Overview

overview

3

Static

static

1

doc/动网...��.vbs

windows7-x64

1

doc/动网...��.vbs

windows10-2004-x64

1

doc/技术论坛.url

windows7-x64

1

doc/技术论坛.url

windows10-2004-x64

1

doc/新云软件.url

windows7-x64

1

doc/新云软件.url

windows10-2004-x64

1

doc/网人科技.url

windows7-x64

1

doc/网人科技.url

windows10-2004-x64

1

tools/会�...ent.js

windows7-x64

3

tools/会�...ent.js

windows10-2004-x64

3

tools/会�...ro.vbs

windows7-x64

1

tools/会�...ro.vbs

windows10-2004-x64

1

tools/会�...ex.htm

windows7-x64

3

tools/会�...ex.htm

windows10-2004-x64

3

tools/管�...in.vbs

windows7-x64

1

tools/管�...in.vbs

windows10-2004-x64

1

upload/API...ig.vbs

windows7-x64

1

upload/API...ig.vbs

windows10-2004-x64

1

upload/API...se.asp

windows7-x64

3

upload/API...se.asp

windows10-2004-x64

3

upload/API...PI.vbs

windows7-x64

1

upload/API...PI.vbs

windows10-2004-x64

1

upload/API...ex.vbs

windows7-x64

1

upload/API...ex.vbs

windows10-2004-x64

1

upload/Abo...s.html

windows7-x64

3

upload/Abo...s.html

windows10-2004-x64

1

upload/About/Ads.html

windows7-x64

3

upload/About/Ads.html

windows10-2004-x64

3

upload/Abo...t.html

windows7-x64

3

upload/Abo...t.html

windows10-2004-x64

3

upload/Abo...p.html

windows7-x64

3

upload/Abo...p.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/About/Help.html

  • Size

    6KB

  • MD5

    5f26dd860c7fd9185714da27fdd77aa9

  • SHA1

    63ffb18aee54976193ef5faeaa9aca7131a65bfb

  • SHA256

    353a394567117b979cf35d58cd70a6b6168193871fa1466c478cccb01c7bfa26

  • SHA512

    7aaecfe16284375f8974cfa7584d6f9ba89d117e71173b6caacd99b2593375dd06c689402187b965f98e56601517c7b1daad6756338b5d5ed4a3e9cee9229186

  • SSDEEP

    96:Szz2SDtscvVRsTJA9ojP+6HvSTQWWq9PsPNJw1kxo4:Szz2SJvdW9v1O9abfxx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\About\Help.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1820 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb808b82301c2e7f4c2a0f7e80d443f6

    SHA1

    4372c6662230aeaf55767a3b4d2b4469969889e4

    SHA256

    4a987a6c58bc338b891ce9943e7daad354d82d9e583670cd93f5841e1ab313be

    SHA512

    eb6273043d11f1e0f0322be23aca54614214761b406e810fb674bce4a94d617f56f695e82cb84f97c4e384ef93dae02bfc8e5b1a5996ebddc2a2e374ea67b893

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a13681d5e8b18682d49ab12507701451

    SHA1

    662b4f51972731bcde942c41d191f3874afdf700

    SHA256

    51354d8e521ba08e7495af4ab8da881698063d675de48b90da215686f82ba799

    SHA512

    d9b57d65a8323b9085ce657123e116f5be57436631ac209a86498c52dc69a5897bbad3228b4257eaec3b36e94f5c349cede56b4ed604bd5c4a91ab4ed66c30c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    729ecf26a5e9c40b0fdcdd74d17f74ae

    SHA1

    79ca3edb26ffe5a1ea4844e17d6075be72b9d5a5

    SHA256

    be8a30a5d647500d1bd708ed71b9b750148e55a798c053da624ebf7ed81b9d4a

    SHA512

    440bdf13e824124a1aef79607cb7478c3881e1c056ba080cde9acc68c5cc65e22b0b607143d7867392f1b84f09925593a22a74568e64f3e7ea1835315af03468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7279d2b488f217d06f94356d0b240b6

    SHA1

    30207dcbffcdd53626dfb8402cfcc1a01af66236

    SHA256

    a0d395c838e11ac72e932fa109d4258ced721db805dcde4152acdd7a124bc7b6

    SHA512

    2a1df4597aa89779cd7db7b7b440610149f3b39f1efd1d743920394f89108fd9aa9a7f06067a2b8e820458c77b0eaba2627fb1195bfeed37e2ea10e3d53f0e5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d7981fecf80becd7113687889868ad7

    SHA1

    29d4b556b7487e06c5167ddf6d093999188db198

    SHA256

    837f415e86a9978c1e5b1add22908ffa80c2d7db4a81784cadc544ba034e70c5

    SHA512

    7b46bf006397d9c48880dec3bc0b38b0bce7ac40d812843c8d025a8a2181be0f82f196bd936a57c4da7176193c9b33dafaa9dc4105613d9fdd339c908b2c6edf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    454af6ef1e9055956f15592f761b94c4

    SHA1

    23ef73be4fb07679acf26926c9fb3d5600aadfb9

    SHA256

    c49c8cfec23ba6b9fec9287bfd267add6474590a25bf0c1c6d01c5b4e7b0d1df

    SHA512

    4301320adb47b0ddc3391fee12a5ea5aee7d976bf74dabec4e08e128ad80c38f7bebc0a996065724dd2fa45a330eb78e270f89c5072e51bd6912038dcf4806d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8af62eed9def7559ee9a7f5666e6185f

    SHA1

    0b36edfbfee0e892aab9860769a2704492686934

    SHA256

    8e55834f6211176157c4746befb86cab77d97accc888f9a27c55052e61f5abbd

    SHA512

    17fcf58bd70cc2a12627e509880f114e171466974a00aa77f15f18616a25da60f78e25641c91e5fd988cfc30f785737e4cb6387cd78d1b285a0c3119aa2e007c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6643fd62ad444e6ac0888ee4a73c99d

    SHA1

    4db7faa2ad9696393f0843628b98bc854f023a11

    SHA256

    bed72b1269fe2c61bbb976d25d9fd29adbe4d6811c50d7a4cc50cdd9f157f340

    SHA512

    2d4227ab8d998a3b6faaa14dde0e2396489c5fbcaa7b9cac97cbc6d3a9e4e127b81bd552cac01c4b4cb18055c551c730bf41ffce6d007576d520abafcbb23d25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5839f751c6a82179a2e2c9f9060da614

    SHA1

    3b45b55a8d2f2264d3b930d9f889a977f6cc0fc1

    SHA256

    642be2bede8d3ad9fdc6f2ccf80e5a7c713fc2b4f5a2c4626eeea32d39cbd081

    SHA512

    1aa6776e52c2e75dc4e9bd98d7e45135cbff133fe5ded3aa57000294e61d32189be8e3e2e732cb260ac5abef14e93c08876378533b70efdac391a46c526900fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35721b5738ab14d60b1f482151665b2b

    SHA1

    cb1ff5d077df5f1e8ac634c94411d0351c8df49c

    SHA256

    f2e1297bbb7b0a58a950b724a1b51156b27b3699c767b820877f1a63d5ba9b9f

    SHA512

    73e9fd32a3ab1bc57ebd3fe150a1f9712839aee17b614caf782ef1576a2491b18247b5eb5cfc501101bc6a4175dc93b3b3337e60399b578861e309614f37e911

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f871d90f5fcc78668fdacc4ce80ab246

    SHA1

    11b71cc420b895edd029edecdd6be96ca48c2cc9

    SHA256

    1cba483fd431ec536550843394e9b6d6208ba8f24bc3702c50d46e877653cf11

    SHA512

    2fab8b226202a0d9b2f7b595b29e85f5f98a83700ae113d68285d2e645941371b01feccffac1011b19b6a982f6ecb2cc0f870063a5ed6e86d62767f825c4a595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    643416d9a01693e141574e75b8e4002e

    SHA1

    8f6d6e575a2bb0ebc20f8aea7f9ea37b9b1ea6fd

    SHA256

    c9ab30ab47d81f554886d2f07c8ae2cfc3da009e611f2a29ea99ebd744e5ce89

    SHA512

    b4e90f8b1053913a761d3fb0c6eba77b5e3fcbf5e0689764695e8020578d754456f2ba452fe0c6e109f927a6c7dba087db620068e7386fbff42c5161c443f07a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29cdb4ba52c76d6406a282b3b0c685f6

    SHA1

    d19857b71535707b90db2f011539e9e2ba902688

    SHA256

    27a0f3e38865792526ae20b465b41a2cefe4fbc26196bb1772b2a76d2db23858

    SHA512

    c2cab301a9edbc8c26c3136c5c41d0e35157f6199cda89d210b697e1f56c6cb67d521fc645fb253d432c98ab42fce3e840e748535c6582f05c648dfcf3344954

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abf02d0b1fca3fe68cb2eea9843397dd

    SHA1

    464ae8f249b1ef8533790975a47fd32ae465034d

    SHA256

    77a55c32488184ed08599138c33b1342225cff79313f4449e32051d62e9dfa23

    SHA512

    c7eef3cd7fe309110048464b8621bd3d0895dde602d918d345c84d7aef191b2d475e2f00fbfec1e63c60f5bb645cd67a09f1aba7dd3a3d8d2716cda5d236c240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    714cea53562b9af7d011b2c2c49b767c

    SHA1

    63bba8098fc2f426b21844672e9520c8db822d4e

    SHA256

    7a5611e77284dc2e8c701050591f57cd4f46f70d44a571f25f4c08a3a5f0a85c

    SHA512

    1ab3e83b73c581a528671c5fbec6cca1938dae8337f3a7b67eaba2da29f287cadc409bcfb615384f14384076ec9f7e7cfa34203e02061df59ac06bb394058276

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c486d663e5857ef70d8ed70c92ed6a9

    SHA1

    4d449f1e947383b4e347e0981ec42d1c20573e10

    SHA256

    d3a8968de5747e40e981d34f36c6ebd7fbc9bee165afbb34fd6d6c184dc36ae5

    SHA512

    2baaaf31bf955002dce4a75d7dede43137faf60ef06fda75791793910fdce2cf1585d00bad78a95a8099cf7fa349dff538fbb467b621f4252e62aea5c7a77b15

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5B6C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6435.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit