Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2024 22:13

General

  • Target

    lvyouhuodong.html

  • Size

    4KB

  • MD5

    203e694685f5f7bb214699332da3ac35

  • SHA1

    6f2f3280c73e2c9b652e5866e07c9186c6e94a61

  • SHA256

    9646d7bcacba0eeb275c08d031c50f72ca99c22c38a456507a5c3f3a186f8679

  • SHA512

    98ab635cb093fd8b274cece7015b5c517e1d17ac79c5650a04ee6b9109c846a6c41e7326e0e98de443ba1a8071664c1b5889caff159444512e3b7f0a7ec191ea

  • SSDEEP

    96:SIeTMXTY5VpRmkkskBnCyF6uuzlJizvUwTab:SIeTSTYnpRmkknBnCi6u73Tab

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lvyouhuodong.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2476
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2476 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3012

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15bda6eb64b0e87373364dc8d7f248a0

    SHA1

    7e39632b9caa6a7c0f216a77a9b6addeea79b978

    SHA256

    706d30f9010d21f82380fb1a7d24f8bc0a7bc428dd5da30f2a80fad76faa6e53

    SHA512

    d8c702d2b85e4fe13c03ca19899c881099a095224877be481833d301cbf34c0814166ca306ced791b29cb8beb956ac7306ddb51bbcc5be9cf41d4d1a6dd69ce7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    638fe7a1104c2b7eb22caa4958dce6c9

    SHA1

    30bb1b24756bb2ad4265aec60adcaaff1d148e9e

    SHA256

    28603f06d34dc9940d53f0839db05a6f5ef8825e68c5e71daef07a09b737fc3f

    SHA512

    fee4bb2e69f6e6ff24d1560db6b2f3f31b158f9ef5080993f9c68b5d5eb38c219100161bae06a6a5bbbd4713dc96f47f3f348e02c35e7ec287f11d923edf38ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8af2082caf533503dc13da65f3c46788

    SHA1

    def91b2ecc1a50d16a6edc3818d87ffdd5c9e141

    SHA256

    079de25358d1d1c9b6d350097d81decb83a71f9f437b27883047c55c74c469c7

    SHA512

    1ff51e71ffcd275d19ef0a75a82696835aca88ab4c7b30941ce91bd4e4077fe4f11eb9eb82572ed03355284dadb8078c75458ed98c7e63c9db189a5c48fd7c61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86ed7dba1a64b27d006066d565037b97

    SHA1

    d6e437937958ec737cb317921f2f92bce4fe4c2e

    SHA256

    3964626cd737c538f6e03050503b75e2e36eaeba06503c21fbfb0b754dcd01b6

    SHA512

    f0e76a98b81605cbc63d84aa6d034378f7eea0de74bf0a3d9a683ba26de2318cf9f167225e9233d10c7efa753785b47c5dae403a578c9f433a6d89f761c3da17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f4c0a22868449cb93b4ed3fa0180fdf

    SHA1

    92060d8ee9c07d8b50354a441e0e63027cb4644f

    SHA256

    e677d5de5352838b37659b7d78a7a388d582ace902e041e2fe9e9c2f9e0d37b6

    SHA512

    20bcdaf6df07d0e7d1b779c4e5c44e1ecb662f899d7387447c8c4d55617d760430dd7b8182b3d62b56794b23894f3dacf7eeead371ebc36dfc71cf03c10ffe15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    772a813a6d4775cc1b0261c1fafc6874

    SHA1

    19c6de8978a4f9f7cd42cb1efe5b9c8fd50dd918

    SHA256

    13b961b1407826ddbf595b0e9090c3b919843cedc3b40eeb39251613db15701e

    SHA512

    2dc5b9b5eda8791f38410783b0f2fc19a9f2aed2616adac3797770ac39f276c2ee81c182e3beea5e89323ad73d190ef7ff86007b3de0f1de52954a4322f1e17c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c273f06dc4d2738501512396c42c1a7a

    SHA1

    bd4aebb99c88040fa20a7b59e9f2499d70a4ee21

    SHA256

    cacb66c223bc76a72eb743c619697e72d6e879925dc91e31b4e50ea1a634c098

    SHA512

    2494673819125247a92537ffa589f844f5c8b243fc7b5fe3b157badfa3846a5d183786cb95480410e587c57c36d9918ae83464b123d0f2e50089e1c2e5a044ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a10fc95726ae9d8e05c85eae15173c3

    SHA1

    2610c80c7cac6daa778f75bc9dd84bd5d1b549e9

    SHA256

    17f1fc4954f30e1a64ceabc58666bc66dd4b04f587d8fa81d02fb0906eb12547

    SHA512

    65da6dbf9858a8c348330ab49178cbaa3300660f962d853ef8da774bb2c902ec1f0c876522eb6a41c3a3a8acc056244bcbd2cccb716fec421f0408e054d6826f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38e934303c725f979972dbb79933de5c

    SHA1

    bc771f290620b97e8056899ee8316abc068a560c

    SHA256

    c7c2cbf5f53443c455e15c27f53ce4b13655dca537bebd437efea671e9170611

    SHA512

    9a77fe878a686a527c6021fa98c25f1ec38f6a6973a7ca7d4c182eeab9240cbde21abd508f4ce610da6b784f8218745fd6c281edc3ece2fd323a9759d119028e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d93341218e681d59eed26b610d96720

    SHA1

    4151a42d7ff7355b0866c054b27bcd546a1b4926

    SHA256

    b44541b5212cb35daaf94f675d5bb96d5e03b3942a6fe3c8167909f4fe6f0b61

    SHA512

    42fdd4d70306f676356a25ef97a4ce6105f76e2ed10447e3e9b680e8afcbf2e2570e4f7456535edd48895cc58fce80082ccb8bc3755940bb2e96cb3a0f729046

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c3e409aa10e252c46333beadc7d1907

    SHA1

    4ffc74df8a994379f39db248b8a49b95a42bf503

    SHA256

    27d57c32694f6e1941219620b9752084ec4c3722d7c9fa6334c9435110195eff

    SHA512

    d60fab769de6ac1709a61f1c23fc89c65b9a93a4b10d9a1790c427898a3ee40ae09fabd542ca01e411447bdbc03d7c29895a5987cb9d29fa7d5cf5d6f59a5c9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e2f007c4fac21dc4b61da6a714311e5

    SHA1

    4ba286c43b1522c900bd9ad47752fe0bf7684f54

    SHA256

    3dc4c36e42d48c13134f5edba22d17014ac4b119680d53a4f6f0b27eba27f932

    SHA512

    6142d272761b3067a0152fd3b385d60aaad403f9203f564c851c8f5ef4698f35cc1a714ad211f21161f90b289efdc5878fb88f17f417d376706aee2559549b19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc837c891b326fbebc16912bd08dc1b5

    SHA1

    5f9754a0188637fc24565658577dc14c7d1e1e6c

    SHA256

    62d26ef83fc57c50c9e960a8159884020acfbb329799ace2e43cc3b7dfdc6145

    SHA512

    ad2e70e4e35a4c2cb7e0b88625a4377ad1fbd614e189c6cd9f2c2ce73278d8e8aa3efd22560e5b586dd3f5271b3ffeae0741741fd46bbfbd5c5a0d9ad95efd43

  • C:\Users\Admin\AppData\Local\Temp\Cab2C8F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2D7B.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2D90.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a