Overview

overview

3

Static

static

1

api.js

windows7-x64

3

api.js

windows10-2004-x64

3

api/uc.js

windows7-x64

3

api/uc.js

windows10-2004-x64

3

api/uc_api_db.js

windows7-x64

3

api/uc_api_db.js

windows10-2004-x64

3

api/新云软件.url

windows7-x64

1

api/新云软件.url

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/upl...min.js

windows7-x64

3

images/upl...min.js

windows10-2004-x64

3

imjiqiren.js

windows7-x64

3

imjiqiren.js

windows10-2004-x64

3

include/db....db.js

windows7-x64

3

include/db....db.js

windows10-2004-x64

3

include/db....db.js

windows7-x64

3

include/db....db.js

windows10-2004-x64

3

include/en...ass.js

windows7-x64

3

include/en...ass.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2024 05:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    images/seccode/font/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\images\seccode\font\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cebad0daa7c7eac7aa2ee67b0423f740

    SHA1

    d30c4ad6ae4fd2fc6887b1075f4c9092316e12e0

    SHA256

    c3d46f680ebef3a5243e71407495e04d04e65e11d6e47a93e20f65e8fa515ad8

    SHA512

    0d6e7af069f021ea2cb274b8df1702f149d058bf5b3da9c96438b389a1e6493b0e3b4471101a23714a5c803b431eaa6241740b466b28264554b0edf329727840

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55107b80bc30d2dab962ef6f8d767e6f

    SHA1

    9627ee07ecbd42417b09b741ad903c3e822ae27c

    SHA256

    b22244b14fc95038ca931a80d2cc3ca5c16eeecfbf77d27c934cfe3d41b03542

    SHA512

    2dd91e2cbe1c15a6089fd7ad231344fa7fbfcd6388f48c14c23d5f3d9a27313e347f68917106a7277d8c5efd137d3655552d1b456b1f987c63f0c894d5e9c69f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b2b5a12cfd33de50b946756b8578834

    SHA1

    bdbb0f63a673c468d68278872a5279e5fe92a8d4

    SHA256

    857292e63d392ab53e51e263eceeaef5d8342c0b3f034006b07450585cb4a58d

    SHA512

    5922a80bd95a93b115b010ce67265c8a6bed07df242499797a297b9af3e39797e0d2720bbbf838f1f1fb1ee5a8908abbc3f6a23678dae1396fa149ce14446582

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    226c76683170a242b9d983a61e5544f8

    SHA1

    5e95ff68f25e971b5e384a68025efe652a11a9b9

    SHA256

    35cf27eb1e6bb7bd7ccd10aae689f2fd8cd645edb4195b90a895062588fe8fcb

    SHA512

    07aaacdee4db556775c6cc5cd9912405888230e04896fbdcdda6401602d6885309248cb321a85aab0d16f90846ac7044dc37b1462eab37440502ad4169d25e1e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbba7440f888a980714fba6480009f5c

    SHA1

    704690e5680d40c66957652544fb41c11c2df5ae

    SHA256

    b1cda8ac851673e69115c62efb0d3009a0a0bfdf55076f5677295cf5312150f8

    SHA512

    15274313cf073c70b4cefc27efbfae74a463d066c4586f2456b9a79ea78f32d06aa263f26a8a0472a89f2cb5a31799283a594ce5a02da37325157b1b58ea3a5e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f48af577a526f52a29335be2962d0c7

    SHA1

    da4221684e6744e26b04a9b3ed44c559b7784765

    SHA256

    941994c3210558d2b21ebd4ef4a27fbeed05aaeb889a8b0bd035644075ec4531

    SHA512

    c4113aef4ec259cd3c6ca2480c61bdaf3c37ea6bc137ccdcb6dc45d0a7e35088b4bbe3277b3984ae8a2474f48038f5bfd5579edc1723fc37c944d9f5c1c939fb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebd652f08b51f3c3a7649e524ff2bdae

    SHA1

    e1ed81163c66ec4571d40e2d0ae0ffef1277d347

    SHA256

    46b1e1903448d44746d4a04ae58a3c17481a074db137ba7a6cf0cd92c02977b3

    SHA512

    e1dcd84cf499a5ae0276c09505c6ba0b671e8dad1cd043d22c018140b0bc24250a6f49d35e00fa4afa14c888351b3be786e831879626f27d0ce64d5706af2f05

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03caef1737bdc5969273ff38076632da

    SHA1

    3021370a3da6b71674aa225368ab5c213f763f97

    SHA256

    5f65fb7d371eaaad64f19dde4899b37b5df5efccaca2a0e7e0f39ffa1fe788b7

    SHA512

    fe883f3207bbfde728a75a84be06601baa7f5c483c279d9c2ec73f1ea0a3cf07a4481be5b556d80daed2a119daaf658ff4368908162e43478fa9aaa026393686

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68aa14f58e6bcecbe6b037d96e1f42d4

    SHA1

    73254af5278227c6b39acd8c6834df549f846324

    SHA256

    2dd5d2da462c773d7ce08833b33a1210442de45ffa8d7f3421fd633f4b025ec7

    SHA512

    ce0ad44617ca647def38e359f338416c986987728cb1bb124db23c587535066692a16f4755fb0f967959cae6eecaae11d61599f0ef3be6875b8620d28dd5d3bd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2c28172cb98c88c9325b86b6407a282

    SHA1

    475aace88cf8c682dce3a90ce5ecbbb6f1c5eebd

    SHA256

    0b4f7841dc148827f5630254d95c122944e7911382d3fce32b8fdb8a94eab0e1

    SHA512

    2550550eb2777432cd789f08ed76ad8506bb6bc2cb2a129456af6687e094ee709d06067b4a90a134baea6b85adce00ff8fd4130c21ffadab86007d04e8d7b92d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cedb033cc5eb04ea2eeac6fbda4acdde

    SHA1

    d838ee36ba17e10199978bbcba42453a32f0b222

    SHA256

    91aa2ef4248f47b6d0b8405ba2365bb8ca49161aa57ce94f6ac3a2fba621a25e

    SHA512

    6cd34304ecda98eb124eddcb9040a911ccc48c18427e45e25bf99c227c1948d15a1e1f1b7297fb3a9b6033826375db174d20b05b7a1bd96eaf5072e3b627e53f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e02320cfa9ee518c45a5c80d7e20ea7

    SHA1

    8330398dfa251b9fcc01a46fd570d23f134a774a

    SHA256

    719cc044cee2b78610eddab1853aa3a9009ef7ccdaf753064ebe9ecf76cbc0df

    SHA512

    e16c4c0a1d83944579b492779d18b7d3a08d8e037320841f0d97b37cfd6a88bdced09d86cea888a492b1240e23fabf10a4e89f200d2cedf84b571319fc53e942

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    415c38b7469a06e43e8441fde123dc7f

    SHA1

    820f2f7234fecac99fcf9c9098c49fe698938e2b

    SHA256

    7693fbb9a27a2b949743ccda27f4bb8660b9c43db91e148a697ce581ab14e8ea

    SHA512

    68b4957922bf3b547e3f831e4fae2831913ce388732a3c0d3e2f33ddde227b1b4a2bbd3c72e81767839d1c1eec1011a1f44db13c4244c09868d5473b504d5bda

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92a0ed3355004faf400106e197a868ed

    SHA1

    6e63fde997a01158dbee7e9343e25a9d352c3b22

    SHA256

    a8bdb6f7d97a83f015f88b54e063e388bfab1dd20b6cb736e15ca75eab499895

    SHA512

    09b3324008d2d417a7b29da6d9127b69e2fcbb3af8d3cde7238352e1d166f8623ab5578a378c026a901709a8f8ccfb86e78c5333ae320607bf84a5c9a88adab0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2f3a901970fbd88962096f90478f442

    SHA1

    e736c05cbad8aee9b399b653dbbd880265fbc6b3

    SHA256

    9cce430f631d25ade3d826fb9f876d8303fcd34f9f6e2c9bc87a22e1fa86ee6c

    SHA512

    0eeab90578491fa32f6a79f57bdc69d8861dc151e044892327d960dad1fc9884471f8b2f4cb18712336b6a44f2611f053876aa8f304d6313c84c2ef9bdacefb3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b86a1e04961a6c08e590b5ec43d66cc

    SHA1

    794dd68b875665775f8b4c645f43e8119ca8afe8

    SHA256

    2bbaf94c4c10f1dfa6c098071f11c2a0d9c2bcbeb69f2f0f26f301461701d3c1

    SHA512

    6b13f28238330cdf6b26a776b521335672f65aa9e27ad477b5ac3fd500cfbad6f1d150551ddd4a743f7e183ef9e76485752170761addff8546803a4de4cd5ee8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0bfd861f6d27554ec562e013d10cd7a

    SHA1

    cfac205396c1286921fcf5ee31d5f830844e70c0

    SHA256

    50ec45c2a044588154300c5d65030a865b57e9258f81202d70f3e2747a942eef

    SHA512

    25d3a0348fe18c8c64e197c06214a43175d4c01c53ceb257558a183f49f81b351803f989a1681befd8a2fd578340316e578dc86809604cc7d9195a163b692c8c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    702ac8f052460f25a577b2f9899e87b6

    SHA1

    edbf1678a7a94b1167f594b074fd084a4ff2f1b3

    SHA256

    7a0f2fb36a98d593e7d1216303bfc622762b8aa1a226f99e8f7046f5cc883917

    SHA512

    926f6ccf65417503639c069694cb3dc5e7821c2c6f93ce523526702890de1c23a9e7066c7df9ee687804cc34e62a96d8fda899fccfb42011487428ac7cb7773c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6dfaaca9e19040d6484b168384b5b31

    SHA1

    d1f3130351a9da31ff032dfd2cd703aee0eb51f0

    SHA256

    9147f2c964e4df9ae08d7c7c7609d22035191742ba7a028aa550637ab437efc2

    SHA512

    a1cec07f2272f2d818b362436fcb04a7375b94b0bcf31f153b14ce39a28f630b9707d0e6766faca4b40cd194e42a7d1b744a26ffe289822e0c6ecf9678fcb61b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab5987.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar59F9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit