Overview

overview

3

Static

static

3

DataBase/�...��.url

windows7-x64

1

DataBase/�...��.url

windows10-2004-x64

1

Dingtai.Se...er.vbs

windows7-x64

1

Dingtai.Se...er.vbs

windows10-2004-x64

1

Dingtai.Se...er.vbs

windows7-x64

1

Dingtai.Se...er.vbs

windows10-2004-x64

1

Dingtai.Se...r.html

windows7-x64

1

Dingtai.Se...r.html

windows10-2004-x64

1

Dingtai.Se...m.html

windows7-x64

1

Dingtai.Se...m.html

windows10-2004-x64

1

Dingtai.Se...p.html

windows7-x64

1

Dingtai.Se...p.html

windows10-2004-x64

1

Dingtai.Se...t.html

windows7-x64

1

Dingtai.Se...t.html

windows10-2004-x64

1

Dingtai.Se...ent.js

windows7-x64

3

Dingtai.Se...ent.js

windows10-2004-x64

3

Dingtai.Se...ram.js

windows7-x64

3

Dingtai.Se...ram.js

windows10-2004-x64

3

Dingtai.Se...ram.js

windows7-x64

3

Dingtai.Se...ram.js

windows10-2004-x64

3

Dingtai.Se...ort.js

windows7-x64

3

Dingtai.Se...ort.js

windows10-2004-x64

3

Dingtai.Se...int.js

windows7-x64

3

Dingtai.Se...int.js

windows10-2004-x64

3

Dingtai.Se...ram.js

windows7-x64

3

Dingtai.Se...ram.js

windows10-2004-x64

3

Dingtai.Se...chs.js

windows7-x64

3

Dingtai.Se...chs.js

windows10-2004-x64

3

Dingtai.Se...cht.js

windows7-x64

3

Dingtai.Se...cht.js

windows10-2004-x64

3

Dingtai.Se..._de.js

windows7-x64

3

Dingtai.Se..._de.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 21:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dingtai.ServerSite/aspnet_client/system_web/2_0_50727/CrystalReportWebFormViewer4/html/calendartop.html

  • Size

    92B

  • MD5

    7449d3226ade2ceac638d5b1e3b31cee

  • SHA1

    0923d4e71d4d5c7ba76b09a93889583c6c6231c0

  • SHA256

    e127c520ca53789c83605481e46d30f97ecc9907764f9886575100c418d94b5a

  • SHA512

    c41cd79c8a4bbe5b19c04ce207f1c4f82199709ac868554d2fd979c5268ba93c3314e8528beadea831facc3089aada0eecb1a589cb944193c084c31adadeadbf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Dingtai.ServerSite\aspnet_client\system_web\2_0_50727\CrystalReportWebFormViewer4\html\calendartop.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2e17677681c4b815540deffdef51161

    SHA1

    e9bd8b905bf8208ae7ff469a7916b546d7b49928

    SHA256

    b0e663476328c401cf44e7f796dbcd17f84a8b8bdb53f8e449d831331fd64782

    SHA512

    10bffd8ef63c39ecf6fd17338337ac0504e228eaf392ca11740ee71372805902de25d754ecc99058900968e87c4a07117b71472a47c1a1524a526d96c2332602

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26fac8fe195fcd709166a546dd0ab198

    SHA1

    58450f4eacad101f4829a49c77af666373fec33d

    SHA256

    64164850b1169fb6b1adbe302b00d4ad2ce86488a646b7bee84e1a9fe7fd7bda

    SHA512

    432ddf35971f6a38085cb4d0ca75be36e6133957bede4e160efa2433f6eba2e8d7e6bedda6f17ec58624bc5b961243e734b6834d74be335443f69fd9388f483e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc394bfce493a54abe7fc33c9c56c692

    SHA1

    2697e688f8437c5bf57a9147dfbcf7ab47a70803

    SHA256

    7a2a37804bc1d1b2ec53218babe35e7e9f13eeb64807bdf926ad1638a8d0e727

    SHA512

    0434427d74a9182ead2986682348d2fc710117fa9d2da9f41ebe96b343db1e99e483dafaa07c5c973d775d9599617004ae066fca7df7aee5a3b574f847da378d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0cbecb3627eaee805d95e7511241ddb

    SHA1

    530f9f9802abf2d5b285cfdc775eafcffc86fc36

    SHA256

    c3a570bdf0e2fcb128045b3c306cfd0e8235aa337cdec076d6b6c6e96e182c81

    SHA512

    ea498f7392a26e49f889799f388b00c753886c5e3cf19b3a3cf7a5bf45215fc4cebfa6dda49fd22974844a4fff981f63c3630ee9708d241f92915e9fdb6c8ebc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    322a56346a8fc782fd5539b447daee11

    SHA1

    a2bff485df0f0b7f2cab0a17bf53e2b25c492e9b

    SHA256

    8bc7f326be2f15efbac61c2c4a8ffcad6da82c41ca0074a7a28c6cae79aeffa9

    SHA512

    dfcf66248ce3f32da9cc48274831afc0538c892fc7cc1b8cb5aa77575c733c2a5f2e445d8b5018899cccfa3b89b8d71092f5193b90f45839c5e429407e93f8df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6896e1a646d44ece53c9a2d6cbb186ab

