Overview

overview

3

Static

static

1

公司绩�...ate.js

windows7-x64

3

公司绩�...ate.js

windows10-2004-x64

3

公司绩�...ode.js

windows7-x64

3

公司绩�...ode.js

windows10-2004-x64

3

公司绩�...te.vbs

windows7-x64

1

公司绩�...te.vbs

windows10-2004-x64

1

公司绩�...le.vbs

windows7-x64

1

公司绩�...le.vbs

windows10-2004-x64

1

公司绩�...le.vbs

windows7-x64

1

公司绩�...le.vbs

windows10-2004-x64

1

公司绩�...ut.htm

windows7-x64

1

公司绩�...ut.htm

windows10-2004-x64

1

公司绩�...log.js

windows7-x64

3

公司绩�...log.js

windows10-2004-x64

3

公司绩�...lp.htm

windows7-x64

1

公司绩�...lp.htm

windows10-2004-x64

1

公司绩�...in.htm

windows7-x64

1

公司绩�...in.htm

windows10-2004-x64

1

公司绩�...op.htm

windows7-x64

1

公司绩�...op.htm

windows10-2004-x64

1

公司绩�...de.vbs

windows7-x64

1

公司绩�...de.vbs

windows10-2004-x64

1

公司绩�...tor.js

windows7-x64

3

公司绩�...tor.js

windows10-2004-x64

3

公司绩�...up.vbs

windows7-x64

1

公司绩�...up.vbs

windows10-2004-x64

1

公司绩�...d5.vbs

windows7-x64

1

公司绩�...d5.vbs

windows10-2004-x64

1

公司绩�...enu.js

windows7-x64

3

公司绩�...enu.js

windows10-2004-x64

3

公司绩�...ble.js

windows7-x64

3

公司绩�...ble.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 14:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    公司绩效测评系统/Oledit/Dialog/help.htm

  • Size

    517B

  • MD5

    018ad98743286c320526f278b2484d94

  • SHA1

    21ffec1f244d32f945c0c7844c51ef6309307345

  • SHA256

    bf8d68b9ed15f243acf62b76bbbc44e7dae61768b45f5e19457919e52c4abb93

  • SHA512

    84eb3c3c79e161146a01d082859df32978a1ff70a9c727eaefcb9a09804d08fa9992fda3f0cf182523dd50df3c474a58ca2ba14b44ea0b2877f118982e7c26dc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\公司绩效测评系统\Oledit\Dialog\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2140

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21dad98262cf364af961044538273cfa

    SHA1

    5f8f848e1b7faed14de7d16abf760a24879691a5

    SHA256

    210d21c272f0a90830ed619c8c67292d8435ea8ce9d2c1f8e410c94d186c2bb7

    SHA512

    c1bbb9007b8d08a83655d5eccac972006585e78b727c489eaf0d767794de4560d7ed1fa168afc3db65b8c374a3fc9bd2b60fd3f44b1318ab522a7b654254bb36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4016caf4a7ed29162b7a0731e0786bd6

    SHA1

    0069fa05dfaaa1861388f102857f78ed72286571

    SHA256

    be17a18736145cdcbb2dc57efb89fa5808f2830765c77157d7b61f134f0ce29c

    SHA512

    2712d0685ccb2848147dc973e2675f40d54d35aa371ee448bc3738ea0afa4d53495e8057f2acc4d5f563eaeb19bc11b5b87776069ff0b1362e162a150fb6feb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c8376fb9655648d93b47bbe4d3107d5

    SHA1

    bf509ac748265710761be764a26496b2ff9a9ddf

    SHA256

    35b492a8c3c43a787398caf97bd8b742365323fca1a38d8ff012054a69e857ac

    SHA512

    e24579bfeb6e65f640c4cd4eeeb26644de009d2daa70d167d5c99a4f5371f73292bc533794bdbb1cea4e8aeb47c0c93e5591a8a15ec9bd4229530df96e62b986

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b96accc9e0604383c233f191db45cfa

    SHA1

    07dfc3d5aa76b9626d85f4a562ae3c57eb8c1510

    SHA256

    143cabf4f0d34ca2b0800d85eafd2d5faebdf5d4297fd64301f834eed352d619

    SHA512

    708ebbd28d6e99a2aa3d0aa19a30840ec723dd089dd117a8a5e8cc48771a599ebb8fb168acf47c71ba46b5a0305923dab1de748357e972c63149eea5d1f4b217

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    852c2e2d0d96eaa3a482dc5884280740

    SHA1

    0cde841a009c37bc070cddae8faad21ea7f08971

    SHA256

    4506879a679d8f6915b14554d2fe0f32cebb03a0ffd7658aa8cab9f88be61c99

    SHA512

    209bfac89d1ff639bbe78babfee0135b79b16ebbf6c0841fb246ca8ab21cfceecf648e6beaa59aa4992f19d535c7211ebfbfcf05445de1b98dfdffd742c09a13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a86d51fafd635f94e56bfb4183660ea

    SHA1

    92f0274cef7c75cf64b9a43e373bbaef73e86433

    SHA256

    1796e1fa8de512b889ff2addb0a4101732847703d92eb9efb9bfa698ee49148b

    SHA512

    66ceaaa5580fa8233113c144ac327542792220ef330b514d5a4b5a908cc1415eac5a217427358d37e24130d17fad3c4da569b86ba33ddf9d927bef32e93d4a07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1439ff6f4696b04b4d0e60d354bc1980

    SHA1

    eedd6012fdfb18d311f6af69124687269c9f6d30

    SHA256

    ddbc7cdb3245a8eab708891e76c5ec1eae67dc137a7908e082aa51b9454aa0bc

    SHA512

    5ec818b5179298804461b6f9d1030c3893b19789480b92f63be8fcf5a1e5df3e33826277fcc9ab4bed91a18c308ca6991d9b9a8205d078132b4757b21ce894d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a04a0c9c32538bd2c553c475954cf0e

    SHA1

    5257f54f4bb0f566f02affe02e7b704de90fb8e6

    SHA256

    6bdd18c38b849fbb9abd035208229e331c6069e8c36237ab75e5f5817eb5872f

    SHA512

    b0504df6cea96f959bb027992c5a7e0fe3f12fb8b4e31cd281318b7d9f1ca34b5986fdd524c415f05d6258476db03237430d2ff89c69c951360ee772d0fdd66d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e174596788dc76c11801e4a063433481

    SHA1

    485a0458fc9707a7de0accaf2cface0e21061a94

    SHA256

    0b16abb11e9bbf63af5f65b4a4c42afb5531ef0241f621f80e6b1c8f71bed62a

    SHA512

    130f905b4728284d62dd57f85eba963e7e84b338ca80a1fd2c5818832f10bb14fa197efeacb8e592cd3b471f8a803868b2cb4b458b90ea8933f94fd6e62b3a04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8af5a15a3af56279ba39c17669b93960

    SHA1

    6e1f1f7c190a21281e1c671758871117c383c085

    SHA256

    7f89302dfaaf23b19ea3b23ef09f1560428e31435fdd774d02b267ceb1b8a935

    SHA512

    69ef448a0bc321e954ed1679bcacbd986a199fd8a6a2cf7dd5200e28b1c58550882447530069211af1c516a1caf897a0c3c2426a6b40957db0aa8aae2a7d9220

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8590e76077b4c99213bdb5ed7c9bb00

    SHA1

    9d37f795091de864c790955c6a9275afd68159fc

    SHA256

    2b995c8be65ecf5684b89fab74baf71d7a20ab9c041196dafd8dfe237fa241f6

    SHA512

    c46bc3d8674ed3d43fe2611ace2fad366205a81b106e89ed384c4981dc6edac20c74db93c040b50d53c1210cb27805e98fe180a7b8b90bbcc048946994a58c5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49cf98c44b1d1eb882f844ddfe7fc557

    SHA1

    f90f30f71a5a03e3421f1d3093b4306ef7636f84

    SHA256

    76a12474068a26f7c636d5b7ccb6172fea2adb6764154f338c45892e337dc6c7

    SHA512

    a58c75b8c3501e7ef267e484dac02cbd0091c1c0a4f8e70b8f5eccef382f774c7eeb45b139e201be4cfebc692e7d7706f11d578125360ea580b478194df74975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1c3889b7245f30e2fb171134cafc9b5

    SHA1

    541b63851b97f9cefa2086fea6c5d74925856f1f

    SHA256

    22bbd6b130d137fdb542f1bd47cdccc37377b7c98fe34d7f0539df1a9c2440d7

    SHA512

    ce834a111cec92a1e1406aa8b234516e54b8709f286f517c19e27e7376033367f48d3bf4e9e0d41442fb5978a2a707d783f2107fe7d2ac852aee7bd3118fd58b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6418bfbf10f7cc5830782ca8abfad84

    SHA1

    095dc88573dfb0aac8d2cf2c59638e3f5b950316

    SHA256

    da2d89262e13295ad08eea583b1cf16bbe786a9a05c655b5d4dfa616ca8ed862

    SHA512

    938de5140a342498e51844b3ccc39dc88975b2a75090486dcf9bef667a8bd28f437b1d20cd47898f9c9a611352aac908824d229b216431b3055ca589c77c08a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    977cf3e9e3f908fe6f0bd85947631653

    SHA1

    316b98c11ef13b52c22973821b39e70b602d8377

    SHA256

    43bb646b138bd61690fa60783cadb7b624ffca16b02cbf9bfde33c084caa6756

    SHA512

    ed0baa6fd8a46b0ebc6af68fba834c91169fe6e7e0c9dd38e6e6444ad328e37b2b529b5c3a082f5379180db175d90560c219b8203a959402d0e8d8665f84039b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    003928fd2867d107173948744fa24d4f

    SHA1

    79795f70b4d6381bda39fdeaf8f9ac7e3e721ba1

    SHA256

    cf5ae3c6ddf2fa96f061a353dd60e278ca1ad132bc53d6274ec18993f49bfab8

    SHA512

    8c57ad6cf671f681e37a2093a6e0a475032ea489617cbe7a020eba80c8bc65d9226bbfbd9addd2370c20fd545c8bb6904e9d7314fb29fe6383930ebffb74fd13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f8a74e6b0a36430fd48c5ce4c9aaa25

    SHA1

    b79ca30490bcaf134700076468ccc9f36faeb0d1

    SHA256

    15adbce7346533ad47147119c4275f01bf5cd226cb7a4eb8cc7a6faa73e6c531

    SHA512

    eaf7d1773f418aa390f78c9875eaa4f2ba1db41138ee48cda1ceb1c285fa21739b5f4b2e81fed974b7e1f87c4fdb77777e7fe35e31c5227f839c0ac0c3fc1413

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e1234d65511b6b27409c7ac1aecd738

    SHA1

    e3146a885413edd40ede1a8493dea6704cf4f529

    SHA256

    95ff830b91e0beb8ad0d0afc080c89bcb29e168d5946940a5728eb4326ba7319

    SHA512

    cff3a24486874417aaec9eb8334a184374c25de102e7f4ec35be2f8373fde5dde65a039842b656ff9713d0c4e4d0c413f07ac7a7f49b76b8ad5f68404d598399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dce24b28f1140618d8b212a353721070

    SHA1

    c62191d922b673cea071cb7f30800676cc8f8dbd

    SHA256

    4d492d32fe577ed5a5a225b4b976318889c300a834d119c6a67d83095ec4d072

    SHA512

    9bd3b355b2f0c73a6e02d8eba86e3696a30fa48691626f60dd16499ae54e54c0b5985ccdd8fae6cfce0fa5c8cec5c190b7665e82beed02685309052f9a0c8be1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB7FA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB8AB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit