Overview

overview

10

Static

static

10

2022年全...��.url

windows7-x64

1

2022年全...��.url

windows10-2004-x64

1

Warm Snow ...er.exe

windows7-x64

1

Warm Snow ...er.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-03-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:1424
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2628 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeaab7b09a4a3dcf666ad58d7e7b2128

    SHA1

    332fa7025ec52f55f4049a3741d48e45ea6efac0

    SHA256

    9b20a4bcc4ba7d83ca77baa6cd9a7d8ef1a90e6f5349250b1994e8852c41df2d

    SHA512

    d1d9df8f646fcaf26a40a492df3740d4db2785a03d7f5935fc487a0611532b5825fbef393140355e8005666bfbf9debc2fb093724f8a0a191ee50bdb3c6b872e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f96d877a64ed3eba33dc44f6f8aff75b

    SHA1

    77c297272b92ff1a6620d17816db3bc2c6c92400

    SHA256

    6568557f38ef54e011e0c349a5f4e8940457a3b08843b5c20aada3ba421aea7d

    SHA512

    b44954d7ff1dc6e8ec36af92abeb0f57768a0c1d3d22f233d3b1501d96a691580c1baf1c99c26242cd91266fa4b1a365f9f038305a9bf007487ea4a3ce09583d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cdf424c6467fba2b0ec0ae5d44f0028

    SHA1

    a916e0aa47bbac44266485325312f99471417079

    SHA256

    1eef6d4cbb33ffe1f0252af8e9170f4bd19dbf94f7e55974d53789b6d0024d87

    SHA512

    4918ead458e838ee438c10f636ee2297266ff89ea867c6c1629841dac5e3831ba16fd65657bf1ebf4dea6d76ddabe677e8a0582085f2907352072761e95f0f1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9cd8d5a99f6b324714f18158e296ded

    SHA1

    3dbe3c038545ce1ae33bd67bd260d587721802a0

    SHA256

    2a39371600111727653a1025e345792c436b40ad3422ea1bc65057398ee6bef4

    SHA512

    e7bec4702fd0f1776e05c7d5e8f2489072538d460fa2375fbd88c8a6b6d2fb27f03b603e5355eeafa2af37ec8318627a11b0cad8c30d894e2b8d93da57b1e68a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15aba1c7deed2e42f48bd72cfa4aee79

    SHA1

    c6fd60a01699760df28fc52583f5109075b76c91

    SHA256

    50bb62968d4f7e4b872518518ce8441fe0e7ffc0760ef05536ab5bbac911f371

    SHA512

    b93d9cf9fdc4855cac08f32b9a11838755d1fcba4fab390172b7ec694d7b01bc5faed29ccfc44bc571b0402d40cccde3b4352f47c9b52975f9bb8700cbb81054

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c05fe3a2806386bb33e225921aa870ef

    SHA1

    ff55ae5b1a8a273bf512693649a2356701974618

    SHA256

    d192029a745a06cef69f355714bf10b9c10d9372cc1e41f01df680288d0dd3c3

    SHA512

    0930962664c14cf48a740d258531c05fe40d2e4fb8e01cde72c8c9473dce4f21eeb72c162126dd3aa943ea5f4531ae32208b03775437387ce2b469f2cfd4bec0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cb7b02956051a00b515d24436c25614

    SHA1

    85ac8439f0cc817c74ababa2ad9495f25c6c417e

    SHA256

    d33bd39c198c50cb402a0393aa2849eadaec83df83ab677944e0668552f3b8ef

    SHA512

    df02a1968aa11b9f6d067a7a9fc54fc2db1f5812afda20055cb94df2e548fe1b37f143c3ccb9f3332bcc8198032ddb6590e459e53375b761e76aeb8932f74062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    058753d5a7a95e8f5d8c580e58a2c050

    SHA1

    b81ba119d4a19feb84caf0fccba68462f4c16ff5

    SHA256

    ba5f9f8ade4f224b4f12c39623e21dd9dd699679b8835d7e66e9195249b08d4d

    SHA512

    d55640255d29b98a0da3eedf641481c0a2932ec19347e5009b5b7dcb85a61927914dc54bbd280c69f1a7920d794c33e3e14234a247ce05e91c053e4357d58367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29d2b9a95f1ba170efd8d0d0e90cf7be

    SHA1

    a17fa8407b3549522f3b70c403a1f6faf4d54d4a

    SHA256

    6a2396f9ff0c0f3e9d47e65b7b8ce8ca0af2653ddaf4e4e3462649adb41e2ea4

    SHA512

    9502004e536e0ad6c1aa52db0bd8be5341cd68430529c4eea0864bf158d3d13ec7762edeb508a079300a831799aba8dc960a69abbf84219be44e602809d3f463

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c04d52377887627e5222f715d9ecd00

    SHA1

    e37c1fd77761d9b665ab59568a0ea2ab2dab9e49

    SHA256

    9a2a78065e04a253cced5b5c80886a7404fe6e1e31a75a801651f2fb5f5eadb2

    SHA512

    6340ce90663e4cce0993486f06f49ec4d7682b4472bf84da5bacd767569a69d1742bddb558fb3d37490deef18bc8f605b2a69bb5475d3cb4d1c21df3ddf44f23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b1a0f5eb0759a95bb2eb5e3ff36f293

    SHA1

    64bf46069ad06ab2146b6773cde47607ed1c871a

    SHA256

    6dc8eb02ed01d0d0c2892b9d024c2179c74c07c6d125c18839f21e99fc2570bc

    SHA512

    e062a8b5f751dc87fb430cdd9978a2898e2ac7cb8e35559bb7bbd090c46ba57a29098822570330377576f409925734d1b45467dd78546faca4d94f3cfebabc96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f4f0edeef1489c21d5a2cf7b8165346

    SHA1

    8f0fac026aedf6a2e9c4a8e5d9d7e7326fc6ede9

    SHA256

    eb48ba2b64eb7d142e5e3cccf7c3fd69c94465c7fa66fbde1a92aa7800820dff

    SHA512

    2025474a913dcc1d7e49bc3f1cb2a88389bd84562433d9707ab3f240b4e6274ab9a432c380d025d9d81e1047a4811e914abcd5689a80af9004fcffe3a8797279

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5512.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5A1B.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/1424-0-0x00000000001C0000-0x00000000001D0000-memory.dmp

    Filesize

    64KB

    Download