    SHA1

    d9dda40c2e66de7a66becf3e4cc1a088c8e472a5

    SHA256

    713a633c6f61792fc5fb4dc405fa0a7b37401e64ad27a55160f87157df2bee48

    SHA512

    07a84150534e6a5f8868ed5452ae976fb8105181c50034bff56d1ef3a983d496591de0d7f156b5fa3953f994c074b3a1311a9cd6fb1670ef023d6a21403a5f4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    433730d99ff0ff371153de33a6caac8a

    SHA1

    109068193289965f8ed3d572965bc82e12778fb6

    SHA256

    d9f30177f337870b29f453a76ece3a2104dee517456ad54f2dc3dac6d192c988

    SHA512

    26d58b13fdb3963f2d6e8974a80477a707c3ab47435334e63ce7c4ddc2922e2cee4d23fa0e264caddb22a03c90585c804379affa0da1ac03746437fc3bfd404d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ccd022aafa09efa6b95defcc73db1cd

    SHA1

    c23d851723a6d445efbd57e34c40831b989d7aab

    SHA256

    fba93153eb16bd903be3673cf714f8c71522f03b029085606b69b74154b11073

    SHA512

    af68a5ed22794606961a53447581165c27febad729951e3a87b925c443e811b43b834caf736de4546d04f0253de92998ae38b25d8158a2da6d12173e7fcdd764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    679e4be8ddb40315164eba1a2598af2c

    SHA1

    1d939a1702fe487f60634e89ab64d4be26dde078

    SHA256

    d2ab49b078b7a3cd256e2cb91dfa84ae4beb206c9760149749de371633d7177a

    SHA512

    bb2975dfaa7acd39798dc87eb0eae03d9d20668adf11ab28b188aef8f86842389d08646a781342fef58c5d97b47d11c90c4bd42dbb5207ac8b7bad5cb540117f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3a80465d1f8b33b7c8e3b3f5a0678ed

    SHA1

    673ed135cb62327d86e32979f8d4e13f5ccf3606

    SHA256

    675ec02b12f568a90a4f2b2dae90a62c04deaa99e030eaa1c8633855af835d02

    SHA512

    8a7cd52afa73ed8ab94fb95d1b05cc9e7918e8a7240f5797ac5a68d15766fb81c1a484c07c7dd8b797474981083015fe0be7cfac84e5f24255617610e2aa75ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6d2b04eb16cf65c12d9470728bd378b

    SHA1

    83363f4dd069ee64a0ba619dd26c34091ce0f5ac

    SHA256

    9b088f69ac23414544d980a3bc973fbf41d947e9fd6840e001b6cd558e76c66e

    SHA512

    2d9d5d81a3a81e85dfd5e1495f5183d3f46245eb8c27c36c9bddb97e42f8362b3614f3fcbaebe1de9ed3012be67f906abe80a6784cc734f482c0702b3e0c74ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55567445af8e009927aa7256572c0f79

    SHA1

    a68ceca943692dfdd1bf9a285c9e1edb75c03a94

    SHA256

    eaaf68ec812a8e91d19fd5e7aae13be376a5280efb820ae01c3d3f56ae226cd3

    SHA512

    89587b50a151b4e5c535f20d0191e8b4faecc4ebfcbb6bf56f6b2cd38030cc5e99d5d2d7e78407dbfc0bcda3f92af0661e1d89ba3d618fdea97900c8cefd9ab1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    749e4048f49c768e2d39cc6d8cd42056

    SHA1

    bac6a41524925320bff9cc570ad187e359889058

    SHA256

    beaca2a1c775187d214c8489b72f9a9e02c054db73a3670dcbc88a996c603683

    SHA512

    ed64c1530a4591e6282d42deb12b99f149ce65d4a28c66712918d808fcd54e834c0e727399a7cc5e30f10e2e742faddfbf1ab882b9870f4d22f055522416eca0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0133e38cf33a4d3802acfd57cbc5b25

    SHA1

    9e6c8d18b2b0affc6b207d6e579ddbecaf9e7917

    SHA256

    41a143a620fded356a4075b27f48dcd50b5ec196aaf7dd59a9e007d7cd477be2

    SHA512

    245f0cecac40a18f92f57268ef31bccd1e661e8dad70e5ab5c27a3ffd764011c111fca11a6ade40f38cb558593e826a96c2012cc0b2ac9d2ca3d1d80d01418f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    665eb0da27e6df13a5b10738df8303db

    SHA1

    eb3bc814ea7894ae2fd7de05e98ea287d7184f46

    SHA256

    5a69e0c3b1f95b26f37f5fb9ca80999e59eea2fd460cb24d4aa28894d406ed4a

    SHA512

    08048dcde8d943f5bfc67c4b6d9dfb2f0703c134d5df0667978bc1c358625c7b1050cb7cebd30bb57296d9a26de45e6206d661c5fb7d422e8b8d3b1689d601bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    238c95534c66f6755f5ba4c1de9bf6ab

    SHA1

    93c0cf1b3f433c0deafa67592dcf10c2d861c2ca

    SHA256

    8fc67f1891728e40824b03271b8f975dc6d2a8bc763542ae5e0bf9616630726f

    SHA512

    4eb7d08845b67e87c4edbe5ceba38c77bcbaec5e175fff619ac024c36324e54b6bc08bd545bf1466cf0a516a78e4cae3a2948848944593f869b470c39689936a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab27BE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar285E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit