Overview

overview

7

Static

static

3

02a3142339...18.exe

windows7-x64

7

02a3142339...18.exe

windows10-2004-x64

7

$APPDATA/s...on.dll

windows7-x64

3

$APPDATA/s...on.dll

windows10-2004-x64

3

$APPDATA/s...k.html

windows7-x64

1

$APPDATA/s...k.html

windows10-2004-x64

1

$APPDATA/s...k.html

windows7-x64

1

$APPDATA/s...k.html

windows10-2004-x64

1

$APPDATA/s...x.html

windows7-x64

1

$APPDATA/s...x.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...n.html

windows7-x64

1

$APPDATA/s...n.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...n.html

windows7-x64

1

$APPDATA/s...n.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

1

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...n.html

windows7-x64

1

$APPDATA/s...n.html

windows10-2004-x64

1

$APPDATA/s...n.html

windows7-x64

1

$APPDATA/s...n.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 04:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/seemao/config/map/www.99kaoshi.com.html

  • Size

    1B

  • MD5

    c81e728d9d4c2f636f067f89cc14862c

  • SHA1

    da4b9237bacccdf19c0760cab7aec4a8359010b0

  • SHA256

    d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

  • SHA512

    40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$APPDATA\seemao\config\map\www.99kaoshi.com.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1708 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    758c5d749b27c030f6239761d4be44b4

    SHA1

    f19f877d93be97b37fc24f80d24c2dec792512d2

    SHA256

    2c7cf53c14599cd7ffa3643273b6f84def21ff9228e07e517c98e62aa4f40873

    SHA512

    3a91ff2cc07f02bf0ef78bfd978005ff3918a8247318d29811ef27a19b98eb95c631e20b49d62c0ae3e202ba5ac7733b2296c41765cf20e29e0405e0b71024f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee1ac90d1d31a76f0c0c8effbbff0f96

    SHA1

    6977379a645e52c627c47d91af350bdd251e308c

    SHA256

    5b2ce8ad5e027c5ae06eb0f98806c0234aae6d5fa093ed6fb21c41b1579a8493

    SHA512

    e310c037824d624ecd7a9b2f45ed3a6583e582b3d2b6ed0f4da136eafb1f4e170708d001fa646aeb583bb4587e26b9d71d39d205085742e7efb7ab320a844c2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ded8bd8740cced249ca67107272c4022

    SHA1

    ca6bedbe9f6ae0265420ea7d3976a7a1c664f1ed

    SHA256

    d2a20409e0ebe7f53476fc7403a346c62f0d0958a11f009f7b0bfe874732dcc1

    SHA512

    c996e4ae3865c7d3d388fd7fd4c95ef9e4e5560b7d52caad1533b3b94abcf105fb0c59d90db5390adaa67fac5a6262679e42096c32441f7d1ba48db014de0fef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c15b45cc7d5ae7151853ff9301358f6

    SHA1

    b516e0610d6e59e02fc19000bb2ee5ca9236aef4

    SHA256

    8f19041561a353ba57ea994943146335c970d64588aa45a74d59bc6e3cd21915

    SHA512

    0d75d11b764e62f5f442f436edc11a330c497918c245335d681fed8b6d0ba7695064962287031e89348735550dffde113d1f39f83c7eaa5e5d1fa47daef25d7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba767927c5a65cbfe6a1b68bcf6c67e0

    SHA1

    9a35171f6b109bb720af7f6d416d865b0ae277f5

    SHA256

    798943b4259fb8d17c39ba6622358257fb22e7b0a7b249c4d27f82be40e7fca0

    SHA512

    bef33c44f38877b44846e64e51afc61e1a3549a796f235465a820377e197ee6ebe587fad842687807a85f37314f31ee3bd9002613466422e592355cc7d603e5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5600fb5bd2f1e23ad7d35c1d15ca3acb

    SHA1

    43c2e9ea920d3827df40795671a6f991b85753fc

    SHA256

    168daaad85f4db1dbfd38fb67a9d122fcad3c3f5a2706bf7c03a7773fbcaf46d

    SHA512

    453bda8e96f17167d133a58be39e715b0ec4691e55e2fe9ede95dbb695bf7cbd897c898e4a6d190676faafb9cb08571a2a1055cfb5940e8d4e19b83da092e1dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18ee3d73e9e5fefffa89b023759f91a8

    SHA1

    7b63604b05ef1643cf848b0c9695737447146826

    SHA256

    1aab88e947246320ddfeb08f0a50368025cd3578fede5ae6af7379b01b58496c

    SHA512

    c703a975cf1ea42b3d1dff822994314b8f0384e4f6f8af5c36b844ee8b1916e3e4281ea61966be4410bf89c6c9c7847cc7fe83f122cbaa389a88248bbfc4f7b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2eaf19818a2ad7d6bc4c7d20296c0ee8

    SHA1

    454380b11e943250ea1d5412f4396604287e29d6

    SHA256

    d1492e29f5dd117371c9b859c8dc079eeb94513fdb830ae9a8795868f404f8a4

    SHA512

    36ddebcbd388f9940624cf63a1767903eef340393f7a73cbe612d9ed29a3aed986ee09c7d4b68c583dff2e6e8147b94d8380956b5519f5ec81c7bd90f5f4dc26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c6ca3334b7aca25b992197cfeb6813c

    SHA1

    428171cab73d9a8a5f79368cb1021186ccf57ab1

    SHA256

    41e16400cf0b72fe7e540c6675e5fa1884dcafd17f531f6310296bf50f9e532b

    SHA512

    a2d62eb395d73616bab19113d51aa259daf0235b5936fce1e8a564f9e5b0705fb75beff754c092ba0a0d163137cbae704ce26a31c1b6ee74aa7af0c6bac2de44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9ef43a3d7d4fa15062c14a1abaf4587

    SHA1

    b4c3ec8e1d728f57568ff0d0c745f638e0de6c60

    SHA256

    10a68ff1471601b38d472b2ca5b50bae43b337cb27a5902c3c06af164cee6462

    SHA512

    e93a174e1e3256e8217fce7e2ff422ca03fcfce310e32505a851068527772f47e82f459e62e7538db3992df3f68d143897e3ebaef202ba1327f573e41d8abcdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f49c7e08fda0ee4b8a2eac84995d562

    SHA1

    22f62cf7a8e00a4d8cfc9d0c9e79532b7a495367

    SHA256

    2ea484fa1ba5999a13cf4ebc85fdd722ef7bb1cf0de3483f5ff4fc0b49299434

    SHA512

    622dad737c14ed1fb91de3b8d0a02b2b1697d73a447446fcb39ecdc532e16e3383cbff2f60c60ff212b99ce84d21a15c1fae820171a548035bef3c7a1f6a728d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a315cb6b6d0a8f900b6668b24951ca82

    SHA1

    522fe0f54eb9238c460d3bcc41972f8ac7fe3cf2

    SHA256

    6d8960e68e88370e38f85a51ac145f544b89c30a34d6479c64f1e4b16d5fd330

    SHA512

    ac016087606f04cbd9c462ae457856e07cdb23deb249e226fc93026e72ef7dfaaa21a293aa6ca71c216d4025b8aa9529288b15d193d3608ba81c20660cfe329c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1cfdce4c061f03236fb3718d6cd5849

    SHA1

    0603f3728fd6454c6635c97afc60ee581f548252

    SHA256

    0d9288101c1aa4d59659463947822aedda0cdefc46c7b5be2ceb18d839f23e25

    SHA512

    ef8736afc6e2520f39abe9cf3d5ef10ab99d35c5d939bbb04d4e4d6d1da667e0a035f03c55db1c5445c03f5697100e8fb29d6c7aab10a087fff889647c1586b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d78ac45096b279436d1a5e78beaf6c9

    SHA1

    5cadac475ec9993cb1720237c952ce698356eb0c

    SHA256

    7af56c04fb578311175ed07752120ce162818ac17289fc51de53936f10f0c420

    SHA512

    2ac1ee329be118273898425dc49b4ca6da9aa7c7baba23233be6b158c668d7fc6c743cdb7bd73b43930efdc53fc6fad087a9bff0419d03e37fbe8333bcdc5b45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7036e00e98695cc2cff7156f34f0e955

    SHA1

    9782aa5c12fd01ae9fdeecb4032733f0203a9a3a

    SHA256

    319d16729edb5569d905aa5ff0106b3d437fb4485e550dc3a5b5ba1545a20123

    SHA512

    4c090bf9fcfc8764ef401d3e44acd7c35b6140b1357a098eb4ae5c162783da314a5aa96a081541038df15c0e42cbc096ec06fbd1a01bb7d326b99305b7a0ddbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0465261f3e586c19e280f0b69149d3f1

    SHA1

    8d99d62003cfb8ab3c83d65d7bbf27c6d290104f

    SHA256

    4f3d2e44ed9d2a3b4d14d09e9da4252f349de75ad5bb5a7e9b3a6a3134e23dab

    SHA512

    d487e73ad2fc7529bcddc92d3d28e27e69de4595278b0682b40425b1d000907a5c6015201ce7399cb46fbc108982d172ded8ec8c7b823dfe6a73e61a09b005fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5268dfe7546101475b62527dde3be4e

    SHA1

    40cf7ea7f7191fff1044f683bf12fac3989f1920

    SHA256

    8cc2950f6a46ddcbefe51aecede624dcb398d216c486153f30a0060130562ddd

    SHA512

    7f8714e00e08bd5e173b5561271d2948b75c251934ac0dc7bbab7870e60a985ba4e22e947ba862ba1e0a076a4b86994ab46651c16b254401c8e0f881ed48fb26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fcad2bc53adbdd952dbbf15c5496376

    SHA1

    c9facc8e690ba645d1d6e0f60aec77422132dd5e

    SHA256

    ac82cf171dd0451429ae57bb0f7ce8b81a1c7510b3746382f3cf7b02219b6afa

    SHA512

    815f5efba51c8141591bbd80f12a2d22d7959f1937c573a0065b2e9ac9999f4724c742c41bf0511db2f2939474d17592c425ee413aea4a6b1e08fd93b9b06051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c51591c814ce85dc1acc1b4bf12708d4

    SHA1

    da63b0f6156e59adb6401277c7468c52783b43ec

    SHA256

    0a1f1e4aa3dd87bddaa0cdc03649da70a2d56af67f4cd2b82e426f5469463bcb

    SHA512

    6d6f02a63068499d49396c2e310027c98cba012b3b6ddef91e45205066bd81dc9dca797d76f0af25faad91db114dc450c588de7c8bedb76b9ecbf728c839c35c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3804.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3A9A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit