Overview

overview

3

Static

static

3

caokun_bbs...ad.vbs

windows7-x64

1

caokun_bbs...ad.vbs

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...it.asp

windows7-x64

3

caokun_bbs...it.asp

windows10-2004-x64

3

caokun_bbs...er.htm

windows7-x64

1

caokun_bbs...er.htm

windows10-2004-x64

1

caokun_bbs...ay.htm

windows7-x64

1

caokun_bbs...ay.htm

windows10-2004-x64

1

caokun_bbs...sh.htm

windows7-x64

1

caokun_bbs...sh.htm

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...ss.vbs

windows7-x64

1

caokun_bbs...ss.vbs

windows10-2004-x64

1

caokun_bbs...log.js

windows7-x64

3

caokun_bbs...log.js

windows10-2004-x64

3

caokun_bbs...dit.js

windows7-x64

3

caokun_bbs...dit.js

windows10-2004-x64

3

caokun_bbs...ot.htm

windows7-x64

1

caokun_bbs...ot.htm

windows10-2004-x64

1

caokun_bbs...p.html

windows7-x64

1

caokun_bbs...p.html

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...rm.htm

windows7-x64

1

caokun_bbs...rm.htm

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...wf.htm

windows7-x64

1

caokun_bbs...wf.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caokun_bbs_GBK_V33/HTMLEdit/bbseditor.html

  • Size

    14KB

  • MD5

    63e51582f1d0aecceb5adf51381dcd51

  • SHA1

    91d56bb6d5808d4a6c95436701db7d301da587b0

  • SHA256

    583a734ba7bc59cb00c725478b09621cbdde071babe1b725461f20ccbea67e41

  • SHA512

    2801a415efdd367a0fe3f6f0340b6401219052ba6ed3eda42b734b35d15ebef1f1abe3c21a8535c131d6d09dee89d3ce1d38bcd35153b56efd8d1adf16829f05

  • SSDEEP

    384:P0sYLEgYfkBWWWFgAlW/FdmcF1GlKSEpyYV4fiWiN7ZWgBCEWlV:5GM5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caokun_bbs_GBK_V33\HTMLEdit\bbseditor.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d253c91ec566c151d22446aab56988c9

    SHA1

    82d17c86eef100472ec9c28a9dd1b1435d68d58b

    SHA256

    40b70e48d1ce87b1468723d01d855e1d178966fc1523546263bc19daa489574c

    SHA512

    865d03fa7d750a1f907ff1db9e4e6de913d47daa7ee968658c2f78611c350255f662e5680aa0c46477629a1d7d4ee9e9f27a151efd7352c7fc5a8097dcc691b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fa7e788dd8a067bf8be7168f0f81344

    SHA1

    c6c3a3a98f6443c0923a0603d747ca605d5451a0

    SHA256

    8f746bce2d45bfad0a4af2c239a1ae9112072763bfef6e7ea20963c3d5f5588d

    SHA512

    070ed16d1cfd2839d10e1a31999a1bffa1f24688e0e6e1f83a60464341a2d3a355c6394508f351bcc1c6c7dad740f5020b198cf412652af9e7e2015933870abe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    431ef97d9d969e7333485d135a7f4734

    SHA1

    ddda04a68c2803f664b0413516e804a9f4698611

    SHA256

    6a700ac51a5cf874fa0a66b7d0fa8584ccb71b91e564faea05e9368b08c71b6d

    SHA512

    86006166d829c1abf9952bfbfbb3e9cf71520a415c7e7ff0748065261acf4b8783e12f03cd3316390e71a16340a7327e06b534be5ff29d8dc738c8754caedd9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00592f4abf3707945378cb12e0851a25

    SHA1

    4cf91fb2a5672d8060761d405e02fcc01fc368b7

    SHA256

    023f50016de80c7ef706002db02ba94ce69e6c53604fd6c9947ab81a45ff88e4

    SHA512

    f84e0c9537d45cf68be7f6d827f2a54b188c5dee843c35996b6b04067c1d6a88a0460b5d6af08c58cb5fbc7b59dc4069d59fb7ad8b502883366bde71e3c4d188

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    897968a08d20c6d4033fbf2dc4cf7c88

    SHA1

    c4502c7fe1b377c53a56e46e6870cd9a639417f9

    SHA256

    44223dfbccedc8704681311fe0da646de6454dd0f8eeffbc9a585f49c451c19c

    SHA512

    c478bc462c10cdc7297cdf6908718feabff3dd3b94b95c15471c7660b75e97a2ec720963d7dacaba7c35df16cee74ef5eb6a93f77a66700c4f7f3a2d33a7f197

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e729f70b492e189f09ae2dfb9907d0a8

    SHA1

    fb7117ae8024956d4b45afeb8d19da8c125f3f22

    SHA256

    474be57886ced88c3a54cc00057635ad30bd8c32e312972d0d37425ae80444a0

    SHA512

    bbf22a8badda1a17768b3e4cf5ac37f75637f9e3fd2f77b2bef2811131a86d14f75fd980905e570b9aee67b17784c9cd5d5746429eb61279d402f87ba696e1a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8909279eaa7ba88fe8c91b0e3f73c950

    SHA1

    442fcb03e2da3dab86de6eb02071fde84e95394c

    SHA256

    25bd5ed41a6eab6ad211c8cc9591d8a0d9e98e19474bfdbfc44a35b50cba6e18

    SHA512

    4511ddd506e3b06ecec718492fe7875758ca4ca27b5d2b6ffcefbc0b1db908a127b3849c43767fa01ea92e0479570ec4403e52ff2e42447637774334deeeff4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e5539f03861ae2522950c19072d6cef

    SHA1

    648454998aba6a65aaee0e881c998eb9003822a3

    SHA256

    beb37b3aafcdfd8df8c2c59ef6a19180d8b345f8410584da72f177ad80b3e3d7

    SHA512

    b59eda6afd02c0184b8f7e87908b732e42cbdc7eb0dda12503f8420244918dcf4a036e9026faa234715e474899c748b3ca92bccf5e554423a8e6db6f5086db62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52d82d78efee3d86f7b936b2f7cd5d79

    SHA1

    6662a914f7518fe3d1215f595ba46f4d3aa96245

    SHA256

    8d8c190d4343734818d80a13cd7851346538deb179c36bed946a4dd085337c11

    SHA512

    b0243ed75f3b20026695d27439349d532d55577116723b53174029ff8228ab20282a8b426f480ce2d7ac9d3061281dfad0d9b85c2d079a447711d1a2d628e09e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0112198f96cd006dfdb75992de30b6e

    SHA1

    c0924b956daeb6b1e97aff4fdf8d6e59e81ea3ff

    SHA256

    e37ecb0d922acfa375489c0e2162d7a2103b8dbf67438a147d438d7bc184dd74

    SHA512

    730e714b96cc6363a6878f57515c8589c3bbd406d8160313f98785ca3a564b3e26319c3a325fddd199f1f2b7c029c38ad4863e41e45370cd238a760e71397a12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e02f5f2e0db621bfc4db880f7bec4ad

    SHA1

    aa77a49ae9992b951be4833c3b6e2872a871b1e2

    SHA256

    0c92cf457d5e8d7681708be00ff743ee38e69171840599950f35ab167f3c8400

    SHA512

    751ca72c1edaca08e5fdbc5b758f9ce92e8b610b4926970e4296cc1d150375e70f8ba63fdb0b5a74c63e028f4d2e64642146690413e9525d6a682046d03c48ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7695d27c00238b3d47e83d6d9044c393

    SHA1

    a1527fd11c17d838fd7e4a6799df6be0f917597d

    SHA256

    c5606d8ac93d8699ec5d9e8b966b97ba1243f1ffd56fc537d7cd7e0cb659ace1

    SHA512

    4410ce7e5efc806438160d2df431bad5483b94caeeea47a5a7bd822b305737bb411221d809e6ef6339c67348129f99e307e64fc1ae6a63673e899561f95527d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8c8cde88cdac8b047c59cb71fd310df

    SHA1

    91a3156c89eb4b4507d2941ac9b9ce87c6ce3551

    SHA256

    76f5f941e2760f436b1648711b5d549f129abbfcd2b296ac00cdb887bb4c626c

    SHA512

    e92c295327632a23318a339ad2a9ae1e0f75d3ee505b69a9b17d21315dde6e31c26b4705a8dc731862cbd25a5fefae61569bd7069a330521ea381506276920fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceeaaae58792674b943af4e117cc7103

    SHA1

    c8ae1e7bec661a372604776e46b905b51c429f69

    SHA256

    ed15395cd2a3c901b6585c7896e00f194c56b2a615f14134caed4d522a9d488e

    SHA512

    213da8b485305256a6abc4a4fc528dfac3972e39e28a6bf1a12f25170c68ea27365c3e384a2131617ca66d4adddef7dfd281eecd8a3f79fd1a89ca651c8ecee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2b309ddc2bcc32f4c9f8ce3f381f0c6

    SHA1

    1a80dd0a693358d77e848714cc2c45c1ced91cc4

    SHA256

    89568b59ea7706435fd1622d1f54a5c89b1297de2368395fa9de0d691b60b1ef

    SHA512

    745c3455f5bc8af703ade9cb5db1b1ff44ae53d5cce7f1452b9e140b9d995ab015f9b7ab5c519a66f87745bbd6b643a428112fa464a9bd946717d5d2fc704a6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    005e1efd52cb429f6819a7fc92ae5093

    SHA1

    d111f7e5f12805960b5ddb481b9897476dcb191e

    SHA256

    d970f9cb24bbddfc39284c5db44b86204e51dd4e3035021912299de61033d5ff

    SHA512

    23c7221b2a8f540672eb85c42a914198dfa4a7637616c76af37a2c564885884889e91598b8a47c3baa09a9ac774104f1cf63e5032675c8cb075e5a7f720a3371

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF0A7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF1C4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit