Overview

overview

6

Static

static

1

.url

windows7-x64

6

.url

windows10-2004-x64

3

api.js

windows7-x64

1

api.js

windows10-2004-x64

1

api/uc.js

windows7-x64

1

api/uc.js

windows10-2004-x64

1

api/uc_api_db.js

windows7-x64

1

api/uc_api_db.js

windows10-2004-x64

1

api/新云软件.url

windows7-x64

1

api/新云软件.url

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/upl...min.js

windows7-x64

1

images/upl...min.js

windows10-2004-x64

1

imjiqiren.js

windows7-x64

1

imjiqiren.js

windows10-2004-x64

1

include/db....db.js

windows7-x64

1

include/db....db.js

windows10-2004-x64

1

include/db....db.js

windows7-x64

1

include/db....db.js

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 01:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    images/seccode/background/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\images\seccode\background\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49a5ed142d59378e2e12acc628a3ac14

    SHA1

    0b2f38c2e8eb0200bea7fb029a0487eec3bee062

    SHA256

    f29d66bcffa3ecf43596c6d3b90ecd6a70011b11a09ed63de375e5cb5257810f

    SHA512

    bbe6c5ac78af65172cc1084f7ecaf7a556d538d18895599736d373c7c5ea1d60cdd018255986d26f930c0ac12c34316d621a9942eafba2c6fcd65193abfb0b1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0cca1147e9fff92cbcfb96f8b958080

    SHA1

    493869650412b18cb23827a26b0cab16f5a271d4

    SHA256

    7f965cc983d7acc397baf6849461af0231895164032df2ad2761794b3bcf573a

    SHA512

    1ba956666c7235862312eef79c0f89f874a680dd73333405686c001a51c9e8ddbb2a86304c575abe58c0a08cec5d1780ef25c020b70fcda2541d13709f345d03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e05f6f86cb5cfdf7d64c749361c7b0dc

    SHA1

    0700faa5c5697e3a7090da8431943f25cd4e63b5

    SHA256

    ff7b7aa7876682db0123aa8bfacd87ac8723f9d28e72075be21a134f025a7246

    SHA512

    0a8b4a8849aa9c56f4051396572928eccbe623e6869167c2728c5b8a518601cb2df63e3270e935c78bd01205a9ce5c6d7035326f9e38101509793c7b852a3091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b05047eb28bd514c10ac67711c8f7dee

    SHA1

    c3605b1daedc9cf3b204027f29d5076eb3346d65

    SHA256

    13b189f51ce6092112d983f2d301a6651f777d492ed768719088e301ab1287e4

    SHA512

    7427eeb2db52353e2866cf64a979cf77f75400c32c827632301dde2e0bc36199ce36047999c6e99ac3b29e5c780e574de763022a2ffb447ac513e9b0941b9927

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a8d24090dd7895c6cb0ff300a400c0a

    SHA1

    52e06a96ffadaa647e625e9706e4ce80288ff57e

    SHA256

    c76fc75dc59577d0a382baaad0daec3835fbdb648b872f8e4bec44aa6a26914d

    SHA512

    042d4023412d0e631200dc00d2016cf6999fd08e01034f54e0e4e484edb26b9ef5b2c03f4976ae724fa4c21c5a0c02f0622891125f4beaba658d790ddb3832d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11f492a8020fe73e623157122e1d98be

    SHA1

    c4df9b96d119a1461af52f54470bff4adcc8eb81

    SHA256

    55b0458066faf245cedf68df124306de32ad2b15986ef8fd04b7f0f9cb735567

    SHA512

    5f44f2efed3bf81265dc1a839291739bc1e4b0b43ace751aa0a85d580ad4c53783770dbb8c7c765e2d43911d018f723f26d6134fdbaa2cd2be0505651152d711

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d144d88735f22566d8825737eecaab5a

    SHA1

    bcb911f55621116e148fefd00f722d62b8d50ab1

    SHA256

    e0e3aa4b202ea308eef14962e38dd7e8c25a8fa356e13053c9b09d9b6c3d5ca6

    SHA512

    ebe4d042f668b122398fe648be44487512715dd291fc14f2449904408ba91d429abf67dc62ab3e6ded517ecc37cf27663fdc06ac43775a0fd94281030aa03201

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    997552cd89105857a341c468f90af73d

    SHA1

    aa89ca5a1afe6d58252d1d216a44bd3c56dc2cc3

    SHA256

    9b9593aecc6cca2a05b8c12ee6c401476e726a68f2b4b79e073189fb125bcc63

    SHA512

    690760b136f40a7f6da8a56dcccf03235b414a5ce15e66c42c5aeeded09e9698cfc558089b1f04704fb7a63619c368dccba2b9cb3c8d33d0900acbd0ac8a49a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7091efd54d620bb554143473c4cbfd36

    SHA1

    25e192ccf5c71ed5f9755c73203dc4fde8ad51a4

    SHA256

    585cd93c60977e801df19522039bd28a94feaef8528451b544f2caeb3f14ff97

    SHA512

    5d88d5fd75d1a3caddf8ce005534c11177ba5ae80300358e55cf81f65b98eb3872bb842d8054a213b39c7c5842ee24627482a45a022f88ade665f9334b50332f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c41ee83d5f4ad300ff516122f40c9ab5

    SHA1

    574f9a5b4dc760863a5fa96e1566ca77eac82bd5

    SHA256

    ea91208b2f0312e3426e6af970a713fb873e8e825eb98a3988b788d92c74288a

    SHA512

    5c32c5b4f9fb7278ec70e2a2c48362527ed024347bc78e599bcf4629d946fe6b85b5c3928fd5ce1e761ca3c9f2bd8e55eaa8d47888d2d4969af65b4290651398

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd29be12234805b7f216c05c740ea6c2

    SHA1

    de6d7ffc0030c4d16293af6a2d0d1682e1fa1cf6

    SHA256

    5410897aa28ad082dd5ec9d03a971d6bf468a2d61d54e05ccee2b0458e3a47e8

    SHA512

    3ba1d4b1ed44ff5c5b0d13acd1c979a2e927fdab3009dde074cc7d426ece04a20bd8aa3ec23b311f9c530fe04042cb4d61037ddc33a6db86d6c156ce12a1ed86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65bfb29f593ae85bb94982401f7a3621

    SHA1

    3b083b0349dd0566debbd4cb2c86b9524a7ffa13

    SHA256

    175a64b81ef37fac5bf7b7eab36601453fd745fc2cde910e6b035c684e723b7a

    SHA512

    254a7d83ef0d51c5504f34774fa10cb550231b8f12340e67e9c4ec4c53b68f0ec5b66bd7ee3a294f65d3dd61a124a199b94e87272cfdb6f32b7e347b45ae6c8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39794be4244c4084b0ea42e1b6404757

    SHA1

    b3adc0ef503ed790771be7a2a837b6580d1fe5b3

    SHA256

    fcbc8702d8ce7340bb984571cec491b7d6bb011b932edc5c5c6250c100cfa48c

    SHA512

    a9e111588b30a04dc67c41a3faa2f1640436ae175c4515fcb85d396c917ddac8024ecec201d23ea371785383863fceaf6009089a0baeefe078bc776009f27703

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d1fa828f4040eda042d0e55f9f3653d

    SHA1

    e13ecc375b68958e0c37e928078ddaf3f43407c4

    SHA256

    155fa6975bf2b4b9e57da0f7d237670f0ea4a486d9e8945525b6e616dafe7a96

    SHA512

    3b1877b7a223b94c560a88527c92d719cc9ec6cb930d54452e364ae7d7d140ef2ee259779d1734579d3ab08c77538ddfd378ba6876a51c42861732157015440a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf7b30232c30f4210238c4073d682e75

    SHA1

    679ed6527acd1fa523a0afba2dd829922e396505

    SHA256

    f22e986978b165308f2149d40ab6a589c45164f7e68278609286af3917874850

    SHA512

    6cb8dc5a0fa893ca2030da80200bd94dae47e0cb709f91216efc6809ec7b4bb05b6d068dc019f654398bab64916f6400e97f5da14f006760c1816b6e7b7a80f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c70b26e86821922ea3ec7a5ae47f7180

    SHA1

    a6db1febc819ec9f70873b442e2468fbaa3e723d

    SHA256

    d18bb304f28216dfe50b70128c696c6a09701ffaa7f8e2f52600d4cf7ace0732

    SHA512

    1dcca848a2bb47e1c945a9e5cafc121e85f8fb307cd8772720a2f1066b0bf8e8586f5ab9d25aa69cb6a83e8b9d06d47f7feffe58e97eed3bf5084d5749b4f1c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e55aaf5c576dd93a92834369bc48197

    SHA1

    d031dca1ea6eb548d2d1646a715c54897290de6c

    SHA256

    a3d3ed10fbd94e662af818e195d33de9225c9144c1026f60074fe2486da38085

    SHA512

    6c6bb8ae6fa33f84c982c95b7754c5eeb49d44a2de90717e1d59bc44e1788ea2d908730f0ca834a26af766001f13627a67afd59b3920ba3a156f046179eb93b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    060637ec679b593de8234b4d4b16e1a9

    SHA1

    f289f560042f2ca84b02472cdf8ab8372fbb9737

    SHA256

    479a9eab46945fb8901673d890d73cd7bc3f6d74f9b6e3ad1ad679fd5787d6ea

    SHA512

    93db6e33180a5524d38e91348c9c0c3072044ed133253882511ab0b76b8327de688136a299bd3b6480595d6af3602f5745212e3bf25a9178c559961f0cc6688e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0579cc7aeb7fda39790a37468124cf0

    SHA1

    6b1498dc29ffc24cdaa2c15c2af8ce0d3dd66465

    SHA256

    fcee0b54a3e588cd6015fa741c1e0fb185ecfd1664757b426a79ea4b02c48618

    SHA512

    1267dc7a52f0c977c7d11436da4f96743902e8f3590fa6cc42374b6b025a4f737fae28236218ea988aa388852dfebdd2c748455b26ee63c8b8996d62384365e5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3EE6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FC5.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3FD8.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit