Overview

overview

3

Static

static

1

晋江紫�...nn.vbs

windows7-x64

1

晋江紫�...nn.vbs

windows10-2004-x64

1

晋江紫�...ok.asp

windows7-x64

3

晋江紫�...ok.asp

windows10-2004-x64

3

晋江紫�...08.vbs

windows7-x64

1

晋江紫�...08.vbs

windows10-2004-x64

1

晋江紫�...ate.js

windows7-x64

3

晋江紫�...ate.js

windows10-2004-x64

3

晋江紫�...ode.js

windows7-x64

3

晋江紫�...ode.js

windows10-2004-x64

3

晋江紫�...lt.asp

windows7-x64

3

晋江紫�...lt.asp

windows10-2004-x64

3

晋江紫�...wd.vbs

windows7-x64

1

晋江紫�...wd.vbs

windows10-2004-x64

1

晋江紫�...te.vbs

windows7-x64

1

晋江紫�...te.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...in.vbs

windows7-x64

1

晋江紫�...in.vbs

windows10-2004-x64

1

晋江紫�...ut.htm

windows7-x64

3

晋江紫�...ut.htm

windows10-2004-x64

3

晋江紫�...log.js

windows7-x64

3

晋江紫�...log.js

windows10-2004-x64

3

晋江紫�...lp.htm

windows7-x64

3

晋江紫�...lp.htm

windows10-2004-x64

3

晋江紫�...in.htm

windows7-x64

3

晋江紫�...in.htm

windows10-2004-x64

3

晋江紫�...op.htm

windows7-x64

3

晋江紫�...op.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 17:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    晋江紫帽中心小学网站管理程序 v1.0/admin/Dialog/help.htm

  • Size

    517B

  • MD5

    018ad98743286c320526f278b2484d94

  • SHA1

    21ffec1f244d32f945c0c7844c51ef6309307345

  • SHA256

    bf8d68b9ed15f243acf62b76bbbc44e7dae61768b45f5e19457919e52c4abb93

  • SHA512

    84eb3c3c79e161146a01d082859df32978a1ff70a9c727eaefcb9a09804d08fa9992fda3f0cf182523dd50df3c474a58ca2ba14b44ea0b2877f118982e7c26dc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\晋江紫帽中心小学网站管理程序 v1.0\admin\Dialog\help.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9c9f56854796697790f4b45f840b6224

          SHA1

          adf2769b83f6349808df8763229a92ec66a13ef4

          SHA256

          4613096737b6f119e2a7027a194a9a8780f05e36b7ea1fff7a19f57dfe6bb23a

          SHA512

          8e5a197dff7c3ec463bca72139ef360f923be7fc5260d31e30f1bd7b4c3b4cb48894b9258a4ae10100de28a5c5b37235308067b31d2b70e076ce947877fc533b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b30c73f7ea48a597c6c96c9640e48173

          SHA1

          daacf58eb38a8e4120c31ffd510c76ee7ef01b12

          SHA256

          047fb5e40a02829a8245c382e06caa7c21f1444ab7e7c67a2f33c495fb2513f4

          SHA512

          6bd6006575a4637fb856c40bd910be1075b7f00cc8d868328ca35f16c7c716bc50738a376ddda465d7f83b400e3458192b024d8087789c98b6c23a8688395620

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d927a3a4ad11f8f203d2de8041126b56

          SHA1

          47a1854f0f27d97cdc391f6b27b96cd5e99da00d

          SHA256

          6d4b62d1b0d7b49d4e63a2fd548bb38c253a078f01a4e0fa943fbf4cf7a105c0

          SHA512

          b65b10da546700111886bbd89ec3ded757616f9917bcdfedea57025355cfea597be81f65fc2195bafe3123106978418cd62691f243196050c2c09664bee424ed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1f74fb3bf4f7f6e9a4f7e20640976df4

          SHA1

          828470ce398131dc58a9bf3d8bfbd6528684dc04

          SHA256

          fc72db5deb6f91564e9bc1da0858fffcfa503721eb7896e202c700443c6bbfdb

          SHA512

          6ce937ac9b1751247bcc744b12bb4c89efc9a1f924c2ab33229a569f64b377ff9aaf92d7691dc638fc892b970607fc92542727064595c666880c4c59645e9fa8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4fb13d2ffa513f8313ee98c420ce185f

          SHA1

          724b48b9a6b6647059d6dc8fb1a0aa63cd0dfa11

          SHA256

          6a4e0afd16ac3f6de205df31c521c4fea6e26f03f2c31f113e31fb6747e43735

          SHA512

          fdaf621441e2431ecda98b40b4489ae2fd8ede06926b009a52be295ad521a6b55349b67ce7333632103419f578e878bc30af20430c73e133c83b92a78d1e31aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c7c58b97b091e7746d9875e531722107

          SHA1

          9f9c9d732871d7f4795bfe846b2af270c8a1a94d

          SHA256

          93e7a748d1b47fe65a639791eea32d2198b0b380f62ce8b693103df9bed2c6fb

          SHA512

          6da501db90dc969364525063313bc3af844d968768e0beacc1b073bb1f5e09106b901bd107e6e5a333445bc61f101c89210ca60450f0e24b36d76b03b86849a7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          431c33541b765b904de44eaee57c4f12

          SHA1

          7b7b2dec19b7ab27525b829e3c4617ee2487af96

          SHA256

          21f88edaa32ff2238b42afd074b435e20c8bd6207e76e0615ad5c8a5d9fd7f32

          SHA512

          469524be43a36dd4b746df08bc97bc4337524a216368eedcddd5bb68a4218c23fb78fdab138b83d9b080da7a2fb6f027f0d9f541ad3700c58940d397a1c698a8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          411dd15cf528344d9356451f96ff1b6d

          SHA1

          0b2a6de6c490be69fc3822da7e9dfe1752a0ada6

          SHA256

          dae5431a08ab9c2ae68619a76a5b42186f968e7691f4c109aaeed2e81c977cae

          SHA512

          2fecc91ce291b2e8d7c79d65d0da1c609d46fd88af2367e4923140fdf901c516b80124cdd66da36144e966403d73d34d12c322893a010e4ff818757205d6e177

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4f19f64c8f4a0614df74f05bbefb856

          SHA1

          45b74fa5f05f6ae8c63f28d0819a436e499bd9a5

          SHA256

          f02f36a15fbc681983416756e57c954a5f6de86240582faa62f6f270c5a184d9

          SHA512

          b83c3646505da9f7bc8ea38a0e137abc1bc5f2d0d2f5e44bb556e420ab4a2a69e225dbf587ab4b160741c1c54121468b91bd838ce9338d7fc2bbd27f679af8a3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6f9413312e0802a0dce1bd4ea7d715ca

          SHA1

          9d9a134171fb138e979ad88d8a4ef5453aec8534

          SHA256

          8eadcadfcf22547ad6b398c70f2c052c5dd13af99fcc7272ce10ebec5341f017

          SHA512

          0f056adb83477a72d5f1c88f8906a4cb8fc982dc250f7fd501b7b3f379c1baa0ea5df91b1ac42d0adc1152bb9dd234cdcd9b08475e11507ce29a30e83bd05209

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          135d88a2a571cd1f6eee9ff72499e997

          SHA1

          4647baff37bfd6c6f89809ba0e0d790f1e5433f0

          SHA256

          8ff36a8552604eea4d3f555b50fb8f055ccc20e7ae63f53a022ce49ce12aaf32

          SHA512

          15abc097caa0ba124f1da8670c186e6b58c7fb815e615ff8994dfc5199ee849f7bb5097af044170c4b6585b383e56803dcc33e51a5e31723264add428989b176

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c05ed34b73954d8078b8d833528b3227

          SHA1

          fa7aac39c560889d70930f5558bf641b695c36d0

          SHA256

          408c23e2355624207dbeee5f5a6070e4b0f71d1e61a914b9e56df600d73ae411

          SHA512

          3e1c6fb2fd2eaac4edc26a31711bcc11c9b201bd26403630a16b716b1afaad3cac604011db1fa391a8bac6e8f6325a3bb025ae028572e4a6f8ec6f3650f2e4c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          adbba58054f2f6879ce1c285a6a426de

          SHA1

          2daa97fa0cc85fe635e167ad3917e01fbc655eba

          SHA256

          e79b9d5c7cc1b3fcd0531d82e14799d8818fd78ed54f7372c4ec55e7823587c2

          SHA512

          4c79e53a9b051e43aa23d09085d0068c86cb2c329807bb75e09ebb778f26740aecbff8eadae5e501e47e7e2ad243d086ba53c8edc57e72fdbaafb384ad3ffe69

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0f65a8af6b17a26b8eb30789d441edc5

          SHA1

          61001f36914ade4c33626bdcb4d30fad3f358e31

          SHA256

          77e9a7eebc36613bbc11b69c81d0b18f440ab3e16c7a1871dff9ef3b817b85f5

          SHA512

          57acfe94619a65937ba92e148217f48a47dc3fc583cdddf1ea50c1cb04988350040273ce1dc06fc665ed65434a618c5a5b4e5b88ed08a04bcddac1f4a6bc1fa8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f73848fe9871b6bce6a07e89300d31c3

          SHA1

          af89539b4ca7ae60c9c75dfc18c35bc66e4a4904

          SHA256

          3b6ad8c4d1284d84c62435a5e50e4833c0b5f3dc855d3632032effed0ab7ffcb

          SHA512

          882d788438c39d2415f31ca3e728df75f1b687fd7a64c79fa188eb10d8bdc6ceb65d84677f6b077e8de1ea011f3bdef744baea51651cc422a873ead6f8250cac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b24dba07104c9b95a0f399939506f7aa

          SHA1

          04ae719fb264bc6e242f3b93bc057fdacd7aeab3

          SHA256

          14c86b005b908aabf8b9703c00b8b73a70fbc0bf5816a238476851a93fc08b0b

          SHA512

          efdcbe3d9e59e7176e07c5f8271b73a436ddce43e2d27bfbd3eb6a156e2983042ed9dbf8003e0d8d173ce7afb1917c79a29603c3f8258de727e53bf40b222c55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b1a474e04718567fdbfe490301db6aa3

          SHA1

          372510e278246225e2749e7c14b3b84c4b262393

          SHA256

          490faaa6f75f7c2e0d6d3bafccc292a1a98f24dc211f953ea3fc491464fa9748

          SHA512

          a3b91ef9642dd05cd88fe922e6a30e7cc07c8a78ea4ad0468a83ac0304fc9c4df31a2491e55a6093aa5a48e6e02ee6dfcd427094b92d111fac624301e87df0fa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2fc6974e48cf284f3811dda97564000

          SHA1

          d9c44f81c96b41d933d93c522176a36d29aedb0a

          SHA256

          2635321c135279526352bb2f0c145c937f67fcf8a241796d3492ef14e384fa2f

          SHA512

          d068f3a5c3ee50c7be48110c6daa76ecbaebde940c1b54c3fb1191a083e633b6de61f990890766c4db281372754cf3f6bc94c650fce25468ab66b92769d3ecae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          23765707c880861b293aae53317a286d

          SHA1

          616b4a70b5f6573fe230b94294c2b6a4d6e11963

          SHA256

          3ffb467577e865d620fc4928ed3284b1b16a681fb9c89ea2bdffe4e2574d1117

          SHA512

          58766561897c8f9c9f0379e69494735e913ceac545ec66de98339a4424537c8a28817fcb50fa77c3c97ce045e4d88bfdf2c53d5d28bc70081ce37f84729a2d4b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD210.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD272.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit