Overview

overview

3

Static

static

3

xiaof_toup...ass.js

windows7-x64

1

xiaof_toup...ass.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ion.js

windows7-x64

1

xiaof_toup...ion.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...Var.js

windows7-x64

1

xiaof_toup...Var.js

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...er.ps1

windows7-x64

1

xiaof_toup...er.ps1

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...ina.js

windows7-x64

1

xiaof_toup...ina.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xiaof_toupiao/log/index.html

  • Size

    132B

  • MD5

    3f12ace2ae56bce9e8fd32dd80046e45

  • SHA1

    4a50a0a702f2bc7b41ab9f066ca0a6fc43408fb4

  • SHA256

    3a4910e3ed247925e4fb84f312ad1e1ec0a2e45196e75f13c59138ef6f11ade3

  • SHA512

    654483399c2d263cbd6020b5ca73aa2e73d78e310fcb0b5abe21cadddfe5922af88e97f6743c9c4ce5d2f6e7a0e5344c0b94fa0019f5fe8c55aa09861439ffaf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\xiaof_toupiao\log\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a16cbee47b2a7889bfc55e439f98e8e4

    SHA1

    8d381f8994cafc30c46a7ab56e892be0e1229412

    SHA256

    698240968d0efa502c8e4ae46ae90a85b3a04ef10eeda6dbf1cb82d6a906157d

    SHA512

    6bd496fdf636a3be24fce1551229452fa271568fefd21fec35c28cffaefc08bc983e41953be35b20b03a923fe137b63171c2f41614ac69bdcc8244c1cf22020d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00b601503f6f0c203bf5996cf13795de

    SHA1

    8076de15316d26e97b19b089facc58780cbf23a8

    SHA256

    39d6b52bdf336c7b7ef119131abc4a541e1b8bbccbb6a7bbd8a01d8b78dad234

    SHA512

    5716ac28ddfd633c69ad8cc354eb1665bad5173f432e1f9ab4dcc5cb42c8e419fb525de433d7f5e91ffd7494a7adfa639f4b9c30543d27394b758830940abf7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    955098b7854c46349ce53929a7e8deb3

    SHA1

    4e5ef61ae7b9ca4abe0217ab832f2297253242b5

    SHA256

    c799a3c3c1864aa8a3bebbb7c7bcff8fbfd27ca93227daa0715867deadad070e

    SHA512

    c0513e8b1a9fe148fc6a6668586315c1ca82d523bccefb18ab66cfcd1eece06ada89a1beb09151b4ffe9f9b9cea113816e36ca00f269eb95dfacd502fc6ab97d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    912b7978ad8d13188278d417a832515c

    SHA1

    964fb2711d4edaeb51bffc2847171505a59fe3b0

    SHA256

    1516b0547e77cc1b3ddffaa42f393fc0e88d23da66ff77f07f10d120572aad12

    SHA512

    e48f48f914568d05127821cbe8c01142e2fbdae4919c1b4b18446f62e173f06ffd061ab104ba72498f49b826b369e9938b17ac14baf788fce22c645376ea7ef2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a29faaf02308ae3543328d92cb4dfa79

    SHA1

    0afb84e95e3bbd89a3c6355bca750daa553a3a51

    SHA256

    daf99b4ea4c938e709b9d5b07525b980517123f18c88b73bac7fbf3c319d9d2c

    SHA512

    6d563c8236000b9e583e5230bef86732f1f8059f931731289bf0be18b009a926f5f2695fa3edc43befab29bd271996eded79c6f3576bf2859892ae07e5478ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3abcc31f6132710720b5a3d08bc6a1d0

    SHA1

    cc7f73e273f5286e90d9786b896ea7fcc8e11cb3

    SHA256

    2917c7b73ed173e53f50e1969585b7a05732b2ec409ec965c7b238bb05db099b

    SHA512

    f6266f38a94508699bb83640948e56015d544bc3f7d77f96c0dab89289bc96c54acf5c0b07ddf0d62e68707b340a0c494e3fe02786eb9de8413d4f73deb7c84d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23341791fdbaf17fd3c018f4a9618c11

    SHA1

    4efeb1cc0446d8c2d11786a511376cf12d796ea9

    SHA256

    df85573cd0c782a229d0f13faf78d6bbc8efffc6ff6498b22f5f8d31e813e7b1

    SHA512

    f117b2518e5172e2442bced0135268e2408aa5813a915edabd28be35e7079c90370a1918c0fb1fe23ec67cdca56bd9255ad774b84adb27306d2b0667e3e37288

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec0666cbc62e29f993666e2cdf27e9b6

    SHA1

    a8b929e708db5c43bd881987d5cf8a69aa612626

    SHA256

    4f9c8560660b685eaf9a40d62c0e2f0657001c0c97f91dd39ca3234b0025e5f4

    SHA512

    02f1e0112a303c9b5f4cdcd74b06853301160bb4af5b6f7115da5aa1503e491df877e3d277ad00095f84614020bf27f2d045b0fced78b7a22b040a4e621e5252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    896d84e93e4c16c192304c0c0c2d1054

    SHA1

    8cf1c97f9cab335429b6df1175847d2ca8d6dbd8

    SHA256

    ec1e365b8086dfcde08e07ec0698e51d859c30384bedb7ba4709eded6c1b89f7

    SHA512

    00bc731f0dedb9df0b0388df4aa4719eb4b8af521b1aaefd84210f8ec070e8ca1ba8107c3c96c6c913b63fb534e59eec0b054eecddfec569bf7bec02c451a08b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3303.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar40C2.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit