Overview

overview

3

Static

static

3

xiaof_toup...ass.js

windows7-x64

1

xiaof_toup...ass.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ion.js

windows7-x64

1

xiaof_toup...ion.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...Var.js

windows7-x64

1

xiaof_toup...Var.js

windows10-2004-x64

1

xiaof_toup...ent.js

windows7-x64

1

xiaof_toup...ent.js

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...er.ps1

windows7-x64

1

xiaof_toup...er.ps1

windows10-2004-x64

1

xiaof_toup...x.html

windows7-x64

1

xiaof_toup...x.html

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...ina.js

windows7-x64

1

xiaof_toup...ina.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

xiaof_toup...min.js

windows7-x64

1

xiaof_toup...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xiaof_toupiao/inc/host/index.html

  • Size

    132B

  • MD5

    3f12ace2ae56bce9e8fd32dd80046e45

  • SHA1

    4a50a0a702f2bc7b41ab9f066ca0a6fc43408fb4

  • SHA256

    3a4910e3ed247925e4fb84f312ad1e1ec0a2e45196e75f13c59138ef6f11ade3

  • SHA512

    654483399c2d263cbd6020b5ca73aa2e73d78e310fcb0b5abe21cadddfe5922af88e97f6743c9c4ce5d2f6e7a0e5344c0b94fa0019f5fe8c55aa09861439ffaf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\xiaof_toupiao\inc\host\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2024

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    282496337ab339237202424d823bb42c

    SHA1

    801d32aee9dc0c0b352164d9d07bdd1059a9cad6

    SHA256

    0024e346e49259a7ef326a5d6d86547aa10a72182de9bd3ca61bb8bfec36fc0e

    SHA512

    4016fb82e39aa4086083be9c745de2215fe451a7116c5898361cbd230d479407d4886611609d4edc3fa11d12042e154122d2095e5982f7fc0062c05bc064aec8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f04252fc67b9f5198ec534a76710712d

    SHA1

    e26de09878de47e5387b04783c7707074be819e5

    SHA256

    66cfa42c640d7fe2297c4241e7b56abc82591e3c5b05070af760d41cc4be773d

    SHA512

    622b2a97b270ea5a227bdf1d9c9b6d984c92ffac2603a15ecaed5604dbf19eb4a953708acbe94ed5b3cad0b956aa071d1529a16cc8b9a661e7c82a28b51cc8f0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e02d1a52ad1925e8b6487f13a071d30

    SHA1

    da3ea7ad9482f382acfa09a0e14e092d04af55a5

    SHA256

    2f7c37e39e040c95c8059c4bf858df74640a5313fa624bd91c8a59adb0fe7a38

    SHA512

    ae13657e00544e96df6331a346c89cbde395d7cc74fd04fbd1c1214a71d3b41d1cb0d46021d1b4d04bbfeff10bf62d9e0d2fd0f0a78de166bf6688c23137b09e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86df973b0146bbd184245ff51af1b316

    SHA1

    d713b52c8c285207ac850ed1f91bfebfc9c6eecd

    SHA256

    c5ce8d07ea9c517732165ba8a11b4bb4689c251e91d019cfd8da8cfc5d753472

    SHA512

    161d09962f42ced8afd265a26153209026ce95e97aec66ae693e3b4e7f1cedfcd223d1a475dfe081777270e3cd0710575b64a8fba0811120a827b5002251c69b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f5e06c9896e190999abbc428c2c150c

    SHA1

    96d3ce627aed4928c0c93dd674571fe450ce3137

    SHA256

    162f37276f253ca2a21e7e4325d4783fed08df4d84403d6fe9b6d8d92dcdf4af

    SHA512

    7beb42c2657e2a4a630db731d71ca5bafe74a97f32a69dc6e12f0ee2b877caa209a1d8d0c91230b1b48f9d46693861dbd2b0f0fa560c4c0b8100c033cc3ee66e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfe4dd916e065e7e3bdd0cc8caa54e4d

    SHA1

    8fb132ac95bd04750a10b07c2d80acbbc3c550fb

    SHA256

    2e7bb7e0a06b4122c80d24e6948ef0a9125fdb71a601debf99dd7f538092f976

    SHA512

    144ba0b5a48736ad344ea9dd6aa747e1c5e34ddf51971d24ad3cd924ec61c68aec89cad018287c951e705137b59e118f8253dabca8e273086e8c6b40a35ea5bb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f75c58edcd59f81992f5432f9cf3468

    SHA1

    ad594df3e7929dff069407ba5c007c5b1f5a26b8

    SHA256

    eda17a96f7d7d2a513b8bdd04248550f614ce5d92c044e695b7b2e168020f82f

    SHA512

    8b55b1bd4dccb87b597788ffec4fd1d0f1c14afdad1e2bbe178037f696cc7b40e6cf85604dc168b0495bedb2d7966649a1f2de45e3ed0eb6c53248dde3c2b3b1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    791c597e0e52bd392f3d4a59a6662082

    SHA1

    08db0a15b48ea894e693d9f0b34fa5ce6e2d72ed

    SHA256

    c1bc0da89a94ff9be63bf04af7c1ae57ebe34366bebc7f3a84a20e2688e8c7ca

    SHA512

    565a10e320ef11612d87446dda8dbdc8342d408119a94d3d4a86306c0ec8b581c25c3bdd6e2c71d1f6a79a2bee32a0f2dda044a673b082e228fd67a798e941a1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec1aae1fe19d668c12adce245a624126

    SHA1

    85b0f6365d75d0b804b1f12c3bb19322d342cadb

    SHA256

    7103e327e222675964ab7467a68c8bb45c3320c1bf127e556fd62c82e059c684

    SHA512

    4e44b26238711d770414becee11df88f22e32b06b70d2e69c247554fbeeb9bbe9a50cf20351c92b2dff0fc1ed0701f0dbd62bc52cb8982e24b263f62263f9d4b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f26a965098390ff68b92f93f09057435

    SHA1

    99a1047b5a9a3a9dce46a985c2764f3fea60699a

    SHA256

    38f74c0d5e04ce92af9a743c7a7add91bdcb7fbe29a3230d1e36bcba9947b251

    SHA512

    3435a14912b792711326cb3d9d4fc4e877269129f8acf2596c74368f1fc08b70ecccf6eee69c5f235f7305680db1a1f73c93e7c3c9fee7d11a2afc600317e530

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9056aa45c68d366e7184467eb5c98ffb

    SHA1

    a23c161564c97870c0dde316855f145308448788

    SHA256

    642e4de9846728eef963d700461a0d99548f88bc92e5a7413cec9ed4ea36de46

    SHA512

    430643fc42f1b58e55c031b8eec98aa0691d03892ee74fb32f2287a2f73fbd103cf2df57dab3e0e0d5214999f68495278c5c95cdbae59cd27bd569500d058d0f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0248785c17f7def57c74c1b49af4579

    SHA1

    0182f9ce8c0331e2a6917ae610cc749f091a8946

    SHA256

    cfbf82b686e748e8081f87bf1ad43f1a36163bcd7cdbe363bd283fc3b48b2879

    SHA512

    badc52131da38f790043a104cd05624f495860c4317650b0940bc932a671289aec4de3950b0308564c3e129391d6fa49c8941af49cc368293371c6e51430c633

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3D4F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4277.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit