Overview

overview

7

Static

static

7

IPQQ2006.exe

windows7-x64

7

IPQQ2006.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SYSDIR/msvcp60.dll

windows7-x64

3

$SYSDIR/msvcp60.dll

windows10-2004-x64

3

3DShow/boy.html

windows7-x64

1

3DShow/boy.html

windows10-2004-x64

1

3DShow/girl.html

windows7-x64

1

3DShow/girl.html

windows10-2004-x64

1

3DShow/index.html

windows7-x64

1

3DShow/index.html

windows10-2004-x64

1

3DShow/ind...ace.js

windows7-x64

1

3DShow/ind...ace.js

windows10-2004-x64

1

3DShow/ind...ace.js

windows7-x64

1

3DShow/ind...ace.js

windows10-2004-x64

1

3DShow/ind...ent.js

windows7-x64

1

3DShow/ind...ent.js

windows10-2004-x64

1

ACodec.dll

windows7-x64

1

ACodec.dll

windows10-2004-x64

1

AddrImportHelper.dll

windows7-x64

1

AddrImportHelper.dll

windows10-2004-x64

1

AudioDevice.dll

windows7-x64

1

AudioDevice.dll

windows10-2004-x64

1

BDLiveUpdate.exe

windows7-x64

1

BDLiveUpdate.exe

windows10-2004-x64

1

BEdit.dll

windows7-x64

3

BEdit.dll

windows10-2004-x64

3

BMate.exe

windows7-x64

1

BMate.exe

windows10-2004-x64

1

BQQApplication.dll

windows7-x64

1

BQQApplication.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 11:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3DShow/girl.html

  • Size

    1KB

  • MD5

    a673906fb323a110c7fd5651b359bd97

  • SHA1

    d887d5a6839ff521e4e98a12b9e2db1d370b82fa

  • SHA256

    f868e50132f23aefecae410554c27d61509d9d74a21388b008e602d2476a427d

  • SHA512

    8481b0344de23d08dd27fa8f5c972f4daff4ca3d40cd05d345235791ba7c747dd6c56087023adef404370eb98ec025606b4cb4260a24e4fdf0bd434dbb5928e7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3DShow\girl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2380 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b23d163025a33b8b82056f7977810e16

    SHA1

    81dafec470027d6fab2aa3993a0e67f308ed7ade

    SHA256

    e5cc8fb47b73ba5e170774faaf48821aeeb37a744a4fa5e2267918e313bc6807

    SHA512

    d1a90d09a2e58e310b892c1968a45c5043987c4a615ca1ebb30d242f40ce866b1fa1daac22a6b1068bc25a3cbe2b35b6d87892e318195b1629c34da8382c4821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f41c3b53eeaf5aa9c508280713257c3

    SHA1

    9e57622c0deba4f10695ce5a67011380a3ed4d56

    SHA256

    6f7f572929e5dee08aa27edb1cf32a4e7d622142134b2e1d5e207172c95d53ca

    SHA512

    8c72b59d569991390b4c770cb35f6fa8f5ec09d53757c21ae806b3590ed5e1abbfa1628c38000b35ffadd982795437beaff38a4536e7670111829c27285e656d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddaa87fd1f9daa0b2b0c77b05455574b

    SHA1

    463ab143ab71e57a6405bd006703f11738fd835d

    SHA256

    4af1b94f28416a3e78da76c7d4787066d5318ecbcd3ab127e6f08531628abdc0

    SHA512

    1d0cf6eb4afa108fa7bc30e49d67012191c5c69e92ff8a7abd79ecd7dd90ff49374af9ad7a3b0c5bf05c792844422569089c62ff700e1be421b65cca8d0f191f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ed47423c3c4d2bbdf7a73a010d2c339

    SHA1

    e6f71d6749969f8d534ff77d0605dfa1ae4667bb

    SHA256

    1eefe4578340be8d8e21005b1fc7e6fdb7db9e5c7377f533d8323bd25911e0e3

    SHA512

    4f38ac96a288dd43e72505d7f3af67a2ad2aa5c54fa2822b61ee7965fccee4c732ed94e82ec62dc5211405246e62eeef20672467a2308a1e1c0b7878aca7c529

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ea40ec296205cea865ab931c6311091

    SHA1

    457c08c8877e4185dceed9b9c6cc10336a30cb61

    SHA256

    a815f2fb2b11905efaefcc867d83b47ca97802e16394d145e230b2fc0f192057

    SHA512

    9f461b43e86f50d390572f3881c8f0cc3ecd047eae5a19b78e9da960500d151394007511f9486e4460a4c5defc85dcf554d14b7bad9074f53466046548f8f1cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60d60e4a4f4079a916767fc5b0fc6f4d

    SHA1

    d63485c459952d6d973938375f764ef191c1ab34

    SHA256

    b5b200dcd4b5ec7cbcf2ff616fe389675133d1e2561a3cc9871570fb49d65df2

    SHA512

    e547563111bc67cfd5bc385d3bb3cf061b5d56bce39849b14ec56ff5243a0135fb6f27955626af8b4ff7d8f192c532cc1b184d7ffabbfcb0c18be63a9525501c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bd1bcefc3dd225d3f2cd4b7e4dab2a3

    SHA1

    c08f5d6325a929e72e07b3bb6b22181ea115bd3a

    SHA256

    6c1191c84cb587dd447a3aebc3bc9590a135288dae21da662ca19d4d184fc137

    SHA512

    bd8d5fb4091c30795db72372a9960dbfaded552f45668df14e3e36996a2bc913323a3a9b70ea15c36f454f53d0fdde4c5096ad222d1871f371a3ffba3344c384

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fe852731696efc0842a9a07d16d97f6

    SHA1

    95c76e3da13893d274931384810ce0cd3aa6f274

    SHA256

    473a170a2e9b58e6fe06b15b81ee7b269de372464bf23b43ef2564f836f1c767

    SHA512

    0a5814c5e6e0f8e8c721b9c3eaea2b6921449231a686638174d133c461de6ed5e4a83dcb9f19b5a173c7678b198865b9fea767eaa6c0ed563e34d384b0732678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    356c93ec1090cc84fe3f146dbd2a9c97

    SHA1

    9df8f976920996c2f2f07016c6b002d13fd4905b

    SHA256

    ad7359f1ec0eafad7756c797241a2a76acfd90eca7f4f7f6d26ee49e9e840b91

    SHA512

    7f3916a393277af521c2dfda6fc071ed912149b2502be61ecf70a10dbe74930656b019f315a53752ee5b04d361d2b48ba1723d834f0ad0dbcfe57e4aaefcad72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    569113107dd627dd875b9650c4440696

    SHA1

    ebacc8c8b2ab4436822a46fa2f3eb0a47203f040

    SHA256

    7f2a55d8cfe649a3b344a5e1551b6fc5cc8d6b37423a1c8f6f549d9f7ed0c7b5

    SHA512

    648a96ee5786818b24061155b7aced3c71f4a877dd69fb1ca1e185408f19ec1a3bb68cad84820d8e5240ee4d11009cc816feec3e9ca41ab3d326c60dda05cc83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f4b271f4cf8f94c8a8facbf6fd9617b

    SHA1

    e2de40cc9a8b55ddf024a05f9f76ca4f3c329c08

    SHA256

    e283c5d9ed469aaab84d689084531f4f098c3d3cc4356d3bbc421fd43135e341

    SHA512

    583cfaa5d0af3af0b297e660328a8b77b4b5a2d1a62353792babf5ddc93e5c0718fc364a7cad6711098f57cfa57de88dc088f4a7f77b0ed17c499dc63c1ebbf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38e11fa11509c47e8e5b9d815875026b

    SHA1

    541062e67c08a7440958303b8a5da2152da95ff5

    SHA256

    b90125740186c4d65a1f1003c5ab6d3c6aea29231c9380d49749658b3a5957e2

    SHA512

    ee05ad84ab6bce07fd23dabad92bfcab550352fbf8f2fb6d4a516e00654a27688c2cdc0c8cc21b32e2eba75f4aac637d86047e5cff6eefa239561779eb68c0e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24379663038f7384c798f45947894536

    SHA1

    6d5d6b6701e73b487292763505758e20f6b8a6c2

    SHA256

    b182574cc2a82386a77ca76d8ee83978bd6e7172a9b57814d0ef0fd7b0b3f7a2

    SHA512

    3e659331bfe1a2fed0e4632a5d1c0de163b93473c91010bc87fba8b48b8655bad01033e67cb6e27c51cab5e5c2f4a095f501fadc527b05be54f9cd6d5edc002a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c86e82af1183f1826b9de1d416f0d3f5

    SHA1

    b036d55300c3b6fdc995bd48eadb53bd6a86b0a2

    SHA256

    2bf37196ef75903717df546bf507f4671e8dcf1e829e3b109573ba2e8c5c102d

    SHA512

    f8525bd24ab1fff4e6a9344a8e5c6d6fc97baa961bd456ebd3c31074f8bbf2970095ea84248214416365e1d55892db976ee9bd71953fb5a3addc26c104edf183

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1ce18bdb77b19a8bae3bc335acbaa11

    SHA1

    3c793e0312a3d164729ba2dbb53dc5f6aeeed459

    SHA256

    25c0ddc3e4fcc7c681e490cf4aaeb6f9aa17900144c09abc07430673a267b286

    SHA512

    4837f28f8c12677561fb9554a3474959b732a9f6799ea99fa9e5fd78041bad565f774bc60bb0c4f8358ae35791b73ae382e9cb1cc3a9e926bb2719c6f6d0bb12

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar36FF.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit