Overview

overview

3

Static

static

1

doc/动网...��.vbs

windows7-x64

1

doc/动网...��.vbs

windows10-2004-x64

1

doc/技术论坛.url

windows7-x64

1

doc/技术论坛.url

windows10-2004-x64

1

doc/新云软件.url

windows7-x64

1

doc/新云软件.url

windows10-2004-x64

1

doc/网人科技.url

windows7-x64

1

doc/网人科技.url

windows10-2004-x64

1

tools/会�...ent.js

windows7-x64

3

tools/会�...ent.js

windows10-2004-x64

3

tools/会�...ro.vbs

windows7-x64

1

tools/会�...ro.vbs

windows10-2004-x64

1

tools/会�...ex.htm

windows7-x64

3

tools/会�...ex.htm

windows10-2004-x64

3

tools/管�...in.vbs

windows7-x64

1

tools/管�...in.vbs

windows10-2004-x64

1

upload/API...ig.vbs

windows7-x64

1

upload/API...ig.vbs

windows10-2004-x64

1

upload/API...se.asp

windows7-x64

3

upload/API...se.asp

windows10-2004-x64

3

upload/API...PI.vbs

windows7-x64

1

upload/API...PI.vbs

windows10-2004-x64

1

upload/API...ex.vbs

windows7-x64

1

upload/API...ex.vbs

windows10-2004-x64

1

upload/Abo...s.html

windows7-x64

3

upload/Abo...s.html

windows10-2004-x64

1

upload/About/Ads.html

windows7-x64

3

upload/About/Ads.html

windows10-2004-x64

3

upload/Abo...t.html

windows7-x64

3

upload/Abo...t.html

windows10-2004-x64

3

upload/Abo...p.html

windows7-x64

3

upload/Abo...p.html

windows10-2004-x64

3

Analysis

  • max time kernel
    74s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/About/Ads.html

  • Size

    6KB

  • MD5

    3ed46eaecb464630bcce53f5d85014da

  • SHA1

    e4e63e2c498232e670d3b6a90d0229e914e291f3

  • SHA256

    91227e0db94bf0ccd4f6b97b1b61dcbf66e62a37e317c7cf0742871075d36f4c

  • SHA512

    931ea2d5a5f239c6ad79a4eb47cd87f98203a2d8652fcf65b35682b44c811aff810d5c9cd3740824965490ba4bf727c87fb111e3b4e7025fcf59277c9a6c121c

  • SSDEEP

    96:Szz2SSHtscvVRsTJA9ojP+6HvSTQWVqPPsPNJw1kxo4:Szz2SOvdW9v1NPabfxx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\About\Ads.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94268db86e5c02e0ec72f0805b230e71

    SHA1

    d4d98d52d4407d15b0f81a937324e1cfb3045058

    SHA256

    3e680e9baeb9a065064ad82d44214e721f4275b263a496ffe53364caa33430c0

    SHA512

    38cf7206b789bcacdef818e0c3beb3a6f681541c62439f6e4b28e435a39f81c581b34706fe398474742145c636f883a44b84e9c37bbf1f88b1479a8222347960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0cf99724851061a667d313319511666

    SHA1

    bcebeee33303df11b0eb9509bef94a8551e6a47e

    SHA256

    d0dc03d8dbce1a9765c2054c9f9752d95e6e1c7727a2cafe543cb0d6c06c5f0a

    SHA512

    3384859b0722f34f91fd9286b6ee564c426e86ad9e39228fbb2e3df03676f0a6d6669f0e504482b266ddae8777bab69a414e570e4af23b9c9b6b685bdf06cbee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d460e093ddac6c37d69d835a30b3a1b

    SHA1

    84e831437a5b773ce87446c77706659251cbf4d0

    SHA256

    f1face7fc55c00ed39c44dd8b8aa960f49efa3a0a9bf5d1b218d1db21c41a0bd

    SHA512

    dd188be4ad100e738331421305bd0891353ee02de66b50ca23e2199b77abe0747dac5beee6833bc10b66ffd81d229449ec25a0ade677c9ea06a4b39455b473c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94329acba610280706bcdd6c34930f42

    SHA1

    784419cc45a614d47dbb1bdc0bb31f17b9c85cf1

    SHA256

    7a6ec3e540d08ab3d486b04732e7ae7dc9b2a590e19d7a1f26b1a6169911e158

    SHA512

    1208fd3e2d181681eca2318232d3a3022eccf9f92905d16210f81239454a2c75aa8b96af7c857370d7c4d72e423034a7df513e94544ae984c195b78ba74e2f86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7afbd5d22fd06bec9631acbd8761bee9

    SHA1

    ffb70ec2d262f52a94927d2b135054683a132a81

    SHA256

    751866787df764d0913f8b46dad50c48a100c455e5a88ea4e5aa740a13650b60

    SHA512

    306f89f5f87a228eaa44592a64d6232ed3763acc41e6fac26a24529fc2a0fc52cccd46d524c48a542afa8ac0ec1d89b8dd04229ea0597b53c3a532923bf16ca4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1b78b37748fdf8c98bb9a27c4bf751a

    SHA1

    4af10fef82197bbd9cf0c8b85fb39e94531b3002

    SHA256

    167ef207f12f1d1be71474b8440b8dec13216aef8760defc51e4672e1814be1b

    SHA512

    349cfb545d94d534e17cc1202be88fe63af689857d33627882ad063f72fd6131ba14ef8699c384aa50413fd46903abda9d65f529c883e1f024e7958d8fe5b108

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfa66591895bf11f9f487a1355610cf3

    SHA1

    9a381e1c0a3959500ffd219e92b583f88d21faac

    SHA256

    a0e489ec1d1788094dab35774c52eb29f9222e2e3d5cbd49e297a6b256147df2

    SHA512

    a24dd04676326e257e38ff3778188c3f1c55e1276a6ea4fbfd1c2acfdbce139e4ef74cbecba28d6e58b517754dc75958a27fa43ec2e7a73960175d72125c0e01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63c26de2ad429e2d5c6f8424f010182c

    SHA1

    bf4974523c973d76342ab1ca28d85b56ab5772d1

    SHA256

    22375b48055717f111bbe89fec47fa83adfbf0f65abe77482a4745e4246360a1

    SHA512

    7462df9946b093d0f9aa060c1b1bc89fc6569ef3d44c10748b10bc3a4cbb4b0f2e43cbf1602dcb1f91d0fa008a804ae476c2f71f1a4953fba88479b2e0c30ece

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b37d758f259ed4fc7faa7b0b465345a5

    SHA1

    5207f7a9c82267eb1479af5b5fedd5771ce55aab

    SHA256

    882a2e00b1dd3795a6223228bdbe4641c4f0ebb83bd527b73b1be0d99712fec8

    SHA512

    33822d6ac718bb3025bd36f0e9cefbb57f6072720929a1237dd178b71df8a5474b85428f4bca483fd91b0b2cf6b02c895f71d8cf0970367d70ce6bbe8b312ca7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c617aabd1cd9d58e3397b739f741248d

    SHA1

    c4ad4fd47bb2165027dc521e3564113737b7866f

    SHA256

    4bca7fadf71bd6383bf6450e74b1549bc8d5a9a4b961e7d6be627e2f6c6661b0

    SHA512

    dca59c14752fe761c957f62d9cec47f6b2f8a3461cfe6ee25336df11d0a59bf41594ce08da91efc7a85bb65fe994f8e061ea5e8055e57fae87c477794a47a7a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9209e6da5d626cac425f319c21375c25

    SHA1

    dee9945f63a60e5ce7fb0112db4fa8f8ea916dcd

    SHA256

    ff800ddf52d666b0954babcb42e3f69ef1d8fa346ae81cacf76e0bc4c994f6d9

    SHA512

    07688395eebd5916802bce5d0bc442cf83345a9ee5da43d18416393464bc4782e62bbd352141c2f60e74afeec99af29df15df4034091ced31b93617901f008d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07f94dfd78e1428eab6b00b9839be7d2

    SHA1

    5c844cd7384779fab74e5e482ee339d7d005c40e

    SHA256

    d0735b5ec0a7489fe8b51481dcbfd977fcf9ca39d5e8d04f2e4930a99f21af26

    SHA512

    49b759becce85cf8cb35674d0a8811eccaef9f5bbe0d0d1625abf1bd2d6000b18beb1a0db6bd651cca9db7c7e1ddafc989fe0e6c186beff21af6751980f5b75b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1103.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1210.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit