Overview

overview

3

Static

static

1

热血江�...��.url

windows7-x64

1

热血江�...��.url

windows10-2004-x64

1

热血江�...�.js

windows7-x64

3

热血江�...�.js

windows10-2004-x64

3

热血江�...��.htm

windows7-x64

1

热血江�...��.htm

windows10-2004-x64

1

热血江�...��.htm

windows7-x64

1

热血江�...��.htm

windows10-2004-x64

1

热血江�...��.htm

windows7-x64

1

热血江�...��.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    27-06-2024 07:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    热血江湖全功能小精灵 V18.4/热血江湖官方对按键精灵的看法/热血江湖-警惕�.htm

  • Size

    11KB

  • MD5

    036db95d534483625b56d885a3cba275

  • SHA1

    490572f9231d4f91da224c7ac598260a970bd5fb

  • SHA256

    942a2f3ebae10e345cce80425f50a3a9bf71ced020b7466853b4caac5be7f8bf

  • SHA512

    9163cdd49982898a300c5fa25d8f8802fba396cf5612115d83bef57db6f7d6a4cafc2e4e180be46bd3c31efef529203a6660fe7bb64a4d416881b8ded9375ebb

  • SSDEEP

    192:g621fs6ZIveGKKaqqBj0Hi3nW0w0PzB7l2I/PFlxfcJ10gA4SCy6Bh6oH6a26LV:o/1DKaqqBj0CG0w0rB5Xbxfy0g+u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\热血江湖全功能小精灵 V18.4\热血江湖官方对按键精灵的看法\热血江湖-警惕�.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    7d04f0329514e48b2dbe4f6e47af54c8

    SHA1

    788a742168911b241198fa759ba79108888f1863

    SHA256

    f9b0cbb491c56ac6d7e49624b0759e622298c46b178c711f9e1bea04a4bdcbaf

    SHA512

    bf72a8b602a542c104cf68a1966137e338db98b28591208462b498fbdd09e6ee349636c1bb9817a7e0f27ce2367014364c332c1daf0755b34de6fe37291e2250

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f77c96a49a5284f9f1164ae2da9b978

    SHA1

    fcfee9a0a2f5b4eb9cdc0a9d974e5857dc8c56c2

    SHA256

    da193f3b6cae8171ec52f7d594ecc4c8dcfd2c4e26e220a68cad940be8e049e3

    SHA512

    c66fb867b2b0e91c2e5a10d365ff8074494fa4b852c3989e2439d60811d3e788219c5121c98d359183d475a1a15a90c6e29f0ff1744677685e671f6d73f47ccf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c16dfb6567c68829e9fe77aab3eca94c

    SHA1

    f0aadde3c14ab8d3a91f611e8b912d010976efad

    SHA256

    afd347606709d616201922961cd907d20c3404d7ec99e8c882601d8d2d2f6392

    SHA512

    9454324a8ecfade97f74bef9f63f66e3b23e8b1722dbd9a3e48cd8f39be2b7efdb3477ec031177c8932aebf8c052c13b82134a21c3a14f063f1d6850bc3c8dcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ebc150ecdab622e63f79dcedc710c39

    SHA1

    5618dd2ce09d9ba313570f3e350afff7f68de6f0

    SHA256

    d053b65134f755152da57f6481cdbe1ab6f7a528f716fd643e49386cff275287

    SHA512

    61c338c6fe74f13de6d5db8f1ec645c853448396f3f937e834eb1ec6152b051f9cbe5a6c3888645b4b945fe7d885896d4b3885b8d737f1f38ea8e0522e969909

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceecb8606ad33665ba7ce563998936a3

    SHA1

    17d9ef8762089f0e0c35d8a1371e63a294af7d8c

    SHA256

    db19f9259aa568165719f08b967a73f8567bb6ef4dafa3acb7cb12d8579babe3

    SHA512

    6aa20cfdaf3461601c0fd53239ba5bd9220124b3afb0c37c84d267e3f36ceea5375cbe0e2b147357ae42b837edba3f81327e1f49dbe49e38c85870dde643bd56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f30bada6821b9a28d49062dd277383ae

    SHA1

    43105f6584947bce0da3946d35279911231b285a

    SHA256

    e81492680220b596ec877c6908954957a899dd0c265df37d32c430e580b05f78

    SHA512

    e78e51838a8323f3f83c88a864b67215490d3cf290f2eb5253d9538884324d1084517b444bc8ea74fe6a7888653385272377b8caff6e6bc929fc38ebd8953f1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    287c9bd18122a645bf83bd26392c78aa

    SHA1

    16dd98b91fe0e1b5308fc4b0d3af92763635471e

    SHA256

    5f294ce7e37896978ec72668bd9b3219c12da5852bcc1d4b23d912d8c5c596c6

    SHA512

    61cd5ec03eabb6a47c0f8e92fb2d907b1f78f4559604eca6a02e22387269dfeae391bddf977c78ede2d720573f15a46091f8803bc528361a83a77bdf591103e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a31fe56ea080b065502c505a32d80c5

    SHA1

    dd92db9474a5e66872e014fca4ff6ac78ca2b30e

    SHA256

    33ab3f1320772295093c61483089e868c01222c9d4a5b41a834dbfd105acbda3

    SHA512

    8c000d769bbfe1276e6e6f4e00b60c46a6439280c8f2c2aa4a95b9bd9bbdf26adaf8c3bc774eb79aee98452702d366b77308cc3cd966a4a10d54fe086cd25f02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afe20a49568dc9423819e5d4b907db87

    SHA1

    373019ca80c97bc06e495bce973e70aa421a8f40

    SHA256

    12ee12092c0c23cb79279e380c71f0ce37f7bb5a09554661dc1dbf4e342f86dd

    SHA512

    c53161dff02cb90798f1841590348292db372a1bbcf624059741021bf35717418893f6ee364cf935b868d386a89609aaaad1c2d0fdeff63e0ca86662583ceaee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2ad3a1fac85709e1b2a2941acced121

    SHA1

    55b06d61fe3752c8c077e2e6d0ce2135a4e996d5

    SHA256

    b4af0876989819d2ef16aca275ea8648096497599397cb61d02fb5154556a7be

    SHA512

    9cc3f0aa0997d9c077bb87f7ce70654dfc2929a15e8a9df03411c0504b0a16811657ef8a8dd7cf569d40bdd9c4ac459f99dc0428dfab97dd15cccba2848cca98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    517fe726daf292a6e76f908fc98a526a

    SHA1

    f8be43b2960536d921caba34e683ebdca140f801

    SHA256

    f0454c5c8c7a45c3f8c2d768dc6d4502c9013549048b83c2450599d434d94a99

    SHA512

    493dbc84d3a383efcb0930c22523dad2c2bb3e98171b32f26baeca72b56825429c8d0904692e6ec512817d07a98d0878a2bfb8d303492b8e1617a768d2d85e32

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab18DE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1A59.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit