Overview

overview

3

Static

static

3

CCProxy.exe

windows7-x64

3

CCProxy.exe

windows10-2004-x64

3

Language/C...GB.chm

windows7-x64

1

Language/C...GB.chm

windows10-2004-x64

1

Language/English.chm

windows7-x64

1

Language/English.chm

windows10-2004-x64

1

web/cn_accadd.htm

windows7-x64

3

web/cn_accadd.htm

windows10-2004-x64

3

web/cn_accheader.htm

windows7-x64

3

web/cn_accheader.htm

windows10-2004-x64

3

web/cn_acc...in.htm

windows7-x64

3

web/cn_acc...in.htm

windows10-2004-x64

3

web/cn_acc...er.htm

windows7-x64

3

web/cn_acc...er.htm

windows10-2004-x64

3

web/cn_index.html

windows7-x64

3

web/cn_index.html

windows10-2004-x64

3

web/cn_list.htm

windows7-x64

3

web/cn_list.htm

windows10-2004-x64

3

web/cn_log.htm

windows7-x64

3

web/cn_log.htm

windows10-2004-x64

3

web/en_accadd.htm

windows7-x64

3

web/en_accadd.htm

windows10-2004-x64

3

web/en_accheader.htm

windows7-x64

3

web/en_accheader.htm

windows10-2004-x64

3

web/en_acc...in.htm

windows7-x64

3

web/en_acc...in.htm

windows10-2004-x64

3

web/en_acc...er.htm

windows7-x64

3

web/en_acc...er.htm

windows10-2004-x64

3

web/en_index.html

windows7-x64

3

web/en_index.html

windows10-2004-x64

3

web/en_list.htm

windows7-x64

3

web/en_list.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    69s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26-07-2024 18:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    web/en_acclistadmin.htm

  • Size

    2KB

  • MD5

    007b6c52af15101477126f3f93084b74

  • SHA1

    03506ff74058f2b39149118636eadc445ae06ef4

  • SHA256

    169adb6065e1acc7c32d8fd72f29d532ec9a691a5c71187d1c6352e34fe89953

  • SHA512

    fc9fae64a66842817e06e8702188b5ad1449d7a82d265898a27f92af78ca27f20369afbff9558b8dced7352a402fa4b8becd64a83eb7e0521a765efc372fc010

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\web\en_acclistadmin.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:296
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:296 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66be8f09ba79845e5d2c81583337dfad

    SHA1

    2afcf855db1864aff8d215aaea1575332d9ccb46

    SHA256

    046625d28afa1c3a2fdd95cfbf7ac5e799684d893491977de18ccdb9b221774f

    SHA512

    9a04d01e0cd32e09e160b99623449ac251498a8ae37ca9a236f642fc6b2cc923aa64190537313b534fc1f60f1f92780f5581c38e05203779710a4b53d4dd81c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b0808f64dfe4e07d2e92a916704300e

    SHA1

    78724b1472cd7ccc5c3ea58f633e5bbe41cca196

    SHA256

    d745080d299364f665ccdcd884bb7ed1378f2975516b090110ba0bd7d89c00b5

    SHA512

    ce51205e182b68e3387c2735c5f29f1df0bfc0268a08e7b175a16996364f000d70be01e5613fb66f742853d42fc81bc6023815fc0a7dee1f1ce80abe0fc8d49b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abfc8fad7b827fdefe1f8cdf085da595

    SHA1

    4f6cc7b2c161fc54c7ffe467eec0a008bbb7e8f7

    SHA256

    95588e95e5027d716db6c5ca4e10797e2945493706759d3e5bfe31f7ff7eb971

    SHA512

    54221655b02a127dacd0189a18df8861c16c17641294f16e5fb9d98d2a06c941dd937e2062b2d721469e8ac230c0de7ee47d62440c30ed9861e68c8b403af60f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbaf3aa63d8bbacc4305eaf5ff1cae03

    SHA1

    a49852b699bcb5ee1bb923afe5aefe7d8d0529a2

    SHA256

    ebbb60d337438a46c87e5faf23cc2d4d9979bdc8ec30d889504e5a9952687da0

    SHA512

    2e3c98ec6f18988cd13ef42998a2312cd22b64267b2ee2cfdffdd24ac7803ce75de3b66e1445551b66945b0168513a2a2357d3e189d6e27f3296ea80be06b2c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    669ec2bbf4308a430324c2b81aacb6e4

    SHA1

    ce04369d45dba6d8930d34a4594050ab73bb4621

    SHA256

    44be1500c142c1754cea0d86fa92c279d56985597c51edd79c6a16941e90f377

    SHA512

    354b833cc88e817c8ae495bf984d260dffa8054b5c9d0d69d36e22d9673b8607f8242d259e89423ce91ca8fdef651fa3de2e5088a5a7898b295878d6aa53fa1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    355495827141ec5333e193d8d2d269e1

    SHA1

    b2cf9051b15e4e29538c2c82f8cebfafc7cf21b8

    SHA256

    e38e55db95d29d597e65f9f4f1265b51acb7bc868c429d485f137ddca1d77047

    SHA512

    c061cb9587e97ea938187ba86b05dd0254f9e25dc19b916268b57c7f075f0fd852a10a02f040db68cb7b90c879459ff11d4d88eb2857ec50e5e7b1ba3402aa53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6a7f23cde099236e8cb36faae00d9b8

    SHA1

    b1f947e510553a3cd4aa64844cf75d1728fadfcc

    SHA256

    8ce610d39ed70b8b775dc0fdc0ec9aacac36f66adb39c4e36434851a01855319

    SHA512

    f8d2d58746d19e4f05be3ac22f7bb10635d7a3705974424453850ede5a145723d69e9c661da8bdf83174f3b2389902c7cb1d9c30d5a1f14cc3ffa5c21139c55f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aced438983b9e1c4b0f9427ab537e36c

    SHA1

    fb084659574e292d6441e730a0fc8aeb2cb4a2db

    SHA256

    c711e0575edbbcd2a3d0bb2d5215ef3beeffae38484bc9dd4439eb5042460b41

    SHA512

    73eb903bbc0d51dc034986fbbe274be0f69d751d6b996a15f833d0364f737afa4f327d8a7ba9a6ceaf9bab1a7119eb386d28211be472180acb1487d758dfe909

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3494650025a445ca7d25e6a0891e73e8

    SHA1

    a3f4f2650bccf87f647a2fd57b74d2a0b85840ee

    SHA256

    2e99576422197460a3f25711d52c6710ec1f30fff24f728061ea7ea1d89f7388

    SHA512

    1f7b4b702a3ac12a2a3687df347e1b905bf1bfc0367c5ca4346c33cbde08dfd36012c7d0136f0af919a994ae493d8ddb17efe922309939e2ec47e1d4ffd26faa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9d35eeb3c58ed2f99141d976f2f3b39

    SHA1

    824bb7d8320b077f2cfeae1195c35579c7e3bd90

    SHA256

    c1e89b535b2e7b8030d18c681b8ecbe3cdbebb8d6ec008acc5ec8e35564b3479

    SHA512

    b40bb6b82d93034e317cd3bb376cad8a2587556bb128331ed9362ff4ab85661a12489e93d7077d0fcc482484b65069cbe691f33186aa0022163790bd96034431

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5EF4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5FC3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit