Overview

overview

3

Static

static

1

公司绩�...ate.js

windows7-x64

3

公司绩�...ate.js

windows10-2004-x64

3

公司绩�...ode.js

windows7-x64

3

公司绩�...ode.js

windows10-2004-x64

3

公司绩�...te.vbs

windows7-x64

1

公司绩�...te.vbs

windows10-2004-x64

1

公司绩�...le.vbs

windows7-x64

1

公司绩�...le.vbs

windows10-2004-x64

1

公司绩�...le.vbs

windows7-x64

1

公司绩�...le.vbs

windows10-2004-x64

1

公司绩�...ut.htm

windows7-x64

1

公司绩�...ut.htm

windows10-2004-x64

1

公司绩�...log.js

windows7-x64

3

公司绩�...log.js

windows10-2004-x64

3

公司绩�...lp.htm

windows7-x64

1

公司绩�...lp.htm

windows10-2004-x64

1

公司绩�...in.htm

windows7-x64

1

公司绩�...in.htm

windows10-2004-x64

1

公司绩�...op.htm

windows7-x64

1

公司绩�...op.htm

windows10-2004-x64

1

公司绩�...de.vbs

windows7-x64

1

公司绩�...de.vbs

windows10-2004-x64

1

公司绩�...tor.js

windows7-x64

3

公司绩�...tor.js

windows10-2004-x64

3

公司绩�...up.vbs

windows7-x64

1

公司绩�...up.vbs

windows10-2004-x64

1

公司绩�...d5.vbs

windows7-x64

1

公司绩�...d5.vbs

windows10-2004-x64

1

公司绩�...enu.js

windows7-x64

3

公司绩�...enu.js

windows10-2004-x64

3

公司绩�...ble.js

windows7-x64

3

公司绩�...ble.js

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 14:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    公司绩效测评系统/Oledit/Dialog/about.htm

  • Size

    1KB

  • MD5

    4738e9c10e361761f9c4529e58109848

  • SHA1

    1be5e37d4a830d30afc16a9a50d07fcd7392bab2

  • SHA256

    0e75c08d1834e696425319e55873e2f8d913db6d7f159741e36a2079374e5621

  • SHA512

    3ce3ca5482be20a48d8815567c05ff357fb545c49474f1df9f18a04c53770c37dae9352427268f67e4b66e2481ff38d64e3b28e02e11d24b3daa78e375859b3e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\公司绩效测评系统\Oledit\Dialog\about.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    249d686abaa50eb278dc5e0a483481a4

    SHA1

    635aa22c7a541285483dea1a1cb87605d1abf5b5

    SHA256

    ae546df2d7f6b2f5dac3eb1a9e9424b3478cb5f3e8f552f622e249afe4f17b7a

    SHA512

    cd2302a086d18ad1852b8f841b427038c7c73678d1fa06d3efc52e56b7bec3bdd3ff5569c90b603f76c95fe6330c5df04d80587403feb9aee7ef41636dfcb714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    657874feafd79046ed97b4fb1e8e16b2

    SHA1

    b1677d59ed91ec17f30b03ffb84ac9194f640618

    SHA256

    91322fe1b335df24cb254c725a1cb38d43a7851037daa9bc1a1b6272ef1b8f3d

    SHA512

    fba290e5d6d2d3c3859e311248bcace75d7757b80ac117879eee47c72b50f504194f5c795c8937516786a43ec1a3513099620520f3fe2f86e780b08400dc15a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c4a97725a77faaed8e0a474fee918bd5

    SHA1

    a43d1acad32c684355e75ebf5b2765c3e7467a81

    SHA256

    e0c551e054744a1fb3b66dce0a671be88d6f7687be4f478c468fa99e0ab7d221

    SHA512

    2e69d6d8b24015d2409caacc3bde8f884253e8b4dd1f478550848e4d729664934719c154bdc06ddbbc765e480a63679c223afb9a6c2b4f57acbf3b372c4682fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fef06177fc591fb3e1f110d31ea85cf9

    SHA1

    31baa6a5d17762c0d490cef9c851eaa59505b0c0

    SHA256

    d4eac1bec28493134fec1e9aca1595ffe5d08b486347566fd77fd8343b4219cf

    SHA512

    9224c4af526b9b508a77e61f7d882b416b4aed85bc3b295d6417f73b28bfe827a5063c13422ab92ec988c8c7dcfb5c95cedc12bca4c9c1eca719e7b8ba089299

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    95e9a88d84c850e5019d6f18ffeba9c5

    SHA1

    98f745100a8020d8f3790da87b66ca1c2164e58d

    SHA256

    00f069d3ec003c024a18ec876935184fd4109742dbc963263be5f6011cec5a30

    SHA512

    f6028103463670a923e433734c41b13b3760f65abc15a2d598a6705f947be6185cad2ba2782f666c8a5ed019e484f76b595940924d38bb64c32b126e7a1fc515

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4445411b95e93655c3d030abcde1efb8

    SHA1

    2a2179eb312da53500d5969b5bdc75da10ae56ff

    SHA256

    98452640c66438e121149384859e7246023e74da64804bdbb1e4235c1666a7e7

    SHA512

    6e8c6024e8b7813c7471db816686b09dab5c1c7845b76b025a2ffad4294b99818368d5badd6ae50937526230277a8ef171cdfbf786088e9fc4c721b61766c870

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1e854c78424b662d331f26f67e495e69

    SHA1

    225b4f261737caac16453512b8e4482dc4c23bb3

    SHA256

    dd50ae25f49fdc6227752f4e6660ff9922e54071632a8239f31142abceb1de3f

    SHA512

    6f2c740c34ff38f1a96fb6a109633556b5414672e616c86de02402638e39038dcdd754f6487672146e09e67a4808f0cef9a45cafb58d064c7d2eb1d5904a350e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b221319c43dadcaca0ee959459cf98d3

    SHA1

    b8ccc43dec49ecc7d25e94683502fe367a0cb60f

    SHA256

    6838055a854c1cfd12011fd77bd8e6e4de8e1925ca53604c0178a265fb142337

    SHA512

    37d8782f7843d25433e1a4f11f75e79cc466b3eae451d54b145e6c43e2e5c9068a341135d7b33d43ed68e9661157a65202e117771f9922586f501f073d2f7664

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e94aff58b6aa4468b1f5017df24b6afd

    SHA1

    ab153bf7b9890d0bc0fe62fe336fbd1221169451

    SHA256

    f680b2504f4bfc8317f64fd7c8da93a5e8f63dc364c19fee526bb90ed6086dcf

    SHA512

    28ebce441ce2c74cec8751889aa99f977e077b296443bf6dfb14c9db660ba46a6f61b777381640c5c29f5601ee2dbf71c81e375b826bb4052870dbacfb907038

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    69e15d4a635c0837a585678bff873331

    SHA1

    f6899ded9263b1c1bbc7572bdfe5d52fe48eafb1

    SHA256

    e2af7affc3cf74b7af1a26a16d76415d25acfda8ce06c4e085266d322aa85c81

    SHA512

    1e7d23bb788638e3efd9f41976bbbd553543b7cf39fd4db8918093df2231fa076c0eef16d04ddef30b2cad4097b07afa9f8339767c484ad59998e2c678672d0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    38211876fcd76437297bffb1386d3a9b

    SHA1

    1be557b08e6577a7e9e0b51732ef9cb5ba3e920b

    SHA256

    030afad2367573fa95fa97429a45f36a11b46112d35a8f93cf9740bc6e712169

    SHA512

    9de2e53f8def8aa8b98cad2b3ca5520953a56fe9b1d41ea8c04105bfb12c329fbe40994827ee75cbe7f1997bc47f7993d56ba8b8ccf11fa9d74530b7b39012be

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1F7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar69C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit