Overview

overview

1

Static

static

1

ad/indexad.js

windows7-x64

1

ad/indexad.js

windows10-2004-x64

1

ad/moviead.js

windows7-x64

1

ad/moviead.js

windows10-2004-x64

1

ad/playad.js

windows7-x64

1

ad/playad.js

windows10-2004-x64

1

ad/tonglan.js

windows7-x64

1

ad/tonglan.js

windows10-2004-x64

1

ad/新云软件.url

windows7-x64

1

ad/新云软件.url

windows10-2004-x64

1

admin/Coll...ml.vbs

windows7-x64

1

admin/Coll...ml.vbs

windows10-2004-x64

1

admin/Coll...ax.vbs

windows7-x64

1

admin/Coll...ax.vbs

windows10-2004-x64

1

admin/coll...ng.vbs

windows7-x64

1

admin/coll...ng.vbs

windows10-2004-x64

1

admin/coll...ie.vbs

windows7-x64

1

admin/coll...ie.vbs

windows10-2004-x64

1

admin/coll...ng.vbs

windows7-x64

1

admin/coll...ng.vbs

windows10-2004-x64

1

admin/coll...ing.js

windows7-x64

1

admin/coll...ing.js

windows10-2004-x64

1

admin/coll...on.vbs

windows7-x64

1

admin/coll...on.vbs

windows10-2004-x64

1

admin/coll...pe.vbs

windows7-x64

1

admin/coll...pe.vbs

windows10-2004-x64

1

admin/coll...on.vbs

windows7-x64

1

admin/coll...on.vbs

windows10-2004-x64

1

admin/edit...ct.htm

windows7-x64

1

admin/edit...ct.htm

windows10-2004-x64

1

admin/edit...ct.htm

windows7-x64

1

admin/edit...ct.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2024, 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/editor/FontSizeSelect.htm

  • Size

    1KB

  • MD5

    340bb54f48d1412fe967980829184881

  • SHA1

    73cb77d55ae5c23f356f705e0ae5636c03fa842c

  • SHA256

    250fa2e139ab280d39ea4649efe2883ba97f4ebd86c4091a8494c1037c31de6e

  • SHA512

    66a088a56f0730704611521f3e289edf30c30ae29cc878ee9286559559ad2fb6520cdf622d6be0a8a525594e3f0ff6e1bceaf59b95b75ecd07fea3d9a9d868d2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\editor\FontSizeSelect.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c71e77dc83fce7a53c187c1f7a1928f

    SHA1

    243ba8d8a6f63fc394a9ac56d706327d6a8b82b3

    SHA256

    a5b2bd1117903004017ef3713c5d54de4bb4266f568ee9085fa64e57fd778c44

    SHA512

    173ae3e9d16af4f2c186a7f8e92d552a2c5e5b7dfa13a25a74e5090a07d4f748386cda87f4b21e8d5ea35e6fc303fa15804384fb072cefed19fa06077775e15d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    173e57eda247284a0a929c82190e810f

    SHA1

    9de6deb091d7799a2dae7f4cd7ee1dc21688d6d3

    SHA256

    bc5c00da8b5139a5a80b1416d7d632c3fe7a20058eacaeacecd3b2fa9754bfd3

    SHA512

    87f4e6bb2ca855de4530736cacdf38b6c98139391b8135de663d461e13abc6c3df2dc074228baf7dc2b5c8c288634ef7b534cb60ad7b56a54a5399ee4932ca7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b3c6ff75ca79a1154f4bc933cdcae06

    SHA1

    2f9e7f1e83aa2d461ccad262bb0d7666a68e96cd

    SHA256

    ef988710a02178c4b5295d0080535a6168361de513fdd25c202f767310e9a541

    SHA512

    e4b9293999023775bb4626d61deb44aba2d8ecc2dd0bfadef63ea2e0a3272eb161b2ef5409eaba6504a14006600457ddb5122de803db531800dd3772ac0f2990

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7672a1c1963ea9e195b086d9f943297f

    SHA1

    6a9908a689aa17aabb549c4095ab2022cd14a757

    SHA256

    851e2b9150c39606702bcfa9a6b17b6346d36d0c12530837ceaf4d2bb6571348

    SHA512

    4daf2e9cae1f84a3257f433ea5ffaf9bbe921720c4992bff8cb8a6c9183b6d18b7cf0a2167287db2731e2d635996a9e94b1a4f43db1854c4aa3e7e73d592ae35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f46ef9616c35e871db4b6c60fe42aff

    SHA1

    c8e2af32c145f7d62d04521c93a2f0e0d8c4ca4f

    SHA256

    8e2c1f7f3a9da97167000951c5eef9319770965c4ec649f08819bb71e96c4355

    SHA512

    fa76721e1dff3b6cfeef7f8347274df77da263fa4546e9e46286904197d453d9dc41632a680d1e2ee89018fc39214dbe80940b17a3c85115121bab691943fbdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e06b372e2fdd0a181079ae415b08b132

    SHA1

    7fddca46487c1861831830a0b976f26c036ee37c

    SHA256

    215778577b649691110c56c5bd4bac2076d2142fdd4c1c3f37f86f98c6a91d88

    SHA512

    282e8399f022d90e2a65eda0959e128b8b10806b6bbd3ec8167da388ced8d8d5294e89580c2357b626a87f252adba4df553eff31e66c25077f71585c128da451

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c24936e48fe34c7a1af8b83092d4848

    SHA1

    47354d67ba822479386d52a2ddc281bc806afb21

    SHA256

    bdc563d53ecd22ddeab9bbdf70b8b41874b0863c63b0161fb0577bd14a7f6764

    SHA512

    882bef80b860f1ee1f8e8dd82afa2bea4987b6c5b348fac744dcde6a815e566f4808490779d79d97a5f26f7a6dc6bad965b1442e0612c7821bdc65aa07b27926

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d3b9c322a34fc39ef680f5d3f2038f4

    SHA1

    57ce0fcf8e490edf87bc83ea1ed131f00a8c11a2

    SHA256

    c69b4cbdf8d8d6d4e74ea33cd2ed1829b64a44047b98af708527b3805f3638e6

    SHA512

    7149cb55c2295619fc66a600ab8f134c5111971093353289de56b907de36f3edcc29637e70386376141a7790dcecbb80592536f8b1491d8713960d7ef8a00cf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60225b86a3addc16c4f2da2ccff5afb7

    SHA1

    806d1120a5dde854b51c1e3cb63f0409b5b997a8

    SHA256

    01a5c8bdc01318dc75a445e41f58c579bdc41000b4d47ea4ae86463e6dbbbdce

    SHA512

    d50af4f0d4f0ecbb1f2d4d519c3cb53051184d97aa771aab3f9f5b4ec52abf0400da51a72f4a637dafa1c00fcc40b0ba133062f54d0d8112d7b3036320e6a63f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0f8a6ab56fac44947a2698190fda78e

    SHA1

    136cc9a972400fbb3ead7df6d641766d772747bf

    SHA256

    bad3e0e86276f300049095356a2c0e1a4b391bddc1b6330b710f49a076fb2ea3

    SHA512

    ec498e20994e630a6c67c631c24c94689c695e9cf619ccc2b45401b6bebacb986ab2e09b334278b22a6225afba02fd69e8ca4f04207e6283feabc9780896ea73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53521ae25ff0b999ff251cbb1b5597b3

    SHA1

    b01991003deb97b0264e03c83fb62cf13faa70a3

    SHA256

    bb19b545c8e7280734fffaa36d033b807d739db26cce4fea8d5658b3d7e2f825

    SHA512

    8052cb7290bba31e3c268fb41fe528fc118738a46d386d2c263d369fb68a402561df11d664f18b2086bd1965987094395551fbab7f3e92a05d6b223a016f8b2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62dbb5d914e08ca50505c939dac76a1b

    SHA1

    2945ce67e07f25edb80ef1372434fe1e26cbfd74

    SHA256

    2af0c65e7008252b5199904dd8165d23097b366c0ab519b6dc18e2053c4a3e46

    SHA512

    080d7af2b8b96998325cad2ee43fd1df9e85856804a7ef911c43f0de27035bc11e7cc448d54c25e4f6715ef9e22df7b3722a0b27dbfbbc606f771d29c7b1d416

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C22.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2E0D.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit