Overview

overview

3

Static

static

1

asp商城�.../1.asp

windows7-x64

3

asp商城�.../1.asp

windows10-2004-x64

3

asp商城�...ut.vbs

windows7-x64

1

asp商城�...ut.vbs

windows10-2004-x64

1

asp商城�...in.vbs

windows7-x64

1

asp商城�...in.vbs

windows10-2004-x64

1

asp商城�...ss.vbs

windows7-x64

1

asp商城�...ss.vbs

windows10-2004-x64

1

asp商城�...s2.vbs

windows7-x64

1

asp商城�...s2.vbs

windows10-2004-x64

1

asp商城�...es.vbs

windows7-x64

1

asp商城�...es.vbs

windows10-2004-x64

1

asp商城�...rt.vbs

windows7-x64

1

asp商城�...rt.vbs

windows10-2004-x64

1

asp商城�...nn.vbs

windows7-x64

1

asp商城�...nn.vbs

windows10-2004-x64

1

asp商城�...lt.vbs

windows7-x64

1

asp商城�...lt.vbs

windows10-2004-x64

1

asp商城�...26.vbs

windows7-x64

1

asp商城�...26.vbs

windows10-2004-x64

1

asp商城�...es.vbs

windows7-x64

1

asp商城�...es.vbs

windows10-2004-x64

1

asp商城�...on.vbs

windows7-x64

1

asp商城�...on.vbs

windows10-2004-x64

1

asp商城�...d.html

windows7-x64

3

asp商城�...d.html

windows10-2004-x64

3

asp商城�...d2.vbs

windows7-x64

1

asp商城�...d2.vbs

windows10-2004-x64

1

asp商城�...d3.vbs

windows7-x64

1

asp商城�...d3.vbs

windows10-2004-x64

1

asp商城�...d4.vbs

windows7-x64

1

asp商城�...d4.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asp商城之王 v9.1/GetPwd.html

  • Size

    1KB

  • MD5

    de4e94bd24627634e78f70ca6ab7b5fe

  • SHA1

    0ef2646beec0976f636e7194b964d4cc29a1c5ef

  • SHA256

    0a4fc16b17d4da30d3f95b890324284297f8c73afe98cabec7ca64127f0c95e7

  • SHA512

    0ac0f1c6ec0d7ba3cae62d496993e0161d04a23d234e538f33dd2ed6404164e8b51ce41cbf2ecd0f890d39634032358c4741254b9c92449812b8c3e0ca7a490e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\asp商城之王 v9.1\GetPwd.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    89875e94d8a992b3e293b654d70156dd

    SHA1

    e3beb201ac9d24a93bb75cc0ab599fc9e930b0fd

    SHA256

    40c4b477ba43a8a7a5db3ec4c74e32e6ce664a6ac4bae7c308bbae697c5613d3

    SHA512

    7a6dc3e724843244fd0120aef059cbb93c45539efff10f415f0ec2a35a608568a820b7a7bee14529186615669b52cc9ae5adc100d2f8645baa0e13081c37bd2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8d6b71e1fee307951e74d317f93818f5

    SHA1

    ffba5fbbd42cdb9b8e28cb985e98cf1b4873fd17

    SHA256

    b9ca6c31567419b9117dbe06b459587b8cbb962ff32f2e22b32716666adcd42f

    SHA512

    65e38f900965729f6c13f0ecb8c8c3c97891999f3ad6fd769edbb2128a041163a665edc9d4e0166282e1d0cb7b37560d970ca341688b0851839de67f217f8313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f2db4754f9528f3f02f7aae49794eb24

    SHA1

    822ca7da00cd513a5e259cb70d655d61874f7823

    SHA256

    e1911c88161177a1a646a54197c40c3dbbcf248c899877676fd96ede24084ab8

    SHA512

    6e76507652b55ac7d8251dfdf75da5c2f6ff9b5fb7de1b1936df89f7aa26b68e38a8561a7792c416db350f516b0d836539c112f3f9bd308d08f026b7c46fa02a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d7b3cd04bf2f86796b3eafbb34d842ba

    SHA1

    fb2be7d2cd42230c0afee2625ffddfc17b664103

    SHA256

    4cd131529789f80f92938593cd4365dd0da20f130c527aff0b7fd74b870d8a2c

    SHA512

    5db318cf60c490f1139254a30d890f3445a9b0e853b641004b58000a5cc3c3f66341db20769c0fec2df26392cb61cb750e9da65224a83ff5e7e12523836ec03a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e334d6f0c5f87dfbfeb9f27995fedd78

    SHA1

    99d8768159a5d2696573d2d66b4f33a306619e25

    SHA256

    012d5683f1e54619dd277f97e24a02f499c21f010b29d07bf452b6c27a58fb3e

    SHA512

    fc93e804ccbbec7c9fa86579265104e4e5ce3162d7e70eeda367a8cfc65454ceff2fbaa81bc64fcb7878cbe41dac4f18c3a568e25f7aa594d00db0374f0e9135

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c50bd1759279e535d54c625e56299c37

    SHA1

    873eddf2a3757509de38f1ceb4d06deb49381688

    SHA256

    6006f9a3a99424f52e7cf5f1998e17996b3f1042267b3042c5287c4f425606bd

    SHA512

    b5fe7295a2855ea66578917b1f1a8508fa558286ba72f42f256a3a0330012bb250ee06e25ae3044616a24f2cdd671369c5ba3ce45a7f3d96848e2e4a9f88acb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3dec684b472a513a983fd148c838a294

    SHA1

    5d799a64f3c6f2378c137a7fe30ee6317d3cdc32

    SHA256

    bf810c67d951fb87a52d45db40bb77035db30547498817bf128fcbcba9191fc7

    SHA512

    82af71340f1770e0d40d9564223683a0f3a3c7534bd7ccf9ffb1cf74c9eb9bdb29e033c1ff266842983d06b0760963448b23021caf163b99f001f3b751de63f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4033ed9e03a75d46ffc914bb159bd7bb

    SHA1

    cc432ae4761b1d9652def13784bb41c9ff2ddfa7

    SHA256

    1f0f89a616e87c22d8ac230d1fcbbf2677bcd732363ecdd275fd530eb54b920c

    SHA512

    bb444a42e253bb0eddade59638950c7b23b8ea98520b1ce17879bdfae91aaa583ba46a4571fb33a133733fbfb22a3f1c0cc46dd17a16616449af9be9c56be4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ceacc4ca626acbd57bc2de3c7857149a

    SHA1

    f04c3f1066823e958e2d5eae6bc792865a41107a

    SHA256

    927a73da98f744b7570a23abb4cf571c2df98fd8f715589a012816b27835e086

    SHA512

    4d68a97d77f007166acaa8bfc4f0eb2ec3228d275d0fd9116695d9765d593f686e66c5074512cb15726673c8f18d4fdf5d48772e075b2b626ac78bccf554c493

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    40bc09cb678a9e926320b662c398cdff

    SHA1

    3b757361025e3d0ef0f4d91f7c4a6189dfbca608

    SHA256

    46f99666531c20d048f3f839d3d49bdc7b2becce4e092312a932f1433fabce54

    SHA512

    209ec02d09b3b29334a3da1fad34aba2f9d344e9cb6e7ef1a31cd5f34db3106493269933f328ad7fa7dc8c1fb8bd354e591c316ffddab7c4d6a72c734d0390e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1f51e645d468e7079092a87d17b21e8c

    SHA1

    a954179f815bc5c965946602a06c4ab7a23e3e7a

    SHA256

    4c9d96fb8b69139e5b78f51c903249b0ebc0c2de6793fb58bc2f5b921a792835

    SHA512

    83578ff85b506b027289e666933ee6bf4489bdb86e0ff9b77d15dbd5f1a447c6f7d882d46f6ade3f2ac28d71912a7cfeefc722d95a0dbe6e9f138227c68a32a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fc5047f4558ef469a30d7a9b71359e0a

    SHA1

    399fee2a7a0b4bec1887ce0a73a1aca9547a1f9b

    SHA256

    07692eda79a605c27f54a1a1960e6ad0146c27ed80d29b6659258965b166f4a3

    SHA512

    8777ea33084ece083dfcde2c8679507b70f32527c334d6fc469754311ea8560432f136038c3f0081eda9c6c4eaa2b35b76190d74d6f6080277512930bcc8b270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1fbb64ec6a36ffed9a5f0603c371e289

    SHA1

    59a06dceadf777eb748a35a08676bae10824b3d8

    SHA256

    2c22cf57f5ac86a1eb6ca8df13d000b239aa0985ffe6d43dba704f7abde770ad

    SHA512

    7e89dd5f9b9946640ef985fe100ee1fa724b738eedcac95f8fedf7fc2eb3a2a80ba3971b4c6ce4856ed15fd4a820724ea82bd2914eda2ec467d7a72b4fcaec54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    206915296f5abe499b79384a021ab2c0

    SHA1

    1aabbe68ff6cdac1b1a3388795ec25f16fb646ca

    SHA256

    0909bf7f512ebd83de03cd715b0f4729634ff2f197181e9bbfa7dc7996a58da8

    SHA512

    3e594195cae693b26966bfecc1923f1651dfab23219043b76c8ff570d56c105602a3e88c15fd495f10519aeff5bcea4952f980577e7d6e3ea9db4fb624b684df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    838d467543f797656bd949babde98371

    SHA1

    ae292eb17bbe322cfa945f1ae254532083601e40

    SHA256

    30a0d27f31f2bfdffc221eaf8930664666654f0a8e6400646f7fc5ad93f95524

    SHA512

    3305b89396802290fcfed47a94ca1aab5e754350c9fceb2bec8828347ef4f2b89c23f01c4a90ad17c9256249b378ee55fd42220c849286b61fa69befaf9d5440

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dcab3d903a90418b881a04ecfa371694

    SHA1

    1a5f0fc05ffa1840fa1a7ea22eccdaff1f4bce93

    SHA256

    efc8412a7cb521ad3c5bce0318e12809e84ec332246fc7528edd0c0262892b31

    SHA512

    cf4769b18060b084bc5319d27fae0745a00ecf4c9a7339706102d35667091e436d402387069d7a24c26701b7f9fff7ac0983eb802cd690928b7d28a23408fb42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9115686f7b20ec129c51eeba30dac277

    SHA1

    f271891be1cfdf9d3bf07149fc8f844d16a303df

    SHA256

    2caeb347cb0a4b5676b5d5802a9e7bcffa02ec052f32962589fdc6e42f180140

    SHA512

    bfe62b2242fe20aa7ddd801ffa0a4f1413bed5e464d7e6c9236ddfd09be7680a0248e385096b7a91111cc8aa84995b6263b317dfb3471c47d60dc1288333f245

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    eabb8c5b5c26cf56837a1c5f7210e022

    SHA1

    7e4ce403f99d143a2fffb9a737f01b84b04711b7

    SHA256

    d6bc734b7edda4cf5c14f75ffccf994bdc93ad2c5729dde975fa79e07d742269

    SHA512

    e0b2ad24455b00f5f4fcc6049771afedc54b94d22dedb343dbea2883b9e8e04d9aafe43bc3079e8c67cb9fab7902261df3c2ad4de77fc7306a6016b3cf46862e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    43ca441f1a5d008ab4e166bf658bb42d

    SHA1

    e84791194da733c018dcd12f46130e06fd75280a

    SHA256

    40a2d973fcaca25bf7830f9ace5e715591e4a0236ee79c2773e0d5f7128b8494

    SHA512

    715c5605724fe68fda1b07f31ada036253dd07603c281e2398bf2c49ab8a23a94abf6b8ea0c418b3d698d2269cf6c40925f77444db94913ed75046427cf32147

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ef30f903ba33e9567dfcf548f7b012ec

    SHA1

    f9627906e91be264062f479a67da369f77506087

    SHA256

    d142ce2a47e7b3c4a83bd8a28fbd41fcc5319d22b5d69eb757a2d4753552e954

    SHA512

    a255678be1c5e17822cf477ddf1475b17ff20fc971784045c13f21455428a25684e70659cdfbae82ea964fc786fc5249d90e2709d9bb5ab065b43cee9f49e433

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCC38.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCC4A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit