Overview

overview

1

Static

static

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...d.html

windows7-x64

1

南部湾�...d.html

windows10-2004-x64

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...r.html

windows7-x64

1

南部湾�...r.html

windows10-2004-x64

1

南部湾�...lay.js

windows7-x64

1

南部湾�...lay.js

windows10-2004-x64

1

南部湾�...lay.js

windows7-x64

1

南部湾�...lay.js

windows10-2004-x64

1

南部湾�...s.html

windows7-x64

1

南部湾�...s.html

windows10-2004-x64

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...add.js

windows7-x64

1

南部湾�...add.js

windows10-2004-x64

1

南部湾�...ist.js

windows7-x64

1

南部湾�...ist.js

windows10-2004-x64

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...ass.js

windows7-x64

1

南部湾�...ass.js

windows10-2004-x64

1

南部湾�...ass.js

windows7-x64

1

南部湾�...ass.js

windows10-2004-x64

1

南部湾�...��.url

windows7-x64

1

南部湾�...��.url

windows10-2004-x64

1

南部湾�...x.html

windows7-x64

1

南部湾�...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    南部湾论坛(B) v1.5.2/bbs/admin/createboard.html

  • Size

    2KB

  • MD5

    6d2c6bc862ec28b024f11e78f1c67ee9

  • SHA1

    ebdbaaa64e174ffa3ae374f3dfa1416a3549a56b

  • SHA256

    22f26f96e2ce4f35414cbae41e97e2adc7cdd3535773a5887e99f88b49bdbfcd

  • SHA512

    6a3c9ca13298da6dc810b21745fa1bd1d491e23ff2875868bea787e45fc8766fb8b02d79e9a0af6d3decd76655686d980bbb826eb8d05771cc679c38b2e7e62c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\南部湾论坛(B) v1.5.2\bbs\admin\createboard.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2980 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d50d626880b84998d493b1e07deff926

    SHA1

    9f4bc522fbb6fb92db54d32ec6efabc6085c2584

    SHA256

    9760af3dc1ae9273aafba345fe0fa188b450b3cdbd38df46d62aedb6d1445a0e

    SHA512

    47b52ad6b0e05d154ac3dec1be3a4339691c848491623fda562cd941667d0d8a695ef396dea4719b9f8fbd7d8d4637a72659730aff514498fd6aea17cdc309de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7efc1365787525993f3d86f217717f3

    SHA1

    3ca2ddda878ca5b6671ddeae8d9481cabf06f4dd

    SHA256

    86d3a686da5677bb57ff68c1328ea8ac367bb57dfa8c7b495cacde77c14b8ea2

    SHA512

    42b04dbf08eb45753f89f5c557c5f0eb902b1ab5446558791055445c6b8f1bbcc32d1a478a2e1ad32552ac1b89c33bd76085fadc64cd4722db474aabd2ae6ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68224799038b6e9316c6e308387d5b11

    SHA1

    39cbcc50a5efd177867abec37f54e2af62fca591

    SHA256

    2e0cbbb81fb1e7cbc64c1f6e24a6a80758546ac796e3cd9dd475a5700e1937cd

    SHA512

    47f3f32cd5927cf34336b9a031fda64cee3318650eb3cf3dec8e7cee50a46535a42a7b002f8a1bf16569407599066f9c62949bba5db1930eec0c4da8b5e7af5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5773f6731d8a528c7c2f1465ab65cf20

    SHA1

    976d7fb948ca54368c445d687f657131bf8450ff

    SHA256

    2e7a6ecb985fb9f74f14cca0ab7704106063f77f1f4b0e4376cee57fe9dc5cb3

    SHA512

    cdba33de1b1f8adf209611d240caf17fee8f13fa88643210f97b6e8f177bb8363f6d5dc7093ddf80ac29811917427f4cd905b08452f0a9a20b8306856da99da4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29db9f733fab07afc1e36d2ce4693543

    SHA1

    2f918dd5c2ca2ca950c8718e577e9c201b40a9f0

    SHA256

    b28d2f0e492250e5000f70d55d505f9eec1bb9a4d54145f9e84a7d6a850c519c

    SHA512

    1613e02f327f1ae6dc2be8c65916a245c881b4980a0af1d71bfa336ffa948b1d833b3efefff08b708ee327b564e1e084ef1f9c693bd3568c7649cabab3679439

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0342a2c2e8e65e24a8b1bfc583044246

    SHA1

    6463191f6244508999a3303d6a47c28e5b314c12

    SHA256

    5cb2c1862eb77751d540cdfef567f97760ac0d249a2ef1d80a3003e99bc45ab2

    SHA512

    99bf328c29f6d90817ba07bebf442139af488105c7b7733e067cfc614122f66cba06a92e17f8487bc524b917f73716cbba9a295418f91bdace3afd84d53c61a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    853d484d0e9d56f69fb1d75aef5f262d

    SHA1

    3a53e52820168a421a1b4c59adb63cbf9ce850d0

    SHA256

    51bcbee07e8f424907f83e8edd09f0551bf44d62c89f6321d504ede5c6b600ae

    SHA512

    b5f825f504061e1bb747094567be30a063ec149b613d31df813b1d7ea978fc8562028e519c4537d9ed12c3e854d7777a7349b7ed11ba7c2e245094beb1af4485

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38440a2befe2450ba93b19fda45193f6

    SHA1

    89e160ef48751f2f8c580c6f8c188dfc4eab6608

    SHA256

    e960dcbf3cf2bd2bd7e6f46fa6fcdeb9f282d661aa31d582726e703dd8324f10

    SHA512

    f8b615456a0c7b140732e665e067aca514e0f38c077b97d89f9dfa629ec5204effbdc5e3139bab897b0591a275713a38d58b7eaa807c070e5e2fabd2457ba713

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf5fce87d97bc4a8a14e13056e4c6bb6

    SHA1

    eed85c05558de9a17391bb5f5da0566d64c0ce6d

    SHA256

    0352cdd92badd5f339b11843f05a53d2389d8ac03320547e0851633f25c7019e

    SHA512

    f932121e5d32b415398f19ca21ab7d58f5721859aac6c438e664292ebed13a744c64bbc8e3ae97ad324cd1e88465159d55afdc60715c8681fad248f9e1f9992c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7e7a6b9622c0b0df1c2f9315dce5261

    SHA1

    d16320e2f0a4f81c0dea7cf516271fac804fc8ac

    SHA256

    e7a97c6cd77e858604e40833f0a4dac7385dfcf04d6837a81f72637aeed95b6a

    SHA512

    031fa13b3152447f77652b72a5480aef4bd3c7a76854c19dfff71138f19eaf5b83295e8d284f8fb80da83ab09852c5a7f93da0beaf522d249891eb616024929c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82671ff72283067ea953d697fa1933a6

    SHA1

    1c33fac0f29d530c0de34a3c89ce0bfe16a30c0d

    SHA256

    1ab48072aba4fe339ad80a32e8f662ba95b26af901f6973a82d0d0cb6e05ebed

    SHA512

    cd3d85377baf4e2f1d5b8ec9c4b39c425f3f8c086fd5264a15597f2dc5cfb751780a9e7d787232e453f875a90557151828bcd6baab88a279b17d5bf10b5cfdee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68545afc2f0201a91b4c6bca54083ac4

    SHA1

    e4c09434c4e303a69f2b32f2f6a188faaee0182e

    SHA256

    e8a68e904dc0c553140c353ee12755e2f56d3a88a302d7f66510a4228ceeca28

    SHA512

    0b34d9771ca96a72b4e3b8b0b83954762b1488db0f6792a6cd30df512144c575da0238d84b02817d9513ffb644a9e948a7896221a6897a84baaa5c2b3bcf43ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebb89edf894e95e34abba2b518b281f3

    SHA1

    a02e37687eda15ef0a02f9d7e2f3fad056d673b9

    SHA256

    cfda72c3a4fbf9c5dade9b687037cbb074190fc0054021d4e51ae3a17669cc20

    SHA512

    6dc0a4a8c9aa671ba24b3c73620b6a2be615c7dce4712c4ad919d7b140ebaf53517332b95bd1995260616c8f54b08e4b3bc9c81deaf9d7725367343dc7ecb201

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd18d0a78b9c4690906f9be525cf4f11

    SHA1

    d2b57c354fabdc361b5953b7ea479975e47bfb6d

    SHA256

    8d71054143dcd3759457d267bee0d8832f57147c231c0ba762f3dc7729daaace

    SHA512

    ee27481388f0fa3cf3ccfe1ba3953eaa51a490f1367270a438c1d1d623bed9fb052d2d62a977424708946027de1560e9ff07abeb224d3b646c2b40001cb86cee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2ccffe7a3a31ccb3e63cc118d1f6010

    SHA1

    919f194e3aa83fcf63b5bdd8a79dac8362666777

    SHA256

    64d37d839043bf772d5acfb7cf8a1f7cd41314a9d28e4acdc97da277793d3b1f

    SHA512

    6c64553bc8137b051a9e50d3fe5c95978999141029deee1eb657b4d3268a688fd92770d4aac96dd45df7980d28d78a28d23379c1ef6741a4049c54124aebd69e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1377a4e2d75494b6a0ec9960dfa8f764

    SHA1

    9c00df7c4c2b29800ce032bc21d98805a1a6fa24

    SHA256

    164f6e570742747aa9afe78d8683bd1e8905e614d19d6ceedd350ed0a0b6f048

    SHA512

    5ff12c3cbc849c02aadaceaee948d4d4b8e9cf9665444502273dc48996c351690f6de863f93edc2c68451d66f84c2a5d6ee21f25b81d43451c4c87bea134c58f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a944b2dc8094c1b41649402cf829eb8

    SHA1

    2247b56fd0e7675b8fce3d2fa021835b5ddc08ea

    SHA256

    00608f3a7426797e8775cb1ee350ace93a8f489903960b4ec8533372eafdf614

    SHA512

    741192df5a65a8de19ea6bbf8d9862203458012bf0ba5c505c94c663ec6426ce9bada3f50fad96f622c26c361fcb6feacb9f456aaf788b5018e341a7ca68b62d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab539D.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5710.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit