Overview

overview

3

Static

static

3

DX TextBox...al.asp

windows7-x64

3

DX TextBox...al.asp

windows10-2004-x64

3

DX TextBox...ls.dll

windows7-x64

1

DX TextBox...ls.dll

windows10-2004-x64

1

DX TextBox...st.dll

windows7-x64

1

DX TextBox...st.dll

windows10-2004-x64

1

DX TextBox...tor.js

windows7-x64

3

DX TextBox...tor.js

windows10-2004-x64

3

DX TextBox...p.html

windows7-x64

3

DX TextBox...p.html

windows10-2004-x64

3

DX TextBox...ain.js

windows7-x64

3

DX TextBox...ain.js

windows10-2004-x64

3

DX TextBox...e.html

windows7-x64

3

DX TextBox...e.html

windows10-2004-x64

3

DX TextBox...rm.htm

windows7-x64

3

DX TextBox...rm.htm

windows10-2004-x64

3

DX TextBox...r.html

windows7-x64

3

DX TextBox...r.html

windows10-2004-x64

3

DX TextBox...r.html

windows7-x64

3

DX TextBox...r.html

windows10-2004-x64

3

DX TextBox...wf.htm

windows7-x64

3

DX TextBox...wf.htm

windows10-2004-x64

3

DX TextBox...e.html

windows7-x64

3

DX TextBox...e.html

windows10-2004-x64

3

DX TextBox...mv.htm

windows7-x64

3

DX TextBox...mv.htm

windows10-2004-x64

3

DX TextBox...st.asp

windows7-x64

3

DX TextBox...st.asp

windows10-2004-x64

3

DX TextBox...��.url

windows7-x64

1

DX TextBox...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 13:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DX TextBox 多功能文章编辑器 v2.0(.NET控件)/dxtb/rm.htm

  • Size

    1KB

  • MD5

    6c47fd5eacd314541b5db8f95880c371

  • SHA1

    a604dedb9a4a26ebad2ec242c6473477293f1684

  • SHA256

    5e117b69d9798cbca17778065b87f9861c16f58d77db95647afce00f4ace0665

  • SHA512

    0da56e1eb70f555815cf80d54e6cda31c318943ebc4ea2fe1734257c03b9e5e7898898f74a4664dec9206914231e19ad12d77a89f9f9646a9544d61bd630959e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\DX TextBox 多功能文章编辑器 v2.0(.NET控件)\dxtb\rm.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c676cb337b7e97d0a9ce77d774dd5e2

    SHA1

    dfd018135803c2db276be34e2c44bd4465539cc0

    SHA256

    0166f257f1e59036d911b0d826092b47c81ee06d46f3c5a6901de9a03a80eb8d

    SHA512

    8ba4bcdeda62e3de9b92506fdbaad60d7575bcd256fc8195af87ed00efc598ed5421651e5dd9f28f67b9d8a1f949c078b6e9f8f1962a941ee34974b0727cf6dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    545c09daa586c6f0b3b8751a66a96999

    SHA1

    b1084b303740e04b439bdc7ba75b12addbde623f

    SHA256

    cbcbc52b2c31b29748d6fad79d14500d16cb626908e7036f0b90bf65ecb65fa6

    SHA512

    da7c52d67b661800938ea0bb228612614bd8d87914b62811cda8f60c3adf9a48c4ef78242cb868b56c16675c429713c03103e96f6a492641041a8672c3288143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6492a8e1592e2ec5494c0de1404b2b44

    SHA1

    4502552aedb564722e2298bab861eb7d46b36fb0

    SHA256

    43c0e9f3c48a92f8b337513d03743f9f952bdb4b53428e4f316e18337d557e50

    SHA512

    c38c2ba66468d3059d20d0a03b792aa2f9b019e2a1a3af6c2415dd3ab9b6ba6f3417660d5715e1d4ff9aa650cb707af8c2fc7f9b46d4c1cf3a9a049c90bb1384

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b677706bed3317757cf8af2e9f72ed5

    SHA1

    680bf49c884ca1af98ae4286d25de128b924dfa3

    SHA256

    7c2d1a93ec98f4c5785a0b6510e9a66f59ea2fee30f5eddc6e359a731ea480a4

    SHA512

    dfc956275e2e60b5161605dd9d546a42521240205a44d42fe81a41382d4478ea5c00197269103c5b7bde55825a33efff01c560125166932c70be6c4b331ae1b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    600db56b7a43324e641fb3704e0e7d49

    SHA1

    9530e75e9f9971138be6ee667b990a909d846b31

    SHA256

    0706a5302b4f6bd25dcad0e1ea604d818e8d17438e7d94a1ad9f00d118266d04

    SHA512

    9d59ea3ecb3597064a73553807fbe54afbef3ef50ea1aa632acd080bfa958c66da91245ad4b6c41fd4b275980a7c563a32d168b64749d1b9aa85db72eb612200

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd098ffcef9862ea7d90dbc4094f440

    SHA1

    a7045a3b33e4a842f158ef8970556805e10788c8

    SHA256

    0ba0c1f75430b4ff453ba76258f473ba86fec5cc74f8dca354d15ce23e94f91b

    SHA512

    1f2ceaa8df3b5f715598fd05f56819c40c001d9ad282901acba55a3be9388c8ac67395424e37627630d55596f6b9ecf177c6788d387cbef26b64b6ac01ce0340

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f3da61990e452b968e1b7a7fd74c4ee

    SHA1

    91a93e8fe52605b850960787b19d599a4c4be8ca

    SHA256

    af88f8d14f720a5fed69fcf89eb00284a16644a7ef196b1219c2f9070ed2ef18

    SHA512

    e81eabace2c73b45f3cb946b94e3fd57cd4248d7a612d029204c6c2f88799f03cf0de8aa4504731766192ea7873635af207feadf1622794a0c07e3a77a054407

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a8f99a65dd9db53360296550ef92316

    SHA1

    3f8632f89465d743d97097b665d3ec7488f2fac0

    SHA256

    b9ab7720fc64035b4a526c3dd3a2df87d91e428c16d732b00fcccd1e9ae78a70

    SHA512

    b872bd0b92e73ba259500712cff6959f69fff65ef94a736d180f7c09e58e3692a4d2f5e613878136b698f1c95dbd86802f3ec64f0bd9c665f04d416cbfb4f817

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d09b8c602b14ab33b9ba24bc4f7ab1a

    SHA1

    bbb7281b303111dc3f041425138e7a9d814068d6

    SHA256

    c88f40f671de25556147f9abb64ba4250bc7fda8a9dca6f9f49255e55f6e1d76

    SHA512

    f791c37f9dd37c2b4a0a3920ea0d2c91c90e358f6375e35c03d31c36846baacae26c09a901903fd8527a17855d209d4aaec74ddcfe3fdb03bffa6dc18bee3ade

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF0F6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF33B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit