Overview

overview

3

Static

static

1

siyuan-not...trc.js

windows7-x64

3

siyuan-not...trc.js

windows10-2004-x64

3

siyuan-not...x.html

windows7-x64

3

siyuan-not...x.html

windows10-2004-x64

3

siyuan-not...con.js

windows7-x64

3

siyuan-not...con.js

windows10-2004-x64

3

siyuan-not...x.html

windows7-x64

3

siyuan-not...x.html

windows10-2004-x64

3

siyuan-not...con.js

windows7-x64

3

siyuan-not...con.js

windows10-2004-x64

3

siyuan-not...t.html

windows7-x64

3

siyuan-not...t.html

windows10-2004-x64

3

siyuan-not...r.html

windows7-x64

3

siyuan-not...r.html

windows10-2004-x64

3

siyuan-not...t.html

windows7-x64

3

siyuan-not...t.html

windows10-2004-x64

1

siyuan-not...ain.js

windows7-x64

3

siyuan-not...ain.js

windows10-2004-x64

3

siyuan-not...ons.js

windows7-x64

3

siyuan-not...ons.js

windows10-2004-x64

3

siyuan-not...hat.js

windows7-x64

3

siyuan-not...hat.js

windows10-2004-x64

3

siyuan-not...nno.js

windows7-x64

3

siyuan-not...nno.js

windows10-2004-x64

3

siyuan-not...dex.js

windows7-x64

3

siyuan-not...dex.js

windows10-2004-x64

3

siyuan-not...der.js

windows7-x64

3

siyuan-not...der.js

windows10-2004-x64

3

siyuan-not...ams.js

windows7-x64

3

siyuan-not...ams.js

windows10-2004-x64

3

siyuan-not...der.js

windows7-x64

3

siyuan-not...der.js

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2024 04:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    siyuan-note-siyuan-260a477/app/appearance/icons/index.html

  • Size

    22KB

  • MD5

    dcd5b2f4f8c4f41a2b37d6ab5542c8c8

  • SHA1

    d92052b4ef66b157791a666e67b5da620f2d7589

  • SHA256

    ce79d54c3d7c665935c1b41725884cf6cbf64a18ffd8df062af351f525c03ab7

  • SHA512

    cfd28126196fb0b29c295162c557e86903cb70c5c0a13cd8bc8db1afdd9ad90fc756304ea22b9eabff19ba01544704b8afffd2b30d61897becce22d5474bfa26

  • SSDEEP

    96:VTbTJ223oe5ebn0CQ023IGldUjTxxQHhbRSmdZCLTaWuEZv9ZQX:VHTJgegbQmBxQHhA5ilEZ3QX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\siyuan-note-siyuan-260a477\app\appearance\icons\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f8f9eb8ab81e3ddd37b474c85f803d3

    SHA1

    54cf42c1d589d9e786703cbb07769b03a3a4a8bb

    SHA256

    19f270a3197972b8cda924c9429563ca499f096766da92f2548d1f57027f2f6d

    SHA512

    2c646a28afebd0f50abe209710c9920c6693cd77132fd429d0e8f733a86aab9faa121c84c3bf7b3829e7500190ff0aeb328b98ed16776f814f83b89e179f0d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b197814b5d2cb854f77baff43f7cf760

    SHA1

    4f9518069d157706a75a6a1e3ce819fe45382f2d

    SHA256

    7a55bcd1c40d54e3f3175cbac60784a50fcc272a520062c897bccb76584efb34

    SHA512

    0b5a8c6ed0cc7d2a9c09b10551930ca1e92691389806b902554c52a5242396ba6890e62ca7c9bf6841044c07d4f7dbcc23ad34163bb7de6e0cedb4d166a70eb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    329e5f58416c3149b26bbce014be6446

    SHA1

    a64ea5d70d0af83c5566d89da5e6b96cacd6ef61

    SHA256

    524b81cad654036d8ba9996c687e9b462486a6ff9f24ab3d85f88277167f0e25

    SHA512

    4c31270bc0185efcdafca81ab5074c0731ea5df1c5d01bca1a028fe8ae2727320c08ed4cf50c22f1c5588f9f74328309488aa8c6fafd36c287abd0e668e0f2ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b147cbbbc09fae4fe18fbfca16e40b7c

    SHA1

    1e4fa051f26a05538b0d103c84975a6687bf730e

    SHA256

    b6ff2e993b41dcaf48e88aeb2b88a84b910dbfaf464181041ac98ed0fbf2f3c6

    SHA512

    f757bf5d2866ef4f849b638d19bbd6e23b716edff6523d6a0a160303017f6913e84191a84cd4bdf6bfea108130a00ad0160f93fdba188fd891fe20f3ec5c4fab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1816b1672f017708f8f4865aa06314a9

    SHA1

    bf08e79fbec2a733ae6d75fbf1f19e5b7cfe2e8e

    SHA256

    7e8058612ee45e818fd16cb85b4502ea3f893c0581427a82fcfcff69d16a14bf

    SHA512

    36305d6f938c2d18291cc2a3eafee9b86ecf8dab07f3ef9a9b711a41388c1c3e4cc1f7e48d4c2ad07ba8ebdbe6f65073c1164e9b21ed0b26b22186c101e7a03e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a977bddae0d0c7f419e9651b512b4d09

    SHA1

    735f91d387a2b286ad7c45d5372c21c524d9fd14

    SHA256

    43a2aae526aaad8083ea771563ef91a95ef63eb265728f599fa359dc077eed2b

    SHA512

    68edb990056031af9bc613f15031db28a1f51c239576c6fc5a031bb7b7c327d21bf4bea92e9886e7a32ee0f73498e8e00327b51bbeea614d27555e3245b783c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23ecb89e4dbabfad68e53a5b4565dfe3

    SHA1

    bb7a6359779a362f92838275487adbd62c965081

    SHA256

    6fcb1516f799a9353a2566c1ed5046c375b77adf22256e3c6a6d019b7e6504d9

    SHA512

    bd7fb6729ad866e1bc4d0e39375b8d2704a466072efd4a625e948943550266b0ec8a4a4adf67338391560cfccfba22d555e0011a81e92d34d6a94fb109ce6f83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    859bffae6af8907b0350d7f75395c24f

    SHA1

    b4c313711c6eb06210036b9ea9aa773970166907

    SHA256

    65b8acc2dff5e2f066ddf15b5cea4d3cfb49d5a69715eff3575e384da0843089

    SHA512

    b0ca167cd826a5c9516b3c93cea2041d2dcb462bffbcdc3c9131a657606f61988e09b2122210c46bdca10fe80f6076bb1861dfaefe8e077e2ddff2c3a17f793a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    572aaf636284f77dff13fa764f161952

    SHA1

    35ae9ba03deeae1dc68af57b904a511d08b9c16a

    SHA256

    f02f05aad04a1fcb3bb6d945586ffcce22b1c03c52241354b846d7a00677dcd6

    SHA512

    5106119f3188ead5796a3468d1fdf831db704ffca0855b37c66a88c3cd788d66224c2de2465bf1c8fc442e3d48f63fc5062d84c7aa29f6510a4cf256221fd2fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    880462c9ffe4a2f8c8a9af3db8901014

    SHA1

    8afce827a1ae16346aaf661beaf87908e8e8ca24

    SHA256

    5edaa7c70b92d733b2c2a2adfe68d71b7c0f5181d8fbbd158d6b939faaca88a2

    SHA512

    470117f57bae1907627194fc19488691ee8fc943b2e3bdae19d9635bc7c0ef89e482849362fbce3858e53172ab20935aacf475052d530db10819e62904bab1f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55d6001ce7a795a82b954d39699ef64a

    SHA1

    a27091ba1c836af5369b6e994a51542cbe6610bc

    SHA256

    d7e3fd16a83740069ab2a63313f986c18f166de83f3467940ceb6fc487af9f8d

    SHA512

    d402850929ce3861386227c464ee4e0464bb6137497da7dd885f37950d51320b602d80cb0e854e359d00c99579ae327614b126d43ebf2e72b3d991486a98c063

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0241405993aaacf586fb2a87bb817ffe

    SHA1

    985c7ac7e89759cc2462f06224b4eb4fb6e58426

    SHA256

    8c7600c771eae10136f41bc4ce4dc8c69b04dc02cdafd886297ad0438415a722

    SHA512

    4eab2774b718b0d7744cb08cba7721c4fa4f4ba4b18a772fd6fe590215567451ec4e75e4a2397a19b8c420555016daf9218542ca1c1764f603187111d9a35f33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93b9bec18cd1518c4aae0bcc995dc3d7

    SHA1

    de25a42a215e24b39483d03f0b3991f3b57c150f

    SHA256

    1cf4f16ac8ecc238576482505de058a9228e55db6415c61a6e9ceca84f3599b2

    SHA512

    f63331cc5cd8582b7ee2f777af821041253e4cd5bd6d9c175395c0f8094978b75ee4294c80128bf51ac170b7ab57a5b14f8716c6ce7122c95b8444f2dc14a198

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63fef0f56c0a83603b48ad0025bcb073

    SHA1

    acb78e6764bc6ff1828a0d6f7e67e07da8b35e22

    SHA256

    6ce480baf373cb949a79354f1af11971b6a85d04d0eac0528e0c5357d8f44a59

    SHA512

    ef13c5a8dd66e0666b91d221f2fc97272c5d13b64308d6993c24053a1b19c41bea15a3f64f17df2215fea64466abd9d259958462bb5f69128d0f31e88e754d38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9df4df705570fefbc57be16f4d724052

    SHA1

    76011a8f2f61e26536a8673285f270656f73d05c

    SHA256

    2e8d767de3056d71b546af56e0d3ef3911f7e78f1488975331cf33e56a689bce

    SHA512

    391dc1421df30865d9cf4af6667736c5b11b3475fd70c50572ed77aefc705f2d574f2122eabbe3a0ac530e4065b3264fe024852a67edb331080ee8d2f161140c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb709e4c5cf0954f81cd649624cc9732

    SHA1

    6f4fe07a6fa8202eaeef9a47e1938b38d4b5b5a6

    SHA256

    8f283318a9cf3c5cb559eda1dfdca4adbf01539e9ebbdbad79383328e35340cb

    SHA512

    c54354dc40010d61d4cf22ef28a4c45bd12887b6b072da4b7eac8c3226312a9a771365a4d163756ceea05b47e34e376a37d440c7334ee0c53974a42562404521

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de290105fa91bad7cc59484d73863899

    SHA1

    43207c1b042e66db896a52a7d8758d70c1b1b595

    SHA256

    382cedfcd5094581cf466d6c56c0999f3b026e2df181933fd70c4cbc7ad1b663

    SHA512

    c402903b647ce52803c5550766f152b260fde66b49099048523b6590da3b7a85937ccd5303666f88895d083c86178398ed49b0b84be8bc9917773efe8f88c616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f2e4c2f806b88206d769e3ba5d2670d

    SHA1

    a652884f84ea656282de5beb6cbac0f3f650401e

    SHA256

    a10ceced48bd5deb968f63de021ddd0d357d894e2c4b0d4d514668ca675644f7

    SHA512

    6caca94ca1caabff7f2816c49603dafe68dd047c150bd9686fac47da961c39262d9b3e8aadff13ad195a7795a1ff8d361f4ac564b553d33cccbf162929cbc57c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c3c2f4ac5e5e60db8b4c94b3b623a34

    SHA1

    5cf303bc4b2ebaf5d4f163ea89ac32bf7ed4e2ca

    SHA256

    5d1da1fa2c1716e1dcbc34846dd2bc6a34f6a59a8ded968a5acb6262b57d29cb

    SHA512

    ac984a986e3c3c4647beff7641b8df7764aa468060f7bd8c1ab49e0beee46a39e9015ecc8fa29086c8977cd67258b7e54141045d16ff570aaace364a383f8fa2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7DF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar850.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit