Overview

overview

1

Static

static

1

YingyanShell64.html

windows7-x64

1

YingyanShell64.html

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 11:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    YingyanShell64.html

  • Size

    930B

  • MD5

    ac5046172d5707047a7bf128f1462b73

  • SHA1

    e7fb38587102378c2db1fce4d854096ef85cc507

  • SHA256

    1b181c73a9376f66ce70c2cbb599ced834d4ccaa11e06856cdf2ef3300a4b8e1

  • SHA512

    8734eb5f5d361d7a6e3d98505995bad34cd6791d6884917112ac10c4c9e3a2045eaa3613822389f5ab65bf3d5ea9dd7044de5f12a9d62ebcf7b720db76aefeda

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\YingyanShell64.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          83f07ab718eeb9c1f780600bbe1a7822

          SHA1

          f09c1204653f9c8db4cb9b3e76f40d602a8a763c

          SHA256

          5e49947a6e0c365b0881956f8e0e5c46fd0819d1608da48603aa6d28eef6901a

          SHA512

          ab59b03d22c9c54c2217a054dac2e0136f058e081c5ed59caf1289c16df5a07a359bc14000eb3f531d1f12681e47464f6d699b978b7405541c2601f13823e7a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          98f06018399e963b9197f02372a3f23b

          SHA1

          9408d86d8de15fdfa8741098596fbaa121b7b16d

          SHA256

          18d2560b5f27ed262caa8dbcecfeaca1a3f9b45d993a41058a4bdf0be723e7bf

          SHA512

          ef3414500e3dfd91e125edaab5306b3ef7c6a31695abaa977f1ea2553cfce54936d015de75b15a44ce0b5a3514654f640b8e851a91b7c5c04c82128dc61ab87f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a8904ad7128e985cb65b66913c96c4d5

          SHA1

          ed64605a17fb316e99aaec5b6637bc73df3dd399

          SHA256

          c71aeec1f6f249c6422aad44abfc339e853b9d073d130af17d7969dd7f72a4d7

          SHA512

          57f185a083c82939067746d4f3aec2abc72ec2598c5501124ce384d38a08d9c3fe2f06c580386ede91e114180f4cc8e1ea762018e65939a894e06875fa5cb71b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          218ee990cdc48918dcadbc826e1bea12

          SHA1

          8c4c91afcfc1d9befea5f46bf9fdbbdfce7b2147

          SHA256

          3f9ca782cd49c23c9d3249d3136af555762269f90228312f94dad826febe3a44

          SHA512

          1cac664d3a01d48fbbb8578e659365de9b02f258f73b57e712954b788eae49cd8129d741a5375ee69bfb8b36b43310de387ce957ad096458e2eaebafb57a1d7b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ed13eb2dedc4b3ad7ddb6fd9391000ee

          SHA1

          c845ad42356589250a7d37062ce5913f662c8a95

          SHA256

          90b9ff180f2e0ee3211ebeb353ede676fe3747c3eceb378a05e6deb53b807300

          SHA512

          bd126fb8a0caa4cb2584aac92e5347cd0ac619014b5b45003f16d289cc0347f9aa153bd41af3a4b669ae314cd7c96ba1a8423a1203177bfb1719fceb29ad0903

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c35f89ca78e79294130a051dd423b3d2

          SHA1

          10b0a41efa44608a19252c0e6ebc3e86512d1366

          SHA256

          cd050975a2275194589c4ef053a5276f8f60d092a3c1bfa88c38a874bb711f6d

          SHA512

          88c1cefefdccf85cf110f66b8fcc26d86a6eb9f4edbe79a825f69aaacce89c4cb6323c0b2cf89108f1093a970586aecf7e03036ee29fef9e816cfb71f0aef2b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bdc4e9f6ae4cea06d2b5e52951c8ee4a

          SHA1

          f3203afbd66e5f1bfa902e1acdb434e94c40279a

          SHA256

          16808b492e02746edb00464c6f3a110e5a5fc5dc722c9afb5486b269f1a6b437

          SHA512

          203ae0551f5b2f3f73aa5262e3de236555a6c468480e10c298ad92528216e353f169b90f0d3e31502538293949ec226eb568ea0961168258fe71e10e0d6b7ffc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3f102b5b8d5a9b33336060afa6a67f58

          SHA1

          fb3baa24073fa2c0dba55171e1771a9e6c9432da

          SHA256

          6b613d128b0ef2618ad8ca2a34e1356a1f090277b9ae0dfbda32176fa755664e

          SHA512

          4d195f5d4505b63b873b81d11289e564ed4cbe7bbc843ab108716ec09172915212b4330e2f74fdcc776827aa390555f406b0f806b2ba28e90246901c53027505

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e6d9598bed562480e7c5cd8376567d1

          SHA1

          0a497d4b8bea9c9ddd2572239ccbab283803d09e

          SHA256

          a66e4386f107cc5b05cd25a79dd331164b2125b0cdf6b1ccac904b1b62279e3e

          SHA512

          ca7ce4616d8c6c5c72559d15af0b9b97285e6cc9acc7e208acafb8558db1e245ac237ef34f6cc2a48fe304d0c2af8f5b118153f7a8b737d73d4d632b1e2c52db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          be0937d4f16e06063a01eb2293d8c715

          SHA1

          27e46e67a7c68535b2200a9bd8d040f1fe2e4f5f

          SHA256

          6530ba5b6fb4ed6cad441755c68d86bc0f8763ab30a72a242d8511bb0fb03f86

          SHA512

          8ae103cd42c9795f08624eb551fb92449899b9b4631fc4348062b642ed9f41be88ee8780baf19c5503445dbc9770f4459ec5f643408fe189eb12a6e2fb1d95f9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          19f32529eb5d0137849fe07c419ad38d

          SHA1

          4f6cd790bd123319e49b5067704270f41119e92d

          SHA256

          79205764b9e30374354d42d9fe6a50831b2f5545071dcec7d1dc0b6ad0b79e9c

          SHA512

          7f73a19af248c746457374821e7b4f11c334438934f0fbc30bb1af0cac3ccc00694f08108781c73a61e183f2b838464bcd772e339c19a2c4133174457216dd7b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e1d23102e14a63d18448c291fce2366b

          SHA1

          6683f7b55f955c06c96460afb7f41e55142e3029

          SHA256

          cd137db915154e11c9dfec1f2e74e8b70b5c3e51b4369f1bec75f860d3801b1b

          SHA512

          8c6ef4338d4fc63df6e740af2af28b1f327613ff80e97038e16545d3e4fec194fcf3c3c45243ba0ee70b5cfd1cc4a6aceade5ab514fa363e48c0cde7297505fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3684f37f2aabf7b9b012874357cc07fd

          SHA1

          0677f6068b23c36897601d386c345cd2170433db

          SHA256

          e3fc2cf829dab9a0e92fa989857c0cc8c69eb555bca3a6523880e9991f5085d5

          SHA512

          ebe044e7c2ee32f7606aa5456a3679f11922e889e2c6c3649c9c1d0ceb8e97905665787cc77776776bdb7278b47dd94352cd3288b57ee33aeb7fb8a4c71c99dc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e4bf5cb8a4af50014cc6958db165adf

          SHA1

          0e10f9baa607a19195df7a2f872f20049b79ec72

          SHA256

          2924cd83dcd11935063634606e2c79d555287efc66171fcb9ad6100959db7be2

          SHA512

          ab70159eb334aad99295d382c781883d575b1fe8b5333b4031fe713e9c36261d0a0051c980dd31a13fe585b9f102d34166e3054dc2fcfbbe31641288bdbe037b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          393d8cd34d68a6add07ec4fcb6f5a29d

          SHA1

          ea9d0d21294a9f2311a5e8c42635b0745cfa7a5e

          SHA256

          3c58fde887bb74ceb76b5620255f564c3c8466b27a852b1f70d97f14f54050a6

          SHA512

          6dced25a3fbe9213935c5ad29880c1d6ca96ddcdc24762eb01b8ff37f4a7eac9e94695a55abace9febe1c24adf8c9511f3ace227a8b90bcec139a9570cf2ae9d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          077b06b6e583f85adb42264d74ea1ec5

          SHA1

          a9835ac1f6e55320d038fea630272d2ed2fdcdd8

          SHA256

          3016cafb3e970e90975b525bb988d20d8cfb54a0d07aff39f3a5fc41ba55683b

          SHA512

          65e86a39dda43c63dfe564d9f727003b0c250a4be3ff969caa2534b5fd1a8130db90d6feb960301b9bc06477cdf7bdc1436aeeae0ee3debe7bc10e7e27de5597

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          65449d52f65c12ca8eeb0220d6b8af0e

          SHA1

          995971073cdfc902e851d1786b51a9222ba6cba7

          SHA256

          3887666ef712e4289974a70bcecad94e2f032bee9db0533a5f75bc6fd8dfaf98

          SHA512

          265c95b5c5d2ac91cd5aeb02cf290eb21413d1af7b114da6bb4bd06ffd03ae9766bed2fe8259591dd19d456bd203c97abc640ade99cb89ff4eb82964a9cee68b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1BED.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1C5D.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit