Overview

overview

10

Static

static

1

Yuqu_v_7.98.html

windows7-x64

1

Yuqu_v_7.98.html

windows10-2004-x64

10

Analysis

  • max time kernel
    1s
  • max time network
    3s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2024 19:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Yuqu_v_7.98.html

  • Size

    312KB

  • MD5

    2ec301ee8351ef1c26b0d20c8dfca571

  • SHA1

    7803bc561d9c2a45e5bbd7143322ac8e03af2a9e

  • SHA256

    58c5cdcc3d86ea378fbae69fbe43d6f47dd556d2b5343fd558f87f5450fba185

  • SHA512

    89800c85098f80c3d3096aa25ad5f6659bd07ea501143696596a7af53528b919f09a1e492c820856c424d74b0d042c13a3afad7ea5e5f7e0d1401c40337864f0

  • SSDEEP

    3072:BiSgAkHnjPIQ6KSEX/gHePaW+LN7DxRLlzglKz4i/4:JgAkHnjPIQBSE4+PCN7jBz4i/4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Yuqu_v_7.98.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
    Filesize

    230B

    MD5

    36b88726a03205f582481b7f7f7e87cc

    SHA1

    513c0857ff64b57a459087de0e2896d58afa5c3a

    SHA256

    72641d52ecda3d453c9c9dfb9f293408c3efc4d59801cecafe34682d4161ffe1

    SHA512

    0a61c004a3f6090901cd3937291a459d8604df99d3497134034679a435739a3811cadc33d46487fa46d4307271c18261f3fabda9989dfb71d24c721ab6be50e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2ffcf656c9acf94c7ca9d32f57abbf5

    SHA1

    2940852cf86af580fda10680bca654de50336e16

    SHA256

    aad49bb4e0bb0ef1850dcc0eb511f885d32be68af32fc55a0f12296f5dcc953d

    SHA512

    7234420d77104d27c773fc480a3c51f6e6b5a0c4c5676792f2162e7b40c08fd2e6eeccb80dae147d03e017fe0a400a53f814cc86051ccddcf0b779ebdd51275f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fad8cf719b950dc2dd399f1f7a1363c

    SHA1

    29624b8dfd2f14a0b78c8ddf17d2c2525c486391

    SHA256

    d486d9e214663848e991545637e518c6870c76f92f54659d49eea671d9124627

    SHA512

    d481826d86d3ca3edd6c2dd049c39bd0b0810d2546b0c2e8226be15c66dd6f777b9d4bdcb0e740e5f5915d91ecfb87987bb86694b76e962000d7aaead62672d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5f065b41b2ae9ce76d5b01cd152ad39

    SHA1

    a1c2cf4c99822977ba237e4b58c1486faa3da0f5

    SHA256

    050e736851fe35f37e1950d9ea11b004b18340499a83d08a05476e9f79231c3c

    SHA512

    e408e4eaaa7bfa5b79ea9e51e254cf728f6bbd58e938ed61a08f2ff26f4db50c9df02e51381e322cac22641f727bab38e5539886181a0f4147937ce4de7d0f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e59ebe230354d20e293752dd02e5c123

    SHA1

    8ed7d037bc46f0af8b9bccb83fa57ce90aa96c10

    SHA256

    3430a30e51471f2ae16dfcd4bf1372487c8ec486a942b92cb10c6d88ec60b3c4

    SHA512

    b4e7431fe7f77d7384b807ac3e9fbdc0f80b94072e75aee7dccf3ec04bf8160d7b25e3a081e21111e0d6e99f31e4c0c0fb6e6bc3d94411a6feee56733773addd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00ed2e13cc1d535bd281e6c85f410790

    SHA1

    d2f907ef07a0e2c80d8b9d56a719394c18e8a5f2

    SHA256

    ea3c00f7aca9fd5098b5164f766237f1d552fe1ce3782e215dcc419cc15a3598

    SHA512

    d57649d8757977ebe1cd87ff7324927dc7d82b126f83068ded6e538339031b009c16fe4bef27179aceb44d276bff57feae2c04599abbf35b70a46820e27caf25

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C50.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2C63.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit