Overview

overview

3

Static

static

1

雪人MP3�...3.html

windows7-x64

3

雪人MP3�...3.html

windows10-2004-x64

3

雪人MP3�...nc.vbs

windows7-x64

1

雪人MP3�...nc.vbs

windows10-2004-x64

1

雪人MP3�...TF.vbs

windows7-x64

1

雪人MP3�...TF.vbs

windows10-2004-x64

1

雪人MP3�...ex.asp

windows7-x64

3

雪人MP3�...ex.asp

windows10-2004-x64

3

雪人MP3�...et.htm

windows7-x64

3

雪人MP3�...et.htm

windows10-2004-x64

3

雪人MP3�...IG.asp

windows7-x64

3

雪人MP3�...IG.asp

windows10-2004-x64

3

雪人MP3�...NN.vbs

windows7-x64

1

雪人MP3�...NN.vbs

windows10-2004-x64

1

雪人MP3�...N1.asp

windows7-x64

3

雪人MP3�...N1.asp

windows10-2004-x64

3

雪人MP3�...ER.vbs

windows7-x64

1

雪人MP3�...ER.vbs

windows10-2004-x64

1

雪人MP3�...ON.vbs

windows7-x64

1

雪人MP3�...ON.vbs

windows10-2004-x64

1

雪人MP3�...NE.vbs

windows7-x64

1

雪人MP3�...NE.vbs

windows10-2004-x64

1

雪人MP3�...ne.vbs

windows7-x64

1

雪人MP3�...ne.vbs

windows10-2004-x64

1

雪人MP3�...but.js

windows7-x64

3

雪人MP3�...but.js

windows10-2004-x64

3

雪人MP3�...ut1.js

windows7-x64

3

雪人MP3�...ut1.js

windows10-2004-x64

3

雪人MP3�.../c.asp

windows7-x64

3

雪人MP3�.../c.asp

windows10-2004-x64

3

雪人MP3�...ci.asp

windows7-x64

3

雪人MP3�...ci.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2024 00:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    雪人MP3音乐更新版/Set.htm

  • Size

    1KB

  • MD5

    a7855459b5cc982905d3382efd849a20

  • SHA1

    615e0fe80a3a4620cd6eecdee12e294001479f24

  • SHA256

    470aabf7512d3194c2f3fd7a0da5ff15e26df18f3069c6a8e5df122507497fa4

  • SHA512

    03bbcddd2c2fa8b004956c7cfb026df8ac0746894702ebb16a3fa0c5ac2e3cf9310c39d4fc8421882e032dbc83731a17c158a53e99ced5da6bb57a08784e3452

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\雪人MP3音乐更新版\Set.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    255cdde77db0b59528dcbd7b648eeabd

    SHA1

    978291efde2736e62cfbb9bda105ee29df2659c5

    SHA256

    37955b9c4f9b821f07766f0ac6f4cc53596c39579ee97ae258fc74a9aec70153

    SHA512

    118fcaa11f46393560c725e0f3aecb2ce72b3918e4ea4b3e49d723be4e153038ef987985435f5014f53e6e5a0e3cdd9b856d32efbddaccf39cd0f583d3ec0c4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7053ad4383ac44ac23211c0bdb41d2b

    SHA1

    1aa3916228330033530762f3f670e3a03981366b

    SHA256

    6b047fd6671bdb392ab55c2d507f041dfdef603d62545eda17f2e850fbd4497a

    SHA512

    5b0c0d5bd4674818d1c5e7d7c8535f929f65de1c48c3639e246f64ae362e109c25b22c43a343bbcc4a51fcb2c3818f7797ff5220fb01b3800285b70e9b5b8537

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd5f14c3d7cfebf973d41b47e09f69fb

    SHA1

    e3338996a7604b11e29599605cea1bcbb3c8f931

    SHA256

    2ee75e092940a5aaebdf0967e755c85e89be595ea515681482c7f56d96e81947

    SHA512

    4743b101741db479ad768b471bafdbd8040cc7c662f0fafae2549fead1172032fa8d2373d0e9a6fc3c2c5c3b982bc16eacd98c30b8e11f3a0174d7938d6914f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eba714b3d79aef84da725053d9d5ff8b

    SHA1

    38dbab334836d3968866a734ec0d56842d5ce91e

    SHA256

    058f4d3236240b5473dbfdf16712d75ba6d38a3d149cb69a4140badb6311564d

    SHA512

    779971f6c91a6c58c3d618b646d8ef6567f0cfd58b2f739ee4ce594cdbf83a458bc2fc0c3355352962f199c264359b9b5ffc45627ce07edaa10fd0b9d87d70c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee2f33d44e864f7103e0311d98664e0c

    SHA1

    5652e73f08922476c2d35e18a2fb696836280593

    SHA256

    80c60bd1d453a0160839e479083d66d96f36937cc42f7c80ba401b4f7ee880a2

    SHA512

    ac9a474a09398fed7610c42ff48f6bbf0eddb39f6ce435927eebe1b2acdc8c4886bf7e6ba7c6bd6a08289257da1a52d5ef63edeb1732e0ff6a4e28dd6abc8b05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1246fc203b61c68d356e0c31080631e0

    SHA1

    89012b9564679acd2c8c3b97c61df6dce21de96b

    SHA256

    908e8fcc71c9ec958d66233baf52dc1b9576360da361b57dae1443c66df3b8d4

    SHA512

    c75ec6c0983f963a5a8019309cef3f3ea03eab6222007ae8b58515d24ab7940321ed15d32ed0a50ad788f151ab6bd30e2a7b1d00cf163eb1f8726f2252416dd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56c8941b01384cf73df818e35ae264d3

    SHA1

    c7b61342a5cf0382b6aa1995cb51c04552f8dc2a

    SHA256

    407411dd7e1a399d1fcac9ebe3ec557f7a1021edb7b429495d669d22198b1856

    SHA512

    4796023fc1395394cb45e8257ef3085cbbdc3a38940453e0ddbeb9bb236cdfcf7c8ff079ddc74dec7f940da71dc737c3962611512246f92d3138dac1d8685cb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc1fdec63001a28aed1b41cadbe69754

    SHA1

    90806398324b98bab0e923d9ddb3ce9196c770b0

    SHA256

    64851872613d42d647c1044d074f83097940e74f67d5b230e8f58df5d0dfa0ad

    SHA512

    70ebaa31996ded92df3a0eb51893c4f32b576969ae50e9d5fd03f1390ba775e13d44238a4db0b3dcb7868d1f4d0a72edf665409de2f422c6ee566314713cf35d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    959aff3a7d8076d281c265ab01d89c33

    SHA1

    40c153f0be6307689159e85bfe6ae84c3eb6e173

    SHA256

    e21d3b02993530365fb0b36c4f8f98dce2e5f0254f4191dce224450c040fd00c

    SHA512

    899956daf44299a4e683acd2505e9aac7fe1ed6cb9dcfb472f0ce4fa854324965a874ec935bb3d84cb981089d7d239813cd6e63ea20c56dd3f6bec4a1a17be79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7440912fcc60b671fd2ec062f63f5c6a

    SHA1

    b952bb4c7d074b63599e6703748b954579bae271

    SHA256

    5769874b44dd9884ab629d0978e0da02e7e07edbe15508e36b7ba7e5e36adea9

    SHA512

    678617cd3de73d5d00898998ce65d98bf5bf25dffb826c2351143f8f118c9b4c3dc44dbe969f0b1cf1329bb1581ef439a657996182a9465b5989e082e356c2d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e24ad2f715e50d1b4e9ea874579d427

    SHA1

    a3c2de052ed467a8209c5e0b93463cbeedf0a95b

    SHA256

    d97937172b112025725d132db841a47fe779f12dfe1dfa602ea9554663eaae1c

    SHA512

    f8e6f8d6daeefc391a3b69b804fc930e79608dd4a35f24a6a54c499adc69418b03402235e9c841bf883219d3648ca9eecf50c9dbb6b38a8d147254951b7905f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18d83753e6b36c973ec2bb90f72e1d2e

    SHA1

    35d37070b4d966c187cb848f49ed1db926a59943

    SHA256

    4ebff59cee2bb607e1665886a80bf9a42a5fb8ea09e695d1e9d5032a840c77bd

    SHA512

    0bddcb8dfff38f490dd22c6409ca32c122d06655982f8f886c54794cac9a03782ae79754200f04c23b39e3372945a9540d10cbdf1c23f52b9faf61dc3bfb8976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d4f061369299acce10143107e056294

    SHA1

    2376944f08fa8d2b3585ed71f15686a94243faf8

    SHA256

    5ea61e69b5149e2bebcdece883837df32fd4f894cddcb2fe8cb3c853928757db

    SHA512

    abf0fc97a093efe2a24a504068363b67c058a7bd3e80a0b4178783b91d7091dccdb2fb99c182dcd3d52312fa4667577b685a39927e45b3019a123c2828c8559e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e6c3e389c33ac72d1700dfd37077403

    SHA1

    df7949fdbfde4d18cd679c6f5569561e9e4d1e7a

    SHA256

    0b15d380a98913dc9ca655b918689df805731e02d5ca8ca698be1b4ddbc2c3fe

    SHA512

    b18da13ac22996427b0c42758f2b35465a3a9898ce871d94baea977dd54e5798f5069a76219ff5b11930ea2deda5beef25c98b7be0fa6e4ca47055f0071074c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f7a7d0ecc4e3b5f5f40a99831ffa74d

    SHA1

    a9d379c50b52fb6078522f7fae417c90c083d717

    SHA256

    89637374d542cef25dbf06ac57c90f7fe23372ec4cbb1d7fb106f0953a0700a9

    SHA512

    31905aaec688b66920fa7024e5ff1654e31b7671524f9594a498c8330bc2a69a01641c0c40e7c7b62e0f97675c8faafd40f75921a1c42baf032d4cb99c0e4993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0ea318371530236ef4b29b3ee5c52bc

    SHA1

    053d4777b31b40023ee7e2a50c10598604a1f3f4

    SHA256

    31bde2657a1b05a48762cc990ae67ccfd7b0df58bff52c4e8e6d35f6da13a2e4

    SHA512

    db2ef4b71c2539967320c42d9f832bb163ff781a9fdc888b9fc204806dd633c0681ffd094939692fdd17d09b209fb6501d3276bbcdbae9b53d2eafffa04203ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16c901c203d83dff1c95372a2fbca9c7

    SHA1

    d469f64c6f46d7688c1a4a71ab31e3183c307212

    SHA256

    0d0ac5a640d2c42a5b5932ba69cd9bb461c49ad1b990d95b078872eb4dfd38bd

    SHA512

    8b7834f62b1aeafac4f6c876839337af3524fc486b93165a7ec846111d2bb6e820c069920cb049e81f0480caa159b8f2ae4464356b602ba530e7b10b1942162e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f231bb3f12137b3b3a77a2512b17b03c

    SHA1

    42a7717e2c1353a84f4819a3e93d11cb4ccfc335

    SHA256

    1e6096b521c1c420bf1ba76a9a12ca0f910b21a17e88fa8a0380bcb0eff0229f

    SHA512

    6922eb672851ca0ffd9953bb9af1f680d98884ae6e159f3d39a04dfce3d97f9d490f8f9522bbd42007a9cfa34173e12279e3e4c2bfa13028673cff17d036c198

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cee2fe23f783f395d26989f82acb1eb

    SHA1

    3aa9170cafecfbedee905a40401ae989133dc649

    SHA256

    f34b0a6f469e94530eaddc5092079c72942c0c245311af47ea15796c49976b09

    SHA512

    8678321c1378c761b814c5b18a6c68bcb3d211e69fb133816b01e7db09222e6c4b2196d42c00cdfc3dbfeaa46142896d29a8acb4202e72fa280f117c1059ee3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDFD6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE076.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit