Overview

overview

1

Static

static

1

docs/新云软件.url

windows7-x64

1

docs/新云软件.url

windows10-2004-x64

1

upload/adm...min.js

windows7-x64

1

upload/adm...min.js

windows10-2004-x64

1

upload/adm...and.js

windows7-x64

1

upload/adm...and.js

windows10-2004-x64

1

upload/adm...min.js

windows7-x64

1

upload/adm...min.js

windows10-2004-x64

1

upload/adm...eft.js

windows7-x64

1

upload/adm...eft.js

windows10-2004-x64

1

upload/adm...top.js

windows7-x64

1

upload/adm...top.js

windows10-2004-x64

1

upload/adm...p.html

windows7-x64

1

upload/adm...p.html

windows10-2004-x64

1

upload/adm...r.html

windows7-x64

1

upload/adm...r.html

windows10-2004-x64

1

upload/adm...n.html

windows7-x64

1

upload/adm...n.html

windows10-2004-x64

1

upload/adm...p.html

windows7-x64

1

upload/adm...p.html

windows10-2004-x64

1

upload/adm...g.html

windows7-x64

1

upload/adm...g.html

windows10-2004-x64

1

upload/adm...g.html

windows7-x64

1

upload/adm...g.html

windows10-2004-x64

1

upload/adm...oad.js

windows7-x64

1

upload/adm...oad.js

windows10-2004-x64

1

upload/dat...tor.js

windows7-x64

1

upload/dat...tor.js

windows10-2004-x64

1

upload/dat...t.html

windows7-x64

1

upload/dat...t.html

windows10-2004-x64

1

upload/dat...e.html

windows7-x64

1

upload/dat...e.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 15:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/admin/oecms/log.html

  • Size

    3KB

  • MD5

    17fc98131a2f650a090a49bb699056f1

  • SHA1

    f21b6633d3aca31cfcc3719c78842dcf67267ced

  • SHA256

    8892b98ef4274da6453c4e8df9dcd8971b54056f914b732100b06b9c45a39bd2

  • SHA512

    324d1230a4fe3a9feb8c98fe664bc6c3dfd2682b5c4c4e7c3bb1af390f4e69000b570b96aa1b532df4a0623825547ec7ca9895bd8c8165c234c20b05df6d4ec2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\admin\oecms\log.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f8cdace308e08b7a76efb2099bad308

    SHA1

    172d34e3e4734982ad95c9bd683c2d01ee1937b5

    SHA256

    b4adfb0c72d36894b1a77e0e708da50487503b27f09c2007a5d63014e5716af8

    SHA512

    e44931f85ce484e2d4b50ff815716acc9f483b07ecb5e026584e006ea8cb236a938300beabad58bc67aa1db5e05add7c36bf31a8c9f0631e800fc513e49c67d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1040c7e1beb6d90fe39f961c10cc63ef

    SHA1

    d98c9e0d9f3c21a9c5ea055dfc38ce6e82828930

    SHA256

    b6013d2782cc887dffe5d819dadb1990928c4fe9c608313dc2f1e17227834a74

    SHA512

    77ccef414c280418b39b98280ff701b6e01c4f538656362ab65fde0b93bf3dadf7b0ec4c733c9e10d9fd34df34ccfc4977f8496764ef0c559b3eefc82ae0e41e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcf27153d4443e841f8b138a307ae580

    SHA1

    1c50b9b7dfd81febed5d4eb406d76860c838e78c

    SHA256

    d166a8c151a49e215a70380ef626ce3848823e4fe22d664499131a84b04848c8

    SHA512

    e64f8f66b24707628bd2f26ff04412a1dc3fe391567359648a21575c24c134a6413ea7e0c8318a17c486820952ac24b2982759e8ac84517d2066b0e183b3c417

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1751ac352a6db3468dea3ac35412b508

    SHA1

    0df4482b83d2c773cfd35287458309b13688738d

    SHA256

    65e4fb75c9f7ac119806741262375c8d6dcfa760e8a0e21aa9b644b27bd00525

    SHA512

    05d4782c56306dad69527e33e75456878475b3432716fe563790a65eebc89570dd359b78e4b346d0e221bee55c4135a8ff8059214d42a4122867ea2fe8f63589

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50c7920250d26c7d68e43895770259a5

    SHA1

    9f56673a4a4b860b81b408c3e9d5aeec483e8531

    SHA256

    d3795b486a6d340ce6686d485a94813e4e4eb08bd7e8e74069b683fc03e2c9c6

    SHA512

    e7e2bb0682c80589f06b0d3168cf622fb0b31a0dd9b3731982d8b3f84e62027e0b2fb49d1b9b85e4084cea9a1eca9ac95cf15c03592c8853106c501c58420120

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0cac7264cb076a7dbfb860d9e71a0fe

    SHA1

    e777589a3f6b8accd6921ab06c4313bd7e481912

    SHA256

    2b3d9908c7e57acd3506c208287108296d3a8d19f8c81664afbd5933e5c40128

    SHA512

    f20f1de78839380cfa72183936556ad7df2dd58f9e01aabbca0efb183ed6af9bd6580c9c0e6fae708ba6433f970d2a085566c4debdfb21b39436cf00e5a3fbe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5ddf51250881beb17e79bb118983d99

    SHA1

    e4ef24f28f554ea28a4383800cbe0e3c7206422a

    SHA256

    ba9261c6d0e1b51c1cad594abe73b3827d38e1dde237f7f4d67847bb758197f9

    SHA512

    e36f682fcc6814a0749bf152ed88c487804153ec6fba98deaff00cd3a7beb559e7a2ca305bfa1a6b1a41e2425f70fbd7c99e6cb6873e43ebe765511a71b94090

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d5aec4c98261bffa12fb37847fc373f

    SHA1

    d6b7d37a996ab90f0257cdca837794c1a79f2e0d

    SHA256

    0701a87d8fdd5a3225f732780dece49baab2b331302f6fdc206c5d92ce9e89e1

    SHA512

    63439bd23cb95122a9a6351b827a013185785daa39af7ee299e008a648b8db5eadbdffd1a790b0cf3d22bb23bf08f8646cea122c14de9153fb2d47a2984fdf2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    729347fb742d6d7664a26d028d76836d

    SHA1

    263dfe4358895d989d88d2c946a7a2b372595bc9

    SHA256

    769f0b461ec58bce9b4a67d4c207f2a9d84c28fc71672cb185de87700de7d544

    SHA512

    0b3de8bf172507aeb3fc7b68abab8bc2ad2a6fb874640d1f3c39d44ffe6937e3fa43205fb5a6f00a7f2c835afb39f474b3b1c5f2918b93566341816918d05c51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d3f173d58e1498d8babedc9a0d285ae

    SHA1

    d6480bcf010589587c88d8c337418ebffa394d38

    SHA256

    940c205e0736e55483105d59a67379aa8a97d2260e41cb0e2355c4f5e331d914

    SHA512

    06092f8ea9ea1b976b31fdc3077fdd474e3c53db05ad094552ee7778fd19a9e653d1fb6f3dcfe5127df095af481b57423620f0049c3005c126671e5ca37916cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d68579b9bcd58314dd523bede54c6e8

    SHA1

    14274263a35bfc11b8748b96ec27e613fd97573f

    SHA256

    556f119ec813f1ad6be8c7f53da6fd6193df267beefa39ac6a2aaf1800e31109

    SHA512

    e0e6606b7305076409b8b460a7c7a2e873d168df5a89f4f7c4a5bbb15eabf6290558be77afc03c8928f27b1e2a0177b683035dc433c9ee8c8158b6d84500536f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    760a6e6d85fa03f5996960b14ceedfee

    SHA1

    b043dab9412e97b6c06a0f4d1abb869de9fc7226

    SHA256

    654c711d578b719f69ebab1f38b3df24fd3d02eff2f3853f410a47d24ab283b0

    SHA512

    2cc898c8a2007b1d45b6b584469c974ee581256f52c764dc12be75be9e9f8359bd2fb1ebaf21c1d491900b4a9f1c02072fc843e62846843e3bd451f87317ddec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c3703410ba5f1a1dde8b47658d79351

    SHA1

    ef9657ddd4ba70d88d7f24723c48b4e2188572e4

    SHA256

    9171c4dab6c6f5751f9edbab6b5023f4cf9aacdb96fceb0a26981a4949bfc713

    SHA512

    a116337a0b14900ae68fd40c5032556a039fed4dceb2e0325a5fda879f9d9934b2b0529eeef8c069cd0bab68d939c16b2bd21037145cc86c90dc3d88e9e15e5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4634ee78788355d2808b4d1a0ce2ad4

    SHA1

    17f1e242233cce171859b9a271a81f997e6feee1

    SHA256

    d95b17c6a84f8a2d63ad5c180c9b31291d831defdc2f6a9e0f479fb5c43a7143

    SHA512

    838c764fb61a883672e5191a6e5be0ae0bb4b9899c7f716b8e29387eeb3a2f1899f1f444f7baf0b914150d46f389ad5abbf5e2a29a4f6cfe4b15f9ec588a7046

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f71db615206e52de339af9464450a21

    SHA1

    49f2612129b7880ae2486937a17f4ef0cb92b7fe

    SHA256

    c49d223fb8b403dff1139800595e5bb1e110098c0e048670d6e8a7259a05985f

    SHA512

    0a133d748898353bf53c73b8d5df02f800940bf3822be62fa19daa95091839d94e3ea83e115638a3a12b5a228ed22a4673c28e7722a64a93efe2df7b2a49314a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d348848b60877ae2c4721f8400ed730

    SHA1

    718de2a53d9fbdca53f4c368d40e208847192bde

    SHA256

    532f25f6d2724115cfcf98882767fdce4a911d62f402c923e825fc897658accf

    SHA512

    38a7ffaa21a6f44a90a34b8cb52eccfbcb88cc13cc314dc0b2378d5b3d3661fc7d52a5502df1ae8f7842c00d3d86878e8ad6039656135625ade7f95a2dda0f9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3a75215f10ced96711c475fc064f0c3

    SHA1

    cb5084bd8c97ef596be7e8de901dea2b1f6ae097

    SHA256

    844ba00561322fc322386bcf384c807ea0dbdf480160e06a2f21e796069a435a

    SHA512

    8345bc580ba215b95cbd18b404574caaa5d4b56360116f6af56832f0702128590380f0d33c3371f70b0f274057c0cac75f12d18e87ce74f49731da987e22d5ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e07a99fb5a2df28f984de956ee07087

    SHA1

    c91d3f1b1dbfbe8d95433f501e49b1deaaab7aef

    SHA256

    fe69ca6fb8aaa794b071a770b248ba04279eb5e9dc55347c15e0cd671f576277

    SHA512

    c4d527045d96a44b39c343b50f53eb62f661bf7aa5e78bccdf8d25213243610c04439e525af95dd0706f5ae522adb7618d08ee68ef242f05086e70c40707570a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0303365e184b38cd8e6b8044f28e7460

    SHA1

    c58967fc79cbc27ba292953c7c5a689aad56e58c

    SHA256

    876f59422dde1a4d120dd64aeb07a1cf047af518da244e78f51a8874abb2a177

    SHA512

    f5a55cb4370b5bb5f3b5155b7b2b2219465acfbfea7c8ee3180930944352621d99e1b9f9322309b9c429ffa84380815a9fd6a7dc3465effea76447073f92c1bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3279.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar335A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit