Overview

overview

7

Static

static

3

9e6ce2f2bb...18.exe

windows7-x64

7

9e6ce2f2bb...18.exe

windows10-2004-x64

7

$APPDATA/s...on.dll

windows7-x64

3

$APPDATA/s...on.dll

windows10-2004-x64

3

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...x.html

windows7-x64

3

$APPDATA/s...x.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

1

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16-08-2024 12:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/seemao/config/map/www.99read.com.html

  • Size

    2B

  • MD5

    54cafa3a6d69c189cf2df3978fbdd435

  • SHA1

    ab34955f0a30619fc4faa49013902031d85ddc46

  • SHA256

    e12a7e051731cf1dbeefa2142a8e1abb1eb5898e2cbe4aa522120829a5588dc7

  • SHA512

    43e539801d00eb39811341d67327e0e8b7d97677e08c8cd14d501c1276592a80dcc0983306f292c702a7553d34bad9fa768cf9d046059c3a4b2a1a0a892f9410

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$APPDATA\seemao\config\map\www.99read.com.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:292 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2892

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68422427a8dcb9b2cb319429229f9d3b

    SHA1

    b22ccbcb7078a6810fc33aa3daf73c4abc74a41a

    SHA256

    8b459f347c169d8468807241ee7d3e836348a24158f83527362a68fc13258881

    SHA512

    625eb296ecea36888594ddf39e54fbfa52e78049f9de4878b45d063a2604c1b14e1533450ee3c31638219884fe335f14cd86608e3e2e2f05cc4f536d643dc97d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da164006831af6e684b409634653bfb5

    SHA1

    d7ef0818648689b8c2a2695381d9729101a99f41

    SHA256

    ab7657c34b1d81b1b1186095a20952e6770e1777b2e274ee05eadd2510c0783e

    SHA512

    8319df0106364920c0d5da8ddb776dcf06eb7e0107060c1ac740d75d06a493fc5a7cbc0eacd408d5dbb922f27a3f345037d8a5c040afd5e423b7ce806f112e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcbe6f286daf4d2f5d22e5c258140bda

    SHA1

    797621514e7a059f6b93593998dc422f5cd42850

    SHA256

    d253e6e80a7fd2e93ae42c519c02be59ca4f71c73f2dd7fb9c86e06f4164c4cf

    SHA512

    b90661c6a83b8ba1e101be7037801d4e74f4f6603c2ff179d76da8028321b66be6e9f920d35cf0b4c998fe8067222449d996ac131313c09d5f792cd134503773

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc99049cf2e62e39ff86050118258462

    SHA1

    46bde71a5bd8949d0ceae6d480cfbfbf3ff9cf7e

    SHA256

    377bd9666beae62568b3c73ba683221c930d262549b68fe69b0ed14ff0fedf3e

    SHA512

    f69c8cf9e8d9105a67c58ded41d0f9a132301ec62c2e063f474f3c547efac4282bbe8f989b48232380c1d55ccbad66c065736be9dade9d92fc5060865971d764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3eb3177b4d719a28950a59a3904ae6dd

    SHA1

    3b00f462d3c6f86779ba0987520faf9d9b09673f

    SHA256

    7a3dab18127328b6a6e8dbc4b3a749b8fc3de80d66c7aac73b703432c8df38d1

    SHA512

    f63f5b60971b90f982b0ec0029176dcb0a2d7731d6be8cfcb65b1f7ac9ef75945c04de7505b0fa3c9c7940e2b109e84d4b00379fb0944dcd1fa64419d4f8b081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f33351edfe774a5e3c73d429f07dc230

    SHA1

    edaf0c5c7dfc136d9237c7e2a47aa2c05c95799d

    SHA256

    ba56af20d24922fedbc9a5582ebb8a6de373288477197b0ec64da060c79b236e

    SHA512

    fedb8f146d9cd511551958fb79b4a49c308d467c5deb15f6f26a834955f209ba1219ec09576719305b10282f50124b0898dc3826094aaac4b2118903f54306cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79a65979f25e480b1f84ff41a1066794

    SHA1

    e1ebbd4a0912dfbf05b1bebd96fbe2d8e6d011b6

    SHA256

    d1e2cd42e7e444b55148e1a2d8692c70fcd9f1ab2e8cf203bf1f0315b380832b

    SHA512

    c59881f3a83975212def517437936832d3ec798a184937e2ccd11491041b3d8f77f9385bdd87ca00e73b49f7a75ba142cd53b1153698ad2270e57deea85812b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc1a2a72c0b0f6b632cc958e9e07dd1c

    SHA1

    e44eb5766d7413c471eb465317eb570177f752c2

    SHA256

    206727a2a7b1559cceb79b555b0eb41008d2f40211a327641de492b1b644c84b

    SHA512

    d3d63e811defb4bf8a220d3af2f64471810f50e4b77970b913a4cb185473de6b4336a0b314972a5a459e1b7ba029aa452cd2a925e8764dcef41240644defc7cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3faf2ad1357a377ddf4b17ab0daed1aa

    SHA1

    c5870dfb1b6c200fe741c9acbba9cce011a7e8f0

    SHA256

    7529842d3c9b19121450664af3652f213c4aa9efba13b6952d9f34828b339a58

    SHA512

    549429932fe2d64027f4e7cdd42e2b0147d245dacc9abe686a1defa4271acd5fd7c416a545d8116c45b7374198e43d8a898fbd856527c394fbeec86de3f5a3e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0884cf9e3cebf2231a113b885f4ad60c

    SHA1

    8773c882de8e0a5bf5cd003c71ea96f4f00fe9ac

    SHA256

    f224fa6ec2ee1f739836f20f9e2973ba63fa46559736d641717580c274c97a28

    SHA512

    a0ce8c1ae0225457f10f28a60fc85eec0bfdb9f177f17a9aa73334987daa450c4ea98c95960ed76b1e20efc5f2a5609560b39c387a56670053216ac0071f8926

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b5004e1c58a4fbefc817b27acb0e120

    SHA1

    1f5b95197dc0d75ef98d42128b7db2a6f08d9a25

    SHA256

    432aee503ea36341f09afac31309d9c080c45fc192ef8c4c89ff6435d9511d06

    SHA512

    257daf42354bd51a421754f747b700176cefeb65a00d186875b1d158572968b9495b92a451ae21025c497a36afe460f9acfe81905126bd842109ce198aeaa126

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28ed0b4e3431dd5dbfda91a4c3799eb6

    SHA1

    51a402f4c38cdc6d0a4e6ed993c9fdebddcb2823

    SHA256

    85965f2fbeb91a404362145e0df1d044ecee8047b34400e90712dec812372ac0

    SHA512

    2c13be7163b7908cc07990794e298b0e373bb6edd99dce63c109fa1bcf9df14e75370aadc9feef39c31a1125b461704e8fb38487f2e89fac3adafa5434111774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a02d6cf70e6b168c61cf8233a5e0fe1

    SHA1

    5164e15979725aabbee000c2141e7280ce2e8c2f

    SHA256

    5d10a526bb96b0a0e29282ce30c56569c365f12d1a4c11eb0474e0b335c4a240

    SHA512

    09329e551a3a3a3a71eab5d79f04f5234d51279d70a106c9c0122231cfaf49190a9d6e43081b56fa4db3a007ec61c55d9df3abf557d7316a3a479aea64e94c2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b1df6887790d980c2bdf2777c6a7927

    SHA1

    b4fcfd699f4a0072d2be523f364930f4f96151b8

    SHA256

    797f56e564851aaf54f39b0b1d79f37aa0c05bd447da17fdde930d2b9b4a73c8

    SHA512

    1a951bf39851c57247984cc10139ac55d20b8248cef76d0d605308b261bf24257fc2d91de11185fba25e757ff69ff7f6652761c11d73b1715fcc33f8a2381fc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c24c02781ea43f29aa667ab6063f64f

    SHA1

    b08428646c2d0e0b6b7c6f4697fe26b7c0f32c12

    SHA256

    82afede2f7916bc8df74076af3ebb464a52004d89b9bcd9135a294e20d3427cd

    SHA512

    fdbbe6cad5e6fa7778a649902a5834ffcb13a64ce7ad05603feaad502d061f2caff93c964fd4122f606d3ffa95c87cecc0f0215e2dbe8d7482a78a550e39b318

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44b51a6d0a8c8165e0074a23ba2b8f4c

    SHA1

    04b230db269cb0e72b8841b98fe1198568911185

    SHA256

    b404dbb8bcefc53eff551fd4ee81f170518b22351984cdbf25229420acf0826d

    SHA512

    3832896b949f220be897fdd96873d6e4fadde0d859bf6da667fbaf26ab9282ded8dda7691f26687c5886743b93045dadf200cd7453f586c9f011422d31cdc80e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c609bed1df0ca5eb2ebd1054985c07a7

    SHA1

    80ab85f523c484edab42659b1cb010da86436b9a

    SHA256

    5dd91f79d8bf985657e96793740d9fdae15aff7d45fda5e2b02bb7510941ead6

    SHA512

    9dc8aaf20e729b55ec739e09fa4884aaa21c0686a6ba7510274692bdc02b42ea84af8fa9217ab2d1425ef6220bd0a72720eb9977d13cfb35a1220cb1f0cc562e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9d8f641f5cb7cb51ccb21a0859eb83e

    SHA1

    f8be5684360accaf4f971cb6d3ccb67cda13e5fe

    SHA256

    9e955ea3a0b163f4c65c3bdeee67dfc2004460557588c9ca4f2c77cd40a13611

    SHA512

    6ac2f082e2167bf3f1a9d6242ed22f248185ccaa5e7e04d5614e4f3744446e100901b181e75c1b76fedcdd39e75a237602938796033fd6d24b382bc31f270e9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e975e6175767a9803f46272c862316e

    SHA1

    7afa31d0a895d653b0e04466aae26523b441e954

    SHA256

    c40b07160eb667057662868ee20b065c62c364d3163d692077cad0abb82ff864

    SHA512

    3cb33a1b8c1281b6c070b495a4ef4792e4bb0dedd462196d9de24f64085384a3f68c901a7f32d5a39c7910c1f13304359349c0d863c81e312f2b5004682b9cd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD108.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD178.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit