Overview

overview

3

Static

static

3

caokun_bbs...ad.vbs

windows7-x64

1

caokun_bbs...ad.vbs

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...it.asp

windows7-x64

3

caokun_bbs...it.asp

windows10-2004-x64

3

caokun_bbs...er.htm

windows7-x64

1

caokun_bbs...er.htm

windows10-2004-x64

1

caokun_bbs...ay.htm

windows7-x64

1

caokun_bbs...ay.htm

windows10-2004-x64

1

caokun_bbs...sh.htm

windows7-x64

1

caokun_bbs...sh.htm

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...ss.vbs

windows7-x64

1

caokun_bbs...ss.vbs

windows10-2004-x64

1

caokun_bbs...log.js

windows7-x64

3

caokun_bbs...log.js

windows10-2004-x64

3

caokun_bbs...dit.js

windows7-x64

3

caokun_bbs...dit.js

windows10-2004-x64

3

caokun_bbs...ot.htm

windows7-x64

1

caokun_bbs...ot.htm

windows10-2004-x64

1

caokun_bbs...p.html

windows7-x64

1

caokun_bbs...p.html

windows10-2004-x64

1

caokun_bbs...e.html

windows7-x64

1

caokun_bbs...e.html

windows10-2004-x64

1

caokun_bbs...rm.htm

windows7-x64

1

caokun_bbs...rm.htm

windows10-2004-x64

1

caokun_bbs...r.html

windows7-x64

1

caokun_bbs...r.html

windows10-2004-x64

1

caokun_bbs...wf.htm

windows7-x64

1

caokun_bbs...wf.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caokun_bbs_GBK_V33/HTMLEdit/inc/RealPlay.htm

  • Size

    1004B

  • MD5

    02b945a684be00943003d8555c159feb

  • SHA1

    1234cffd56644537ee5d99d1a34cce5cca150934

  • SHA256

    00c2d99731767dec153c2c44f010968a6a2b1a1bd9f57d964652527272910b2b

  • SHA512

    db87589b3465b5eaafece3b8e7bdfba613c0aa498357961b87c74d962e13123ea3df319df389c46ba1d82c941e9df4417f00a53973caf5673584c4df1d83917a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caokun_bbs_GBK_V33\HTMLEdit\inc\RealPlay.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    946684a3417728e1b1b8b8845841360f

    SHA1

    a517ad6e159c7cac419866d537dfa96ddba93e01

    SHA256

    29ed309361cf586688b56bb749039416a44cf630ddd8a624a8d44650fc54a4b1

    SHA512

    375381c8740786e9b92ee51e0ab2a49ae0b8ecabcf40783f7e7b268cd6e76f1cac8ba13ebd01269c5d48d02839c7cb86da228c61cf0c72744e554a3e134423c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b829302077a72fab50948b09e311975

    SHA1

    e32e7f17b6d0df513714f14db1befe19e9669c98

    SHA256

    720fdd8b47b4a087e6f35c44e5ce092f6977d15db66bafe3de2597af0c1f1b31

    SHA512

    62772ed4024fbd36b662a011c4b32d167c0e50738e1ef727aa84615d09499665b8ce45ddc27d270cb1fe53d36b6ef274d41fc225a29d58d9deae3e1aa38f60c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e18abe12108e1a4717ad00248ad6d6c2

    SHA1

    13d017f092e25ab3e1b84adf911684e2f68001b3

    SHA256

    64cd976893bd2c3251958fb7ed6113fd0ce186175e7d7bf765e64162ec4dd63d

    SHA512

    2b0e946180852ac5ff6f2af8cd5ea6a6154e0be6aaf9db5ec93bb09db89935d828eefb0525fc54c7887b09942b3e2df8d1c8587034ecc51639e71e3a60d1bb41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23cb8dab1df8815ffd805f422dee4512

    SHA1

    d776b3f56bee7af60c69115274e6dffef64f0098

    SHA256

    5233aec647329c1b3973bfac59af7ac8b7f0af55d32fc2964c3b61c081dea562

    SHA512

    1c0595a5b4820ca7560190b08cd6cc6ab9b04a77b76c2f36cee48b0a37c3d205ef27ea38842e18cd5c7a0cf7947cc148983f666116fed590ddd05cc6da997bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dc673242ab25a1d4f022ea9814086ee

    SHA1

    9c8c8507dff1148a52b919c97877e6e5dc92fedb

    SHA256

    5392cf6e88ebddb64c69b6d5e7db09b2cf9aa10ecf7ed485d882665737a451ae

    SHA512

    4a86a685ff1ae05ab538c3c223122dd8c5850dc989a7a255e5ac68f884c06f09d77efdfc2b3c5ac625dcf92f0a13b79636bf40d0d8046706cb57c10960686f2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcc56249eb41fdf1618bea51159cfccd

    SHA1

    78ef8954d1a786a647d23da1fee6e28fa05c57b5

    SHA256

    ed4ad52d908b4af3eb65cda8e5ed9247369ebf6dae0a381f02da6b4b5b1a8d05

    SHA512

    e3336ecae87c3cc325f3a1da578057190ab8f38713225020fcdece1cd4b324c3cc470a4e38fc8496bc855d4498c8535d2131eaabf67a71faaf74f042206e7502

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    464b189685bd0ee9299a096a9abb80ec

    SHA1

    53fe521acd92b7d8072558576ac92831a6a1f965

    SHA256

    2b18dcb5c73fa8ca5aa1453cd5c9ceb78568a110e92a167985b21d015a9f7403

    SHA512

    427d41c005cd314fa822dbe9b864267a20ed52f30ea8b615723d1e83d0a9ab785099b90274d79f03785ead4eebd23c103f223c9f3709f78d9fe2e023ed71b75e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d840d95b17f6f5350cff6f8282a8b00d

    SHA1

    ad224c57102cc11b76ef9ce9c8378a84512152cb

    SHA256

    26e522a63883b26c91a9e1b636db87dd900ff69b67d49181ba1c084df495be4b

    SHA512

    b0db151754d78e0053ea75b2f85f17fe94a3547201f8ef4678c28f690372e20cc4af7797de53dfedfbf9b3227899fc86c129bb151c4539d3343f3cd33240cc98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0135a9c2fe356a5f54f246907d2ac499

    SHA1

    7dbdb11bc649e6a025d21b294bccfa1042944f18

    SHA256

    bf09c6f5d92f900619d28b9b903d656631772f75c4a85523dccc8b403e5dddb1

    SHA512

    943c29075c735e33bca5d021fcd8b085c6695f55d9ec20cdcd70f7c385292f4a293c9d19658bf00e1e00bd8f7d64f33f16a8a1d77fbd128702a99c687d6fcb4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2719bd8ce9ad2c4475b3f87aa76bdac8

    SHA1

    901d10a2611c124eb91ee0af7f05f8e46ba09297

    SHA256

    8d9c463588cb15b8425cef5dfd0a278e8c40fd5ec00740bfde31f823df4bf330

    SHA512

    daa123a7a217d4a8cee80b29000e48efb8d14bdeefb59eb8bec2e69f795e62feeaa41e3fe3c37b7b1f36acdd32d6a0c204f312cf4a428f925bc088fe26cccac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f332929f93bd1435dcc5ccb4f23e6bc8

    SHA1

    20d6fcd20a2ebb52f97d49513d5894c7046a2a96

    SHA256

    fde5c86b5c91e48027ccb3ba8c6224bf866d445efbddd34ae42d9c5b13cc2f3c

    SHA512

    49b848aba643375bb52f3a6b4d99ccabdaad1a4ecd6e5c3f83d4eaec3eff411c04e05c0bd4663d6b51db9f2cce88b08af8efd66e91e0571267e1c7509ded77c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebfbfd1b1ba6eda1094d65f0fb2d3bef

    SHA1

    dc073ce5e0b7c453889536ce966bc481ee44b275

    SHA256

    320c3d72b4c9307134a5cf7fca4560d913711c1ea21cdf5ce35deba1c0b34185

    SHA512

    fd87e03f187bcee2dc1414ab15351106492026201b630086430d78dcf3c9e76807b3a99b08f4f702fbe92e7196280759874360ca9d331be4eb23cccd2b5dc009

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff526384e828ad2a92bd7dfc70efaa2c

    SHA1

    196a4875ef62171d67d69f6e91431faf768ce46b

    SHA256

    c27669ab5074be065d88d5a52caf7c1ede48e39ad99e4d57f3b3dc0df1b16695

    SHA512

    dd51986e2819fa311d951b67a669f27e39b4e2ff2973a351274a3bfca96309878ebd08117701d4e8e21d036bb487129baf50f737797527c719d7b710fdd7234c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f92110133e71d3a194262ba6e6f51232

    SHA1

    43e85d1df5acf342c4fcdae1e5126f099fb56698

    SHA256

    821e73952103fc6645363d4eb447e304997f273a7c26a21b9dc3ebf041bcc0bd

    SHA512

    a859f8d10cf8d4c0d8312c1478d45d1f110a15064bc6da178335d9288bfcc59550d04be9bfcb071e16ca2327aab1cb15c1cb6a2901fcd07eec95a0d679f53325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ecff66409ba30a2512ce9af8f446bf9

    SHA1

    6aa1c0e2097fb334765576bdd919b6ee02d4300c

    SHA256

    c5d337b9073eb44e987291f2defe07b9a329a63b544455ba2714baf0858fcead

    SHA512

    719daa22da9d060f9197a9266b52b91e201a401540a3ba42f0af58ca243cf4fcbd434556d28fb3c9b368f8e703d352e1da6027f0128804d35e6a4bcb5731b43c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd8016ec618d0a50191819feadb52419

    SHA1

    e8fdb580f777646583dc3343ef56ab63249c132b

    SHA256

    239255c79d163d7e521d5443586baed7606c113b4de14d8b85ab91aa7a7547b0

    SHA512

    4f69389a0bf6f274d95001783791d36ce23182ad666f39ec8b19b6a44fec737ee65264affc17366802f8b901abf49f0ec7802f35d72c3460b80b06290ecef176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e2c3869b3457c279cb69c60c26ccd1a

    SHA1

    4263a07edf122ef76ead0ea3e0b5f9fa362f5683

    SHA256

    1b7b2d11b7d983781d585a20fc088f89d75dd32a9933c1276452cb6773404090

    SHA512

    f667deb31c8ac4ee8a8e96308e3487e07484b58fe473db19860783ba90507e711dc2c84afacbdeeb761c7ee483cd3bba7ce635bfaa722cc783bb280b69395050

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33055eba5f676bc1b3de5793a4f33efd

    SHA1

    82410e6707f89a0c78e66c0b598da357c3a3db32

    SHA256

    634f10ce859c21a27994ab7e0ff948af0bbd32b33f135f950d911b0ff0ece321

    SHA512

    5a25cc689ffe0ba046fe75b28848ce3dcd8ab04171b7bdaf40fa0f05a40c3ce8b2464823b6d92ca0f4d40d63cea5566c7969ee2a22e0f1f02a36b27833f3e17d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5cf7fecac5256da5e480b55e6858506

    SHA1

    676ef3530f7e2f48e463c8ca435afa8d312753f3

    SHA256

    df395b111734607bfb571a95d7669fb385b1131c2e114d10a1ff81570319fac5

    SHA512

    1d0fd6e851681590ecf2fbf9bffa2b772fb307f85502dadc64acb8e1a48ca7d0a076c3bf398047af14af8e0948dede8233308b1a70d8a6c4edccf7a577067cdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d989102226022772fbb036f0b8794e3

    SHA1

    3a55860fddf144ed2a2e01267c9d8f5194b99664

    SHA256

    c16a899e63a85add4373cbf516a44bbe2988128a1274f8363bd832d932a76ac1

    SHA512

    ad4850c054a10d58b3a2a9abe58be389a10787d3706e993976e10acbc1b6949913e0c3beaf7f8c28e4baef6883435b9ad800cde0bfa729740a915d437fa7c59e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8A87.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8AE7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit