Overview

overview

3

Static

static

1

易百万�...ion.js

windows7-x64

3

易百万�...ion.js

windows10-2004-x64

3

易百万�...n1.vbs

windows7-x64

1

易百万�...n1.vbs

windows10-2004-x64

1

易百万�...dRe.js

windows7-x64

3

易百万�...dRe.js

windows10-2004-x64

3

易百万�...ain.js

windows7-x64

3

易百万�...ain.js

windows10-2004-x64

3

易百万�...qq0.js

windows7-x64

3

易百万�...qq0.js

windows10-2004-x64

3

易百万�...qq1.js

windows7-x64

3

易百万�...qq1.js

windows10-2004-x64

3

易百万�...le.asp

windows7-x64

3

易百万�...le.asp

windows10-2004-x64

3

易百万�...AQ.vbs

windows7-x64

1

易百万�...AQ.vbs

windows10-2004-x64

1

易百万�...ct.asp

windows7-x64

3

易百万�...ct.asp

windows10-2004-x64

3

易百万�...st.asp

windows7-x64

3

易百万�...st.asp

windows10-2004-x64

3

易百万�...ll.vbs

windows7-x64

1

易百万�...ll.vbs

windows10-2004-x64

1

易百万�...rt.asp

windows7-x64

3

易百万�...rt.asp

windows10-2004-x64

3

易百万�...ct.asp

windows7-x64

3

易百万�...ct.asp

windows10-2004-x64

3

易百万�...g.html

windows7-x64

3

易百万�...g.html

windows10-2004-x64

3

易百万�...st.asp

windows7-x64

3

易百万�...st.asp

windows10-2004-x64

3

易百万�...il.asp

windows7-x64

3

易百万�...il.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2024, 03:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    易百万网上商城 v1.2/ProductImg.html

  • Size

    257B

  • MD5

    cd99552213a4e9305f46e3bd3d633209

  • SHA1

    e75ca2a5cba9767e0330919f02d12dddd9961a62

  • SHA256

    8d6aea66c51eb439b4783f74113c55f463580cae34ad1a883907161bdf270586

  • SHA512

    9b15f6cfb2db5210a2790dd6dc6d36de6b9b1d1eb29adc8a99b9782350c56b97debaf93eb0510333e7f72163dbdb208b8dcb5ef77139cff0a8b2f9c1087de7ab

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\易百万网上商城 v1.2\ProductImg.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f62fd3052796539998e0e7eeb3ba6719

    SHA1

    b05a9b9e24222f8a047ce248f9dd450d57f183a6

    SHA256

    6449211693099eb03c1e9a4dc01efd58bdab412cf7757bb1b845e9c7d892994c

    SHA512

    f592d90e25389409fa7e5811d5601a41173863feb3c5ada96aaf6f75e55b0084665a87d616e43c892ef5a475e23fa102723626972ac019eb78f358e39d0d4c46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b9f11a9b28a97346ad99216a66d013e

    SHA1

    3b4ca4fe6a6947da0e48c9a5a7331df63bae5935

    SHA256

    356ceeba7fa79ee2d7b5daa16fd663db7638d5840b1d7cc2835eb9a918ab1729

    SHA512

    5a2001414ecac2c3f4218de5fcdb49289df2c70d9dd26b6b0d0a9dee5b3dc49d1a829ca4b0ebacef6252f86bcd812e2dc9e4e674e149c91dbbde4d5108b784bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cd450ca12d532493cd1331af925b7ab

    SHA1

    6179b94bd05a519af57c4883e87c181d2e4360a0

    SHA256

    cbe885dfe6a0e832ece14c74e0b0b353ed96952bcb8e12b37c993c48cd808987

    SHA512

    35bf883ef602de72bdb7e8f888bdae1b1f63f6c73b0df19c274b055124e4ad4a7b5bd0ce81c7e332eb6f926fe281d3439817188600682c2f1996b11e3aeadf64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16f02f3eb8c6c9a9369b2942e4774419

    SHA1

    747da2105f0cb473216b9ad71ee49b9500cd2c43

    SHA256

    59182fd4df60ee7a0b230dcfadaf870a9ee5154a08af1be2f550d4745769db4d

    SHA512

    a56f74b22826c46497e3683c424d2e688504e8bfe6f4fa76a690fc4af8daf90182544d1a6d59a845408f4496675776b7c035901ec25ba546dcaf3a3c707c2a55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4480ba7d9cb832ca2a0306e5263816d0

    SHA1

    d9073248723cff78f259e88b278e078106958c6f

    SHA256

    5b474840939a97e49699025370838da41d896162bc93c740876aa54e484a757d

    SHA512

    ad0aaea9633c26d1a467e57512a77fc0f002420e2a503f80f1ebdcc20b45cc9927770f6c5b491d7dcbae1886d60fc2393bc86b66581bb365aeb100bb94adaa7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5444cc1dc636cc5dbd29dc556a03d16f

    SHA1

    1a87cf30ce02a586216e0353d47bcc4ff2cdaff0

    SHA256

    cae6bee012b718cccca310b699e245d9c7dceff6c4ece22efe0b7417ac3bcfa9

    SHA512

    bc2b0cf615a3311b5b2512161d21368e25ab467a611d2f0afa404f7797d9e30718bdecdd321cce571104d62fe569fb7d154ddd0c540d4e916cd8e5f4749cd315

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e286932081acaf0f7dc0e58b1409e30

    SHA1

    ac73b77c7055f7e58b5da9fb080d656e2b9414f5

    SHA256

    9adf1736ca3c81ff6d402dc99c34e07b1f93ff950cfa7548c03105ef1ac015a8

    SHA512

    1298163f1d22a8902ba3d9913a69ae33bfd62e6b8112bb29b8157f92d668580c99e5857b381da11e1ce4392901a1238d7e5c55161e80111bd5ac9e7444bcb975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4362de599f848f7bc6081da24dd67ea8

    SHA1

    09a880301cb0be0e69df12532c665d72d831dbd5

    SHA256

    dfd6ff4ee30a07a6cb5719c6cf71a836af3d876b1add5773f121f002835c9a55

    SHA512

    9d5472583a0d432d0fdef4c014f73aebd13847299871f9a6d85abac0cc3011600bb91a5209776911d3fd4ca0cee005231ec27c6dff96e5b3dd6b1e9f947a88d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    053f6b26afd95ca63741c73d6ccfc852

    SHA1

    4ef18e786dc1eec18febad3866d53b70a651066b

    SHA256

    3aec7b6b0c274a81f404507ef45fe7da58b67bfe717324ec9c9da0ce7578a38b

    SHA512

    117e854880c354a78c099d29a8e038d0c6393be31af530ea26537f53cd66e81d448cee32805f2d7601360f8c227f3229e326f2bae764641193af08eb2cece708

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66c35b1a3617c80441f08d2ab9a8ca23

    SHA1

    b9bfc029e341040fcd2c8654564304efdfd587ff

    SHA256

    9d1ad4d1e4808e3a6e8c2b8c248e3fc6194e43efc1b280ba21ac92dbc8374ce5

    SHA512

    0ff1d49fe84d5c14e78df9404dfbbfdc6e25b94fe38f17d1bdecb651f38f1870d7de986b9ff820e3f782772ae37b477a2db536985bb9b2ff31346f533cf1d84f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec7fc1589c030d8031400b0fa1dd2de8

    SHA1

    e3aaf64966560ccc194c3f8a47c200c6d3a41fca

    SHA256

    52ffe567f4225be8bfec34ebd4b3a387b8dc4996e5f8ca8de5f9496312032d8d

    SHA512

    33863fe257222f087f2d5dd843c78dd6be1d01b9c84603a0df0af24a461d271acba4fbd0e87037cefa2b844104f4e24bf0a559029fa073e3e9d55d0222ee2ea4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a54bb9e63d2e18ba9641c59dfa38d03b

    SHA1

    a6a83b0494c0616c314022dcfbf39287d945f019

    SHA256

    3fe88ba9cde450a611209fc1b483ac47722f77c706638beb6068781bda14aa43

    SHA512

    875f51f8b9a9e7337a55812468fb7f87c4b132041ade60028862880ea896ecef5fad7402e24a53827294e019afbe716e35f780c5de55aa1587eb8ac7b99cc8b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43bb3ba264a97b2901fdee5914cce90d

    SHA1

    9f30a400835eba558d90f803ed3c9581942fb1fb

    SHA256

    edbd64621873eb146f3592672d533177704cada2bfed728ad0e44c3e0cbdda76

    SHA512

    887c5caeca960ba08c142422915715e0bf4303cb7de410b7060551a2f217a89ab18d7edc7b3b958a668cded9b254f7db7f71b96e366a4256438370a8cbc2d546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95d0eeda78f79f2d17388eea2bdf1677

    SHA1

    b2c742ac2b45c913d0655607d486d0c734dbf930

    SHA256

    2943104e782e797c160d46188322ceab1600331a478ef227320b47d4307541ad

    SHA512

    d34a16c2b165eccb169618c43f8bf920cba0c92f65193b7a3d23d8130ad7301ef6bde596d0871765e85fa88ebc06242aec47346c229d2ee918eca962908f22ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b6a4feda888a4eed11e162cf268f08f

    SHA1

    d8c054ac58163ad99a6309fb536f21da8a764af4

    SHA256

    fb41926179258dfb58c8e933bee5f9617cfaeae0ed3cbd7ff0a9f9029a90381a

    SHA512

    605f895e72f4506a3e67258ce6b0b391aa16071e4fc9c9551904e0449f77a60ee182b6dca07729db56c1a951afe117aacfb030edb764b73101e911533ccd4b17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c7d67f7ac8b34dc56e28a2b3138c55f

    SHA1

    ed392fe5255b2faec4ceed50f53ed309a04b1e75

    SHA256

    9255922d7919e1d3717116e6a9656064779def99c8146b9baac92f993c9cd529

    SHA512

    5a6c68fc5c729cf9c136d3d10dbb1719d1a57488e9d2363056658f8e57a3d0e741836e59bf4892ddd57978ca10e5067cface8c624ece839fe8cc0d43f553503e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91b3117c9ac18b17355cef0945415535

    SHA1

    737f22d44ca31c53f30a37de0a6604cb8eae8176

    SHA256

    66b06f949d5cb5826864d08000be780880e44ea7072e5a28bea263bd23e6e83f

    SHA512

    9566ca87d8f97f4707f2749ad28f5d38a89ecb76a6d1afa86d59926a52f572d27057812028a6885180d6634088f6f84ad5580762ab7dff3796e647637bd74aba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38edfacbfcd9bbe19c77009cfea392ff

    SHA1

    f9a735ec894ed5b5f0ffc522851606b603b7c3ec

    SHA256

    ea29f6fa2ec3cf86548398f1078f55dee2a50093e00a8d9a44065aafc830dcd3

    SHA512

    cce77a6aafcd12b8cb595ee5b418b273603d230cb99bb7d9932b4e6e7f0becc8e62cd2f7b0df3171e129d0e122845a4dff1914fd90f3587107a1de3803584e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF1EF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF29F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit