Overview

overview

7

Static

static

3

images/新...��.url

windows7-x64

1

images/新...��.url

windows10-2004-x64

1

setup.exe

windows7-x64

7

setup.exe

windows10-2004-x64

7

安装与�...��.htm

windows7-x64

1

安装与�...��.htm

windows10-2004-x64

1

软件最�...��.rtf

windows7-x64

4

软件最�...��.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    安装与配置说明.htm

  • Size

    7KB

  • MD5

    d6bd1ac97ed7a264ee2f3e280925c85d

  • SHA1

    bb2c217de3e132e66643cfb03517522fdd8c04d7

  • SHA256

    463d264595cb88fbf4c79b2a29f47803464fd74ac4db8812b62cd7c93215ce6e

  • SHA512

    551c01603b8f58687a1f3e6625799750e8633590fbe95357433c26bee82fd3f4c51c5b3492646e229190f07f3a9ed37804d6696368dd895a6a2fe40434f82ae8

  • SSDEEP

    96:c2F18SWQEVfTvIiHm7sMR0MoeIiHm7s8a5nPxJoXj3LyWTU1QJIS8yrvmgltMJWa:LFS+IsboX7mgPMJ4Id8Z8CxId8Z8Ub2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\安装与配置说明.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdeef1f46134c5f7147a26a4c9188043

    SHA1

    4161c575899350a1b6dcc6c5e242c2325aac5a51

    SHA256

    bd93fbcc8a9ec1d59f5b63b250450e781d923cbedfc8fb18b87dbb1d0ff2c09d

    SHA512

    739e07b347e79ba260f1db81b33b765bee0a682cadfb0ca66b5871a836df8a4a7e064f6a93cd37b195c1488644c814196d4c24dde08241c74eb622838ecb9a85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    873218dcb5da47f6b12980dcb06a9907

    SHA1

    737b248103afa1a023df7baef9c12be423e6e0c8

    SHA256

    8dddc71722dbcfef863496da42295636d23b1e23dbb1a31e9bf33eb07616e2ba

    SHA512

    7e32e949f55edb8a8fce2d95ea5a04751ed9f595c5104673a1fa3a37243d354817f31447c824930e71b976e4d5faf3240b7fa39e941def56d9be2c58e9522a1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c68d4d4e209d48ac4ff0f3d77bad50f

    SHA1

    d80e6d298db0f2266cf750351ce1588d23cf1c7e

    SHA256

    2260c8dbf30091239c1b8fdcf141a680466ed9fe68f3f1b95a84957c91b9e9b1

    SHA512

    6b1646ffd1acc3cd19b924a1406e6cabe0c180e036d603a62bae7114a3722bf47d42b9a393c768c6f8e5d97cde9d75b66cfca1e8349fa441b9c7415eff91cbce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b9f4b9ee77d64d3a1951b3099b73646

    SHA1

    2d017a01bd23b5004eb950356a9bbeaeb5b3f6ae

    SHA256

    4061142f43dc26316c64cdf375340ba4a0eb99c5e247035620912710708efcb6

    SHA512

    8e0e5b493c8e22d82d3a1b3edd09d13897a0a9c3ac25003aab3d25e96c8f294c4d475c3a927bcbbf80e04d6fc5c98edb2b0f1ec2b968e74b6a0bbc8db00b67e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40fa587075996048e1f09eb3f990fe79

    SHA1

    88bbd0c95742e7812353a657396b028d9746e953

    SHA256

    887b5fdf2ece59363b559748cc2aa00da2f982185a651eeebad20a37023276fd

    SHA512

    8d07e3531d94aa40e7f5d672c7c0d66101fbfc6730cfcf5975eb7e4bb5c5bb8174bed495c15cbc3c2921ef6e63ae1f1b0bf6209bfd96a3b840bb623e701983bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a430ffb9c4f7b06f3e309fbd70896582

    SHA1

    ad3f80b295985213c5c40815a2f76b8ff8012282

    SHA256

    75605c87e127882a241a2b4f46606b19ce177f47f04f0903f467991a7d3cbf2a

    SHA512

    2f36d4073b83b3d82d6b3fc5e6996004cedc04497bd55ad5032a092783ad2e52af19cabd6cfc6dde425134a22a59d9418911ead8087e4b979239eb06a4f88503

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    005260f9caf5ab4a5a6c9a9ac02bd0d3

    SHA1

    7ae2a6c35f74d7b5425b8a790399be5d15d74993

    SHA256

    776047f188154daf57f67c9983bd8e125e5aedfa9e405e1b5af6060a36d6c922

    SHA512

    5611e2e11701ee69a2fe5cf993673f8ac53f6dc0fec7c97ea00998b76e9b60b7662d1e8288d32e251f9d84d5f8a08c26e096dc93e0f599f61e59c01f16a91e24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a12b8404f7a342b5b076e908dc2daba

    SHA1

    f3924f80d666c7cdd8f3feb60f923196fa77fa10

    SHA256

    363a36184d238fbb14c72357036f3fabc04652058a4d4fa24b76dddfa6cfed63

    SHA512

    f994c8eeaef0058bc2ae0da87f05e4112e477f085a70ce533785130e338f4c7598395eee887ed3a1160aeb8112195ea9425b1a71439fcc9924e06bcedc94df3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db1a82bbebb4e45cc89dc6aaebafe72a

    SHA1

    2ec02e468acf5066886118471af3b49b3cbfbf92

    SHA256

    4ac5e00701085ce721c8d476e4f33cdd0a5c35affe36e0ebb89ace7122a215f2

    SHA512

    5cda3b25b2feea4494d93025910225313503072d1c0ea8516aea29627874ff6e0cceb0ad0a47b0cfef0925e351b74b906dd0a8c86fc9c551abf446b9f76a5e68

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3027.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3088.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit