Overview

overview

3

Static

static

3

xiaof_toup...ass.js

windows7-x64

1

xiaof_toup...ass.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ion.js

windows7-x64

1

xiaof_toup...ion.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...Var.js

windows7-x64

1

xiaof_toup...Var.js

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...er.ps1

windows7-x64

1

xiaof_toup...er.ps1

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...ina.js

windows7-x64

1

xiaof_toup...ina.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xiaof_toupiao/library/Alidayu/logs/index.html

  • Size

    2B

  • MD5

    444bcb3a3fcf8389296c49467f27e1d6

  • SHA1

    7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb

  • SHA256

    2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

  • SHA512

    9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\xiaof_toupiao\library\Alidayu\logs\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30c6bb6c9953aa5f6e8d1df24f9f19e4

    SHA1

    0646ce64c4b86a6f8f8b5d6d18f675caee4f11e0

    SHA256

    945888b11bc35e3ed6392bb2cb3da24032ea95eec69bebfbdeed4948e539cc94

    SHA512

    9968b485b4f4c7c10a83804fbcb4e855b090100c809081204e43007893000d85fc56b3ab5f179041666977dcce3490407bac5a10ed7e8e13fb0d648a34818ac9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65e3d978bb11218ea6fbab4860712e16

    SHA1

    c8bdeb754378356d263002181a6253f9638e2070

    SHA256

    bbcc00115a3c6bfd96fcfd116cebaa046d2b8c2c6d14579ef626f67cb0d23cd3

    SHA512

    f4e2569d5dfb7c9e9e8dad3d9531205d16f89f88a33d755066fd01bcbe8dda71264ea48277fac3ab6e9b084bb8aefae596bcfe4b1d6663fa4de96cfc22fd4935

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6772025531fc9d35b327f4845f9399b3

    SHA1

    d8d385463e5cc9042b0689ac8a211abb2afc2647

    SHA256

    a5081c1013341fefe6cef9a5aa48e08da425b00dea2fe68ae42cc7ca7c52e21c

    SHA512

    f01e435d8ee5e82ecc954a138c84f6daacc15e4a99611b3634fe72cc91333572488790d8f55983cca423bb8a8f08768b4b0e9bea23b5e4214f794bd33995324e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88bb2fdf6d13bcbbf470345c79fac813

    SHA1

    84ba88325330f54112e5123a1633869215e5106d

    SHA256

    5597b38f2c1b2c21e47c62cce24ad9adb750ac75ea8ede416a620b73e5fd20fc

    SHA512

    ec5bb972f303fdf8c2ecddaca0656150e80bfd7f6c6f9a1c4db67c4be96e9a86510d815de6a3894486f408a9bc6b876c2a514009ff0fd8e8f26b92ac3a96e64d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4b29c6ec6b524bc7cdab7fb40af67b4

    SHA1

    e3e07eeac29a36d41f57b86f443c3524ae59ddfe

    SHA256

    96c0d21e1ce213e1ce432de5e4ec7dbad25cd804a44ba26698d4681eb3202ad2

    SHA512

    0632566364027693119abaa108cf8542caadd8bb6223010b4462fce9cc1109af447c4c7c279817873868eaeee404adb4caa3c3d57a215c758993914c7d0108ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    153bf2e24a464277a600b1fdd8b81ba1

    SHA1

    d1895e5a09b3be4b27efd52a7ce2391f246acfa0

    SHA256

    0cc62ba00aa31763dd5f99de62d90603a8d3d7130488feb68f928f751ded1874

    SHA512

    1a3315bc37a9eb674bb4934ef682bb6af05b09256914dad1d34e80f5b09bcc9480ec30ef5f2802c12726afe648477a6023e97218e520f664bfe7348955ea4295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0871aa475a9d9d77ad09dff95937be8

    SHA1

    985359ac3f2858422108a08fa6e972e13a4c1472

    SHA256

    14a226d24e1cb368dbea95af6dbe9dbbbcce4cbf1236aa713a27d9cc502c65cb

    SHA512

    58a1995af5dd56f6cab15e7e8d14d619c1bf5d2872d6bdaec062a680bee6a09ad921bf0322dbba6858520bbd08c50f6c863f7b92731c03b9dd2e92a8faca5f62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c42a5bfc9118bc3648d34c55b32e44b

    SHA1

    1c746edac3b01b65bab626dd4cafc51d000dbd7b

    SHA256

    5aafd356fd553597eff7335954d7448719d903f90a4c8ed37d48bef720485c96

    SHA512

    6b1eba7f4441385e4639853f146199d2837f8f1e96348ec77a5b0e87a56e9d5d8cba981ff0939fe54d4ff7f4e2761b183bcaaa5d96caa6b0efbdd3a64d722ce8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    319f2726b79e63abc689ac7394628457

    SHA1

    6dd9eae03671926393d7507671741b72462995e3

    SHA256

    ffb597f70acbdf2b77d6f427a91a7a2bad5ef1c2fa3164ff2154b1f97e5232a3

    SHA512

    f6c9bd505f529a6609fd330e7569b6bd666732c2ac4c5a80236e117c88ae6b6e5c7fd108b2af9fbe31459b834d06582f82d59b08c3f066f6430856aeb72dfbbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8679cb674dc8995bdf3c7c9a4ffcb95a

    SHA1

    903d55e744e33117c86abd90d9544f672eda122c

    SHA256

    86c27ef31dae7aabf5c2ac385ffcc8139f013c8a1aa8426e8f34348fe9129aa2

    SHA512

    a315dbb955c8e5b3d76a6ef4d174a9edb532426e265be95c3da5b9d3cd889d8ce211503643e0a6cf162fa7cca620228695ee8f50e0b6ff4854cf617343d6fa63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3204e4c75f4058611a32d4b892a4daae

    SHA1

    2be13417d4abdca6fd05dfdc34c379acd0f1aa07

    SHA256

    cccabd41bb85b1d2cad6fe0750280ead1c16a89e0059ff62a55e226f9ea2285e

    SHA512

    0cddc30eac66a9f0529fa3a57da3fd4d251f8a1f54817715d9cc112f192a1a1a278c377ab3126e785f0435fea21be6a80d8d6b41a4d4871076545779fd2f0623

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a9e2bcdac2148e730674b926e449599

    SHA1

    e14b089691918c82d24e8019cbd76ada28607f27

    SHA256

    1552d7394f5beada4ddae8a3ce7cdda73fd91d194f8b6b018b8362faf4bc2b95

    SHA512

    17f364eae2fba80775f0ef793952f8aff596630f3b1beb99b8da585454982b80662b599fee690702f45dc25ef88838fd05aa657fa3e0dfcd41a84197c0ea0514

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D94.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F03.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit