Overview

overview

1

Static

static

1

网络同�...u.html

windows7-x64

1

网络同�...u.html

windows10-2004-x64

1

网络同�...p.html

windows7-x64

1

网络同�...p.html

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...unc.js

windows7-x64

1

网络同�...unc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...ex.htm

windows7-x64

1

网络同�...ex.htm

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...inc.js

windows7-x64

1

网络同�...inc.js

windows10-2004-x64

1

网络同�...nc.ps1

windows7-x64

1

网络同�...nc.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2024 18:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    网络同居程序/admin_top.html

  • Size

    598B

  • MD5

    15a4b3c9f78ad7c033e8c9eaaee065dd

  • SHA1

    61665559853695ef0faa1b559a384ffe73b52d1a

  • SHA256

    558e633d223c2513e234d58b74193ae3a6b2d17c3ead210ceb1cad266113e2f6

  • SHA512

    2b7058c03e2054767aac8b281e9f89fc831fcb1c8754e2f6df284ddb8df51b0be3ea9137814017748308be609907249c7ba706e0b4cd41872472c97848eef0e0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\网络同居程序\admin_top.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2224

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ad29f8272b8cb0bb2516ff5a4030292

    SHA1

    2c68e33014ac4bc03ae2bc48e3bae360e3af5392

    SHA256

    46e3be760580125ba638a2c480e10bd2551b4983407a2545bdd81890df39054c

    SHA512

    c9d382176b8b2cffd9d02c20b6882ea17bb210d7a43b460ab9d2de34821bc1bef0b63249e5a79c27497684cbfbede5395786e697e8cc11d000d45e7ca21ec2d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56b4111554ea482514955de20d192a0a

    SHA1

    067b7813ac647348108bbfee003081a3b933d00d

    SHA256

    a7eb3279fbbb24f0e1b64074d1d7824769a0f337a030d3ca8b09964cb968aa2f

    SHA512

    d443206d715000dea8a48f4a4b9f1bd1bec1580be3816db7c0a53a11d8f206293f41d8db89542b3c65b93c669c836557552d6958c8b82bcceb2a4ec44bd692d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33dc77fff23df5cc8c1ccec0f4e808bc

    SHA1

    8ed7a32911dce201d45bbde6aa8c43ab39c17c32

    SHA256

    af475d43a40143d8fab72ca336ae8011e61b26e70acc464bcde2e78a3813254a

    SHA512

    87ad29043be6f6dbee47663a83bf4b47235825e5535e7767b5779f8bf264c45df71858c8e9a462f0f35c07d957cdb6028be6d2a6c844c2e61d50d84e54ec48c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8a0e45efd4c6f81583b020497dd7143

    SHA1

    809876121bd954e3e991185d541c2d7356c22551

    SHA256

    f7952a0713500c286af2899451aae06a0b036526edd5ac613254be504153b038

    SHA512

    38eec7c3bcda202a870d48d6ad5a7b1fbd5d28dacb1338b176289a4fc3eae74d178d8e96cd8d654127fb5cadc9020c0a32a962f6823ccfe674fee78f8b00c1f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3c6203ca740cf0320670bad355ed166

    SHA1

    7c0da69d1a5e502bfe57b521a5283d9947de1462

    SHA256

    68ff7aff4a0607d0602fd0b7d580c9f9ee4f3c818d8d806bfcf67a51ba882caa

    SHA512

    4a08c514cf720ae96cc28de800205c527895f12b14d6ba47e07e55611294c2f7c6b45865d59473e6c664508c33ffa7aab5daffd06cac6467883bd5d109856d89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    addbefe430025f8fbf01e27349c5f2f1

    SHA1

    bfa955721bf9936251638495229bee05d2c31c32

    SHA256

    938f674cfc2f14f34316e7219a4602f40f7e36a01b09987bfa9b01d2911d5f11

    SHA512

    418e39c420e2ff96d8c21dd8c2e3c9eb2759db5a3c2042991363b86721ec7bcbee14f81761be772907c7d9a934493196c292997a0aba8eeadefac567438c4ead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    119d3976454f0540dce663d423eac78e

    SHA1

    5c9c95acdf9666dc9df3224b82d5705df05a17a1

    SHA256

    be2fbc047832b5e9ed843e30447220a1f42c0d722d66b7bd172ecf67bf4cf690

    SHA512

    b89be67b405c1fb83072ea5a6964f25a0de80875a6e48dc3e6a7eb07b5130996cc379448d3527215b0d61cfaffeb121165c866767d11098a57d105ff748c3f69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d51c2ac11a57355564de973e48fa464

    SHA1

    5d48ab51fb0b0318bdc0447e51a7103d7757652d

    SHA256

    f25da0e997485824127185f0d5a4864d748ab7b5f70c341f873bce19d5033d9d

    SHA512

    9897c8097f751f8c33a0d04fc5d06c464aa2f1ba9d584b772247d94ef82c60107ed2facb9df7ec5b7d63f5a96dae82717bb2c4989a0be2ddc5d31fd62ed3cfd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8a34bb208d9bf47a64b6acc446d5522

    SHA1

    30cd4f71dad565b3dee6208f6c040e89e959ab5a

    SHA256

    74a1d67e6d29c36de0481739f52581cc900e3186ddc15355f7c0c2aca36e38ff

    SHA512

    59e3fdc1be51ea1394d02c721b36d7a08f4a88226e0820d3a94cf95bc13170985c81950fa29fdda2d65aad41a3a6500919f71f224af534f3ec4a608c21dabc85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36b30025080cc435ac44ca7a48a8618b

    SHA1

    ae08c35b11675dbc0e7c2633f39fd3ed8ff523ac

    SHA256

    2a51404e3a3cf4442bf2442d7f6e4a077ca0ea9baac437fb40414d1d3105dfde

    SHA512

    be5adc8337b59c9626e4f1c4b31f856cf65b528f1df5856dfcb78448fbe24a26aa120bde06c169b263aff7b6c91b7afcc6538437e01fc7cf24e39f1e2ca517bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c09ef8bf6bde1295d795e66e8d8099c3

    SHA1

    1a1fff17bf562ea0edbf19df37776e4b331f7a3b

    SHA256

    f6dcefd500d5355a020d4330a580fc137a6be02cec0651ace12d6831b52e3763

    SHA512

    f33d61a8c343961d7b09e69589672e095d453cd419eeeb875dc07c7f27ac2e1580ded6a8565e35991fe646f1cf5cb6741fd75dea65bb6e2c72166e70cf0c2e73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82f02c61abe9b256146a8e82eccc55fe

    SHA1

    ef7396f634f063f8a52755b8bd3cfed98b853c9f

    SHA256

    cf4be5e078fb5a0fef75fd69f0964229afdc6fc97c569d8fcb9a91a4b06480ec

    SHA512

    ca06da8d55a0e87481413bcae330477da11298eb057af52661ce36ccc391719e116a1eb0b6c54ce9dfc4cdbd98de185658dbeb65c202c404291e4c668ebbb337

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f8f69ba6833a216e901e9f13a03ed27

    SHA1

    60496cb305debaaf877d6055c30e58b34c07238d

    SHA256

    76f3fb602f07d171f27357c46e084f998592df45cb8752e3c50d58ec4d705981

    SHA512

    e22e32af4f452983e184f55a555bf4686d3e7afff98e1b7eb4761184f51fed2b04668ed58eeb9ef50239c11467d5fe00c7cca12ba7b4d1e6c1b9b1575d5c79ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D9F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3F5B.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit