Overview

overview

3

Static

static

1

雪人MP3�...3.html

windows7-x64

3

雪人MP3�...3.html

windows10-2004-x64

3

雪人MP3�...nc.vbs

windows7-x64

1

雪人MP3�...nc.vbs

windows10-2004-x64

1

雪人MP3�...TF.vbs

windows7-x64

1

雪人MP3�...TF.vbs

windows10-2004-x64

1

雪人MP3�...ex.asp

windows7-x64

3

雪人MP3�...ex.asp

windows10-2004-x64

3

雪人MP3�...et.htm

windows7-x64

3

雪人MP3�...et.htm

windows10-2004-x64

3

雪人MP3�...IG.asp

windows7-x64

3

雪人MP3�...IG.asp

windows10-2004-x64

3

雪人MP3�...NN.vbs

windows7-x64

1

雪人MP3�...NN.vbs

windows10-2004-x64

1

雪人MP3�...N1.asp

windows7-x64

3

雪人MP3�...N1.asp

windows10-2004-x64

3

雪人MP3�...ER.vbs

windows7-x64

1

雪人MP3�...ER.vbs

windows10-2004-x64

1

雪人MP3�...ON.vbs

windows7-x64

1

雪人MP3�...ON.vbs

windows10-2004-x64

1

雪人MP3�...NE.vbs

windows7-x64

1

雪人MP3�...NE.vbs

windows10-2004-x64

1

雪人MP3�...ne.vbs

windows7-x64

1

雪人MP3�...ne.vbs

windows10-2004-x64

1

雪人MP3�...but.js

windows7-x64

3

雪人MP3�...but.js

windows10-2004-x64

3

雪人MP3�...ut1.js

windows7-x64

3

雪人MP3�...ut1.js

windows10-2004-x64

3

雪人MP3�.../c.asp

windows7-x64

3

雪人MP3�.../c.asp

windows10-2004-x64

3

雪人MP3�...ci.asp

windows7-x64

3

雪人MP3�...ci.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2024 00:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    雪人MP3音乐更新版/3.html

  • Size

    6KB

  • MD5

    5e21e60642840b1530ad6f13fbc81f28

  • SHA1

    c20bb9280088a1c406a8eb1eb4bc70e0c5d0a999

  • SHA256

    ef9978fea28ad5e543f396f21f5ff6ad725d891fa4fb6010de54088c167ab02e

  • SHA512

    e6139bb8ce938fab18eae6115ec0e8f2ac184951dbf473af4b47334cc057b2610e96799d4b7668035c8a6ef1488b9e9693c8ba8f546af69e07a5fbcd9cf4c6ae

  • SSDEEP

    96:qaK6GRA8RTRP1o+7GncCn4dZilj0SWV7wpzddddKs/tDp:cAWlPv6nPn4jilj0xV7wppNp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\雪人MP3音乐更新版\3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7034b2077e0cc227c41aacf1e8cbf97

    SHA1

    82b1a528e990ac69fb386574308b2ab34cde7a54

    SHA256

    ab662ba2e6324ee87dd5bdc27e3d4fa0de13e57e8747f5aa7dd1c2bfd5c6bfab

    SHA512

    d94340ca47e75e02351af8d67da21e69d6102cf35dd83d27e52ba97e33b57a6b29e89900714bd6b24fd5d14f7fb0f9aa14e762afcaf4393e84087286f909e7f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01cd7c8f0e1335d92c6143556a7f3f51

    SHA1

    e57c119f4d6ab0111c93757191355ba0ab0bb854

    SHA256

    3d6bf9b5dbcfe29dd477a3608099867fb1ad9fa9cd0768cad6fc2edbdc3d7871

    SHA512

    61997640421432575fa9d21e4d4619ff31157c6b4b5879ea940b3a435d0273efd21e5e6409ef44c5d6d7cc62e52e6eb02ac8068ed4de7e17bdcc9e3112a0fcce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3d1367bdbfcb8d1526e59f8c6df3cca

    SHA1

    9878b207ff7984a142b7cebb8b70ff9fbcfb6ecc

    SHA256

    04711e3a437a5c579048a2b1f9af43cdc681537dbedb9b05f30032921393109e

    SHA512

    ae15b39cbaa95380722f35e26f9b0ebf99b2a0c14770a6e1fdb83c170cf8484e7c6213fce008bf23b52cef682a55d1115a38931d4f6c3ebf1b0e30ec5cf49a31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    743a0838af0b2a8ead327ae311695e25

    SHA1

    25be1ed9638a4aa3ad0de9ed0769cd35d82113bf

    SHA256

    40e4a7dbad21f630001d657be1b501617e7aabe569b9529fcbe843f296f3c808

    SHA512

    5e9ebacd775dabbb4c2ac7450951a3a81197838cc14e7caf7a56c91e0cee04f85eb78b5eeb31b9cbf795e8182428226094b07bb0ffa624f1620f57b4ac5de539

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c26db2afe10cdbe91e82e87435f6e070

    SHA1

    2abc3674c7f718b7dc30eeb36944c31a3f426f3f

    SHA256

    aafe17398cf6c229f14bd67f844066b216d5379b6f430a3b9ff40ab73ebef933

    SHA512

    227409f5facf51c153ce40f7038eb449562e6b8c6153ea293a3011c6f6f0d5bc42b94926b0d005defcd3c9dec7545aad9cb3bfb3214e37c8da9f960687f8bfb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    527ff3e08b101ecdb087c9a5fbb81be8

    SHA1

    59df5ce3b9e4f975b54aafc8f39cb84a3380f08c

    SHA256

    c1a4eeb7a8a3e493edb9ef2aed268cb63db00ecbcdba260c97510ab648a76e9f

    SHA512

    aaf5e95319fc8a30abb75785e4957a186b35803ec717fb50520714190183cab2a142bd88696409544aab1e124c2819db9f9d685f33ae394be811fe96091cff1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e644cdfd3cabe03b54c5832c7b46d070

    SHA1

    5ed24c39b5917c46e50aa336dd562c3f81da01b0

    SHA256

    0d744c5194144e6569dce422cc304f81d9ea45d4478862af25509e935c0627c1

    SHA512

    1660b8d5be1272093b29995c0bd2b7958df5bb4250bbf9bf1abb43039279e584fbaedacc79358af3b6315e4e2e68175481214868ec90c62d8c4be3b63cb6f977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49d5ce7ae8cc68a202e7632d1e1947b1

    SHA1

    12d362753cff77c27e584811d364e6f6fc486d6e

    SHA256

    8079fda56f7d48034b88d014539797f4fe1ae199dd21daeadb25e17d930a2a63

    SHA512

    ebaa2f309e81be37ec317fa57abdbe3b7aae146439ac727f4736ac91c70409d7b8a021368ba0e1cedf9af5a937d1c8e4b9eecd38ce1f99fc95b2e2bfad28f506

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    813e5d0a215bb400b2e93ba7173ccefa

    SHA1

    a0ef3b9e5312ab1350f0cc7018e994e14b10a5e3

    SHA256

    2b13860833536c2d2d1585247d5d20a7a81cecbe8d0f02b49f93e32f3ac7f1b3

    SHA512

    0998ea805476ea52fd3f4ef661204ee1a5f90bc63cd22297fb6608117145b62ae21360848b3ad16c432a18bbc11c80f588de9dbe18d53c57ef5ecd506514c077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34efc5bc09dcaa2bb36eb9b475a95160

    SHA1

    1cd476d76bb724e997c8172393a90c6af7ceefa5

    SHA256

    f79fbfb1dc34de57bca7d5e8fcfc70ee0220464af287bb7dcdb2e6a7364edd5f

    SHA512

    992b3600fbe99caf66c4559f0d77a884c1140b7150d4060b9ea3e2bf899fcc60d40bd1b6d464bd3a219255eabbfd118829d60b23cda65b86994d0e40fc25b779

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab44e35f804bf5d07dbda56d642ed1c7

    SHA1

    0df804cd69e6c193208a0d1a8758794eb0ca14bb

    SHA256

    5ab3db14b9b085e54fdc21c4ed8cd4af8132cbb03945afe0380339814a79169b

    SHA512

    4e9cbe458a2e3753b45a3b36b44d7a7a82b6df64c693c175015ab47fb805b5e459a4b0e75de7b2e5013fd1d5c13ee24f0f4521ff5cf8f2075a26cdcce936aad2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53bd3255452927dd7c520f3363c06f89

    SHA1

    82093c53f320a5d21fec151710bd6ef1d7485209

    SHA256

    084af16859eaa1fc80ccf144df065b10d6ac1d8985c1cc333ca97999b1febfc8

    SHA512

    d5b8f6b3008aff140b74c5f2f5244e9ee7ab958a0e21ebd4ff479bd88f3f021f517fb9e3ce5da441c20eff76a6da71a167b1ecae0c14387387fcfdc4b3feede2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3aded46ed579eff65f83a740b24a2964

    SHA1

    b61277c0ffd1e919bda8e12731557efb40d959a5

    SHA256

    2abfe9752721bbf36e68e8630aaa2149c92748a131cc0b0f150b7b01aada5f10

    SHA512

    ad1af0863c6bda60bbe579356eb3fc8ea18898c128883cbeab810d1c97db979b9a3bed8f46b5c4f79c1374c8c8a25bc9776b20883fc62e9834e13acdbebb61a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55aa8798a2bdd7d26f75e42bf51c257c

    SHA1

    66879ef458d8c5c9a72508b379fbb2762166f559

    SHA256

    772233558b3c06bd69b1c941176b102e8140a6faf1909a7c6012537489e937af

    SHA512

    1d10f0996aec3121e95a93b2616bd407b357b5a2d3b5ec02ded7722dded5188ac613025542d3c10e0138657efd510446feb94327250640b96ed4a7076c1bbe69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2084d457183103df1f372521352e4643

    SHA1

    c4f4a77938ac3dfbe3f1bba1f1bdc1d747cf67de

    SHA256

    7ca605102b64bf4be95475f949b22a595fe79d945fcab94e97536ca00956b74d

    SHA512

    faa3998f7c118b132d157dce8e9536efa31b19391c00e3f01d0e12b58fdd43c1db4fde8d7ed5f507ba69d762a878c95503e2fe82dc10c29eb7bb3b0ab5237643

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64101ad34c2994886b82165df207d4fa

    SHA1

    919b7f62f30492827163c265b4141c3af041bb90

    SHA256

    3b702b026eed3a769b35ad2fc425f2caad34c05488a9e7739c0bcd093b12f4c0

    SHA512

    ead60c9e9deb5d352d81e71c01c42cf59544350a19e16300804ae60573ef01e3258e29c34f01b18889d9bed3a5b42fd011b144f44829f580ed7390d58b16baa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57fe11acb8eea3445a130d9f9475f00a

    SHA1

    abb79175268e397891f25bc96e81e39ea71dffc9

    SHA256

    018417cf5e721bfe05c63b86382113cf48c80095fcf0afe4b68a315963da0a0b

    SHA512

    fd9a587b84528d94b7d36c898a130358f1b6964272fecf90b19646988e1806313d1151311414e728333aa9f07878f2d1a796beeefcb6926b738ea3e19d89d675

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f01f5a7d872637103b1cc2ce1f135904

    SHA1

    8564153fc5c50a9145f412af2eda13e3ba607361

    SHA256

    1087ac57bd3b02011d6d49bf8130b42b7e26db1ba45c67ae154dc244a4fd070a

    SHA512

    3c9fff1f114670ca5f9474b4dc086518f75c5db8adb0dde4bbba6e36a0bb7cf44f144af1b1c31d02cd6b19b4425d86810de030ea1cbe5cd93ff34d5fb3e24f9c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab673D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar67FD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit