Overview

overview

3

Static

static

1

平平留�...n.html

windows7-x64

1

平平留�...n.html

windows10-2004-x64

1

平平留�...nn.vbs

windows7-x64

1

平平留�...nn.vbs

windows10-2004-x64

1

平平留�...n1.vbs

windows7-x64

1

平平留�...n1.vbs

windows10-2004-x64

1

平平留�...ll.vbs

windows7-x64

1

平平留�...ll.vbs

windows10-2004-x64

1

平平留�...e1.vbs

windows7-x64

1

平平留�...e1.vbs

windows10-2004-x64

1

平平留�...el.vbs

windows7-x64

1

平平留�...el.vbs

windows10-2004-x64

1

平平留�...w.html

windows7-x64

1

平平留�...w.html

windows10-2004-x64

1

平平留�...w1.vbs

windows7-x64

1

平平留�...w1.vbs

windows10-2004-x64

1

平平留�...x.html

windows7-x64

1

平平留�...x.html

windows10-2004-x64

1

平平留�...in.vbs

windows7-x64

1

平平留�...in.vbs

windows10-2004-x64

1

平平留�...el.vbs

windows7-x64

1

平平留�...el.vbs

windows10-2004-x64

1

平平留�...ut.asp

windows7-x64

3

平平留�...ut.asp

windows10-2004-x64

3

平平留�...e.html

windows7-x64

1

平平留�...e.html

windows10-2004-x64

1

平平留�...ew.vbs

windows7-x64

1

平平留�...ew.vbs

windows10-2004-x64

1

平平留�...g.html

windows7-x64

1

平平留�...g.html

windows10-2004-x64

1

平平留�...e1.vbs

windows7-x64

1

平平留�...e1.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 23:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    平平留言本 v1.01 菜鸟版/admin.html

  • Size

    1KB

  • MD5

    473b94038f79271dc8bfd7adf2636063

  • SHA1

    01c1051c1721448c0b2bf331e8ed366215e97e7b

  • SHA256

    2afdf126d76c915ee7e75b9d90de14bb73af9a1a39a129aa3138ac9eea2ce69f

  • SHA512

    08423759eb40b1d2a8ff3bcb5bf1dfa153927b96e498f017afeaead2a663b7c7db9025ee9da7570ccd8fc62fc9d27dd7d89b597af75da8a7ec27974acd4297cd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\平平留言本 v1.01 菜鸟版\admin.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dbf3086f7f5ecfdf1c84473358420510

          SHA1

          1f5e31b396e6d092a28dd70b9df53c10cbcb044f

          SHA256

          10db39ba8236efba7f84cda1539cbaa27f73109216f8113afff3a2d460baf779

          SHA512

          16f2154b70af659b607b11a55564fdc42f0c070a5e2be9810b636b38b555cdee084a08dd61dd4c0522053bf19e1d6ff7433d5134d2ffd03efcc61fc304f421ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          92dac313ab9e575ba30e85d5650f96f4

          SHA1

          59e0aab98d1ad4e6814fb87138812ae87d02981b

          SHA256

          0fa4ac8e12e1fbba18784437c96b7b816cbbde7f6e56df61d2bc2aff4f462c10

          SHA512

          bc7a1a8d60c7664fa6e4e15f4c3d4b0459725592956829d3681b763ec383b94d2459964813442ddac8cc9bf7d7c261d2300c20d6251a8bda17dc58e1e7043ea0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          882dbc25fad824dec35f59cfae20398c

          SHA1

          003644b74b457b4e1444cd38f58aae9ec18143c4

          SHA256

          e9ba295d807d20f0add46b911f38e6f877e6d7b813b7df3b51d6cbdeedf720fc

          SHA512

          43ed91ce87eabe56c52b88e8024f577ad4d849562ca160d1eee9fb9c3a668c2a9eb85e1a097aa9a331dbe43f371ef759802fcedc7a82dcc2c784ac4d43754271

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          57e8ad183f043849d0cfc4aa798f50f1

          SHA1

          ff541865b6d42267932364bb414e30806e277365

          SHA256

          0c94ae6d0c1770c22027795b0fadbff07958ee9882ed9abaa0063314500b47ea

          SHA512

          dbd37a2fec007e803fd51ab6e8104fa8c7a23c98b7a9625d8bfa1844494aad1299d91f3c78a340eb4fc8864091851df79aa4514f57330765308e65451ee5a91e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          45156154ef33f07ede0040dd87f54fe4

          SHA1

          08489409f34ed9fba9662d538039fcc2969cc487

          SHA256

          cda46880ddf0550444e56a62a424357b53013319109fb5c8effe9044afaeec90

          SHA512

          4ca94b7788193124a9122d40765d4bb3b4e7b2d966556fc5e21b6acb268d89e97e8f5dc73b7ecceeda06906ebdae29041bcde7f6fa48a43c15827254c8c5de3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          efe4922e93a51754600c4e9bcb80cb39

          SHA1

          dbfe544f54e3c0cf78ea7af60b6f8d998b63ee62

          SHA256

          69f5c02b231c3eee46572d82216b378cd667b5e39c5426565a4410ee59c00f30

          SHA512

          d382796ba3f7aa7fb2262f322e49bdbadc715818ee4f458e5599888b824bd480a2622036999200d31203925d949f84d285b111c69d755bb17a01c281eb4b9b81

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          64f03ee6c94259887fe50651c2b4a62b

          SHA1

          0924315a594ed9e8d26c0e40f517c42cb22a6a3d

          SHA256

          1c18cef0724fd955cb361b6d7b4e810669a295b5fc8162b33720e5ed0557c3ca

          SHA512

          c2389bc8e37d6fc34bbd182e2f0f7f4bd92ae716f07c839b0525482cc83c9c955389e8e543a785581ca8a6818bcd1221ba64b5698c1f4a1d59172e5e4157e2d9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9cf30e14cb6479a39db07e1141802f31

          SHA1

          6bb8fac6dbdabf8c1972943de50e0db07716d182

          SHA256

          148a016cb6cdbe7e67d2f8ba730478566bb553e7cecb32d623cb4d319168fcd0

          SHA512

          6021d11aca346d4d90dff63d79d8282fa37e998d626ea425c3b9e559d6bfe83f992c113dd7a6f90f87bd63a49370158fa15788821e16f408f26b823b36c16647

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          eabf2ee33efa4edb4b4856e0d53f5c87

          SHA1

          d0241034385badc10455eb470c920d395fee1fdf

          SHA256

          16ad91a19281b88a92d5fc097604f7e040a7bd25aed3813120aa9db3bf4112f2

          SHA512

          fa91c3a230ba05dbb7f549813b659e49fc6bf7b4d2539a5dd878da2092664805db42a6b4dadabce4fb3ecd0c73a6c8a0236c5cde55ae471f0d56428bd9fe5708

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5b1fc8643344c1e705833eea7834de0f

          SHA1

          078667131eb2cf75263e4479c70a0aedcce0842b

          SHA256

          7ddf3041ae4f89d6ea19250a3669ae466406c046a4829c2482dd8c4f4b089fa8

          SHA512

          d13821ce86b8f63b7534ea4d6fa11d7274885ed2cc86357d0a16e827ffe1ebbfe12c9058adb0e510edf10c4fb2d2827433a5fea728c991ccc8246884181a01db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d0871f6402b108fb64877e3f1a401c7d

          SHA1

          aa82c3c69aa410398632dcea02ad028385693a64

          SHA256

          d5d700fe925b9c09483f5eabe534e2d44186e2cfa8910da9b9692793c5ae6837

          SHA512

          253d067c5bbeda042df8c367978dbd2370b634cc6e2e42f01d5906fb13657dd62b4caaac58d289a0fb45288295c6b25d44c5427a64b02a3a99888d12c1ab6337

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          85ec2b445d6bee48ed2c3387516ab68c

          SHA1

          da3e09a96b47ddc6aa75b07b10ad448ca0cae602

          SHA256

          9f4067075fad2cd51b8f94937160480f8319cd1598f3ac629949df1bf6ba9ae9

          SHA512

          059185abb69255b912ebed3bd7003ab04e9ecd279dbad7de35a416e2807a19798eb52a1f4876be7cdf9b17bf361bbb7c657d4675c177112a183eb9705ab63183

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d93cf4b1defb1a5613d469bfc9a5afa5

          SHA1

          0a25ecce4a1c77cf741b229040f5b175e6388ada

          SHA256

          4da927833895058701fd3a0c93fe72fba2b9fd69639515a6a5b39ec3e603fa66

          SHA512

          d11e2aafab0bc97303c7e9959640e251606d5c98e229efb15f3607f86cdb716d44a58ea939681034c310129edd58dcb37e581c5863dd474169461c10a9d208b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6a667415d508d7cce4ae174528580c3e

          SHA1

          cfd3ef61a9de2ad221f1999c94cad42f2726c648

          SHA256

          4e0a77b25183414de0a67a21b6311000e34c8a678437888de41d36b0739a3a99

          SHA512

          6d633432b51d0a8e21b619bbf37c3c9bc8eb937de798663f4ebd54be2992d68869c1b7aed4807463e2212b5822ee11b11ec4a31329429c0b72aa2961f0714d5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0de93b6b1b865c9326c1fe3bac3e02d5

          SHA1

          7aa124dc0d051991d87d44f006912051560e0f22

          SHA256

          a7f9f0e0ee009e12398b902492f7260635832d78e89f271458d6a072df2d1900

          SHA512

          d0798f1c65de22d67d570753a7380a2cf4622099ed47d6635b24bc13542a838654b037e42e8394f3a523d405a36bb14d37edcbb5baac6856734a6dc595381526

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4abbc84f30bde27a1b6207b6d5b149bb

          SHA1

          bc4ef4554f2826ec54006d52d5898dacd942dd2e

          SHA256

          7492f07cbdb363fb8375dd1b89ecad97ee406d93bb33973aed3b678ae22b1984

          SHA512

          27bc96fcfaf0eec567eef452ab5b7f216ba0fc9926b6c156fc6e8cbd7e2d1852551c589f62d7a14ed1866133420a4ee686d4922c170b96174832384d79fb3122

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c64fb6b2702ee8e9728e1e9ff691f83d

          SHA1

          8ce95a13ac7c8bb7ff895bb4b032f49872a6dbeb

          SHA256

          a232940726bd3761065d5ab4e541191085f8941fb645b280663e743caab8b3db

          SHA512

          4caa82c9302e0995cd1aa6d30452370fbe39b07e8e19778c6a329fb5510866ca9cc264acac9801806dbc682acc8df98f76dbbcd535dd78499033c06a1f63c301

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aa94412b2ad915eb48df81a479e1d651

          SHA1

          8578634314fb0e3c566987291c01e968967559b6

          SHA256

          ae7f5f805d9d3df8422f227bdc43fb269ac64b2070720bdfd8b01aee224c346a

          SHA512

          bbfc9ed7028d04b30a0e6ce483b2be48ee14e7b654c4bfa97a455459febd6c111e0db5f5f8f8a3e76bacef32051e1a69892eb4ff7c67e0031f1cce81f291ea8e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3E39.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3F0D.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit