Overview

overview

3

Static

static

3

cvery.comv...ou.url

windows7-x64

1

cvery.comv...ou.url

windows10-2004-x64

1

cvery.comv...lk.exe

windows7-x64

3

cvery.comv...lk.exe

windows10-2004-x64

3

cvery.comv...ht.htm

windows7-x64

3

cvery.comv...ht.htm

windows10-2004-x64

3

cvery.comv...er.htm

windows7-x64

3

cvery.comv...er.htm

windows10-2004-x64

3

cvery.comv...aq.htm

windows7-x64

3

cvery.comv...aq.htm

windows10-2004-x64

3

cvery.comv...lp.htm

windows7-x64

3

cvery.comv...lp.htm

windows10-2004-x64

3

cvery.comv...ft.htm

windows7-x64

3

cvery.comv...ft.htm

windows10-2004-x64

3

cvery.comv...un.htm

windows7-x64

3

cvery.comv...un.htm

windows10-2004-x64

3

cvery.comv...ep.htm

windows7-x64

3

cvery.comv...ep.htm

windows10-2004-x64

3

cvery.comv...op.htm

windows7-x64

3

cvery.comv...op.htm

windows10-2004-x64

3

cvery.comv...ie.htm

windows7-x64

3

cvery.comv...ie.htm

windows10-2004-x64

3

cvery.comv...se.htm

windows7-x64

3

cvery.comv...se.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    71s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 19:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cvery.comvc102543525255525/exe/help/tujie.htm

  • Size

    2KB

  • MD5

    625f5b2c7d5e1d6834effa295b50aeb0

  • SHA1

    bb0bf2498e531a5a86e36786083461a9bc02fefc

  • SHA256

    4e5dc6662932a443bb808d657b2e6dadf7520c445c62631339d42dc3a74ad567

  • SHA512

    6f89ae16d06c52ccaaca455d752002edf009e121ddfd7f745811e4f589f94c34814e41eebf241eb60bb9d024e792d6d6df6d409d4eb32fe13d44bc701d04c111

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cvery.comvc102543525255525\exe\help\tujie.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:760 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b666a840df47a3c490221f89f741265

    SHA1

    fa0b9b285736c6ee3087d6f7b920821e91de0453

    SHA256

    8a4c3f10e8e753bd605d983f3846858d604d527bf9cbff00270fef70af7a4ed4

    SHA512

    39a4f35db14f2bf9fe24fd9af3928175088e1387959b5262eddd6007b111030c035f8813e533b1b3ad796d6a49dedd5c5b8e04dfca14650f5613af36bd7f2bdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9105217c312df3dc58945bdc216dcb32

    SHA1

    6b2952c9b429dfdc42af3c4d6b0dc585ebd4bb11

    SHA256

    7cdd280e14754ec513637180478a8472717e2a86189287f1cca60739dbac35ec

    SHA512

    3c09560464a72bf774e19ef4053c44d6bd8c90270761c547710c73d80aaa947147fc0fdceaf1647cbda993ea2db61bc9327cb0c91ad558ef3f4c5041d1b3048c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d462cd371d528534364aeeae45577953

    SHA1

    9036d4ea08f16b1b014e86d59451330671e99286

    SHA256

    100dedac6839588e5098fcb054b86aaced74d9182b6e8048188dd191373a0fde

    SHA512

    86255998e851f144d522c3a1e6f6314b47f04d4eef36dab8d9de41f42bb3e3fa8ecd165683e4909c1dd04530ff9fcbfdb21abaa747e6e9838fe60ab8352bde29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c90d721e1e8ef2029e1113358d016d5

    SHA1

    153ce32cfa02dc5cc38f45f158f7f18c47d2c526

    SHA256

    af124e94abc81b77535bc2ce7f6e6f4a445d0d0d43e7f73a8bd64da0f84329cb

    SHA512

    5244f62ddd4e98e198a76de7979cf8e7e474da24b945173ed2952b08c978c675c5896ed9e64641848db5a7c7e5ff97ac5fa6ced6aab04f4695d4f93deb235619

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2a8cde1e219bf6fe827e77b63a6472d

    SHA1

    272f1189648da057ec78e4e4af9dccfd2bbc0f93

    SHA256

    6a295dedb8886a5f444006fc1281ff1fdb1e680c9ba0c1795000bbffb0dcf695

    SHA512

    0098eff72d827181daa704515e02557b821ca27e57f42e13609095408a53f28927a3fb7a8c3fa9eac38200c6142e76ae2ea47643f217548d2f081c7ed3f88cf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb72c40f1e4e515030843e264c7e5312

    SHA1

    224c185d9d800f74c328a4f4bbc268a695d74a0c

    SHA256

    f0fc6174b3cfc1f487214096a8947bbed54967fb46c2cb957d0353fc077ec88c

    SHA512

    dc5f1f7e105925d5a34456804785287f9f3bbc7cf61b6ea8693701a604361bcf29adeec996a1789ab1779f4fc48ecaaafe3f62208603b76e8ca352526e12f25d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5ab2d90eb1a354a324797fc0233be02

    SHA1

    2cf81e3d436a4547457c73e047bc1d059f3c25bd

    SHA256

    70ee48f4288916b315c6b5c63ec560613afb5c4cf82ceb7c46b731ff77a0e2b7

    SHA512

    78700ee2f85515f7e1f55396dc9be8be76dea10730fdbaa7dc89bb8c4525a4041b53fb284ba93e85d726053d0d846d49dc61dd718c0fdb16d24d7eead2305b8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bcce5efb985e24edd168fd9195694f9

    SHA1

    ba0c87f4a5b97e39ceb532b0e1adbcbd45b88240

    SHA256

    5993a39df6cec2b8f79e30fb5f4ef70ef905f367919f64f2291fde28357c1b63

    SHA512

    db5b475f3bee7c38a67f0b71670cf17bcae306b64e44c82b60b90303ad1cf0ea1aa57581ff8844137897f23c3433c0f40276e36018a71e828f3ae3cafda6a550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d2a10718a8b7925cd48c2e9685b1fda

    SHA1

    82cbd735eaa1a58adbed71813375f76d1d94353f

    SHA256

    cf04b0a0e470688ff5f798b459962dc348ac02ff68f408f76ec21925f8040c60

    SHA512

    80016012b2512b28d7f9e472d8b5bab17afd3bfbe3b7154447030332636e6e7015fd0e3b2cdc9cd2b3d65c84bbb4180606d3dfaa32f18566ddca66367490a14a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25c8511eb95685c144b39d844da166c7

    SHA1

    e52c1c689bbbe52057703d94bd18b9d1e1cc2085

    SHA256

    bdffac026952e25f541df15a824650648ce1987cb7514361891ac83904f8cf49

    SHA512

    9e92ded48d467303a534811d2a4ac240351da44e0e63c20db07b750714fbf6abf4a23bcf8e5540c416917d214dbd57591c3804c9e30f5267bb39567a11d1a3ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa59701a354a1c63b81f437fb67f2aa6

    SHA1

    1e43e7876ae1839b359b3c830b0bebc98d422a5c

    SHA256

    c73ba132b312f432499ac136e5d6ebdbe67f3ac83246191c7fcfa900512aedb6

    SHA512

    4bad79fd20f5b92984974bdbac65cc111462024a3399238cd3d14cb7b073320a9a7eb9a7eb192039299a26e1e8e2ba68fb13e435df71ecfec63d0ac5efe42f05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30756919d13eabb9479b136b175d6198

    SHA1

    786147dfc81b2320baca8a1a5aff774ff052043c

    SHA256

    14a4aeb7b7a42f4c520e5b8fa2cae838b659a168ed633a020986492e2af06501

    SHA512

    3ef42af58d7c3437bb8cc28b13d707a383a25731359e5fa8302066954931a9fc1fa801a2d22b9e0c85b51842e86575f636e005220a308dac34ec517a2aae396b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22d570d0dcbd3c9463b08ce9df31f8ca

    SHA1

    bfbf4b97b0d7d12b820208c2114778adc973acd8

    SHA256

    2c27e4622c4f1b7520b57cdf859cdeee9a81f08017b306c50c9c7efc34c0f365

    SHA512

    232e40ad0c687126a54a99c0d47aea400ffa2a99a79d96685f844d6c53e49fa7093ba209e71ce2efc2f29158e6711d15c21046910c9d57bc19f000f175d09ddc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c64ab708a134e98ab309ffea7d8f776

    SHA1

    e62a5b937076b0b077e3491a97b3b58be29e38d3

    SHA256

    552c52c37a941045059a84b7169632fd59fa6da1744c87fa3361595be0f06cb9

    SHA512

    2f7a534e038cdaad7ea8e072118486f80428df5c3be0a9e6167e3a99a05094287b97cd41cccd08e1c0f95f9e3aba521402378b66877b4cddb2d9d41a2f65c30e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d26220105dd71725dd7af8425dfb72a

    SHA1

    dd768fa53a7812a15e5873ad29c47827614c35e9

    SHA256

    38dd7b4447bb7bd73deb039aac1d07a726e63c7bc3c8576fbfc5d444ec53fb85

    SHA512

    1fae8f20a14fbd9f2a90b5bb6e0f3e8018eba05a2451b3e424d4d99f626e13d7e4c4f0a91919be7c96b16f84e18ff979b74fb259bbb3325c79f3d3b961ed7f9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e2c30f5be0d1e0324fdd13afcd6eb8d

    SHA1

    ce3a24e67a7434837a17afed68f3b4a6cb04f050

    SHA256

    bb48efda0ae428c47bfa3e91384006afddcfca16f7337e5bc1bc469c53f9d566

    SHA512

    9bc81f14e235676722739465a7c475cb67deaea693221e47087ef1b0342bc547c0170a3feef075f689b489e04d20e572c81adb8c97f23b213106749d47ff4b68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83acf7101d17c46f3b3f0dd40781be71

    SHA1

    49a0e6277bff5441c57a359715b9ee3a2c569018

    SHA256

    8dac0fffea642a4aa69e60b69e68a4c6d6fccff09331f118ecd5d14506bdcb46

    SHA512

    74ead56ea7fcb5eea9ed2922e74cb2bbd9598404685306a48dcc3c2f65f264d35e60772ce60ff341404e9c4953cd981a24d38bd6d7238d58fc51a0aef9964d9b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab42AE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar436D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit