Overview

overview

3

Static

static

3

BBS/AddPost.js

windows7-x64

3

BBS/AddPost.js

windows10-2004-x64

3

BBS/bbs.js

windows7-x64

3

BBS/bbs.js

windows10-2004-x64

3

BBS/copyRight.htm

windows7-x64

1

BBS/copyRight.htm

windows10-2004-x64

1

BBS/default.html

windows7-x64

1

BBS/default.html

windows10-2004-x64

1

BBS/index.html

windows7-x64

1

BBS/index.html

windows10-2004-x64

1

BBS/viewBBS.js

windows7-x64

3

BBS/viewBBS.js

windows10-2004-x64

3

BBS/新云软件.url

windows7-x64

1

BBS/新云软件.url

windows10-2004-x64

1

JS/PAGE.js

windows7-x64

3

JS/PAGE.js

windows10-2004-x64

3

bin/CBMD5.dll

windows7-x64

1

bin/CBMD5.dll

windows10-2004-x64

1

bin/Interop.jmail.dll

windows7-x64

1

bin/Interop.jmail.dll

windows10-2004-x64

1

bin/ZYDN.BBS.dll

windows7-x64

1

bin/ZYDN.BBS.dll

windows10-2004-x64

1

bin/ZYDN.Common.dll

windows7-x64

1

bin/ZYDN.Common.dll

windows10-2004-x64

1

bin/ZYDN.Config.dll

windows7-x64

1

bin/ZYDN.Config.dll

windows10-2004-x64

1

bin/ZYDN.Data.dll

windows7-x64

1

bin/ZYDN.Data.dll

windows10-2004-x64

1

bin/ZYDN.Entities.dll

windows7-x64

1

bin/ZYDN.Entities.dll

windows10-2004-x64

1

bin/ZYDN.Label.dll

windows7-x64

1

bin/ZYDN.Label.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BBS/copyRight.htm

  • Size

    313B

  • MD5

    56cd36dd4e91b4a56bd4a20407a3f726

  • SHA1

    8afa554050ab3c54e2d1b9000365d3726d27d2cb

  • SHA256

    02a1790ca66fefa8b8b5dc18ec9713418fd07dc8fcbf45a1055ed4cfb21f3633

  • SHA512

    4559129f5587f16c781408a38dbd0e4db4759bb54f595327b9d5a8cf5a7b607143ad5cc1d1ad0165dc485cecf05c84b25b7b6792fe4d6bd26ba9440d23386874

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\BBS\copyRight.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e701c968a3f4d7fd9a93e4ae90e833c4

    SHA1

    d6c8c5de682c6cdf45f347607f50d97a91fd597a

    SHA256

    ed335602557ec42976ed4cfdeed611c0f68e68b4412a1c59377efa88a952659f

    SHA512

    0101a345ad4f1e1499f6b377af384dafe0527589edfdba2d0964fd50f6798b4bae43dffb8451a8fad5e28c5f4a3a636ed809f4b417ac9d14ee3b211f84df48ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d81242070f0c8463b51a8e7c0ae0715

    SHA1

    c9dc91d48da80831dde5705f094174a0dbeb643b

    SHA256

    a9459b5bf4a31482464686f71f93786f555340ee528916967bf04ed2824c1ab2

    SHA512

    bc40be2f63a3cbdc7bf0bb47aac778326aff9aafaf757efaea52746af3e156efdf0b3f713448ee388a7da4ec323b57b5f1490501a212693a7a5a086c3f618d14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f553253a52a1b35e25769bc681bb59db

    SHA1

    59a82337fdff18e2ab83eaf73f2c12464b4b9a38

    SHA256

    f85ce3985b087115f8bc3abbda2fde12b35a355df905de5684f50bbc0b95788b

    SHA512

    da76f1ee1b6ebb450274a119841f371268dd3b0c66fc6c77e23c0336a7be8e94b6ebe1fd9fb594e732b5ba4680ed0a9afd6d234edc1ae0a39772dc59b8ed3330

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3231cc63d47308d2c5a7c8eba9c735e4

    SHA1

    87c72cfe6277131dfa4bc4ae6ab77bbf5ad79906

    SHA256

    61b3342ee03ca4e1347cc55224c5d76b0bd104fe58b00a7e7ffdbba812814053

    SHA512

    b5d1940e69cf814712f49949289ea4fd1ce861fc45b3a68f9be8ad942015e87658fdef89d3893ac53bbf22f9eb3ff3f32eb486ba1d47bd3b2cccb1b238ffb088

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ccbbd4615bc8d4e8c0d2b267c281854

    SHA1

    8af1fdd2bb869502397294dcc95809c188de04c3

    SHA256

    9c2d067f887092996599a3b88ba7a554d06eea1a0d2430fb289659272ce1501f

    SHA512

    11ea4f9e41b2d4691f023502f5e7d6bae71e5b78c46349eb90338505212a0db49f0e513cd215315549910d06c436c4379101124bff03325cc66c95a5d88b94df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d515f685abc1ccc72d45d5141c7b108

    SHA1

    7e78d728923fcfc4dd61e673fef075a9727ea605

    SHA256

    9124da8558ea1296c6e32937c27399230c1a400c8759eeb81a79cd5a2d885695

    SHA512

    b27f84e5874598790bb402cb5a65427cfaa7190ce292995ecb42d3cb9b79a94512d2a61d860e232536ebbc4079e9bca367705352dc568c69d8b975366374735e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3dc2d83b28ece30d56b1af954441c14

    SHA1

    fde20da108691f1c3964860b844a99d41095a857

    SHA256

    c186296b8f7dec8dc8a3fa8ff611cdf98e4ad9fd2f4885c0122fe7e5e13f7934

    SHA512

    a6a63bd35fb6cf1ddb9e6c47b5509ec1f395c3ceed9c19caa1240e7ac2362358b8a6a7f8fad169f6cfc7ca1b61d63c167e435106b946ec241a406ef1abd806d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95fae35bd0838de1f9bc1eba3ca700ca

    SHA1

    5517c82b6cac534ba8bf3a159ce6b2af0ce5f108

    SHA256

    a00f59def2c23520b90fed18de12c80cfed6f7552e1361510731e4a44b517b35

    SHA512

    2b5592d59e3e7244027d1c5e51253ad334602bd843a9c28daa24eb7e9aa98767d004e41c2d1c3b5227c0d31fb0b5e7eaf3deb51ad792ec5b3f991277ac17d118

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f08057efaf7063607851757df3cc31f

    SHA1

    9655e09313d5ab251159bcf79c1a84cf8825bef7

    SHA256

    e8d6f0f8896afeeaaa3a1d759ad3925b3e2e8aeecde86e4563149b083deca542

    SHA512

    f0beebec56374d9def8401960d44cc1d6b581235370668c22f6c16046258744c224cecd767ba96d810b41f9b51c5f592f287e67915f6051c1d80ba0a88a2d619

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a91ebd0bf27cb6e28d7eff880f8d1a3

    SHA1

    707d5a23b478cce373963c201a5ea376d0bfb89f

    SHA256

    781289e2494fe6052426864e36f327c7c2e6bfc0d904b9fd38843dea592497ce

    SHA512

    c4e011d1450cecd9a51a001ec3d607e2430e93e6fff9c82bdbbaf726e11d7e0f6b491fe245fd8cdcf07b0ad4097b6516cae54ed48bd97d47b557e39c7b580b60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9537cb2192a3f5ecbb2232177fa8c1a

    SHA1

    e99b0bcf8b9d3debba128aeb6d05f41de869424e

    SHA256

    4e5083cf3b001ee73de16fa9639a4a1afdc9703024bf6bc8c2de1c4ed190fee6

    SHA512

    d405adef42bf944cf2180958b93f71c1c54a4cac9b589fc5d6e998d4fae7a5149c5bf2c79231e2e4857ee83ae3f944e8898648d1e664b265c24c224dc0edbf6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33fc7724f23c6180bb014826e37f0478

    SHA1

    cd809d1833d49c070ed438ee4f28a1a32a46e631

    SHA256

    b189440502d28ef85f491d4285e1bf3e1378617fb7ee4c638ab7f57bdc4d26b8

    SHA512

    87dc7eb880130193135c4068ea51ff3ab3e4eb9f1174d72e6b8ba66c5605f76be47a3c4a28dd18f2de4dfd82a6f14b412bd10c31d2364d92491e6e92077e5409

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f92fc6032d1e684ee74554bd8755875f

    SHA1

    ab64707a5a554a91f5010677264e7549da33f8cc

    SHA256

    cfc2bfb78fcc119db2337795a982f603927e4603efd136bed93c2bb0d3ec6020

    SHA512

    494e0d9178671af71cfaa2efce563d6b384fe9c6239ffe52448ca351f48b17782426142753cbeb68a4fbf4b3551ce8eea394d2ac21e5e4744a8db4647c4e16e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdc6110c574767efad2a28397d3a514d

    SHA1

    08cb8fefa5728cb87a938005665b43f57b41bc73

    SHA256

    79c503f646f468469168c3d87cb00ec5363e3eb8ef9b38e47f08fdd7e92480e9

    SHA512

    2f3ca3a58350ba136bda9c6417fbd3814d9954985cf66ef0c5945614a5cbfc334ea43617f3566dcf44f21d22f17508ace6e0c59cc13d00665c3a69ae39b9cdf2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC3A0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC44F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit