Overview

overview

3

Static

static

1

readme/新...��.url

windows7-x64

1

readme/新...��.url

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/ded...it.vbs

windows7-x64

1

upload/ded...it.vbs

windows10-2004-x64

1

upload/ded...dd.ps1

windows7-x64

3

upload/ded...dd.ps1

windows10-2004-x64

3

upload/ded...do.ps1

windows7-x64

3

upload/ded...do.ps1

windows10-2004-x64

3

upload/ded...it.ps1

windows7-x64

3

upload/ded...it.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 02:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/data/mark/index.html

  • Size

    3B

  • MD5

    736007832d2167baaae763fd3a3f3cf1

  • SHA1

    7ee737c83ee689c96ef37d3a029068c390ebc8f8

  • SHA256

    2b64c6d9afd8a34ed0dbf35f7de171a8825a50d9f42f05e98fe2b1addf00ab44

  • SHA512

    6beba489cd62566c108b652b7143cb97e007396a0b16ce250d2d0ac6e51ed999e41e96eb497b29efa99d2a15f276d6d531aa9ead15e2c13d77b3846ee45f64ac

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\data\mark\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e86c72f9efacc1a0ece44210a7165c7

    SHA1

    eb4bff495ecf55532e23dab6d859da5cfd98d0cd

    SHA256

    1d5cc1c16eb4a07a781904672535bbc1238377d2f9344d33e17a019dcaa6f7f6

    SHA512

    24e2d564d1a8c98cdb6b5fedfa39114b90487a446383aa1dc3fab2d57fbd030c17ab57b88aba575da8751dbd1a73b591a9dbeea58a91ab62dc68536094e387a0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    521d5cfbb83276bfa030daa3d906abdb

    SHA1

    119afe581f00d9825834200cdccb2efa80c44435

    SHA256

    85cabeb0d3e6ab51e31bbfe0dea3cac8882592ef94ce1195d1fb10cc9fbae56d

    SHA512

    fd03b1bb94b9bb6a4926968e5551471d850eaaa4efb15bfba0b10add05f394d291d7ea573ed129c6f1e97fdd43b3e543b4881f91ed09775800c6b91730a18798

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f0a666d96f4c259c3cb5db7ee89ab95

    SHA1

    1c825bdfc5deaf2388ca8dedfe5e7c96db276e2a

    SHA256

    fc7dcea9cfb96315c5ea4356a4f2f06e5af24da3d8e6e595f1eb41c2acb694f1

    SHA512

    ae21bd501907e8723b0c4ff5ad7a931935b244e3e2d42dd8da52dc81bf9c28496026a4a9f25dd609a7f5ca6675e5718a1d5a866f4c772af2b181a425dab61938

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7094a242bdc42f16c1c93711ff5d2258

    SHA1

    d50a27f839c18a460d831de29a01d8311353ef97

    SHA256

    af762407bd022e530c774bf3b4f97b8325086f90318bb26159bb7e4179b12187

    SHA512

    9b3d3223221df938ce69573139eaaf2cfc45479122ba8fb4f84f4f2644b5ad5ecd088b5e80c8dae9df81b99d7c2b793f033e63f7c21d9cb1974437b0ab4ab095

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e194b55b735584b0c256e119a5ae2130

    SHA1

    50ccea55f1e7931901938f65c8fad44ceb402a13

    SHA256

    d12db4ce81ce9208db8465c81cd74f3a21cea29c8149e7af569ad3be9c81c16a

    SHA512

    7b702814c9c04ce25c2a553bb7cffa9c81d354c151cb7366bdd359d0c871fd3447729a63a3f11180c6bbf41ed4d1aefd8eeeb71654abcd8415f38c8a0ae77424

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c95a723e0d10d0fd6ce55fb187cf855

    SHA1

    d36322978feeb30f7709dd6b45b63c6ddf9a13df

    SHA256

    2ae0c035f56012c348a2cd7684e39ffa28bee1e70c9d545ab5269c5cd15c8286

    SHA512

    a7f2cf52b8a5b686803a81de7717fb425c3cf5c3548087f4278d26f6e5da67dc3cb1ec48199559ab0e23f3c704e74d6877d9a52b7e519f80d3a08c96a80667bb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6609ff285d1260736e643ca2dda87a52

    SHA1

    eb30dc41ec6e5afe8337724776d6d7cd7be02b9e

    SHA256

    ba0af2522aa91509f767337c8a1b1d76ecc6a008bab4415b8c327e3b3582ff75

    SHA512

    fed8728aa3ea08ebad91a51f8ff3e0801672dc09dab40ce23cdb19f422bee324f9eb4befae1dc0658396f0f13643c3656737be4a7c367021371fb9d3ebce11cf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8370e42a500a5e536087676b2f05f04b

    SHA1

    b1ed8a75cb1ecaa1851c6038b52906df0c8f6f0d

    SHA256

    7356281dfdca3b2601ee0f8e3628629c4e208237a7fa725d57320155c9114a54

    SHA512

    4d2199205b588ca89da8ef15972d1cf4fd256e7162d241901fb1f11489f11b92057ba0649d75c7c0174b43039818cb96ec3f0c0c9479c0338cbf31fb0da673f4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7826437b215c4b7bcb2f58b958ae197e

    SHA1

    0a461afd3dc2c0c5727ee1888095987bf6108267

    SHA256

    723f7da1ca318421d97039b33db6765c45453f6d7eebd0bbb9272b488e4e10a1

    SHA512

    6581103dfc6ee2cd10fbc5e76971d4501d0bf2f553f7d80d8fe1e874b9ff2e46c609b83e1cf7675ee6ab2b8745e260c1f6e13c7c2c1bc4eea71997ef29fb23af

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be15fa6845ca8b0d23f663db06fc87ed

    SHA1

    541d022b2541161b70440d75d2b612e4fceb4660

    SHA256

    37b89edd720d1c0a39134ed28a20b1f2229b48eb5730af821b3309223ea03d7c

    SHA512

    2c78ad15baa65c19f833caa5c154bf7ca9f6ea1a3d1b93826c7f64ecf65e708fba6374bb0088e2df086ab752688b251458f145e57cacfc79259a41eeb055e392

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b961437386bffa0f0f2caeb6194c0030

    SHA1

    413b3b97f13e25cddc8d09f6db02cec339990ff8

    SHA256

    8aaa4e6bb6c8c2918a054b8e9c489bc33c19efa62d8e0d862e89523c66837a80

    SHA512

    08c0e9e9baaf13b552b562e8205a9ec3cde33d36baa509c48507a6ec226cf01822ff4488eb441cb9aa9b1f0b8c8d1682224dbb17a2602850b496ca88bed2e6cf

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab9752.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar9939.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit