Overview

overview

4

Static

static

4

thinkphp_2...&A.pdf

windows7-x64

3

thinkphp_2...&A.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...ʾ.pdf

windows7-x64

3

thinkphp_2...ʾ.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...ss.ps1

windows7-x64

3

thinkphp_2...ss.ps1

windows10-2004-x64

3

thinkphp_2...d.html

windows7-x64

3

thinkphp_2...d.html

windows10-2004-x64

3

thinkphp_2...e.html

windows7-x64

3

thinkphp_2...e.html

windows10-2004-x64

3

thinkphp_2...y.html

windows7-x64

3

thinkphp_2...y.html

windows10-2004-x64

3

thinkphp_2...t.html

windows7-x64

3

thinkphp_2...t.html

windows10-2004-x64

3

thinkphp_2...1.html

windows7-x64

3

thinkphp_2...1.html

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...w.html

windows7-x64

3

thinkphp_2...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 15:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    thinkphp_2.1_full/Examples/Blog/Tpl/default/Blog/show.html

  • Size

    6KB

  • MD5

    c1059f6c6cb879aa0f3d0a70b0d0bed3

  • SHA1

    380fa5be1b7c2245792c3de54c27b39be6b9ccb5

  • SHA256

    83221d3fb7d9697ea371aed6243cdfb2d5241cd2e6f5abda0c454669aaae3b3a

  • SHA512

    6418e748528d690d84b0d2cf3b258be7e245d109e81566c1ef6e6c6541d9fa28dfc0a3ac4927cd40ca8b5b027a81ad6b4876346fc0197f836d7caf8c3f372a17

  • SSDEEP

    96:IxFG49ncgjJCMn9WIudibWqGICMF8kvvJWl118sQ:0olgf9WIlQOvGQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\thinkphp_2.1_full\Examples\Blog\Tpl\default\Blog\show.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee7cf16ad657fb8d82d02f6b61a0c50e

    SHA1

    55c70f277fc8ed4e5ce8e15de493f1f301da3ee5

    SHA256

    4af1e41146b0af5175562f215ca71d65fbe2ad2b1af2ed5da5e9bf0409229563

    SHA512

    4ce3bf0d225215ca094d578645f5945e6e075899a129a766cf8f3079159c9ddd552dbdcc728880e568c1b6e38b0a843abe4387a6f1e2ad5c11febe47d06ceb61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    733ad2a9a59b9ce47c01c45e03da6908

    SHA1

    83cef35b0917836947228ab46b7a15e94609e802

    SHA256

    4c29a0c3277c29f00fd8739e736367069034a278b286be29de38c553442c1394

    SHA512

    8b3659c05f5a5b463827b192ca8d339941145d19620f2fb593204bcbe0487c1e8ea831dd251063acd09558a82e97a04e86c8887ead393b525270154ee6e41fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca3a59db3a01fe0fc33fbdf35abc9cdf

    SHA1

    1111fb279a34a269ec8f37ac349b52221ba912c4

    SHA256

    e8e55f65ccb3165b1bbee43c97c685cf1d5ea99746db3af9ce7dd15dbe5691a2

    SHA512

    617acd82c80ee1581bc0cf151dd79f024b92ef12019cba8f69f6bc522f7511589b3f27e18418be3a1bd05e09c91290b8ae0c2029ec7d61e483da6e86fe5a6f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e9aa6cb74f8d59247c4a06f48b238c2

    SHA1

    18a235cb68e6927affc021071b686349f02b3fbe

    SHA256

    1287abee5eb6c1dc23052932d87a5d91186f2719bbec05132d4efaba2ca75652

    SHA512

    be9413ac1189a0d0be0b75fb2333145be271d9de48c08696ef4f368cb2d872911933060c67845659404cebe7f744e6fcc1f0d8829c1a3b27bb27ed9a55299204

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4cf3544cd7e96f9e5dcc8e0fb753a117

    SHA1

    8176aea4acd79da4a2471a29aad9de662fb6350c

    SHA256

    096445d4e25fcda63b4d5fe7e3ad6fd53e1e61673b0d57f5ba976111e7ab4525

    SHA512

    0d3def55e1a0e731c7e0ed68eb4bcf7797b7a0dde5000764806a805cf38d4abece4d2f3f0e9296806dfa9aa3a1ede2f2924a94c11369b660e95781ee544bd7d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5e2cae74b1c53b5671ddd86438e6d0e

    SHA1

    58553045f22e74b553925e1b6590df7f247bd21b

    SHA256

    f3928c91349ccc6defba6f2c669fa4f3f1ea1a92506b6cbe02a77fdc012c7011

    SHA512

    00d0c9d3d4d8e832a2b47784f49ca9937bd528c4d814bf698bf2ecd56e9a4d851918ab59023955bf9c1932b67d881eac09844453a73b303d0993bcec7e557bda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b73c6b7a6cc4968d50d9bb846b7d4761

    SHA1

    06d5c8528256a3514baaeb1f52386af659c10557

    SHA256

    aa0ea5e6306da3e63bee2e60000d953eb2aee117a5c2d8c15eb525df8549d618

    SHA512

    595745be30ad622a8f5988110cca9247e262f7d8b187b52fa4ddc2d1b8a4e86ac64c9ba486d223b4a284699ae5ea3eddbb8c03e60cf13321368e189c1cf4c5be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    352e18cd0de2adb5be3f0929ecf574ff

    SHA1

    777afd5231cd0125f57db4013ead74839195d853

    SHA256

    0f1f9f5906930020d8298eb38015fd9169336b7216576d11a60ff61f610853cb

    SHA512

    b3851e7e9a97b04e3b4e37273799c77c62eab5526a2ac17c4b6d60aa24fea3633e2a4f8cf1a27e7854ed698c362e0f329f738a999a57583dd97b6fa53c729163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9fc3ffc61bbeabac3aab8e9e911bce5

    SHA1

    b2636b4402858fcdad27be25fac9ba42fdcbcaa9

    SHA256

    1bf0b4e730619f1eab907dcf01730d16e9e5ffc92073307c2ff21cd3be0d9571

    SHA512

    5b4074a24a50bda1d45dbb6782aeea39195041951fad2f6d6459f64242d049e26c3cde1d5a39f4a24701f51b30d3a6d5da3ea9a5901dd4ba0d52a309570576b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09c285f9ea68558ad93fb12a9f02866d

    SHA1

    9c5192895a86dcc02db2c57db34777732d2fc84e

    SHA256

    73b9d6421753728f313b57b11604ec4e776c11599f9f2db6a2e7070a6e024902

    SHA512

    fe9fcdb25d4c815ff4e42219b32a6382a774e8f361e57a194273a2598cdf08ea2d520b0a912a035050a79a41c3ad34ca9cecd0143b66b84823dbf12cb4baa5df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e842c4e46210d022d1552713a1ab53e1

    SHA1

    e5c505272d8536a3e0c753976627aba382521be9

    SHA256

    b8106b2f3e7d31d4c98e0492bc1c77e0c0e1536d142897547dbbe35a0c8488dd

    SHA512

    c5861aed570a7b071636fdf6997be255b83e4a71ca2079fed2e96613452d04090e3feea4346f338cb899917bc80f5edb726dd386aa7534cae297d2ab309f4852

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f9d6259d132d9d7764d1e74d0ea5f0b

    SHA1

    774c7b75036b5b5bb45bc05c41920e00ebd4e8ee

    SHA256

    72395c076b773e0c6d30a420f36c1f6c737aa8d3dace0c0298fbe788ee58bea5

    SHA512

    1c03b73952b44300cd7f441eaa230a06c74b26ab84a84faf7b8cd2887f38ec75e4d83262238931018ea618d02489f83cff15aea16e9e3f9c1a70e26a6e114ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ba23045fcfff64f20771ca098eed3fd

    SHA1

    c39bdd69e91afeff69c9a3903e25361a960fcea6

    SHA256

    6ae28cb1fe5f3ba5790cbfefe9d218f597ba37aa2506eb0c4e65075a589c095c

    SHA512

    822c03c8fbc376a059bd74595674af33916dcd52a41893c4fe50b96dc36f251239e1567be7de88b3e9494abdccf1b9a2aac842ee00ba1b6ace2d7ffc34a418d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    515515e109a5821970748800df7a8057

    SHA1

    f9dbfdc0c8a505e79d9844dfe5980408d0342126

    SHA256

    13045afaea4a54048ee1daaaadab395765c9d59bd5d26ffbe9180b398230150b

    SHA512

    1ed2dd3eb2e507153b35b561a9df571d41e246baf7eba4e78662a2bc62bddda228243da14f9fe362560ee74495f160368c2c86fc16fc25585bea4348d1a9e033

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a1875ce987a08ea7fd8755304e02f2c

    SHA1

    ba8c17ded784e4a220ed76d2d47bf51a8ffa4a61

    SHA256

    e62716908453acdd45c06dfa0ed789b3646a7da80671a29f81187f061132868e

    SHA512

    81a0439b9ab2199136821abfe02f4b92d734c8e2de25982a7261dd568667ec844d6e1d821f050a80fa2d33f1dd211a52c031d9208701dd4f6de6c98324b09d59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c78b8bac9ad1b98a28a99781e4abc186

    SHA1

    3f89557284bad68c59b29b9adb4b399174ddfda1

    SHA256

    4987a12b3671522a7a6a7dcd4d287e6b91416056fc25cee278fa2ea2b303e1f0

    SHA512

    55d3a8cfd693737398a87d287dcad35e382e0316c6192f410183fe67dcae6d31055b517aa796cb6bb2b045b5c527c8bc5990583bff701afd4fd1eb64972e05bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab47EC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar48AA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit