Overview

overview

3

Static

static

1

Neuro.zip

windows7-x64

1

Neuro.zip

windows10-2004-x64

1

表情/加载.gif

windows7-x64

3

表情/加载.gif

windows10-2004-x64

3

表情/喵喵.gif

windows7-x64

3

表情/喵喵.gif

windows10-2004-x64

3

表情/待机.gif

windows7-x64

3

表情/待机.gif

windows10-2004-x64

3

表情/手写.gif

windows7-x64

3

表情/手写.gif

windows10-2004-x64

3

表情/打字.gif

windows7-x64

3

表情/打字.gif

windows10-2004-x64

3

表情/指.gif

windows7-x64

3

表情/指.gif

windows10-2004-x64

3

表情/无人机.gif

windows7-x64

3

表情/无人机.gif

windows10-2004-x64

3

表情/汗.gif

windows7-x64

3

表情/汗.gif

windows10-2004-x64

3

表情/睡.gif

windows7-x64

3

表情/睡.gif

windows10-2004-x64

3

表情/问号.gif

windows7-x64

3

表情/问号.gif

windows10-2004-x64

3

表情/龟龟.gif

windows7-x64

3

表情/龟龟.gif

windows10-2004-x64

3

鼠标指�...te.ani

windows7-x64

3

鼠标指�...te.ani

windows10-2004-x64

3

鼠标指针/busy.ani

windows7-x64

3

鼠标指针/busy.ani

windows10-2004-x64

鼠标指�...ss.ani

windows7-x64

3

鼠标指�...ss.ani

windows10-2004-x64

3

鼠标指针/dgn1.ani

windows7-x64

3

鼠标指针/dgn1.ani

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2024, 19:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    表情/无人机.gif

  • Size

    6KB

  • MD5

    76496bd506d8f04535c90061b9e1de9c

  • SHA1

    08ee59cad097cbaddf4fbe4f84bd284a20b900c2

  • SHA256

    a5b540aa5a105a4f471e3d8a35c2d0ac560687f9b68a8657d6ed3310fd12fcff

  • SHA512

    0c2d3e5a79b1267edae7806f6cbcd15022c0ccb29d595e450ebf9f2fe4d9761a7e3645d8819967d3a3905de175f5af27bfe9e4396c1e883a0d811fd0c9df3d8e

  • SSDEEP

    192:S4P66tk4P66tk49ah6g3eRO+OViLdq2PbL3kH57H5g:nC6DC6D0ru8+msyNg

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\表情\无人机.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71bd52a29e831e9837e16fd543cdeac8

    SHA1

    cafccadbc3f1506be688d35ecba9a25e19aba33f

    SHA256

    724650ca08ff7edb433fcd185791b715725df257daced576acd8a4c7ef05aeda

    SHA512

    72a7f6c7735ddd3377cee73e411ccef19ba02fd8115cdea78c2c75c5a6dffc0fe50af7783adca01eeabf5a6cf83c311c282154729a047b0623cbea8b776c7d50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8595323dcde66edf186ec1a11baea8a3

    SHA1

    282caa66d219d24acf7e09d8253a8e3441e43264

    SHA256

    f823c01025ca56f3fe9afa0500e4530db9db091b0b2037f9857de9469854bf2b

    SHA512

    09c969955befadb0a9fe8a847b6c9ba59e8f50143005898c35c0bb88ea6dddf1b8fde26fb1b7aad2d2f1b18ef1bc4e149b485e51e4f3735488942bce035a588a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e7f3560585b19f84467483b92dc946b

    SHA1

    5d0ab63c5b1ca3997f0f19f540f2f6532cae66b8

    SHA256

    02dc62da28b2966a8d9d50b5839d18132f45881f4a0c196d9cd4cead8585d1c0

    SHA512

    f4f1e50774188f7487518042e828129c761386d30b1b2b977107fe10dce11aa27c62aab6d9ca57a012bf4643b05712e67d87d450cdd5efe1d39116ab8a14e892

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1313139b4a3a056022a247d9e163d0a9

    SHA1

    7e080d7bc95c4361e017f4a00b5de4456c659adf

    SHA256

    1acd90b69e9dd996a9d1a6591fdef89017956468691bed903f1a434a3bec5d08

    SHA512

    33d63dc2fcc72c90d5551d4589e5dec1cb1b19c2b800ec0dae2236eebf9570db51d50c34bd101ced869e00e5cc8198829f9e2567786f3f253567138d42fd4719

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84a8f79044476406182701a481ced93e

    SHA1

    1b63110c1f3f14030397f14099d61cd45b5297ba

    SHA256

    0c0f725a6926cf02e2e64f456bd8fd387295c3f336544933bec7249fd35e1881

    SHA512

    20c57a5c19611b7eb65ba50aeea71c2a98f0ec48fb720600f9106f984f1d313c976a437b4a076a3da2664e27f5e75250bf2014fcc9a6f5c42a58f788f2a71939

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95d9d91a6e3414e660ac4123c24bd420

    SHA1

    8b22f599930b1e53153577017d5301dd9ddd3dd1

    SHA256

    5f111d46d86ddee4de25007b5499dbd6448d3c83d25ec73750ef036dc6b6feba

    SHA512

    08491f8ff7753c8a768d8c0bb97c2b310e446f1618aa01ba9d4e79f4ff0322374f66cbea8167284e236f65d0d525d1db8a31992bab0a63d0bce6705fa2871d5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21183715b1d3f30e48ab4fd64eeff502

    SHA1

    0a7c5f65d410494d4c197b0c6398b49a40877b16

    SHA256

    dd61fb577f27e4b02e3a7b2e96e33025957078e7c30b23125db9c9ae59f018ab

    SHA512

    03132ff73a2620af52702b3c23d8e60467d4733232db40c436e3c72fdbac4410fe9a4051791f0d9eb55f7ef665cb1b142d2cc845ac3814730dc939184223ca96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7c93b60f3f9ed10919316afbe344a25

    SHA1

    cb8466558725faaba3a9160461855625789ee48c

    SHA256

    6a5e3f2321db944b946fb906cf65190e0830ea172056de3e3d098b9a89ce8f0c

    SHA512

    17c240f067730f7ad710dc340ac07deb9a26b1f48a7e4c1ff5db9a3ac04db024be46134edd0a1dc26e48e4faf06dfa2db530abb0a202eb3f876a04f9d5478505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11bbfbdc78dc9f57f653e520047d6d83

    SHA1

    479e6329d4a650e21c7f7fbcd69d8e8e2ecc4aaa

    SHA256

    8a1ec4f5b55c5b974d23cc41ef280de1c299728e6c68c4156bb43924238b59b2

    SHA512

    cebe717f771b0e97bfecfdd6978ac8780a500d87d2390dc84a6a4b08eb109dacf706006aac140166bc9d762c013d7877623e8afcf339789bf81be03abfbaa576

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a372634d2c21bbc7d03eaf5a94a788a5

    SHA1

    02cde90d976f79cb45f2e2d8194ff2c107e5d5d7

    SHA256

    cde2695d8e4d302216eeb026956ac202e48660eade922ea820e0ac5df7338f8b

    SHA512

    0cf3b8ecc1ce8e07f2d09d596270bbea6b0bee43981f35862436f62760a668e8f24c4d0e9489daba2f1d9e943e0192b9d0665618b17a5522f0a9a41fd0881e9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3bcacf3ec679c99a6814b35d8632d76

    SHA1

    dc0e4601ca06c7f009cb5f4af4ecaf02184eb746

    SHA256

    49b9e157c95f4f1410fdea0b15de8f6ce97216ed5648c039184fbb3fdba3548b

    SHA512

    d7a82526c91f3be5e82bb627aef054417d082ae576c1699aee8bebf4916a75fcd6bd508000caac192bb8b60b70a99c2c66340af70a1952b5ba1529389820b603

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    739fa2abb282e1a84bae8e139e2a46b6

    SHA1

    c16473160738d340a6549c24c2fe5c2990bee4b8

    SHA256

    ce493fe79978a539e1b475238ec03f75f13bdf8fae8055eea0b84177539784f4

    SHA512

    4d4f3f645dc06cd9de1142439f0933c65530f7e871c0d3447eab1d92830ae5334b53c4bbd738318876f6411909b866347e18c9ffbb1c443c9111d75348b6dab1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10ff560dcf6116dc95e09a5a1c6f6798

    SHA1

    ed194ab87d65daf53dfc13784e07cc7e6e8a8252

    SHA256

    3c7fa15b99f295f69161f21299ab0e52316787b564acf24a63f14604a6564183

    SHA512

    1348b2b1c33dab8d0b13528c674664250d36f8771e9b5201197fcc4e901d9a5f93be955e0c2a59f9ff499fb81bda5270d8d084ee63412668007eb41c98f0a955

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83822b685678cd44be3997755c7e934d

    SHA1

    2d1d1c3b71ce92ff255d2067bd043a30af29017b

    SHA256

    15a14b352f6fc38b1101958c248157123ab2697c5b2cb3b2fe9e34815f6e931a

    SHA512

    c04dca12e1093375213b8046520f849357ae9161bd8890d53859dd1ba239fa5407c2a3f274a569dc194132f414e100e969c9a5ce4600eddd935767b175a2c841

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7ea6206b2e1ef495bf0526ad0623345

    SHA1

    723a4b436c15e259b855cfd153882893ce6c4940

    SHA256

    f03461abccaef1c68efb8b78ed05abe76ed2a7f5cd5a73ddf189601e1846916d

    SHA512

    2fd46686283556c7c8ee52a98f24494a0d9d7e35f12440e7f36f6e4c0248f9c79495925e705c3a9fe737ca7ff212177da9b5cee6ff986fd5d1021f7c96412360

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bc123304b76feeb4906a51394a2945c

    SHA1

    9f1809edafb02954eb2de91e8e00b6b93a0f63fe

    SHA256

    012565ad9753ec76ce699657e0a748d187a0fd6cf3ff6c80935c6c2dc2cd6526

    SHA512

    ae6870aea943e2156d5a12d50587f4483c1d59987b64527657bbe6dd4e7892654dc4f99219ed57a6837b76eda1decbe6735abeb923c050db8eaea3d4c1c8cd92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ee42f60ed75b1912cce2d0b7e1ae770

    SHA1

    f15ebff60103f0ea126818f48d3255e6dc4f43da

    SHA256

    20ba31d97fa0f1f2cb0e093045b704b217a158c842a7b9a0c0f297faaedeb0c2

    SHA512

    e698bf2c100884b1aa389fe28e38fed61025d4d96bd90d5cad2da5d401d1b07d804c24d010fc25ec46f9dbc95492c7379bada1857b76e0922fa9a9fb3eaebcb5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1D7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar258.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit