Overview

overview

3

Static

static

1

晋江紫�...nn.vbs

windows7-x64

1

晋江紫�...nn.vbs

windows10-2004-x64

1

晋江紫�...ok.asp

windows7-x64

3

晋江紫�...ok.asp

windows10-2004-x64

3

晋江紫�...08.vbs

windows7-x64

1

晋江紫�...08.vbs

windows10-2004-x64

1

晋江紫�...ate.js

windows7-x64

3

晋江紫�...ate.js

windows10-2004-x64

3

晋江紫�...ode.js

windows7-x64

3

晋江紫�...ode.js

windows10-2004-x64

3

晋江紫�...lt.asp

windows7-x64

3

晋江紫�...lt.asp

windows10-2004-x64

3

晋江紫�...wd.vbs

windows7-x64

1

晋江紫�...wd.vbs

windows10-2004-x64

1

晋江紫�...te.vbs

windows7-x64

1

晋江紫�...te.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...in.vbs

windows7-x64

1

晋江紫�...in.vbs

windows10-2004-x64

1

晋江紫�...ut.htm

windows7-x64

3

晋江紫�...ut.htm

windows10-2004-x64

3

晋江紫�...log.js

windows7-x64

3

晋江紫�...log.js

windows10-2004-x64

3

晋江紫�...lp.htm

windows7-x64

3

晋江紫�...lp.htm

windows10-2004-x64

3

晋江紫�...in.htm

windows7-x64

3

晋江紫�...in.htm

windows10-2004-x64

3

晋江紫�...op.htm

windows7-x64

3

晋江紫�...op.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    晋江紫帽中心小学网站管理程序 v1.0/admin/Dialog/about.htm

  • Size

    1KB

  • MD5

    4738e9c10e361761f9c4529e58109848

  • SHA1

    1be5e37d4a830d30afc16a9a50d07fcd7392bab2

  • SHA256

    0e75c08d1834e696425319e55873e2f8d913db6d7f159741e36a2079374e5621

  • SHA512

    3ce3ca5482be20a48d8815567c05ff357fb545c49474f1df9f18a04c53770c37dae9352427268f67e4b66e2481ff38d64e3b28e02e11d24b3daa78e375859b3e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\晋江紫帽中心小学网站管理程序 v1.0\admin\Dialog\about.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73195265355cafb55d7d7b8e75da246d

    SHA1

    16904c439c70243ff214ade9812a47297587f2ef

    SHA256

    263449665e4a420d60ead4a31ff601ef95a79f292637986016040ce20f2b3a19

    SHA512

    612f2d78df6dc6667709a880ff884bf93efa483b94d0fb28cedd1617b7d12a25264f42f922302c35de1f1a994342f0eca5b10704b606f54cd1ffadd4c78b290b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66e4f1b3d5669a77f433b0818d0890a9

    SHA1

    ee082dee8db87e499f674bdac904b3c311f328cc

    SHA256

    7d0f7c4146c0d11043ce9fae81b659b31cd69f782f55e4437d3c5e51df108fec

    SHA512

    970c01e350224f9a35524fa5401f02a721f1b91a83a5a793ab3c97299da6c4ecad5e3c1258b4ef3aa9a12e1a8f87f85f6c58feda3153deae91168b4c9cabae12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d2c24adfe6118bcb80257a5b2bfc375

    SHA1

    f6c9e6f2ec7d12da09ee653173540eea874d751c

    SHA256

    627cd72f116527f4ced0a327d496b8dba5efcaff05dc665057011a4949f8fc49

    SHA512

    c8213652a64ff294c8cf93ba74622d06e1bb6c280da24da220900197e1ef586c8ab909b2e371ac7d7f496bd237768c98d9c814ac91ec5641592c1de0dd09c4f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52beb6a7a8e33d7bf7a84f1313b70fd9

    SHA1

    bea3775c931d40a15d267a0d395bd01316ba2725

    SHA256

    761055e8673e03c653d0f07c146f30419f3e4fd538b86701844cb53c7cbf15e9

    SHA512

    66e1cb75e24ed055a81cc70c5c12f487efab580e3d705fc56e648f20fc4047cd0b5520cb90c01c08129078b3aed8f2df91676cc1edce94c53341b7ec6763bee3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5233dff797a47a7190a13cca7a2c7a9

    SHA1

    1ab87fa96fbf1f2212e586ee59495ad2e081164e

    SHA256

    23cdd8aeec081d2b674a55714f78dae6b883c0a056151af66917ff91c713a0d8

    SHA512

    a50024ed40a3aad3b4fdcf0a4be219ad44d8ed97bfdc0fab7b3a7dac18eb01ef0a8923c454db85b43acd71646be499b8842731a0b1723849402e42723987edac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    071a2c8c600b43bdeea8469baab1805c

    SHA1

    22fe8c080231aedfab4c00f95f0fa5a7caacf52e

    SHA256

    f71389bbbeeb8965b782dd23165a03f34a50e72ba08877ef5135357e174f4c10

    SHA512

    5e81592cea41f66da064831ec8009d3a1c5caa2acb036d4a455956cd308098ecd1869dd92d5c5efc5bb53bcc70fe47f28e4de8de12d47fb1f3285ded07e8a7ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a2ca03c54384562f2f6cc99f2681fd7

    SHA1

    fed73c4731fef4116ae032220d8c393329515bb6

    SHA256

    9cf1e20cd66813f608881ebd347b59349f57d7715648e910b7874fac3db3c0e2

    SHA512

    b5592243f249b44a72304f2e0aace94a3a2ae1b514b4ced1d19ae286cb93dc8e7c486aea1f922d140d83fe0795d7f4e35c126a50a2e51ed72adffb520da82085

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aab64402afd28020df8f2b32e5afca5d

    SHA1

    9accb4629525aef3809cb2263ae586f05bdad348

    SHA256

    868b0a3937a81acb91e4323622a4b3e23a3e352de6d133e697d12b6c0761081b

    SHA512

    646ebe304e08ac6a4a57d2b8d121915f2f543a71a4c85085e0abbd1f2f8d56a4cf26757c35527d10c75186bdfe015358d55c1801d35ad59ada9c536e1d99fb52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62e6219d590c1bb3a8312d1387714dc4

    SHA1

    259a7e41afe2435de0d398ca4185602e198c552d

    SHA256

    a4ac3d0229870360f20c0bd80ce75535f78923a34a7a1ece8f29b3d1fe534d50

    SHA512

    33bca557e15ba7dd5d3dcd9819fcf648bcba3083bd4a400f66598868819f23e4ee621a5a39e6b5c9abbc99071de95e12ac0b8e7d10d576c358652142b8f5d02c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    566b8de2f150b3b00a8c290d4dd21c72

    SHA1

    c7a89830ff83534a5ed18633fa650a40028f6960

    SHA256

    9d1cac29cdb466b4783e1e3438a3b542d7b0a177f85d84946e51e12e8fad5011

    SHA512

    10cc928857151bbdf8ad7fc86f6e6b99b6166c92c2b04100f4f0bf1bba111281540bc4b76be3eaa66aaa266102dddb6169dfed92e2e0b866851b03ff424dec7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abd4b50f0d1a6bfde06c130c2e5af4ac

    SHA1

    04f6f7b6608de33a1318d2ad2e1f816a2b7fcf65

    SHA256

    1f6b30cdacffd8e249131c1f9ed184ed09b14cec0086a10a3843c6e7cb08f177

    SHA512

    bfe92ce695b0688107ea3adac710ab837c35bc71041f662faac80dca2783f423a3c70c3caf47df7eaf426b82b18480354a0e0eab09bc095ae26c63d182b1c7cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad1d2302be11c49285a966093d87cb34

    SHA1

    c8c6c2f3a9f2b723654fc97e0e72e6fe55c1fcc5

    SHA256

    0596be62db7bb3b010dfc7dc7a7a4d63ad28e39b173ecc599c15665d790069ff

    SHA512

    983b2f8bb5907f4519e24d6fd505425680a93c614fbe49846f7f98fbbbc12bf6357046c5e2006ec200841fd2fd4e9aa88e3aa77b44964e79826e8b64776b041d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adabc1114fbd96fbe2f2b823eae38754

    SHA1

    977b14f7f75ac62f390a54a021249fa423a892a1

    SHA256

    0948e1d6c27af11750ef8402d3fabab3aac1b4420fd3c87f2fa3426c85438fc2

    SHA512

    e379e41cb83c2f620cc9c8b6bdfe244a669ffe787b37bad0bc0a64c617374f19c9241edc6f3806a1d4d9a98f952862a10515fb76d4b8984235ee9d702bbec377

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a99118cdcbeddc8795ab503c09e87c96

    SHA1

    2caf568528c9266f35a031a65e426e2705693e2c

    SHA256

    b557867805330fbc39ea959de1073c9ac8728381cce5484f65475574f6d7dec6

    SHA512

    885a45bc872941e80f025a11758b1b3a9fe255e68e7db79aa6297b8fe32252c80d3ce8453fd4fa844b9deab81260fdfc48a72494b59d9ce119d5b0a6f104b4d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    560c14c0721d87795c0aa41591154eff

    SHA1

    62ec8513ad9fe5e4431363e390de525ad776bed1

    SHA256

    34f9b629c1718ba33ee50d881c3eb77006facfe069dff443cb5f61a691e9648d

    SHA512

    f0d78a2f9df55a90dffd93bf25001bec71d889e78ce503e305d9386cd73eb02776dedd557ce8513b8db35b34d9d72a4bf4015654595be0070e4070ce2b69b0e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2567e42cdae7ff09848f5d1b22e9ff0a

    SHA1

    8c1cc5f2114eeb7a1dfe933aacde5f56478cdbe0

    SHA256

    360e4256343ca26466393c7351b38672e13be78321a5cfa29fcab1406067ed0a

    SHA512

    b04a63643ab26b4a1b437a7b9b5083cba06bfd46c6e995387b929ea3b86332a7416328c3004939ee4077b5bde3216712b64254cc7e36c99c7ac38ff67fdb69b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    232e21a1283a66f12b0c8fccb9f7ad72

    SHA1

    92c40d4dcb55175653a3d223febfa39f921b3ff5

    SHA256

    e1fc1019d8f5bcd96f3e6d6843345e719707d1464fae9dd01ea0ed60333c2647

    SHA512

    ac7ecf09197a9a1c872aa30fdcd077fed6bea617601cbc1caeb2bccfcf6acdaf7878f01266530fc311ca23d309ec12e0047cd34c116865df7cd4acdaf3ec2d7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef457dc43b452f1021210cf5c60d0949

    SHA1

    08e90d54881d7c216c529fb6de076aa8fd6b0044

    SHA256

    0552b6c0408ac4a4f8dc02a8819bad30fd3cf63960f85018d6b0546029b0ffbb

    SHA512

    0b8e7787e44af8d15ed058e5f68e66b8a8e223b5da2f76187d6aeb64e717509b5fed5f1ee34ee01b5140e451f088c1628395be739959a87bd1b7cc4e3a416a64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6A58.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6B09.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit