Overview

overview

3

Static

static

3

简约BT�....0.exe

windows7-x64

1

简约BT�....0.exe

windows10-2004-x64

3

西西软件园.url

windows7-x64

1

西西软件园.url

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29-05-2024 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    简约BT种子搜索神器v2.0.exe

  • Size

    968KB

  • MD5

    fa870eb3e9b334c134b415138ae2af95

  • SHA1

    b7d2a3e1842aea916e713ab995cb41fa9533c437

  • SHA256

    dc1c1c8d3c6c36e927c2b29718f06fc2c76373cca54375a038fbed65f3422a43

  • SHA512

    7c793589d76a3d26eda716109291c04fe372ef67d6a0beccc2142a58011804b687de8fea5ce8a6d59b24abd754dfa771fb577118d7de67638224bcefee6a0812

  • SSDEEP

    24576:iJF+Vvsix+peQZLg7SOCB3QrxEdMTeWmFlSA:in+9mZLZfB3Qr6dMTeWYS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\简约BT种子搜索神器v2.0.exe
    "C:\Users\Admin\AppData\Local\Temp\简约BT种子搜索神器v2.0.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://down.juycn.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2132
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2288

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c494efb36252fdb2f50b2cd9a2122a64

    SHA1

    2b4616ed3c048c5ecf334635de621e45b84ddd1b

    SHA256

    3ab5819bc738b8e9beafe6ad27f35a05eb535eaa489522cedff6fa4fd1635e95

    SHA512

    633168ab10624ee9d0292639f939edf25db07fb5759abfb351ce68d2103e1e64b1d2a1bda8d64e5279695f3bbd70e8ee789a256bcfcac44ac5d345e46adf19a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca25c1a245bb7d0a2da5e4a0cda5d8ed

    SHA1

    008f7ea06f1fcffa80502e54bb14246c071f4af6

    SHA256

    7e73bc759d1b15d2dee1d31c9b79a2112af2f03d17e65112e49b8d172400c988

    SHA512

    0c09175653e2c3f6aee3e6495da4cdd6d73a65b964d23b6a3f14ebdd9a96a1da37c104246954a7978faba64b2d548b46c6090a3bf9995c3a97764c3664587a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    819235591b31974aeab3ac3b74015800

    SHA1

    8785f686a4735635e4d1071f71897270101fad0c

    SHA256

    ec9c77c9f2dcb9040842cdfb230321d73fab93fbd554a95f7b3cd7c361752aaa

    SHA512

    45f570baa623f68992ab2d87884a8ad3424277c7374e48a13d1fcba8c07a0f6d9641ec483e5653d924ab818b6d635eff144cd1d2d6186908d9ea617cc5e0fb51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d28c27adc17ac5c8b9576f52792f811e

    SHA1

    1fc9895e01a0d2493bfea2751d554cd55d12ff3f

    SHA256

    15ab022c61fa2211669a4a09fafe56267d307ea84447ec784cd82a68afd87e7b

    SHA512

    f477b6552c3c353f382f8a3649ae46e7984b5603eb830181b9a7893ac56408cb9455c294237cc3c80f0f817e0f0e449ed0929bda9d0310ad82bf80d23e93af20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    801a847a207bb88876b9a1750af50413

    SHA1

    0bfd9b8d1fca8849e7e32cb0162ce59730a7aa11

    SHA256

    af9d3d17bc5ff0ea8a6b590240891994da6a3ebb8c15bdeeb2325f53721b6c54

    SHA512

    79779bfc442c06e884e816c8301ed7aea10a0da5a153f4391d4b8dd6acda2c008c0c1c5c28bc529d2a7473ebf602815766b600e6d75e736c433c4efe35bc04be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab0c231eb5c4d57ab23b0c8bb9a8d024

    SHA1

    3472ce753a30abcfaa12fb03c662ab04bbc5ca16

    SHA256

    be5fe1d58678a42de17f5520f4f14a68eed160c2b9d3373b420291b02260c3a4

    SHA512

    4576b7625c471153209f231e351ff1c669071e1d6026148a7355890a9cd7be99456c4c5ae1d377fa90f19e6475d63db2a4525d153cc3f1c756f9ed35a77ff2fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f199fc0aa54ef075b7a252fb19148039

    SHA1

    0231e38eaea971046098a0996734d2f4550ebdb8

    SHA256

    56c2ce1cf798e0bb2d7152d359711ebf0ce8f6f3bba1cbf16ee0180cd207fe68

    SHA512

    b2ac903c091e6a27d97a57e646cb5f9faa0dfe732af2bbb7e9d1e65daee782b86b448a305ec08490f21db2f4b83a61a5a3b44ce1de9be6fcc8e51c6b24bf4736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb9e354774bcb1e68a918bedbad49317

    SHA1

    36f54902736328b3a9b68a4b378a42ecbe230f3d

    SHA256

    62b7b8c19e136e9fdc0d0e423c0d52c3d4c3bba7dae42a6a4ba67118d8750477

    SHA512

    0e1623d319d27250b4af6236e7af7e548c1d5b6d09d5a7d6f908d244beab8e31020643425e09edd4331a20f26be5c16133968ac3656e162b3a11618f33fd78c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4e8fd51296c3fd52454f3f5cf985523

    SHA1

    35ab8557d11199c8688bbc5f711f3d8a34759e0d

    SHA256

    388a4abc973fe41a1ab0a154e412e94e63953d05877212ab5f5333c60adcfb15

    SHA512

    7b1ba24d352c9766ba10dec5d0d75bdb961686e387be65d21fc5ca2b3f50fc2f57231ee9f461d28c8952a2832600db5f570be1df5db7f9e6f6a62cf63c4ec5b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02f93b103d2ec5e63ad0b62fe0222c46

    SHA1

    c803e9ce3411480406e6cb20b19a726245542721

    SHA256

    8e81ad97d06131d477950a913dce17faf14630fb7e8aa2944968a30c340dacd6

    SHA512

    d0865c0c99254aa1bd74695ce44ec004d006da80ccb7f29c8af9d5864912f6c64d757061dc8a4a6ffb74a893553d314b762788ecfa2af93a786ea113cda90b85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37565e3b03e29b2162decabe8291c0e2

    SHA1

    b9b504c0d860bc900b042b294b2e6238e6f8e451

    SHA256

    076c1ac54dd1a76331a26f0f750a8b024c110b9e36f7654b4baaaa30562d0398

    SHA512

    e220be7099a9c88a4fd06dc11496949016972102a3da7cf8631038a9f34caf4a07c5a261bc3b85874602fb9e243d802795bf96c70fa9cb76cd3d0423b6608a55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60efa7466c118b86ae7695de0e5565bd

    SHA1

    ff0c3305f17c15523712ab708ea6518d1f0788b6

    SHA256

    8bb82477218d7506bd47bfc0715124c6980f79eb735708658891acb2fdc59cac

    SHA512

    76d4e1a89e7b53ea5d46ecc83ef5bffd454ddac20bbabef6bcb8dc73ac6caadb5bc50ef2504a1a821542cfee26b387fa1817694e16d7d7744362895edecb3457

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2889e542c4a03e74f276b73dafa8b16d

    SHA1

    2edbab68d55ef995349f46a7e09790c845565284

    SHA256

    3798e27a44334e22ca3b801fbd357d751cdd17c99ea5d402097e230167e32527

    SHA512

    8adbfea462f906845ddf9797a6b085b583bdf32c244489dbc89685d3e4112c0457a74d9591a51ec8781760c22e4f780e7cebb6d9a21fec06221980741b34218f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e93cc34e3bb4b1859bdcd8d50726677c

    SHA1

    51c98c62e83988ad83daedbfaf38cb9954137148

    SHA256

    60c2c31d07a917bb2e0b5264bc2a5325de6198db002f264526f4aa42e0f2c5d7

    SHA512

    03ef1b1ae503ddabe4e5e065e1c27d996193bf04fc16f1fcca72061b562a49d3691a1934c735ca62afca734eccf615d035454e28d190027400a2874e2d61ae76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32cf01233c7d242227f83008337be482

    SHA1

    ce305ded6b6a4e4210191c303b95f8932e1a15ba

    SHA256

    c9e7fbc81332b498a5b058ff63efb13a0f90e26e2a779b49147c63d317b795fd

    SHA512

    74aa95b27d2eab55ca215f7a994cf5c4f4cf120364fae289697b3b0dfe22de679eaf8cea7c19fc1c78c54f7a863087dae42c8eb3a121324d0e0eab0be64e8300

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f90afd4249d0244fcc485e47dc742bcf

    SHA1

    434cfa8192a4d9768d312d0f64726384c57e60de

    SHA256

    c22080ff4cd00c98491dc155bbbb511ed8d5f206ef0669145c613d8f6698d1fd

    SHA512

    d6f26536bc3b19d544d6115f4c02040703f2ae9c8b3726a75256faf0e3fdc26dd793bdc89437b600fea33f991473c88b5b5765a66aecb626d2b0b2c6bf53aa19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29a4108f14b7dcc682e750fabcd5a8b4

    SHA1

    59dc117e8c3d5017ff59722ce20fad1f61d12fb3

    SHA256

    4015ad261e7b3b93834b0e94887b4f4d68382b37ca70ae4f7aea25b05c38dcd6

    SHA512

    14310d80abc85b21ec8ac3a93c471121bac12044b4aeed7e8c50e07fbbd33015f1a033b0bcd284eb7d21cf0afb1d792fd198346dec79a722f7389dda7688fa26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    054b392ab35e1bee786d516b3ece1c02

    SHA1

    d2bdf7c860418ba80b3aa686a45634960a2da43f

    SHA256

    7849347636bb5a2f6956465f7584195df71695463ce49166c58e8d38434fe752

    SHA512

    e1635731bd6445e99b35d03b29f09ecb85b497729ad4a76a735a083ef6832d3a844eecad81a1081a9cd2a7a03b190b261afd45fa63074deaeaa7e26705330770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9497228a1bec157de14573f0e31a97e9

    SHA1

    c66d17b8c1659084d1bc142417a259e5baf5da92

    SHA256

    1889929d420329b8c194309c3be974b888dc2c256757ef926065efcee5e2aeea

    SHA512

    7f0398429958500c7dc690e399a2e64a7d7e43e0d7f19c93ad37731fd3de689ad9dac2a5201a7fbf3717adf3e771284a5420d1155bfb8788974f3ef5bd412452

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5E59.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5EE9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5EEC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2188-1-0x0000000000400000-0x000000000052D000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2188-0-0x0000000000400000-0x000000000052D000-memory.dmp

    Filesize

    1.2MB

    Download