Overview

overview

3

Static

static

1

YUKI工作...ok.vbs

windows7-x64

1

YUKI工作...ok.vbs

windows10-2004-x64

1

YUKI工作...us.vbs

windows7-x64

1

YUKI工作...us.vbs

windows10-2004-x64

1

YUKI工作...ob.asp

windows7-x64

3

YUKI工作...ob.asp

windows10-2004-x64

3

YUKI工作...ve.vbs

windows7-x64

1

YUKI工作...ve.vbs

windows10-2004-x64

1

YUKI工作...ow.vbs

windows7-x64

1

YUKI工作...ow.vbs

windows10-2004-x64

1

YUKI工作...ss.vbs

windows7-x64

1

YUKI工作...ss.vbs

windows10-2004-x64

1

YUKI工作...ro.vbs

windows7-x64

1

YUKI工作...ro.vbs

windows10-2004-x64

1

YUKI工作...ct.asp

windows7-x64

3

YUKI工作...ct.asp

windows10-2004-x64

3

YUKI工作...te.asp

windows7-x64

3

YUKI工作...te.asp

windows10-2004-x64

3

YUKI工作...fo.vbs

windows7-x64

1

YUKI工作...fo.vbs

windows10-2004-x64

1

YUKI工作...ct.asp

windows7-x64

3

YUKI工作...ct.asp

windows10-2004-x64

3

YUKI工作...�.html

windows7-x64

1

YUKI工作...�.html

windows10-2004-x64

1

YUKI工作...in.asp

windows7-x64

3

YUKI工作...in.asp

windows10-2004-x64

3

YUKI工作...dd.asp

windows7-x64

3

YUKI工作...dd.asp

windows10-2004-x64

3

YUKI工作...el.asp

windows7-x64

3

YUKI工作...el.asp

windows10-2004-x64

3

YUKI工作...it.asp

windows7-x64

3

YUKI工作...it.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    YUKI工作室 v1.0/YUKI空白页.html

  • Size

    2KB

  • MD5

    1741645268b706049655fdef7d31652e

  • SHA1

    2f68c63df72c3644acd1c5f4f3fc698e1daa8670

  • SHA256

    082a2a20f787a0d1772f75c361b3002a9f13785f5c2a8e33891425003ab1c453

  • SHA512

    a2db4883bce82cec67c826b809995c69c987f2585f43464333ba67a7c3f72d14a3b64e030c6afcd0b2f35a22cb376ae534b73b6e28b9c266e3c2c17cefc4d1eb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\YUKI工作室 v1.0\YUKI空白页.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    445cfc4511a2550b162bfa6c55325641

    SHA1

    bd4144886eab04dc5391a29a1aa301dc3c28d2e7

    SHA256

    56fc232ae2174faa5b66edd8edd7c5495d8b97da71a345ad8989bbf19b1eb8a0

    SHA512

    a432fcc21b7473e5c54d86e96ed5070e82bc10ad4b6b99887cb59f11b7ebd5b5ce44dc72881b9d9450467304a47704addeff870c9cd108138258bae67b31c258

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ff872c3fb62a2e622ec87811b5c1405

    SHA1

    f3023a4351432dbda1505c3d8b459f981a14c889

    SHA256

    0dffc6bdd5337ede41635b13903bdea2d7fdfcd83a0a3126208c97ed86cca72e

    SHA512

    9266b3312ee09fe5e5eb272f5821863f286d867014cc65be6d7eb47a17435cb7bfd74102abbcef193979a4b87d26f648aabdb22d2f10af8fffb78027de40da67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecd39220ec0e951b0aa68ecd8e41c26f

    SHA1

    013e976a2b876ad8d0e2e5fee03fef9bea919939

    SHA256

    cc8cdf6409b76f8a88c45188d9b20377c267642a16e33e52f5ecd45236612d68

    SHA512

    d0d7ce43ea016ad966652755de6e1eac629f24ca77c8cc84906d439cc1b9439b4c86c76b1b649fa3247e540bdccf5ad026a52eeb37532a4ac9adef61abf84b2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65a176e9364f9c0dc6484ac3adf07e3f

    SHA1

    25095a91c3571bf663aa5a8dfb1d458430f458da

    SHA256

    31f918c6114bb87c1ce595237b51445785180f61c32f938549b572d08d178b3c

    SHA512

    de635ca0f8d49a91e0d95310e9857ec53a72e2246a661b15ab6a3a73bce74cd3beaec182f836bbd0abac16e6ff353c77d62bec235f114d6742b60b7ab279fcf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62869d3aedc47ec877de090fede798bc

    SHA1

    b76403aa2ec932d163d6312890405617f13b4a6b

    SHA256

    30a34f735a2d6326488740adbb6760f8bfcf35dd01cc0bf8e66c0b284db2b559

    SHA512

    5ed95a76d00768463183c798ec0a586ca46c0d381e75feac40625cf98c07ee475e4daac342163f76dc92989432c50e197b1de45e7aa6e339d12a33da21e1fa23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cae382c45208e7a9c3809c152a7c37d7

    SHA1

    16525d1c68b7bbd8e0906677f6183f5ed1175af3

    SHA256

    2a40272a26715f7bafb51d508d1c24f09f596457cb462da2fcca0e75ef379d30

    SHA512

    82ac7d0bd237d28e0886d0d2ca267eaf315b6718b51e67dfd814ffafdb529decd39bf43bf8015197ba72404429ea31668059300b9595c1662d968b3ff3b513af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15a7aeedeb37436b57ba32fe17983b17

    SHA1

    ccb023fdc2969d72b048bdc91f6d90151e7c6886

    SHA256

    4025a9cc6cfd0f1f4b0f45cf0d7f8c9135dcef69a9cbbdecda2e15dd192fe1db

    SHA512

    01e72f6ca34b1da7e214ad8dfc44d3b3bf4bca1b1af4e91199b78dcce13cdd592fc23bf7e97fdffa12bf38cff4b209dc1c5534e1b9c4365396f6317cff276c94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    885349849c09c1dca629ca07cc1ba093

    SHA1

    ae272b6b656ab4f10aa253d7624411fb5317fd84

    SHA256

    96e76c0ca0c9e9931036c3c6c06a8240e1e95cc8ec06796a2c836a171dcbdc60

    SHA512

    9a3452d056561bfaec1393efdc76547b49e45f6c15f2a0fd33ce6ffebde07896cefc83b7c58863261d23a693d385ee6da05849b584dbf227d6308584424698f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee51dbb75500a9839f19c7408a48c545

    SHA1

    c3e48cc96786bcfd815b844aa6a524945187b2f0

    SHA256

    1812216b49074465abdf7f905a308daee27e7f01c0367dde9eb6ce72ca7c8953

    SHA512

    04e5f6ab87673685ccb94f301cb7ae292527d85d4d78d3aa408804633896a6e5ad3a2f378761a26632ad24991a26fe02c2c6cc7e7563f5d6e6a9b8a44e83a29e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a9df7e26533d3326e1465968dcebb15

    SHA1

    8f16f8b9c921ddf35b2c80eb670ed215c7c582a3

    SHA256

    cdb2cea4264ef0ae24536313de275a658482b1616c80aeab77bacad1e6040bb7

    SHA512

    63e8281db6a5e7231910074fd2877c5e8e0e693ee2a68431b651fcd4218f8b8558d28400b9c2879863d92794eeb28ae293f1837e349b9509933c7abc0ee6f712

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7a35dc5b63f6a320986c8af59a69516

    SHA1

    9bf5827b195756076e30695eeda991c6c7f41824

    SHA256

    ac33ca69734b498c1ef3c53968cda53fba127a60888a0dffc8d01920cd3d659d

    SHA512

    5ce944affae368f4d53ce55969e42afb7c59fef002211569fa0b723fe98dc4fbd82b90f30fb163fc521da84a86c9aa18d528a1290f2505116f162f515ddbc8e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    095bcfdb36a6e4aa39673e5ab08808f1

    SHA1

    9241c34bc68d66e47e846439415a2024da6c42e8

    SHA256

    c81246566b49ea020fac3768bc737a623b3d10f97388bab1aab98fa45816a567

    SHA512

    61fa7890fabd99c7effec91b853d1b4a18703a85eb3ee7c718fd0f5015cfe2d7a8ea6f45dea98d6a6d28da0d18dc1a35c7fce19653675ed5c49b9ef8fd1fa7a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1981ea053503ca61c91ec64d34ed6c5e

    SHA1

    b0d79ef2be7c57fe416c8abf7542a90ae748b30a

    SHA256

    1997c8d21c27d8c842dc027597e1cfcd952998b5075a1c112d400a6b7bd1278d

    SHA512

    439ba023fa0405eb2b954bdc8cdfafccc4e6c1ef8b0c846efd62d46851b3a7ba7b5b8c2dc2a7843f8054f71f90040432eb0250c5b8660f33e10fd2766bbe14fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7de29f3adc5a68273c82926e748ebdf

    SHA1

    f16d16704289286141c664aa0fd51ee3e0e4b7c0

    SHA256

    310aa2c43aaa04b12e4e8d434b293da6fe19c0e3dbcd075e8db986a90afc75be

    SHA512

    108d9db54bab2813b452d2fb10a0ac232af0a755a03e320e313dbbad34ea5b83cdd748cb63b2c06cd8ec68ef48240a32497f12e1bcefebbb4112168e2bd98543

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5a635931db3d8506a05d4b5d699e98b

    SHA1

    b3fc9da3e8e147d69dd9c3737c7b957b9105ca6c

    SHA256

    9a76485df1acddd27f0ea5f8ec9eebb5af7c31182a8f70db9f512630dfb68c0c

    SHA512

    78766891f4821b16c959ea47f1748842e0f4417e8842574159c8dbfdabcfd08a9a8d859fd22b63fec1bb7323928da14727586d1e53571e0c084ced1061c515c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    259d25444b053c5a70a8fb3d8cff8415

    SHA1

    d9365187752eabf76c01ceb0e16ea7c1e8f6cc9a

    SHA256

    db91783e1f2ec7f1e6f3aaf2ea4db2f66470b94f9318ee51a6fbb978d78d59e5

    SHA512

    be05a732f93c676c652c52234d4def213ab9a0d439fe7f24ae77d721142aa6c1d97c65a94011143040c3f2ea0b80225c8815b5bd2d1af2b682ae09297aee5457

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    826f93ab7b1b42c36f892af7b0e779c9

    SHA1

    c1be711498d02ba39a22de79b641338cd0ed3f75

    SHA256

    76ef971650635ad011f42728bf9c7acea7855f00fa7a3323f1b6850ef9b0bb8e

    SHA512

    d232b7c21287f7b468ed2014553ea54e1344cb08f0add3a2b654f773cde6d939c24aa9b2b75d99ae1ed9e0a5d4243113ab5ed52b32f81cb76bedf8f3768dc4ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48f96a32139aa6a3525d06b5587d2f91

    SHA1

    c2762019824f8b340aa4d9c86a4d1fa9de86b262

    SHA256

    a594a7d7be2bfafd692ef74f59bc93f7315d8339ff8d532fa422e4ea81eaaec5

    SHA512

    24bea18558c1ff5f8134fbf67baa50633c4d64906589a8040c5e9569ac820a84333c29839cfa97e7e6b6e13112cbb093195eefe8b76d5ece70532ce3eb5beff1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD21.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit