Overview

overview

7

Static

static

7

QQ手动�...��.exe

windows7-x64

7

QQ手动�...��.exe

windows10-2004-x64

7

QQ手动�...��.url

windows7-x64

1

QQ手动�...��.url

windows10-2004-x64

1

QQ手动�...k.html

windows7-x64

1

QQ手动�...k.html

windows10-2004-x64

1

QQ手动�...v.html

windows7-x64

1

QQ手动�...v.html

windows10-2004-x64

1

QQ手动�...��.url

windows7-x64

1

QQ手动�...��.url

windows10-2004-x64

1

QQ手动�...��.url

windows7-x64

1

QQ手动�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QQ手动精灵 V1.8/sdjl_blank.html

  • Size

    26B

  • MD5

    b256d97fbb697428b7a1286ea33539c0

  • SHA1

    7e4e54e0434406746420141881f419ac165d3edc

  • SHA256

    f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

  • SHA512

    bf9a774e3d503881255143a60a499bfc225fa427fa16d85b7cd7b9857d184427b9cff14c4d0ec1e036749c49b9800b899df98e5fff9539ea717e130ce9f433ea

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\QQ手动精灵 V1.8\sdjl_blank.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83a11805b2f8fc60d92611bc811b54b7

    SHA1

    b75165639ddd11598b773be832cc3ac7f4f98315

    SHA256

    d6f8f48ea313ff751c70fce40c1487851fd9a7385e506d1a286b467a45e5fac4

    SHA512

    67f98c83ca6086bde9cbaf386db87808a9e4e758fc40fa9321a6ce691d18890864426afce18802fd1745a938d6b8d875cce52b4d31a750fe4e5ac9895af4294c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a9f987776d94d1193959613e1119d60

    SHA1

    da715ee3cab2976e5b49044b8c5457c75b515f78

    SHA256

    aa394a8282f7e77d5b1bc816dbe7586a5b394e4f3f218d5c877abaef983913c7

    SHA512

    74d957f7ff335c4c6bf6f14bc38ce13b8607e00091d22c324ed059ed8627d103e0084218c9e3ca7b61638a5912a8ea4e36d098f7c2336db93bb85dd848db5ee5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cddc17a1b89b53861deff28ef4ddf957

    SHA1

    dde076614da07d602940e581af056d01c9649adb

    SHA256

    eaf47e0d97554dc87d7c82b621818b20193639baa2ae554af87e9c15668c7bfc

    SHA512

    4de02ecf6b6955e6c18688bddd6de79fd0ca1d8063f60ab670e2f123cedce072ca88fd340e1cbdbd83234ad61eb71da7a6d2c695ce4964171ee98ac770c91181

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f479e4124305effe28cad0c7af6c81d0

    SHA1

    c8335c7c078d1bfa57c25655dc28e41e1433f112

    SHA256

    d3a38fda6c6e52c02389b5a7c08d58df2ce2b6946575db91525f25c66a5eeb7b

    SHA512

    1d152031d52ea74b471e3d66f285eb7b994e219c1e034a9f68b95284158bf38f7f4539e97a8244512f3b08c9a4e4f6524d855c6dbb5afddf318f12fcd5aacdba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17dfb43b7b849e8a54005aedb37ce62f

    SHA1

    b058d7ec32b078f2baf29d7cba0808e89cda5776

    SHA256

    a71a78aec3d11d8e09084551775c1238f33b506dd280d04f3df2644375622031

    SHA512

    c9f421c57279882f2daa75ed3303004cadfc89131bfb6842d8a8fb02925a07fce27720726022c607c5b272057d75cfb2bc3f7b53c40292ae2ae29c70bee561fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77678574a9c4c621ba525d332a75a0f4

    SHA1

    47b83907592b95b55443a73fadd592ad84e2318f

    SHA256

    de961e60aa2ee10665df68c330c6ad169b9346ab323907e7b346ba4a1036810f

    SHA512

    2b65ef451d0075ddea59b8d38a094939680576726c138d877d01780aa44ab826733906a6eda7ae096cf1a6518e201566adb7aeb3be52ca274ee18c48b5f5974e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29c8468109e4c5f34522d16a73166be7

    SHA1

    8a271937c7aafd2c3c25b845f6e30d21d17ebbd4

    SHA256

    544aeae2f6e93eb868920543c02e5a066fe45cbebae37ecc9c4625b5e42812f0

    SHA512

    27ae62b822fdd1c136f37ea92a5a9d3c907155248347b3ccbd3b95932a80b16ed9fc7f538e8ddd8705cfd540012e2343350e9983979bd09dc247d37f9ec3875e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae5b23f6f9ca6102cb81e60a291eedab

    SHA1

    8f7d458c31a5f4dac853523233c7e2953d0b89b5

    SHA256

    0fdb0fafda92a2f69282eba2467efd71fe9e3787f384d044cea8f512a6518430

    SHA512

    0ff4ac3838435eb2290b3e911e5a46ad85a1d8b8e46a7067153a0a892d0bec0c5a8294f6e035a209232af38c6df70c25f34b8e073b1c3f168bdc392e780aca02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63d8b39fbbba3d759404a3cf25b8df72

    SHA1

    24fc747a2980f4ec47ba5cd50837e73b8070beac

    SHA256

    57d8921ba3c008b7f21523a4c5b8a5ec6e82a03f8e821c9cd660488737bafc5c

    SHA512

    a84065ccccad1d099d3b0f810b69ceb180efba4de9ba8eb79f377b30c0dfaa98ff0c14c525e5ee231866655e5983beb7f9d7a148f4fea4db7fe811eccee29761

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb2b33d0d410cadc90e6c3924bd6cf7a

    SHA1

    4b8124402140f1c05215f2d7023ec5f90233d80b

    SHA256

    a3c727248779e0326e9ff145c09811c3c3e3226a16e3d4a1e8b56118f954849b

    SHA512

    3a077c9e796282109753ca59bd0e5028934c839f27f90232d43bcb4d91c32a1e60c957fd5414df959f56159151de2e7f754035d736d9bbc21b75268ed7dde713

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7864b7a090a8ed58a8d36834052d3e76

    SHA1

    33cd0a2e8b864942eaaf2aa49f04335df3cc75a9

    SHA256

    86df3d36794573456ef868088df0b6adc2e2cd85537e3ec066ec4b82154934b7

    SHA512

    3b6de4d26e157ad7e5f893b6b5be78f17066249132b3906d8d856ad99aaae5899e63daba55d1e993d375180c0f6be45d0cd4ebc590231152f2f3c08e2d5547af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fc5290afafdf4cb3a80f9e70f501f1f

    SHA1

    41668b47ca922d8581e1b78659153ea764812de7

    SHA256

    fe0232c261485a97e9182149c4941ae6ab2aa5e89cf5d1372c7b930a8adff1ef

    SHA512

    80203383020af298190ea7687a840c85ac53e64eca1dd5745eb7588bfaa1c9e23e0b39f4556e38c46a4171c1a5e652dea4de7b9fb3351c930e2cd679db5c2ac5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e41fd929afde5acb74d5bfb50895080e

    SHA1

    7a0f2a86261000b764b63fb7217c4092490eff0a

    SHA256

    825437a9573100c7031062f9029c6a16245c234109306e51afe38016433e393d

    SHA512

    53924a776f31653c3b21905db7b3bb33a408a8a9cb99a1c929d7c56d6db1ea9fbe4d9f8227e5c599c15c20bbe743e215720bab01c5312744285998a16f6c2b36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1629f760c0b651643cb1ce50f4bd02e0

    SHA1

    3e19d5f6d77abcfbd3bcdfc80f53851439c18b8c

    SHA256

    3f3035a4196bc55b55bca9f8a855c2f3714f63feba1d0a393d6f9f40d4657410

    SHA512

    db4350fef6b74f7b0d7d1b1dd8ed3598943cddc41b5d76a61a1637614d580c570a47c86574c1887d6a7195b1b409d347227f032ebf82f738047991469b81971d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    649cb7e494a2d298becc43344fda184c

    SHA1

    543ebce333e5a2e1ca6f37ab86018005edcb091c

    SHA256

    b905269dbd1e9f56f84ab92e21e7fc617bb1c0b1b494c903994a95a8ddb52626

    SHA512

    1846fa06f634973d46751cef3a3510874b118b18d5c26586b2badebbc3a878a62afca38b40c44fd0851f993f30e2e9e97c5985254f87a8e2189cfce42574c008

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8BDC.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D56.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8DA9.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit