f5a4d8e2b45ca0545c7e490037

    SHA256

    7f5620e1f026648a2323128f054cd0ccc0d0ee5f0e31d98072964363ccfb3173

    SHA512

    6deed8b20f7002dae488f32820d384219f66252fcf00b9090f347060295fae945a5d62ef9017002a0b0896e9ee2399be142ac752fe1554e555c275fa4471c80f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd80132c1548c65f4318b13aa047cf80

    SHA1

    7f09a64b1fb76d9400fbb21adb610de95455efe8

    SHA256

    c44e84a4132fd78f2d878b1e490e8e34f577760fd98bd8600b6f63b852a04172

    SHA512

    89a7a158e3ede59459a33a880c1cf00ace37c36ebb26fc1e9738fdb3ca8ce1776f9531e708f95cf09f952e5b2b28c20f3d333768ec877857459b134a990b285c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b680e96fe56e178651f322d2af7d52c

    SHA1

    118870d0a35db837668d659dda315626dec4700c

    SHA256

    744aed51f38ccbd7d8725cc03ebe560adcb33d1d34851dd48b2f2749f67dc3a0

    SHA512

    dc5a913fe59ebd6c33a78679b2c9314bfd485882cac5efec0709e7746c19970be7f06ef7dd6855958bf7743cd95e93536162c46e1cef7a5904f7f6625bfa72a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    334271063869c24ff84e9002e255868d

    SHA1

    fdc98b24050c7784641a9fc7d06e82cd792cbbb2

    SHA256

    3ec79f250ff88d88aca9459247e4cbceb7c18d21986c6be011ca3b3d8bd54e24

    SHA512

    0ae17697774d5744e5eb2a448ce65558e0965fa2e2c50e02fb6e8e906ffc840b11cc2c938590c1d85df0f3f90dd51f35eb11e637a5fa6392b2d92dd88f899d3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA029.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB287.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit