Overview

overview

1

Static

static

1

Payload/ai...l.html

windows7-x64

1

Payload/ai...l.html

windows10-2004-x64

1

Payload/ai...isiweb

macos-10.15-amd64

1

Analysis

  • max time kernel
    117s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-03-2024 04:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/aisiweb.app/TencentOpenApi_IOS_Bundle.bundle/local.html

  • Size

    4KB

  • MD5

    eb178a536d50a25f51c77eb780fa36ca

  • SHA1

    5d06cbc455fec0f591f6994e9f8e75c501e6e180

  • SHA256

    9f90d886d5750e7bcbaa148f9b9b3c04c3ba924cdf7962f37d97a5fb1cb59272

  • SHA512

    4afad9921f32ae28e048fa80c59e0ccb1ededd94f213aa8d94d268bfd749e753dbffc03f02413ddaca86ba2470411648c8839e41b13276df74d51681bbc62ef5

  • SSDEEP

    96:YDNWFcZTmEFJmCtu3hN0a4BkrvLG13GjiiipDJLu67c:L4mCEhO3B4Eai5/c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payload\aisiweb.app\TencentOpenApi_IOS_Bundle.bundle\local.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70bfa8a775ac552d84d38bd422fe03e7

    SHA1

    440fe35413baf8269cce309b359828d69a03817b

    SHA256

    07bca0d73857f1ca1bdf57d3927b5ff77be9b682bea783ca66be780721e1ec98

    SHA512

    74a3e1247829f12b5a9057667b5fc148af9baae5490c16e1a4953a897b0738c04b28e70085caa864a7d8d976832cebf1041aa2950ba33b79d3e6f4893b3a4616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41e4e48eb301f17b58827b0e4f0a81df

    SHA1

    896961e444b9e768c0864a9f145cfaecbbcce777

    SHA256

    4498eba06dfb826466102aefcda75cffab551d379fa33441d7a64f587c9fde4b

    SHA512

    0885f33a8774bfd1c00d3e925faf686b34794dc6f0339830adf5378079adecccbd236fc75ca6e1dc0c506dff5ec8b516730e0c5bef90dd48a0cf9f1cd31f2077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3ea52bdca15e6a74d94e962151fc9a3

    SHA1

    1cad2bed9728c1905e94c6156bd59e1624138604

    SHA256

    acc704fcb48a6006491e1c3851dbbea781e3caa1dd6739dfc5b69a3766224069

    SHA512

    1a20d837cd55fff9db174438404592a0ee312e9d6078e9debd6cb2d31956ed6bcf4169034daaece90a9662f2f094a0b37f2cba5435cafa2e84eb9bc23d5503d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edbfa206b9aeca070cb9ae256b72f2ad

    SHA1

    303eb1c160c3e94082ee7b4b14621714a5543a9f

    SHA256

    72139cec671db43c92d1ef9e1a23cea82acfc08246af1c5223538235a4c5d18d

    SHA512

    0ae4737d02a14ba6d69071a72427a3003017b29a4ac5a943f47e8e702d84ff91504a7c0d581ba2a6d08e00ce5af60b98e5d1258bca661ce4304441f43ba58e44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88a84cf76606ad924c11d4bfd92deb9c

    SHA1

    41a22fb85e99e594fb2fcda61a0380dcf8d10412

    SHA256

    c5d0f790c008fd9120993e76db335c7101f42dcae9feb5eadf1c2cab1badf87e

    SHA512

    705ff1f39a55a21bbcaa729a1f9d44d71685329908792c617b86d352233b1fee3899a1b6b8b8370f2acb898e1205a1cf47de928f4a8750842739080df85716b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57e2a1f048134187b45d551614e93589

    SHA1

    18bc5d009c60e1f25494eafeb9a022815f1922a1

    SHA256

    509c2bc52157f81f9ac7d23d9a0128189bcb928d24cda1c349047534391fd217

    SHA512

    e74fa646b0801fdfb2ac2b6a790cade8be02315f9d050403e4b1b756b3340f98024edc02d2525c90f0a2fd79b7b50065713d917f2c2ddb1e176153468838b966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20da2daffba05040612d4a21e2906de0

    SHA1

    d84899320e42b10e872c245ecadbaa0bdcbc1738

    SHA256

    2754f0b919cbe3e2737406ad3b723f92b90397860b450ce4417903a7df155d6c

    SHA512

    b5477cb21f01b52f554963f69d35d9690cefe6282f2bb93050895f27aef92d046ad28015b69a04992ee4f9873dd65ab611ddcd9db30fc2c7cf1b513579463781

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f623d76e30ad6cad9f85860c2aca76df

    SHA1

    104be629a08e3194f9c33a8e1ad966b2ff636403

    SHA256

    9d1686fbcad0b198d3b651f45ba7b6c41eaa0a1168e21fd9137594927aed76bb

    SHA512

    23c4703b7c53daa1d2aff7b485818ddc50198a33973fbac89746d993d4db8721b08910b4ba889e01a9057df522ec1d6d0197616be2c48fe54cc6bcd8e39fa376

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96b40dc628adb2b1f9cd18dfbf8d94a3

    SHA1

    c6124425e1eb25c6332b7431bfe32349231742bd

    SHA256

    94c634049811c0e11f5fc9e3f515cf84d9102913803814dbc0831ff99d33b8b7

    SHA512

    a4b944d8e16d75aea40fe2c7eea6548a71b55765eed467ffae3ed60cb5223adb4197647a741dcc4603937f7014a765ebe35712549437b33e5ffc46fa782fc982

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b70c312e39d82d87b6c32d6740d88b00

    SHA1

    d11e25927ceaaccbffda721833e0ebdbcf88a4a2

    SHA256

    b26935cac480a61a12682412dec55d12645663af482833764fa9f8dea14582ed

    SHA512

    6cac7db3db66fde7fa7b96d2820006175f3218098b750d2c784957ab4072740edf7d696081814fc41e50ce435be14473c7cea294b4826285091fde2282ea76c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b5d40a7226a83ea0631f249e13144e4

    SHA1

    e4f0e160c99632b91b50ccd284058925a983a9df

    SHA256

    64081ba65a1d7b1a035fffb0c0026b4525cc34a481d2af12cba38c0e62656ada

    SHA512

    1648b081be199e8f4d11ebb255f747a3456fcdaba45a5766192e57ea0587bd51e7fb5452c245de59148402d643d40550df63a56bc8fb89283e81bf8dffeb77b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eae6b6a37174341c71956a19167c03bd

    SHA1

    4cdca2151efe578772ff1a22015869420183ede3

    SHA256

    be1e1b95cfb0f9b748753cbf3abc8c2113dc5313d27f73fc654dd9bb42ce5193

    SHA512

    f40c8e56b23dcd781d8c2f9b07fa341aeb3227aa07028fc97585aade521dfdc4a4bc7578a632756beec1f0f818c773266958ca38b6f2877f9d04ae69b72031d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    840462b2a51742d6a0f63cf00fe2883a

    SHA1

    0d8111aa0bacd09b1d12f2be113518c33a6c5222

    SHA256

    3a9eee0657edd54d7eacd6baa02f3657ca20d7489a1ca2248201d9c683d7449e

    SHA512

    3f98a2e6424a262b533860e872b9d740393b5e7bd017e8c5d2f7cc91e198c006e34ff5420abcff8e5dd61f60c03bb7493d176bc356c8ba326ca980e1c9618c22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    391977e2004f930ed3e72e2e984f9b1e

    SHA1

    3b9281354d0616ce071831de45510b2a718e1bce

    SHA256

    8ffc54d55879bb76565c4f0f34d581255f1d36b60b9bb2b2af726fafcecdc8cf

    SHA512

    c0265d7617c40c5c82966bd0c0c069104e44a8b19ef1c3ab1a52d3d0c4e238a30a804d470fff3991f8f86ca22b7fa5ecaf7491e2eda20ec10775c8e3ffa07925

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F6C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA10A.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit