Overview

overview

3

Static

static

1

晋江紫�...nn.vbs

windows7-x64

1

晋江紫�...nn.vbs

windows10-2004-x64

1

晋江紫�...ok.asp

windows7-x64

3

晋江紫�...ok.asp

windows10-2004-x64

3

晋江紫�...08.vbs

windows7-x64

1

晋江紫�...08.vbs

windows10-2004-x64

1

晋江紫�...ate.js

windows7-x64

3

晋江紫�...ate.js

windows10-2004-x64

3

晋江紫�...ode.js

windows7-x64

3

晋江紫�...ode.js

windows10-2004-x64

3

晋江紫�...lt.asp

windows7-x64

3

晋江紫�...lt.asp

windows10-2004-x64

3

晋江紫�...wd.vbs

windows7-x64

1

晋江紫�...wd.vbs

windows10-2004-x64

1

晋江紫�...te.vbs

windows7-x64

1

晋江紫�...te.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...le.vbs

windows7-x64

1

晋江紫�...le.vbs

windows10-2004-x64

1

晋江紫�...in.vbs

windows7-x64

1

晋江紫�...in.vbs

windows10-2004-x64

1

晋江紫�...ut.htm

windows7-x64

3

晋江紫�...ut.htm

windows10-2004-x64

3

晋江紫�...log.js

windows7-x64

3

晋江紫�...log.js

windows10-2004-x64

3

晋江紫�...lp.htm

windows7-x64

3

晋江紫�...lp.htm

windows10-2004-x64

3

晋江紫�...in.htm

windows7-x64

3

晋江紫�...in.htm

windows10-2004-x64

3

晋江紫�...op.htm

windows7-x64

3

晋江紫�...op.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    晋江紫帽中心小学网站管理程序 v1.0/admin/Dialog/help/top.htm

  • Size

    1KB

  • MD5

    5333d33ad520f363cb1030b168b25bc6

  • SHA1

    c9c6af8f0a4755de45e7b93f9b8116f56a049ce4

  • SHA256

    4d739c86305e5d989187ecfe6b5e6674fec8937eb5b6dfdc0680247d428759e1

  • SHA512

    81b12c7d591ee7c6b5f52cf4bca578a912f688423935be0b368fe51358e18b2259cb60089d925e41649c13331eaa03f9e5c2a52aca1de69ef7de16eddb628f2f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\晋江紫帽中心小学网站管理程序 v1.0\admin\Dialog\help\top.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1324 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:852

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ab8bc7db4773134579303353f562904

    SHA1

    010677ece20df33363faf810325bac5f088163f1

    SHA256

    9118ade756b787eb425586db7d3dcb2c17c093b61789dd78799ed882fdca6cc1

    SHA512

    54cfeefbd17124e22a7a19d268062031387b377514c10710d49f7314851afe42622b19454e772ac0d5b21e410b8660775a1692493439ad259994574c0e27eafe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60e4cef6729f5d9a5418f155850c7061

    SHA1

    6ca21ed791829f1db794b385da6d5fcdfc00b75d

    SHA256

    962232e192fd9bce2e941b2c68de8704f98c360d748ca1b750e7ff04fcb819fa

    SHA512

    4720a5adaf8661f0a097976a67fd8fe7d407377aa5221eb9f3d38ce83d7e35f158ec35c9b0b5a10ded954160c68229b29696bc265f28c9c4a4c8058bf8c7cc1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    508e66867cdc113a6d3e5cb430e42be3

    SHA1

    6fe3928192e0e7020f898ee19da24a88cc8c5715

    SHA256

    69f804b69029cf429c4ab640fb1656f1acf16a654929f0ed8d6f677dfe9e8013

    SHA512

    4601a509dfc7627076a3b43801a743ac76dbb661f3a938ba8075b2cf59b9f565bfa98f1f764e6d398526257b915def729968ad6b690a692c12f9dde851dab94c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d454640ae0efcdf487f0ff496f3854ed

    SHA1

    c6e7ccf03ec5b83c6c70c709a34c00affa78178c

    SHA256

    e123ac0f3d3e1dc90df5fa7ca720b6a23096877f36697b759c9d9c36ca9afc5b

    SHA512

    71cb3c763fb4acf3c230eaca9e8aae978def75c138f3f75e550e6b89f50acd02387eff91497fc9aa650eaa0273e51c6a49aa8714a36cf934b2de145b2c9e730f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59de1b4dad6f4d3198cafa610096badd

    SHA1

    e90fcd5d37effe7454abac5cbc11ef2e5a4de22e

    SHA256

    11f987e7179377e2e034af03eb0c0cc2e64a1d664be7a14dde75d451c0238c4e

    SHA512

    0b0a18ba38ee501a581edb0a00b93de54dd585c288f7900f9b12a17972b37378ec2c200b7466e9826644854fe10a7270733ec1f080b341369387d1353cc0a29d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b84bf116dfe99d74538ccf40ac13c146

    SHA1

    abbb35358a10c774558411b66b073cf6049fc922

    SHA256

    89b753185014487505e1b5ad933b11e7e9dc8254eb32d29ce282cb3142ddc35a

    SHA512

    c0d3ba527e3faec39974f473ae365925ec0730ff0efb4011156350874240262af1d12b5ea389fc5cdce27ec362b25af4cac48dcea2da64c13d0647ca7f3327a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54af25b33860b5efdfeab857f6fccf00

    SHA1

    3134105e2a561ee1758f4c080f0cd5947f4a6d68

    SHA256

    ce90bf185d3922058404db247386cd1c0fce7db98341c317cbc541e8b93e126c

    SHA512

    9eb5d2c5b64e2a8d53f52b9361ca56f8c42c3380c37c241a75408fef78ea499d3eaf3a6594bdcb4effe083ff6cbe1c0d2a8f7c1cd3c14ade5b5bc93bec9cf9ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b1de126ae038d63b937931010d604c0

    SHA1

    aa021aaaf8b223afbd07acdd126ed1b9cada8a13

    SHA256

    f4f0005489a8bac4a0ebe2fef94d7dccf2d7fc8ebd4f2d856b0702b1b2a9539c

    SHA512

    5c165bec1a988119debeed4227de63128abededbf94b4aaa8affb4a730e55a81dbd0240d8dee1f4fede78e472d7b62c0128e719d92b0070d4230f364a0247e96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    948f1efe16cb7371353f32734d06d32c

    SHA1

    b3bd6107d2bb8d0ca646449b8f86aea6e54c6747

    SHA256

    b8dc648ba7f01944bc0c3ca551ec5fc2f39a74cbb28e419a2b43f998817c21ef

    SHA512

    095a7b160dde91c5c425981d019b9e24d656b10418cce7e76dcec99da5883b5588dc7fdf33490e659e38ddb2c0cc60b83758fc89015eada37a55acbd8e95e341

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fef4d6a3888a8a33e64474623f9821cb

    SHA1

    7adbcde43634b1d7e1cbb877964fb986972da8f1

    SHA256

    617453c03a4f73863bcd6ea2cef217f0a52971873ce7d057380aefae0a823e35

    SHA512

    c8cf68ea9d9f04c80e69193aba9f8b39e189abf33c60577f21272f98547740a36f84c2efb33a8ef6431532bc5e979815ffa00e6285a8e604600b370a311bc499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b33faac8cada9efaa42d2de18682c663

    SHA1

    f5cebec40bed64fc42b08c12556d7cf3d8d3ce82

    SHA256

    18a481b5c0e7302099c69c14da6d1133340ec985b9f4fdd689cb5658ed8a1410

    SHA512

    a06a21fc758f9df21bfea6d5c558bf499f7288c0ace32ebbf167ef9abb8b6d78498b755a4293fd3bd49771ae155884f32476aff10c0d64716d1814c0774c3484

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a830611bbd33ef3541069fbcd0e574c

    SHA1

    f546cf6b0dbeae7ee1458b56ed72f9afbf0a3790

    SHA256

    fc4cd9a6d937a6177bcfb8433acfaedb789174ee92df194e79cdd0ab60f74bf1

    SHA512

    83356d08fd95bfec6a6f53befb2d5864651d5f55beb9bd2d0d9132233dedf956546f2e828ecae8ceccce29576d9f1393e26e523334156944b5178872a9b16552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19000512ab85dd82cc2594e5d88ff6f8

    SHA1

    bd417a8e79fbd578e8a16af5aad27a8e7d19da3e

    SHA256

    b4297c433e5fa8b5061b267fecd0a7c13b23ae2daad1e729d9a982e86d49cb6f

    SHA512

    240d36f404e695185dff1058f3b365d87f2ba3a1b5577e7e7e5044a16f51ca6f26d58f79d14343fd89460dad5831037af440d4d7cca81e95dadb60be48304468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    578b98bbebe5e391514eb932a4d36788

    SHA1

    5432c6f39c9a29c5a8b24c2ed23ba90a609de3d2

    SHA256

    be6e36985589098a120d169698569388d257c31bc9f0ffadd0ac1f767061a649

    SHA512

    86db27aa811ac176690aab6017f1ef0aa0eb11e9d099e41c20c792032366e08c52f6302fa5ec8b43049f5cd5d9f5f699f3c5dc2d003a3b39914f0e002618a32b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c3ef32811fb44a071d90b2ff29ec730

    SHA1

    546e29c6c7c18bf05e663c97cf8ed55a9e060d49

    SHA256

    a6358c5cb0087e73a48a791b8d4f5e6476037bb1602f3c61e537647f5c4f15f1

    SHA512

    2d2ab6239ef3fc386632aa2ab0da7d9a20d0c57a2975a93195459e36e92d6a164a65012d7c112af87c435e3856d5ba0133a962ab38ba3df24f9b0e73fc519d07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82381dac0eaa1f6be93aa27a4a687751

    SHA1

    7edcdf4e8c8249924087a2fe2d1dfb8c9a78a1fa

    SHA256

    aa35048f50292969c9775182adaee6a6810ed1ba02632a3912735e5a5ee41717

    SHA512

    93b582b1a655b3b6788ad4ec7e9ad566809f4c86217c565acb84284632b064f3c47d73f330d69ba9163c5895d3b99f2f22f44d626d74192e001bdab5daa699ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    476d7f2de02acc2c6718d4d741097a46

    SHA1

    907bb31acb020c1fddc7e8627ea50559abeda877

    SHA256

    9daeebde1300774d3c6c2be04a4b9dfb4b0246f33d721d0eb0825b101c9a9445

    SHA512

    b01372c3e062fb57b02efe508823e57f332481df99bd29a4927c50106aa451f8866b628e96db78ea0f09daab3e61b8b711e1932796c17917764529cf5212d9c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21cc42930f4c3fef01b7cb31f2805e55

    SHA1

    c950be049564361f53908dd2d51804cab5caf928

    SHA256

    cd0f62b0697ffc815b52be9edb7aa0036a44bd9d7de46343e831dcec181e88a9

    SHA512

    5d8c8f7cb70aa03a4f6c3ed7bc13568fb7b3e91a2433ad4c15291ef4e9651a9e3f49d5275510d04d353b545cd8df572e280bc0125f24afcdc1bae7f0044c357b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB685.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB744.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit