Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 12:50

General

  • Target

    神笔屏幕写字软件 V1.0 破解版/更多精彩软件下载.html

  • Size

    1KB

  • MD5

    46953ef3bc0d8d733fa7cb8b7c6cf129

  • SHA1

    d8603dc8754a0dd0050f4c4b9c5be43ea4cb3f90

  • SHA256

    6574f7ce986436fc3b72fb2b327195baa43ae74659c23c9cc74f47df091ccc9c

  • SHA512

    39108d220b249e9aa0aaf58a82aef6eb9dbc592f2a03a2fd654135110624b0805ea3e62523fdbbc1b3fef1c035da4ac706f99c6b72ff701213019441f0a4701e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\神笔屏幕写字软件 V1.0 破解版\更多精彩软件下载.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a410177643ff8d85b0dc52b7913f6f1e

    SHA1

    8d62ef6dba5290901f1e5bb376fbb7d21bc940ff

    SHA256

    0945c9f6cb2c149bbbae4932fe54e66535f9e909575937b2983ad558fa9c889a

    SHA512

    f3773453b0009989a62e74e2c887a9d17a87e2465f7ce51e59a1450a54cd5fd1f50481ff50abbf6a6c0f510db55848d7463cb8227ef344e91f2c27524b638145

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4c0e22e5a4e67ad0a52721c9fef6173

    SHA1

    1aba8c4c51456e541c7b20182938d1d29d0bd836

    SHA256

    2ee12c88e0dd78d932ba266f39a089a32752fb97ec160dd9438923c567cedf88

    SHA512

    d10d5a90e0b6804ba7d008a2214de7e9ec879787aa3a05fbd62ac81fcc7e72239e3b07ed088995bf9236517aa2885f80f55e0b1fb7a3f96aff2b342e3f2b12b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86221c37a96e796be6645651af62b625

    SHA1

    6cb664603002e519da25cba897060a329eae793c

    SHA256

    4748f34934f8ddfecdd7ec6dd233a846e3abff3ebc2886e1cc0acb0b7cbfb353

    SHA512

    d3aa951457da109b16832324c8443f62d96f227cad4076d02f076e9e190ece7a646c4d31ae63f5d93b056dc620480caa096b7ec00b4eb3f46c7bcb0f42d3d28f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ab3fa1288791bd1a38a9f623836303d

    SHA1

    9b43026ea5e08a5bd3229814b9821643a9e89fee

    SHA256

    388d003114df170b10d70fb352a54faef7fac915eeab06356e777c342afb203b

    SHA512

    57040b06bd6f28708518a2ed4769667ef52f1d7620c6ec2dd20392ae1d2dd023be3e1db695e76cd33a3bde0408060079eb72ee461490e027287ee7f6be2287e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    163b4c5cb0244d1bf4cfcf591ac73d85

    SHA1

    c2fc36cc20edc5729fa8d5922a0f691f1eff351d

    SHA256

    8dc08ef5dce6d1e952e41de4ea432d5bcdc0a57daaba7634daf9ccd4e98bb7bd

    SHA512

    1c0eff15367503820b0b5210dea5d95ed8b6cb0cd2054a3848296673efc5a484483b8990d2bae96494311873bac4650bcdd8db19eb152cb56878198db370e3d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a476588d79c0816fd4a92c881fef1ac2

    SHA1

    929511c915ccd5a2921be99bab1d240fe90e7ccd

    SHA256

    88ff03543831db7395e317fcdd8ad8c33ed8cd54c3a6b8da27413f806ab1bdb9

    SHA512

    2efdb4d1cc887ae885f2db629a1ed78a77b163bb33734d8f946bee1fd59e888f0a67476289f47f4f0ba21cbbd9131ed80b766bb9ae9b2f923a6e956cb4d10f2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08efe6b9b6a68e18f4874f07a8a959b9

    SHA1

    b324d29f3bdaf4cef0c8a0277e27e1d892cd64e8

    SHA256

    6246e7dc79deec02a2759fe0608f5a5ea9b14434a963992b33168ca04ae93b8a

    SHA512

    50aa3ef53ffb504e9c988140ae9bb3c05766ca853946d4948d6ea9e2ddca6dfda3a4b95f89c9fa362d084d53a4844bf7cedb1d73d362f6bc95f358d3b1f95bfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    098e6f91744d5e8f3faa515d84558853

    SHA1

    a9d9c07470b43540b018388102fe1e999e922355

    SHA256

    4469137326bd6dbcdb2fd3fbc4b37122001b28f4d5c5cabf5e4124608ba91d73

    SHA512

    04e42ed5928367c8f761c3b01bc088eedaab6078cad67dfe3031167b3a551661b387c967695d320a605a74518103f35940990df701c1142b3c1e3e61ffd3b5ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bd4493043b7b0622690bf72193bdca6

    SHA1

    21ea59e9ffe147ab6e96eeae06e58c387438ffbd

    SHA256

    d4e59217de8b68298728717b3f93923ae59f8198442ac2d486dcf2d4c3983f7f

    SHA512

    ff60cf5710cdc667753adf2a71e5ad6ea4b88b2548947e52532b5808d42004f28c8423e666ddf6735b97eb1cac445a4e80bf2bdcd2e526d28c23207698fea016

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd9e160462793f0ca9c692cbab2ea876

    SHA1

    4fc11437f495aafa444e3e9071f0132f915236e8

    SHA256

    5f4f05485fba6de5dd95113fdc6f823a0ed43891615e43e1708a65de98897925

    SHA512

    6330984b655e1b3b548df7b2ab8bbb77b6de655c768e2de39c9ed06da2638a7a7fcfc4fa56bf68173eced7b4b6b5715d756d585bbbe91eb7531887d62ff5c3e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa6a2114263055c501dcc79fd92f7fbc

    SHA1

    52c8dfc4aab52cda54f64713b3422dadd22825f0

    SHA256

    e70d5b8b64a829eb5fd1d989c369f9d2064aa2b3489aaa0c77dec05046b708e2

    SHA512

    586047a51b255fad78f80b9907dbc062ea60956cedbc1a789d3b6ca7d005d177ebe6feafb3acfbec66a760e2a5772a44d26679efb26a6989207d2b22beae69fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    745b828e1cb197b07156542e839ead9f

    SHA1

    114ddf15a04060dd04a5cf709275329fa9f82d0b

    SHA256

    d37b472fae828a25b1f911da070f82b568f348a9cdccb88c5b5f676f2832f63d

    SHA512

    cec3e2ef25f5628942d152ed3833263d0cb76cc6cdc7f17cc714911a83dd1bb4d2879f8c9f5eb0cacfc9a4fb49ca4d16241881e95c7c71f8c5a88705f9ce4e10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40d41940b46d79471539f05c51fa96c2

    SHA1

    dd9f3c5a54c94addab4a3fb18797c9f920054964

    SHA256

    a9628bbb8da80624b62b69447ad2750e60db4c45f208639b7c9a1105c68fd8fa

    SHA512

    0fc7cde042800a553566a40e0b349c64648e855f1f1b9a2352a7621bc9c727cad467b998469148cf7ca61579f1baa9fe22bc3ad9f2faa00ff2c6e9423ed13fea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b693a17eb3240218faa7a40d0d5abfd1

    SHA1

    516ce7f3a9ad090de81d8d8f690bb7d180cb2b0d

    SHA256

    667f77748b181222e609f31aa6d384fef534c649240d89472b91fffe19de3106

    SHA512

    0b5d4ed8b2cf4e2f7fe8f8ae2d5aa67c31c5fd74d186e08d2af934b284d94ee7205b06db81985bc808052b89bcbd2eba41a360decb1b14f7daee52a1cd0f4ddb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    698b444ef1a0c1d5d5b867d1b1bf6fb4

    SHA1

    16dc413b83fe38fce38c4c99379e87b6eb5b791d

    SHA256

    198e1f144f7bcef19e2b33f707cc781275c13a0f55c7ac7c6ab76f9735e81e95

    SHA512

    077c484f7edf600d816acef59ad529d20a8e21a59a023f8b5d2ddb111bda9cb9717f589fd799b5f09ac580b4f81c0da15f00ff193f802d00cfe6261decbaa5bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a14c09ae174d283399d7fa7d6febd8f0

    SHA1

    f662e427d9a4e7f7c726ca872668c3c50d3d9b6a

    SHA256

    611964a767e16159f92adb7a2fb413715a091f1adac43682311a8c53b8670908

    SHA512

    25079fffb76f7571a3bfce061f894fd3e89a6abddeaf3e3140a1916b48a812148f858626aa6abc7f2011db4c7a2d7bd927c013a77a4c993552e831bfc74d062d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee7fd0133626af2b64861b80ac67d484

    SHA1

    81ae13af45fcca7768f3ee49b9a2a74abd3b2108

    SHA256

    82b007d2b9f0a220b574437797297d65265f1c2c3627863a591e123f7c3a8d4a

    SHA512

    277afa2c81a656e40f8c33ddcf8ca119651ee1e61a1ae201da8f684dbba90636c33d20a05e5ba073e05e222f001dfdcf7eeb397a04712641ca714792a0c5a1a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32fa2fa1eeeeba9049e9460905c0a3a9

    SHA1

    a199869144121a5d35ee617fefa1d697645d2bd8

    SHA256

    0110ae3f2a9ff6afb3eb728c97ad31eacb9ea6c5c34c2c65ce09dd80728e4a7c

    SHA512

    218c6817b36a4e60fb986a459a59f7246cdcd952100125fa22689a2213188f86f6ca29f2eb3f5d57193628e5c415ff9a66da9c1ebdfe5f4767dbe0054ff0e23b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb24331dec334a88877cd80a7c8c13ab

    SHA1

    14ebdec21bf345247456d848bda9dae7993dc163

    SHA256

    fe43372edac869c89bab777a638966e54604641949a2509b9cf0c8c20d9511dc

    SHA512

    ef3022cdc44095878198f7234ca3373f6953b5a70d780ee8185afc299818723c2a0579a51e4f2451034d7cfe873d37e0c328e2a03e1f9e121fc6db7ffa7d85e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    784285be30292251b40c1ce788350ee1

    SHA1

    8d0606241a9e802f1bd6a9323e7d6b043da07d00

    SHA256

    3d02f21aac5c80ed3f62f9e2b5508c4b361760d2dfeb08ff59353ffe80030372

    SHA512

    97d49bd113c7f9b578c02bc52fe79fd1e1a897680d78142bc3eea943bf0c4e21470088ab0e5340dd3eeea0daa17242b1b335f73455f6734ff0dd9a20ba79ed33

  • C:\Users\Admin\AppData\Local\Temp\Cab35C3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar36D3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b