Overview

overview

10

Static

static

10

2022年全....url

windows7-x64

1

2022年全....url

windows10-2004-x64

1

Cuphead v1...er.exe

windows7-x64

1

Cuphead v1...er.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12-04-2024 18:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:1928
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2200
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2200 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:960

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4fb68b24c1d41969791c89143222d3a

    SHA1

    b14ae2f624a772effec0388b70c8d36c251d6913

    SHA256

    d54fe121fa932caef5e2cf623e8255774014d9cd7cb2cec22f8ea8d416932b23

    SHA512

    d8ce41476e185619a95012469dd6e746b14625e46abfdb3741bb60a759b30e37391e9a2bbc1315f7bcb98abb14fae952286bf10a708ef771b89fdfca1369b2de

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    04bde9347878bfde65f6b19e9cc1bd74

    SHA1

    44c1e067bfd4116159c0551f7c59804516b9651b

    SHA256

    73110c391d7d122ba6d415515855f45b7d45977f45f7b6615d3836bf94056811

    SHA512

    200c755f71a29895eec87546bbab2986c91f27d709913d4f2f27e66940ff5ee2be302d0b91907b33a3b64f552e9f1fa448cb501ddb7d6f2a1f12ace8e153d7c2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d819a56129747f8c5464d39c200fbd91

    SHA1

    779c4ef77a419081ba9e9da78eb5fb5aa6f09969

    SHA256

    6e82314cd1fec18693d5c185ec22687a1767cebef2b19967eeae10226beaa723

    SHA512

    8c8b5ba8402d8e74598ddc6c1996026cc3415ec479e3f9964fbe89d9e00cbe66f6d330575000b01b8e3dbcd143d0fd5a069a894aa08651f62c2286aa98272302

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b8d1b96b31d89601055ccde18f17c17

    SHA1

    dfadbdac6c772d2fbcdaabbfd4c51f8c0f5ef182

    SHA256

    bd005cb411121d1bdb1bd8285a29c728076afe711df476663925dda4b3fbf217

    SHA512

    bb3bec6330d1e8ddc5bc88f864489cca8534d3fdf15ecfc3d4445ece0b49f5ef8c9e8be06d0e56b49ea083755c6f34e45e33beabdc5780bda27cd82036a372ce

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4321fb3ea107502fe1c646c7ce1cce4

    SHA1

    96011b070061c3d602080897a982e49738481657

    SHA256

    e61204c7bc45fbc83745e315a4731c6171fae51f4cb20d435557fcb7c3c75ab3

    SHA512

    1e54a9d6b2f9a9e5ef9ef4ccd50bc0dafe82d8a2afd2593c91edded5735865e1ba795843ce433e6fbf1fbfdc86a51cc5d7e148ea457448182ece4bcc75f082e6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    748bc326b9d15fe4148b1d43ea8de3fc

    SHA1

    dc8cdfd0a20d46cb393424915a70c0931391725e

    SHA256

    7f7135e295304f4e1aad26e1bf400344916946048d4d4ee4594b3b26e7b0ecc4

    SHA512

    d036471aca92fc1762a526c78bc5acff7e5ff10a722d559a561cf7091f35ef22b8571c0bb31575ccb1acdef63b2973eebd2a4abcac519680eeabb0f3746ade90

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e6adf614a13f58748d2493e603c2aed

    SHA1

    34ba6e9c83c9f98fccea7dc21b445e8a05862a57

    SHA256

    8e64ae1bf636699dae6e39aac47adb4c3e4a3cda4bf72f064113af6b3cb7d54c

    SHA512

    d4afa6e08041789ecb2630b883c3c3a6ef12ed367379436c5a4f39c9aa40767256c641609c8c69c9b2d1d08fd6ed1f870588cb6c4dfea3bec2ec3e20c8c244f9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    952d7e804938a9377623717f1e2a28fe

    SHA1

    1134017fbf8923008f04e3475f02f77ad85e8424

    SHA256

    f6f887b638ce39e3407db32ccbce96686023cbae8ed71c69bb7fd820bdb5d79e

    SHA512

    f6a0dd77aece2b55e92f25da2921e7b9912cb567c062d7bd5831ff232599a44e4d84730aea8b25e917da7cea002103a79837c8da4669d13bf2eb6b6d4df50cef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa9cf4bc182cc75b61011c5efcf075a

    SHA1

    e5d426e44923b737b22496bd84def9a151aa4f85

    SHA256

    177d8d2e29e20d59263cbc22d5965b14aface97f5fe1e9c71b595431a854579c

    SHA512

    c84eada771b54e181409a47e4b8131bb2920b3a872b964a703625bdcf9667eb6551dc8a1bb218d99e2bbde5525bc43dba9f058a4e1a734b97c427726ce526b97

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25f1d07e609ab5dd048ae549489f2db9

    SHA1

    ea1bbc568d332712a73f642aaf257d7229ec1d0a

    SHA256

    aabada665fb0a50be29d5209a2d65268f4b949c7801daa09dc95af702af84874

    SHA512

    c01ac295a8db6a4f5188e153b7b6dd4129e7ddf16c5ac488e4ad258daf60fcdbb1176f17e042f5821ebbc38ddd4a63a7a82fcd71c13ce9bf5d15da55e0582e1a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58e43c87a0d254dce66d3062588bd20f

    SHA1

    18e726da91c7d9e1061ccd4f02f641bf5ed245b0

    SHA256

    8ca874581efe9eb870d68218e2c3788753571685960f90245fefd392dfdeaa29

    SHA512

    f4bf99b59fbc346620c2c96d3edc1a1f0dcce0e0a99f6f0d4ca6af4236e5401b2ad650bbec6f950dce52b43134a7d475e8e72dcba04dfabf1a06a102ecc4bc6e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8e6f49d1d78dc83da540292f6cb15ec

    SHA1

    8c3fb7f2f1b1f82cf1f7d8d47742d005eab49ace

    SHA256

    edf6fa8769e82673e71b1ad528ff173e8fe5437ce087fe0806387c610701148f

    SHA512

    9982d5b05f242508167bcc4f32105fea124dcc2d8e045b052196961391de5dd3a46e06381d52f05f874472810989145f9f6b79623a7f5f1d8ee903771eb6197f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    667f1dc3ab38e6e7ea1861cdd278bb69

    SHA1

    a180bfa5a4d6b4d40a3ef535e151ea45d4d9bf39

    SHA256

    36fa3229534ba6f3e6da3ffeb991bebfbfba1a05a12f1ec2ec76d37e9311f58b

    SHA512

    a5e8fd12c2ad206bab0789b45b2bf00754fdb96f8055bb1eb63f8fe1f3598b17bcb454e5c44e68c85ae8f2e4dbb99da867bdb9816853129bbfab0764b4ed8d9e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c4dd8054a327e7567b2010fddb1844f

    SHA1

    ef4794fa6a790cd668415fcfa6c4323040b3766b

    SHA256

    616efe92e0a99c15871b2f5ad6fe9b6f3caa6a3f9f6466204f09ef22b413c578

    SHA512

    fe542e4fbb85fad65d17cd04fa76f65c66cfc9c3b2c4d10c712e806ebf41fb4ed56da859f5d93bd209c73d7a8be5647cc0d5654c88a8aa5a0111edf1ee35effb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86f46a931f504e4f1bb149cce383223d

    SHA1

    fc2c3e440743113de99da25500678caa2d8ad613

    SHA256

    490184eba22fbd2ef9c1ab097da695c115109dc5f33b3beff7a4de5d9931d41a

    SHA512

    21613fbaf403786cdb40fe7db6c2967ea4142923f26d962430578f7955c1d0a5a2cd80a99aa066144f05d1cc41739b089e8b88375eb0115c4285d65c1e0e3ae3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    256f3cbec00628078d236d4f61dcc2fa

    SHA1

    84de2baa0926ff2ab89e33ebdfd241dfe8f8180a

    SHA256

    700926307c669ba8d762accc7aae70a3b050b0563c33f716b956ecefce2a4c77

    SHA512

    79773dc151d3f3ad08f446b4b6f0a0359d630ff03d0ef1d75992be383848587edc0bfc09f35e619d00240e24dbb228c731b5bf9fc8419264ad13310295138b2f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e348ba5e381edb3104f4d8135781ad60

    SHA1

    f12f8fe1654ac289ede11e21c198b39da6c517c8

    SHA256

    d3117c59ccafe79089ee0a2814260fbf0462487a5442db66241a912929616a79

    SHA512

    5ffaa8ec86e114655922c03efa732d83059dddaa1ed090858e368958145119f00c74cb47785dfd81b231afa8ac970994852e3706fe4c61a40d664a463eeeda34

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02082d6aab5ba023f8a1c543636a7eaf

    SHA1

    abb0b83a407e97c2a12ebfc38c27c93eb9e73bd5

    SHA256

    339db768e7c2d0fd98c2f99b516b5f88bfb7bdd1608f036d2e5516e726ece283

    SHA512

    ce9b5d8a1526b674a2eb680ca1be84f1ed9e2d77f988e6e10ab9bc427461d4c2a24211de44a4d2ceca044a5ae9ab40ad2d918a501f167b4838e8dcde504c5bd7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c641da3545096ec30f44e850a1a3e31e

    SHA1

    f11feeacb67671c1ce6eb6b8e9e2d7f41010ab71

    SHA256

    e05d850e226215e4bad02cf2e1c1b58764bf574d9e07c24c962d6ec89a260b80

    SHA512

    7bfd39f7265603f92ec61127c65ebe8d132c9684ebfb9b58d4ff257b432479b1ae37fd860dc41b666d473536533061944ba5cb7d100dd0ef0f2d03facc81e3ce

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8506e522600cb620e98dc834db792174

    SHA1

    74bb0315d4f01251a77c3ab5bf28d2154414fb58

    SHA256

    f0214d80cdfba365c13053ab86b589e226eb77f557a2ed0963ed72d1b7a660a2

    SHA512

    5829751ae90d5d280cef46b84a7e6de7d7f1516becabe513160dc32869e0561c7e5f81f0036813d3d7f1d04278dd7d9bf2d9f2f3726823c0eec9cfac7cf0fd61

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af9a06e20fa4883f79795f5c7a61b8ce

    SHA1

    b9f7af59fd1e7825fd28a53783df81d660de7996

    SHA256

    5c8c951b1eb08a57ccf988c578b1f6daf1d1b57c16f3602cea689dd5b0fcbf0b

    SHA512

    2d58e85d77edca0b84f0c1b9b3c7030ffb5479014dc8af7288b7128bbe3fc0276e7bb14a288a262c7bc975884e1e81118abc39226987bf9d6bb11b196cfc05c0

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab8D62.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar8F2E.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit
  • memory/1928-0-0x00000000002C0000-0x00000000002D0000-memory.dmp
    Filesize

    64KB

    Download