Overview

overview

3

Static

static

1

FengTan/�...on.vbs

windows7-x64

1

FengTan/�...on.vbs

windows10-2004-x64

1

FengTan/�...de.vbs

windows7-x64

1

FengTan/�...de.vbs

windows10-2004-x64

1

FengTan/�...de.vbs

windows7-x64

1

FengTan/�...de.vbs

windows10-2004-x64

1

FengTan/�...d5.vbs

windows7-x64

1

FengTan/�...d5.vbs

windows10-2004-x64

1

FengTan/�...o1.vbs

windows7-x64

1

FengTan/�...o1.vbs

windows10-2004-x64

1

FengTan/�...o2.vbs

windows7-x64

1

FengTan/�...o2.vbs

windows10-2004-x64

1

FengTan/�...up.vbs

windows7-x64

1

FengTan/�...up.vbs

windows10-2004-x64

1

FengTan/�...n.html

windows7-x64

1

FengTan/�...n.html

windows10-2004-x64

1

FengTan/�...m.html

windows7-x64

1

FengTan/�...m.html

windows10-2004-x64

1

FengTan/�...in.vbs

windows7-x64

1

FengTan/�...in.vbs

windows10-2004-x64

1

FengTan/�...nt.vbs

windows7-x64

1

FengTan/�...nt.vbs

windows10-2004-x64

1

FengTan/�...ve.asp

windows7-x64

3

FengTan/�...ve.asp

windows10-2004-x64

3

FengTan/�...ll.asp

windows7-x64

3

FengTan/�...ll.asp

windows10-2004-x64

3

FengTan/�...ss.vbs

windows7-x64

1

FengTan/�...ss.vbs

windows10-2004-x64

1

FengTan/�...it.asp

windows7-x64

3

FengTan/�...it.asp

windows10-2004-x64

3

FengTan/�...day.js

windows7-x64

1

FengTan/�...day.js

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 09:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FengTan/风之星丰田客户分析系统/admin.html

  • Size

    871B

  • MD5

    a47cceee7fd85c8793c1c973740b0f0e

  • SHA1

    100c8888fb39fe82b31886e2a6e776944a0215f9

  • SHA256

    dbb4ca5d203cdbe6e5b56202ca1f8529066f02532ad4696cb497913bcacce4a1

  • SHA512

    270cd705bec9f536a2a36a280eb1942a9e96d16e1cb300f3735ad413fe371d8a192d2e88a6ac311bceecee521f1f0091cbffd7ceda86c9339565c8c81f2fddf4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FengTan\风之星丰田客户分析系统\admin.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1200

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d10b1620698c50cf5c48f053a42bc528

          SHA1

          9df9aa5a7dab45153cd12bde1e8fba679d2dd7d1

          SHA256

          181f756bb4b08408cb03f0459b65fbdf4fa9ddcf8a4d0b2c7d32025ddac1229e

          SHA512

          292673003f00e2e7223cce3e7d616ac060960b88c639f970b17ab635cc179303fd2a203be437ff835b4c69a589887baf8e2f8333d39ab03ae1c424ca1d1b472f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          66ffe6d03c794a469f58019a5b7911dc

          SHA1

          4296feab9dd5bb13d74e253e51a82db244120ef9

          SHA256

          466d6a1dddc2d4450ef83f2cd3189d346d0f7d3fd69f4c188993c237095df260

          SHA512

          935bbff0615dfe64b686532daf570c593da037a2d138fa9055d13ab1b815d85e0bd0adbe31228f21de88b8817ae408974cf80c44a6ecf806e161cd2c25e55d83

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8f15af4d27968d4679e8fffa423affd6

          SHA1

          3cfaa20bb0267ad5e362c5717e71a022d90054fc

          SHA256

          206348d3e6d9e669e6ffb20854ed3c18f5a2d531922418369ebc5693b5e8802a

          SHA512

          9c9a6122fb3237c18cd5fe9fed2a9ccc8acd593eeebf94dbcfe051ea08d046ca6c9d801b01a038b597ae044a32c3ed09312175f97e783429d76e1a79ed4f9894

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          85e97ab1d97c6b3f8bd891457f17f072

          SHA1

          405cb6e844822477540ae3130fa052be4b683840

          SHA256

          1d24e864c96d77efba571ff10eef53b05ea9a9fe98564243b1c8714ca027919f

          SHA512

          d2a10240fd717f21d50eb7688e78a638818fe52fcc858cdfc4877d1759e43b41534085e4ac1365ecfc9751b3b2103f30e8df21663ffb5bfb57a70cebabf32f3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cc3bb01a2b85aeea237eca764bcb5ae4

          SHA1

          a0adbc965873fd63f79c832d2e479a6a71392c8b

          SHA256

          2ed8f28a855b2a2373094aa03b869d32f471b303a077fdd43b14174b6f3740cb

          SHA512

          00333090fe8a324eccef68ee1bc8ac81e15fa4b5b015b247616fc56075bdd3a13da5c46e79ff385565a7b2153efc555593239543cb2af8d02c61974974a1b840

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f255b259a321acbae117b1a117a2a315

          SHA1

          83cbb62ce4319bfedcc0fadc6f43b7565c06b25f

          SHA256

          f00ed6d7491805b3c708d4291e233b0b3b0afbb55b4118bcea4fd5b226cb67e2

          SHA512

          65391e34cdbf6f2f35ccf4b2a0c7f0eca040dce388386d7e2ff183ab399739cee4d882b3af2c93ea79c569b947ca10ab536d946000e718d77ac4e1fce70748f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          06ae201349bae7e370d67766ce682304

          SHA1

          12e05ddea5b931f0e3aad16c84ee6cc0dc30083a

          SHA256

          42893f922c108345fd96bd563a39606f550e9763b8ece92d311536be988b9ddc

          SHA512

          27e90c33b0d048ccd99cae4c72ec477373a2cde2e2674a81e11a51ebb898171a6d8c129c01f82d9d0ab8d0ef31d3daeee851a153de0985b47713a8a7b50a55ca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          159b5836d12365be317b4eae95912dd5

          SHA1

          d9cfe71c78d4aa9695cf698d90af57dafedc64ba

          SHA256

          1dc8c9038176d7ccc8d7a92fd5ba4f28970c2fee0d5ce0f6ee1dcbfb8d4b1f34

          SHA512

          60c4b2af592ce2aa6177a8668ba4534198127e30bfc382f401c32babdb974cfb8373253afbba0a1a9125b33c2525d59d3a2b80aa6e9a09d1e9baa9700d6c7e3b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b0068b9fd764a7045611d0e76446a99f

          SHA1

          d854ee4e6fee930af7be9dee4783b6c14231fc4e

          SHA256

          3fea4a710878d46bcf5a37632f79a91369b410bbaf211242ae6e9d8353318fed

          SHA512

          270986729d71e1fac5481ce86ecd4de9a4819f4a941deb2611eee04f9a1392a9e70ac71e5563c9b467f6d728ccac548c938fa073d736e3cb8f0a9fdb5d425243

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e662d3a89231c06cff4d2bca2e4cd163

          SHA1

          9c3aa41d7a136210409ce38860993194fc04bc46

          SHA256

          90de30b5f8bc1c3872f4a2d4e3df48992ac341553993d3210dd11ee86b193a00

          SHA512

          6521b0b9adbba13737658db845b0ea5b96b4ee6cf00ffadd4268bc98aebd845a0f853623c5fe452291f206c27ac6575eac69a545cc0b44a24d5d6527b7e7e789

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6f6a0addf1946ad66a460c80939c85b7

          SHA1

          f35810e6160d9ec98b320658c25734dac1894869

          SHA256

          33747e3d068b20d9a7ad1fdf478b55e054b209a58200511f028fb207bbc3158e

          SHA512

          550959d917f4532074a98cd172a27bcae30224b2fd447a031f6081b61dcd41f4e8ef9c052700be089706cacac81ca15da02d9d59090eaf78d47c9bed6686b8ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7d0e42c2ed6746edd1f8df74439bdb8e

          SHA1

          eeada8c32b3d9369206c3292ebcd7e10d21b6013

          SHA256

          535f1fd61bfb211582e1db0e0b2d5567d18300f2af96dc248b981f22bc36b076

          SHA512

          18249f3f41ffcbf4647456fe0dda7c3f86b17233661f3cdafa8f42f9cb5a481c311d607ad708f68a39c93d8a024c8360db54c8a174dc039445f79b5b4cadddcd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          678f70615171b74d1929e5cbad1463c3

          SHA1

          c7e5c22e27134b71f7b72da83d3356b14b782b23

          SHA256

          9065d32f9a7651c7ea11bca9e027f623a0191f7cc82ac452e27a51e1d0a3e62d

          SHA512

          6d9ae3bf1857b45f8c365bca39eb3f00b6183f974ba51f17a60aa4ac829b2af0721f7fac4b6776c4f7672abad8c110fd4d782258c552f315062a6e681ece149a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          197d1f3d9476b56fda14e70b1c9b2df0

          SHA1

          f035b726c9f81ce186d7a0317bb3678d50ebb6df

          SHA256

          a6abc1fb5f3289400aca8c4cad18b31058935f09903239bb7e196b68888ea18e

          SHA512

          79e3cfb33c8288b04a89f3a23d780e882aa3fdb2e01c8f6778533a57f8e96d74017b552e31b7ef7371fc76e1de35c2aa1844150ce96512ccc334fb1410537587

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fb7cc9c09164f199429566cd382569b9

          SHA1

          636dcb4326118e3c1257ad8790c82d7cac2525d1

          SHA256

          6dc0f05761ef3400d552320a75a8c263090240ce6cc9fa856bb60fee02864e94

          SHA512

          2cf07f17e7aba94a52fd9b8fc9944a26f3cb2b4cb8aaa94894f9e018b680318e32a8b913a7dce9cc3b3f825c96d5b11b6cbda401e04201ae2de5d9b549a1921f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aae3f9b576bc552c1a7fe461a16d6916

          SHA1

          e5e0ead5bfd68eebdc228bab65a2668334d73acf

          SHA256

          a7a9637024d47ddf6bb23370437e6f1fbc7f47708d78b5261e578d6631cfdb75

          SHA512

          070f949e71160e2037796a6b04ff53af5ef746acf653f8e9978ae5d3c92a74e029fefc41eb17fd06e36a3c809e5ced2abeedf9df31498356cbaa9bfc4cc300b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          03aaea10838fadb452ef8a2bdbd976f3

          SHA1

          bbb9bbd2562f8ea09f3581b78947377ca4ddfad2

          SHA256

          775b6f6767249efdd2f06ccb4bcc46b3f2c060752fa4ca752e97258a26b498b9

          SHA512

          78539d466c218fa57cd686090e24b6b689828a222ba72d4aeb1a50ff661a7c8208dafd6bf46d08d31e5d66487972311ce75d634d6bf47bc1e3ad4221c4834707

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\httpErrorPagesScripts[1]
          Filesize

          8KB

          MD5

          3f57b781cb3ef114dd0b665151571b7b

          SHA1

          ce6a63f996df3a1cccb81720e21204b825e0238c

          SHA256

          46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

          SHA512

          8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\errorPageStrings[2]
          Filesize

          2KB

          MD5

          e3e4a98353f119b80b323302f26b78fa

          SHA1

          20ee35a370cdd3a8a7d04b506410300fd0a6a864

          SHA256

          9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

          SHA512

          d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\dnserrordiagoff[1]
          Filesize

          1KB

          MD5

          47f581b112d58eda23ea8b2e08cf0ff0

          SHA1

          6ec1df5eaec1439573aef0fb96dabfc953305e5b

          SHA256

          b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

          SHA512

          187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4991.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4A82.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit