Overview

overview

3

Static

static

1

readme/新...��.url

windows7-x64

1

readme/新...��.url

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/ded...it.vbs

windows7-x64

1

upload/ded...it.vbs

windows10-2004-x64

1

upload/ded...dd.ps1

windows7-x64

3

upload/ded...dd.ps1

windows10-2004-x64

3

upload/ded...do.ps1

windows7-x64

3

upload/ded...do.ps1

windows10-2004-x64

3

upload/ded...it.ps1

windows7-x64

3

upload/ded...it.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 02:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/data/backupdata/index.html

  • Size

    3B

  • MD5

    736007832d2167baaae763fd3a3f3cf1

  • SHA1

    7ee737c83ee689c96ef37d3a029068c390ebc8f8

  • SHA256

    2b64c6d9afd8a34ed0dbf35f7de171a8825a50d9f42f05e98fe2b1addf00ab44

  • SHA512

    6beba489cd62566c108b652b7143cb97e007396a0b16ce250d2d0ac6e51ed999e41e96eb497b29efa99d2a15f276d6d531aa9ead15e2c13d77b3846ee45f64ac

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\data\backupdata\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f9a948cd7948546cba2fea4b389ddcb

    SHA1

    725b6837da0b8282f230b6ff95ddd74fbb4159a6

    SHA256

    dced7349299195b2afccf9acda770e8df842947a582cee53b8010070981a0b3f

    SHA512

    6bc61509ebd29a88e69646a75695a13be1bd5cac778d46d1caa6db3ad19ac40c7e4c86bbc3eca6a62fc3f6505b9dee98bb46081b2a9600867c70bf2d881c8555

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f275a8fd09effacaf5b5f86e849d5d48

    SHA1

    089a0676bc69cd49355307201ba03badf9537c5f

    SHA256

    6a9e6c0d896acb20fbb61c3ca379e1c323ba1aed2b17bf1577fc6f424782912f

    SHA512

    2d5ae3fe9158c6bcb793234e702e2b69a8c5e31ac648181d9a7ba21372fe7532bb34687b4eea324253b10348105cd27cf0d5a4a778034365b487a16fafd82a73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    656580326373b412c99e8a1af8d1f2ea

    SHA1

    212672bff7ac87ebb37662f4042e360c320ea159

    SHA256

    fdce4547a3f1094dc9e7c58353ad63d2ce163a33df38934aee4ec702be81a0c8

    SHA512

    4e65f7b20ba901ce81fcc5e069de850384314ee7cf5ad2756aa354d92559cebbef26a12255ea95dd2e0aeca88177d7cf2c01f00e5b9489d23e699795abd2e842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    198f62907c494d618607b15e571fd5db

    SHA1

    48e52e173680632901cf8b21765c5dc08088cb9c

    SHA256

    661c12e059be7924a6f7e9a4b202622c2a7bd7762493e0d7e0ae9ca60e87ed52

    SHA512

    89ae53f6739a7950ad092bd95e6165c069aa4daca9b47b40a0c91330872611656063f9d9ce22a0fb19eff5c46282857e54f9d37c42f3f3ed082a594093fd159e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93d32560659b28063a018dbc8b9b835f

    SHA1

    47ff47c60373b7c6b71558950680b31a88b67230

    SHA256

    e9b8f897333d6c1b1cb8677d262448ada75c224435359a336765feb6f62567f8

    SHA512

    060a8a68712c02ec222e752ed0fd2a628c0274a9c768abf5e27a31f0539c0b842e51d44f05cf588f18d5d1b9ef8a0a11e4df6ca927b538e50acc20a3f30ab88b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ab3624ad7fafe1401879b983746a360

    SHA1

    78aa790d8fa145b60dbb3db4043b104d4a966dbb

    SHA256

    37862fb5cad50958fd125742e8607dfd7072e3ac9b1ed7fea5c2fd8d4d75ba5a

    SHA512

    26be72a0fd04b3647c8ed7078127c346ff7fc8ac37212d733e1b7cb17015cf957fba6298caccb77c939049449789e405eb73b22262c4e5a500a8aebf33c02489

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d306184aec6f65c573fad4c15acc672c

    SHA1

    5d75ad7022d76d3aef8c2be3233179525bc24645

    SHA256

    c7b3c9ea88747b8d2142341dccacdc53a809ca16e4907b5742a9755113483735

    SHA512

    93fe0573e504dc18bc78bc9dd594fce4bc8034e0ee551f1ae40f920a5dd9dfb4a16222a32ce24760ec20304734d6a97fd77643a26f48480c9e993bbd9b3787e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4923911016a693e4b9bc737aa1d0600c

    SHA1

    fc092879d0d80373af838deb3c5ea1ea8701a4ca

    SHA256

    513fd5cb5a77442312e2470df54e3a51b2592f6295e36dcd08312460fb9329ec

    SHA512

    408b3de3ca7c87f248ccc912a3f00dab44d7237f047ee5d409b55322bde9325d7b511b0f6d7cf61f431c46617f204ef6cff1d23a469cfcd2f4d8d4bf040cba12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7faab0b0dc64e777933fe7ba48df37da

    SHA1

    f60626adf326218ccf4605c6fa90c6962e7e2684

    SHA256

    ff44361f4ba211016a5f60e41b5bd414313c5c09f9c77daabb53a10afa29a4b2

    SHA512

    5bb06a9d229e4e81f151c995bee47a1a0a03af60d55a1cab5e11e7bd4568baf9c620569525885104c3d66ff299edf53efea62265ba9f2c385a4ba9e11c680077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0cec5f1e95ab97f381b67e47b78c38f

    SHA1

    552d142a066d25812588e88c2828c09ab17c17ef

    SHA256

    7cc873f878dc5da8428d0b7618454d1b842d5cb2b33e49237b2a7ce31bbf7731

    SHA512

    689ac38ede6e11a03406482d0230ddb0ee440c12058a2078dfbf7a050b5a495554a801e9f20fa9bb1de65dfae6155e377aa4623357fd2eb3fccc5ea29da98538

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36011eb16bfeb838612ac74e8794dd23

    SHA1

    7ab3c3611ec584bd6397a0b20626b0b5e3a3dad8

    SHA256

    7603ca8a871ee06faa7568b7602b8bc70782651e8232902b84099f7b46e2763e

    SHA512

    7fe3286dfc8123cd480b6e26d81fc45304a929090548ccb30eb152a1510bc741b197e4d83861f9563b1b9c2ef6a8054ae39dd41451d814aa84def47603b01e3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b742a1cbbfa01edf4ed176c16ec1479

    SHA1

    3e1719bb430e6bc9cff35ec78732f1bfd718d49a

    SHA256

    e7e0e75acb893fe744e72d0302464b5d52eee02726b1997f0cd3ab6dc94f3f82

    SHA512

    04e3e959adad295b10056af81a489816ae358720d14a7573e878ca8e991ac16f9d93ac99ea7cabaf1d40aca12daae7b4849c1c96acac7b0da3c7f04e67c5f416

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    941ed494e374f574d551377df2116358

    SHA1

    374e1b95308f30d56e5c05c62ca7ee838a9e671f

    SHA256

    1aef2aee85776b5200acf00c7ea40bc9b04e96c4d20ebf6a603d1bbaa61e8310

    SHA512

    57bc226b06b0bac606eb7be978ae272ace7b38a8ad685c3746db834539da2dccf1c81aa071d300caa2444352b1a5d784e7504f1f779bac55c557071b48f7b91b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f954d2720636d074af12148664152c2

    SHA1

    92542b8ad8583731b0b424978e790b4fb6320542

    SHA256

    b4891a06fd71c69960bf473a37f8250ffd57c3063a543cd37b987e2d32ed0c7a

    SHA512

    999771f246c9a9657ab4c643429be8a34d489a6c0cedf92942efb98c21f2d778e957bb55d2f05cd7e2eaa6900205d54e8e8d7461ef9ffccb75d674fc0b1abf1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c1b6196d2bd881e9e91cd4f30e96762

    SHA1

    075172478232525ca94343b866317dc6b6dbbc3c

    SHA256

    6b062750113137008877da3ca762ebecd451bd9918594ebdf51fdb10a44f7f68

    SHA512

    53fc567958c58fac01679b3547de5c038df864d48a3395ac5c5dc62d0a01ff51132080ac3321aae74435a26efa2c85d2bd9ad8964aaacf5cf7577945c2e37b86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9365cab392190134bf43a7f89e25730

    SHA1

    a4669569370b12f628b5d2bb298a5bb9c68032ba

    SHA256

    30c3015a615f8c5f4c4b70527d250178e404d50b6dc8a04b413aa46a66ed6a9a

    SHA512

    ed7d8d3e1cf6529da1e8521a7813e00c39a1cc978260a7e8f12564ed5d0f54f66f43e6307c65ff612b366eb05df0310d6cea35b3a0e60591d7fe65ff15325d71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5814e7974bbd3bc7cc5c27f615275e3f

    SHA1

    efde97b3f739ba41cd86055b7a91c8e2da8c907d

    SHA256

    e8103a8e5616d7edb27278ecb243b49b509665cf72d4f4e77a1c79af4d1fb802

    SHA512

    f32883dbe2a6b3528bcccc2c9b81cc6edfd5c8c29b9e992a5b944ac2a70608b5cc8fd51dc1b291cf1e7b29409423c8ac9ddb3a28931be823b3a2163663697821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db0acc68c0018f55c6ede4b505cfe23a

    SHA1

    b934ebc3c4e0e69aa825960acd87b370aa80410c

    SHA256

    5d3a02ba09ef6baaa83c204edc1f872af409413db148fd240a4b5ba16f9f8f0d

    SHA512

    4017ad571621de0a011bcdc495cbe0e6ada2cb17a3e9e26fd82463b2d16482ab1457fe540003719b30eb73b1c506d6467e19c3c54bf15750a78a78ea532ec190

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCF52.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD011.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit