Overview

overview

3

Static

static

3

CCProxy.exe

windows7-x64

3

CCProxy.exe

windows10-2004-x64

3

Language/C...GB.chm

windows7-x64

1

Language/C...GB.chm

windows10-2004-x64

1

Language/English.chm

windows7-x64

1

Language/English.chm

windows10-2004-x64

1

web/cn_accadd.htm

windows7-x64

3

web/cn_accadd.htm

windows10-2004-x64

3

web/cn_accheader.htm

windows7-x64

3

web/cn_accheader.htm

windows10-2004-x64

3

web/cn_acc...in.htm

windows7-x64

3

web/cn_acc...in.htm

windows10-2004-x64

3

web/cn_acc...er.htm

windows7-x64

3

web/cn_acc...er.htm

windows10-2004-x64

3

web/cn_index.html

windows7-x64

3

web/cn_index.html

windows10-2004-x64

3

web/cn_list.htm

windows7-x64

3

web/cn_list.htm

windows10-2004-x64

3

web/cn_log.htm

windows7-x64

3

web/cn_log.htm

windows10-2004-x64

3

web/en_accadd.htm

windows7-x64

3

web/en_accadd.htm

windows10-2004-x64

3

web/en_accheader.htm

windows7-x64

3

web/en_accheader.htm

windows10-2004-x64

3

web/en_acc...in.htm

windows7-x64

3

web/en_acc...in.htm

windows10-2004-x64

3

web/en_acc...er.htm

windows7-x64

3

web/en_acc...er.htm

windows10-2004-x64

3

web/en_index.html

windows7-x64

3

web/en_index.html

windows10-2004-x64

3

web/en_list.htm

windows7-x64

3

web/en_list.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 18:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    web/cn_acclistuser.htm

  • Size

    2KB

  • MD5

    398b77be23b197453986e95e9f082bf9

  • SHA1

    561d306366718bc573c7200ced78e80e1741cec2

  • SHA256

    9d16d3c5636d7427c3919675ae7d3e1529f6a3e630986d41e6600495d8f19d10

  • SHA512

    cfd991472fd5b961beb4eb3b19d550d54da0085cc26cdab9ab660955f62899b0552917bbafb534503ff86e02d5f104d24462abb0002c1ce0228ac2d69001a432

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\web\cn_acclistuser.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c8460b50f57bed055f505b2f6c02ad8

    SHA1

    6795cf90732cb15ce42d23dd0488c3554f50af39

    SHA256

    c24fc1d74639f16f49905a75c3083ba232be2548e64477b48013f25dabe09ffc

    SHA512

    0a6df72ce0a41b03f000f865bc7b8b3c6242cf27c84a45a915feb3d5bc401c0ead3eec6213b7927278dcb7b962fa17ac9997ed93edc64052eb741005254ce899

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87dc4bfc87e62c2739efd9e01dc51d25

    SHA1

    c80d262200b3cef03af582c218a0f2aab97a0ff2

    SHA256

    8a97351db0d3defaf5ab99785d61ff506139d22b455c36634bcd1209915f2589

    SHA512

    56bef015c22c567c6fb743e98c84af5b0bd0f4ec35465768630cabdfaedb2b149ce715dd432e7efc1c04fa66fecc5ae6a69f24bbd4813ea71804c4ebc3f8d947

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    839f909c9a7edfe5d52bf7322e8708dc

    SHA1

    dc8b7a72046769dfb7ec1b789e7a619b8628d10c

    SHA256

    e6010c07ca21c5faaa3b8be8907ce4c29268d9b756be02d2c3802b95a2e22c1f

    SHA512

    2cb6ba86c429ae6e308bcf5f11a08521c86094e784ba77cc3be2f5d4b2b6d19fda63a3a7b995a6ca2a6b5a1d97f831154ab695b668ac1d93a97f04b553d2fc82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    392626c63630fd27fee0ddc525e6a944

    SHA1

    1fa276d60be94c88f8ca852d07f1bedf27ca691d

    SHA256

    ce84889d6740d798753e96b66abf7fd0e1b1c2fb148bca6a729c24f3b3593a61

    SHA512

    7f691039487327001168f59fffde341b4feb7714c9a505886cf6810ac5365bfbd0b9ddd4e2d6529b01df486801f2d4a117c1e51dfcb4433e54672c1e6e0c6825

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a725dddef87f5a63bbe002bf003747e

    SHA1

    064530f85d517dbc15e80b40ea119e6d0c31338b

    SHA256

    41fed995692dbdccedf85ab7358131b536bc97e966f69725d8f385ba51144ba6

    SHA512

    da567c83b27ea31b5d011e0e8e6a3bdbad198c1caf810a680812a0f37a04e65dae6c07d389143d2ebc836a6c3699367b953affe4e46e82ef03160bec2baaf65a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db6d771f5b906719ace3b8985905bf6

    SHA1

    7c8a3be260e93cb519688eb3ee489570c900ab8a

    SHA256

    3d08fb8e6f570bb82bd38481f5ffcfc0eb206217eebad51cffe942400f06ac1a

    SHA512

    704250c06ca756aa8b674d5cade31552583e9ebd75c6dadf7e1d47326071d2be9c9612458dbbed8ea03edb22785b913fcc3541d3ad0e5c52344d7276fe4db8e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d26f7e2b129418cd8ce1ae4e26667df

    SHA1

    63954b6be3b7d933569d5bd9c73c767034242f35

    SHA256

    6ef116e51d3b659af12c66136a048713e93b6872768485622c53274872af66a9

    SHA512

    a0b1a3e1ccc27c2cd337cca8a02e0f6d6e0094d5c8a9cb185380fe3219d235c7267cda4405bef39421086fe20631f707c81ce822cec0ce0033915ad1ab039848

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d35170a76cb0446aa76d0da6df4243ad

    SHA1

    cf1919e3a08c92760370eb8ab9ce57a53b9dbcab

    SHA256

    c29ecc4bbbd7f08fd0a8e8b48a33fd5f194e11800ba50d183bee6863bc93873b

    SHA512

    11d07e1a7ed73a72c2b021e9baaa07914b630724ecbd46a624bcce5583c41cab8622aa875094ecb1c8d7709f87e0b8715c4ce2105f58f534d85fdacab716b295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b5ee80da970677bcb33a21173187870

    SHA1

    2d62685ea14bb6737b07e0382b739856c4a30f92

    SHA256

    c8257d306ba1b49efceb68d795ee33eadf38fa747258060f1b958a49e0228ce6

    SHA512

    dba112da1fadfe7c213b3ab8e6269eaa9f9c4b8a08bf31a9db47016171f678aa6b5c3f924741343e7f62ce95d5f82ecb584de45fede529ae93d36993e3bc9853

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c37619a86abd37bb6a2f33878012582b

    SHA1

    551915f57e93751cee35ce7fb78cb43395168c80

    SHA256

    6557f7defa2b0d91d400b19c7f7cca216996aea960aeb85684ce6fb13fcd6164

    SHA512

    3429b82215898f6309a0d79842cf48b00652e346955a54db3b461514d61418d55972c8063502ab6ba7c2e82a793dc38eb3b18e7c0febb6f5aa21f5dc17bffe2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9a86ab2656f2d595fda957909ab81e0

    SHA1

    d80ed08dfa62a7e05fe0dd4a30a430adbcb9c905

    SHA256

    32c3e41b87ae4f5814d65deb1f4dd3f539c66717c2d990984a88ffc42178c8a7

    SHA512

    9a39617f419ba7710fb9c5e888be3d5f24105b3731b4d7fafa3ed420f788a7562da4c1eb6842dd956c6579b2186ad0071f2b6c058a67583629441dc4173d63f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37d4ba06ac77c3cc0cc415fc77892e12

    SHA1

    ae8556fba253a26c27e46a6f555779dd8f7e52f8

    SHA256

    651b3e052243bcfefe99ea448cb0f440750b318e4c12c8ab0d51bb81a8bcffc5

    SHA512

    6996f0af3f72461505c61fe5f77b8207348fe9dc880487cd8bca75429070c496b65344024ff73abb9ea3c28fc2aabe3a9379dd76a27121f503bd8b5b7252287d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a4ffb67aab1b6075b6567da164fa76a

    SHA1

    f50bcce5f9da0fdbc616427d63e43594610999ea

    SHA256

    89b9d9149a0a096ccda7cfa6b11ac941221e6000108dede0b1a6e82a745651e2

    SHA512

    52de86ad205daaf090192e0562685389bd27c19345350ffc501153a38299dc3153479b6a0d30ff52dbd00baf09230ee610699be6eacb6c1eedde12e1f586dfa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4fb1d077331666b7bde9786ca6e4445

    SHA1

    763e7813016a79e2b74a0afa9f6458cd0222ea43

    SHA256

    f53ef97cde3ebc0886f9c3ae47128e3d3f2d1ddec095f426eec4957d835bf8e2

    SHA512

    909c611c74564a5aa2f85ad9c6e11efe09c2eab1a54b07d5a9a945f29d4028f6d648dc3757f37ed0ec00d412a5d91ef9067477319c0e2350abffd019ee72d183

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54d739fd8f10960ced585480b96af1f2

    SHA1

    fc1c60b026ba7549e8f8870c2030e48de329a961

    SHA256

    9d49398af510e5f8cfd753dec1d1502aa36fd74b48190f26810dd56997f956d8

    SHA512

    8fcb4e48a619c939657d5df3a0c194f7d93f267c69419c57b5f38daea7288aee7d9189ac3c996d792b564cc2bf84a9564fcbe7db7b6f17f229cc2344f79782a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3975f819a519cf5b13d4a970fa09faf

    SHA1

    9ec6d6fa6faf20bc59a5ee869f0b43275269bfb1

    SHA256

    f7f0d5b964c38fac66d1d883b9e096bfb9343171d69ae7ce53d7421b11357ef6

    SHA512

    e1b3918705c2fea2eba5cbe932b0dfad0a9b9207d5aae0981f6d58836b97d4bf4b20869160bd1cc1c866611265f9eef37b33893b79fd9a1ed5e208ca3e881030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b8fd5a8340fc5b3fadde617936afa03

    SHA1

    c6116b723815d230150b471f7a717361e32f88f9

    SHA256

    b30bec182a0de50b6a98832486634cef32614054a7759431124fb29f5be7b478

    SHA512

    bbd2c2c7a20ea9baf04ce10f61414c2b6dc39577cb834499553bc1152636eeee53ec5f0988b0fa899e8ba13c5b4994655205cd3bca3e8b8d902ee1b410e14c67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac9091c6ea1557ffc09c40a985ed5f11

    SHA1

    c3c083ab5c93b88d53f8f843296936a7a023b101

    SHA256

    505a6e51c588708f300f3834e469594213b94f33d882c3826952231c0e0465cc

    SHA512

    663ffe789486750883a2ecbef07c68bcdb5ff61f26825300723dfb1a3d65ba64b24fe6ab1209fd06197672fb8eb5c5bb6c289242cfa61af1f6e3ecd2e01cb099

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e47b7d1f2d4058c4b5c3d633fe5d0da2

    SHA1

    50c0bbd01b8c85adf906a80a0e7dac9f35715f71

    SHA256

    3c14ec92018a1c9ca52e55f75dcf56bef3609f804d11059e390fb8eff4691ba0

    SHA512

    0b382c0f4a2d674aa55f77d16a6fbbe8a8d226ec9ad88e423c7a360a6878e4059c6c29b8be7302d58384c05285f342d6b2ad5b1293b6632b9620fbb6f708135e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42FC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43AB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit