Overview

overview

7

Static

static

3

DriverBuck...Up.exe

windows7-x64

7

DriverBuck...Up.exe

windows10-2004-x64

7

DriverBuck...��.url

windows7-x64

1

DriverBuck...��.url

windows10-2004-x64

1

DriverBuck...��.url

windows7-x64

1

DriverBuck...��.url

windows10-2004-x64

1

DriverBuck...��.url

windows7-x64

1

DriverBuck...��.url

windows10-2004-x64

1

DriverBuck...��.url

windows7-x64

1

DriverBuck...��.url

windows10-2004-x64

1

DriverBuck...��.htm

windows7-x64

1

DriverBuck...��.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 17:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DriverBuckUpv/相关说明.htm

  • Size

    6KB

  • MD5

    3a3dd6a8121fbb4e4f1181e3b73bf01b

  • SHA1

    6faccc6dcb27fbde623b91d877f4732127dcf8be

  • SHA256

    05e6f40288872e4adf72a685297d6462c832401c945bf63b7e244a281b967f01

  • SHA512

    3e0f55dca36b4684a6853bc8c59e6bf2b4a2e699ef76620c4197bb6b39fd0fe732de7d83d3efba0e64d0269ef7a1f2bc69c571355b6f9784e65db81cc3025eeb

  • SSDEEP

    96:eygWlXZktTuDndkYWuokAbVXHISaQN1exgemaQNA5FaQ/APUgJX/kh8rW3H6aQNf:ebiXFDzeXdxfx2Fxh8rW3H6x9xQWn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\DriverBuckUpv\相关说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f9515e92ac257450bd981cc43efa72a6

          SHA1

          298e636b8f19c62cd97471cb9cb60307b5759d7a

          SHA256

          3f6e358a69f4e2ce66f95ed013d280db287a0730ba6593797314c526cc134b8f

          SHA512

          2e0b5d32fbccf1d95152c5e2eeaee0283872e99314572b25fe1637bcf1ef46eaed6fd8cd7c7457816ecf5409ff183c4300555ba73e679b97d6268c46dc67dde3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          83cdb8fec79cbb5de317bd9461c0673f

          SHA1

          05c6c8996438c11d6afd580f68332533fc5e65ed

          SHA256

          532cccda85a72df80003d4af5953dbbe0e70bdf8e0700ac32260e5e364de8518

          SHA512

          1310cd252b20f691461a0ce7e0e630f20e71b3b81dd5d826eb4d0ad690ef2d93911adec70839f6c5a8128b35d100011f7f1f5a53ff34b915fffa20df1a62f462

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3fb66422d31c1f7fed3c8393d47393b8

          SHA1

          786ce46a3e80a8abbd71cb4d57d9461ba7d991f7

          SHA256

          af87a5fe5e1c728a88476d737c8fe085579e566033dfd4aae5394bc73adc6725

          SHA512

          33565f396062c844f8f851af6a1227ef4f76284c5adcb5860b580060a6e89931123e3426dd1d30dab7855f3ff4bb710a1aeea322b216efe1f01d599740c617f5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e84e8cb9ede9d03740766d055103f0e9

          SHA1

          82b7dc3d8635131b3a0728a3c0dab8d3020bf884

          SHA256

          69a7a4701022159a92b56a0d3efccd8b7d6a8ef020a079d94c96779b1ac354e7

          SHA512

          c63ea7dd868e6fc350d21da1086c81575c6c62c514eaf36d0d8e07c8b74161ee3ccebbde6f5a6baa134b1ef7c15cf05b3c485a4b9e9b4b16acdcd887bf75c891

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2af1757668ca5841736b440f9684a899

          SHA1

          344379f050eaad9e67a686da7a718ce3bd569f88

          SHA256

          bd2e088b6000621337d2d795668eb8ed08a43b27174e0f3f29b5a5be5f3ba8f0

          SHA512

          bc6a9e13d38726b08a31437b882b9b29d085853d40b147d69b177409b11b7fb7975e5cdc613fe1652748cd9dd6bd881c00c61a6956f7723b77e8847ae5e16f2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9530c319cc7de2228cb50bc3734a35c4

          SHA1

          f554718f5833ff7fe12629952a0ffe3913237087

          SHA256

          da2d3c385ab187f3c714efbe72113c9cebde5d10aa97d88361b5efb95d0bbd94

          SHA512

          5dd0abfc4f58819f7b344d2dedc38f51b023280c952bbd0b26f88ca71a91a813b6fb76a03b9688045faab6f98bbdb88296a7827391f82805933bee1ecaf30c69

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ff073c5941eae29d911550d7be689ebf

          SHA1

          f2d1301994646c0edeafcbdcea8f2e756e4577b9

          SHA256

          62bea9d6840b5076bccf26d567298958bcb0407841cdc9ada2dca56b9317370d

          SHA512

          cc68be47dca5d9dc3514ad4abb9c5fc6bdb1388f07990f65ff98532cd9c93ff976334ef15a02d85495e61a42e7968dff7641f9e1c1e2e985b3d663da8b062ab2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          267351818e1184c14f56f6290c73e5b5

          SHA1

          d78e141f5a2cc73f471c34a04035832e1171d034

          SHA256

          4c8a23a44e37fc9571d2834d18a32b7dced93b0dd0c5efd2c7169108604d8d0b

          SHA512

          e34ac5e3e758054458e02caf402540faf2c22889c64cda08b19dbf6f1743f339c0c43eaff530c368059d3b9b371a393859e79dc01f88f9bc1ed91e4c321b4908

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3679a541f042785869cd332487578f23

          SHA1

          8ef67d06e09933e73e367ebd42e2a1fb423a74b3

          SHA256

          76b9f2864922f22b090255b11df09542676c168f021238067916d69c3e4816c4

          SHA512

          c8f4b619a47188e3099508d6faf93ff0b3bda20248affcb0d96b68088c2effd3308cf9fb16032e72ce4826a1da0d8dd60c9d5df910c90dc0fcd846db380bb734

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f80637f6c51ac4ae364b9bf6a4742b7b

          SHA1

          f7634f69aafde222207b7fefa6c09136d8f5aa20

          SHA256

          60e676802cb2326b18ccad097910d0aab3d1a97b86c799d11e6abe18fd097060

          SHA512

          a3887e22ab79ca6747e269ce53129cca594efe5c8401f9e69a6e34e6e75be25121d5a08ed5b9daba99573d13918d6710ed04bcb39298540efd605b6bf553f0b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e006094b3456109efb041e219db31d19

          SHA1

          a3270d9ea8dc4ac5ef62e3a1d6069d40edda2012

          SHA256

          41d7910645df6703a2002c4d253ecc2c097ed84c008a32cf12764a1a1fb4e8d1

          SHA512

          94a240da165de795a7c9e17838f6e30d9909be1ec94c20fc57797a529cbbe078c20053b32d636929434ad3a3fa5925795306cbbf619283e9612697f987ad7c09

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2c67e3cf6fa13314e07d12606076363b

          SHA1

          64471550f752a736378bb3c72785e7ffad1705fd

          SHA256

          f2fe3335d289d0a2590a13233cad25adba1b16f611324078ebe5755716b470dd

          SHA512

          60e6c84d4617ab7235d9c8148407b58378078bcb08b50b95e4e7ee7a35df9c5b22e8fd1ba3a3e628466b25419f1c6c88e775dec4f0dcbfcf05a49f12b6db5ec8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          401fbc22fc496ab94694a64264d6a4aa

          SHA1

          6ba7498354bbe2fd64b33a9dcc86a9d99d0e25d4

          SHA256

          ba3d5d0d62405f622db30948e037b9e215232ef91482c17b5342fdde9afd79e5

          SHA512

          16931e2a30a3a2cb86381e69aef5e420130d1bffdd2df125372be464aacae9386bfa35097c5b3f7ae752181530b774c9b61496558981845884c118f00c0b660b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6ee8b1658bb1b26287633ba05c324a8f

          SHA1

          5ba3928db327f20c1da7ecff11ea04994bae8eb9

          SHA256

          53e6049d405c21fca7a154d9b74a89d746b1149b4793bd23345b0e7cbea319ef

          SHA512

          3e89e65e179c5551adf093752364b42b150b258581b71536fdd22af23fbdecb67d215d573f3e4d91976f0f173fbc05607b19008ae629dfeb595ad81d6f28a856

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          115307128a72dc80d9b0f7e99f3d3708

          SHA1

          baf92f7e8049bc73f21e19945a3cd76f7297a3db

          SHA256

          415524e836c4ce5a32d4744503c2dc6f724093e6900ebba235e340bf5cd31ca6

          SHA512

          127e2a7ac262fb458e8d2aff202ffb01e1c77435f84f1675702a5547e42c610aaaca8382f8089adbf4321142fba222bd0de471b109d38707907be6cc1cc46262

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          edaed4991a1a9e58bc6f5720a906c46d

          SHA1

          40c70b020577d49259824ef8f04f0ef3b1684e43

          SHA256

          66a065db57c0edabbfc9940c406036081a92bfa0d9b81725a62841c365511e60

          SHA512

          9e2d438a0e9039e24b63709aaf9b92c99353c0139ef56ec399bdeda9f4dda16069585a6b4dbd0da2d5dbf52d03a3e15d7cada2867bc0ff6d1225244e3a12c213

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bfb7ce0790fbfa005125a1debe6c33cc

          SHA1

          3bd63a8facf116f47e0fb44e078a51dca0967a90

          SHA256

          aec475fdcd600904ce409f40b40d6043ee0c0a85a342a8bb69f81aea8738ceaf

          SHA512

          b04c6f9ceed12ac8f3170955ba8be85990cd1efcf1fb52e35e2c119579f7a67188ca6e2aa1f2209b2de899e394ee6599dd5734d3028616f5e03d8f5c6bc37453

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e37e8e279ce81621cf65f8a5cc8c8e64

          SHA1

          0626cb7df867a1ebceaa21f3fc94cb93eab79608

          SHA256

          0a909bc2c4a01a3bdbe56a97a82fcee771b90cf8fc1fe757acaeef085b2b80ff

          SHA512

          af78e25099c4cd2401ca167b686ca533708ef941feda587ff8b808f07d37fb4030ff1b63ac3d23a64d75fad69160d277a5b2a1d840db360b64260d6e6320c79d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\count[1].htm
          Filesize

          4KB

          MD5

          717236cc6e1d84c2c4e2feb98adfbb40

          SHA1

          3ffdc60dd4b9284ecb26330c1aab565bfe5e8b21

          SHA256

          4daae8da3b53c7ade32df8a17f0044ef95c98a849bdd27befe40f9b045b241f7

          SHA512

          491916c4290c8bcafdbe1bf49ebb67a9e45e04b48e4985ebf259ec84954f484abfda01c53d099c761bf8fe8f613a3baaab2dd0db682914858d39288a9ea5774b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1FD3.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1FE6.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit