Overview

overview

3

Static

static

1

Neuro.zip

windows7-x64

1

Neuro.zip

windows10-2004-x64

1

表情/加载.gif

windows7-x64

3

表情/加载.gif

windows10-2004-x64

3

表情/喵喵.gif

windows7-x64

3

表情/喵喵.gif

windows10-2004-x64

3

表情/待机.gif

windows7-x64

3

表情/待机.gif

windows10-2004-x64

3

表情/手写.gif

windows7-x64

3

表情/手写.gif

windows10-2004-x64

3

表情/打字.gif

windows7-x64

3

表情/打字.gif

windows10-2004-x64

3

表情/指.gif

windows7-x64

3

表情/指.gif

windows10-2004-x64

3

表情/无人机.gif

windows7-x64

3

表情/无人机.gif

windows10-2004-x64

3

表情/汗.gif

windows7-x64

3

表情/汗.gif

windows10-2004-x64

3

表情/睡.gif

windows7-x64

3

表情/睡.gif

windows10-2004-x64

3

表情/问号.gif

windows7-x64

3

表情/问号.gif

windows10-2004-x64

3

表情/龟龟.gif

windows7-x64

3

表情/龟龟.gif

windows10-2004-x64

3

鼠标指�...te.ani

windows7-x64

3

鼠标指�...te.ani

windows10-2004-x64

3

鼠标指针/busy.ani

windows7-x64

3

鼠标指针/busy.ani

windows10-2004-x64

鼠标指�...ss.ani

windows7-x64

3

鼠标指�...ss.ani

windows10-2004-x64

3

鼠标指针/dgn1.ani

windows7-x64

3

鼠标指针/dgn1.ani

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2024, 19:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    表情/龟龟.gif

  • Size

    2KB

  • MD5

    20cd6d58ead7ecc754c76a5d3adb8e56

  • SHA1

    2b2b4da3864b2eb058d2e6adc3d50d1115f57af4

  • SHA256

    d7f961e4b08d14ee83df1660a49b79ca9b87929d91d70d0b8507f75cccc1a828

  • SHA512

    f05d4bc238eda100121d881f70dec5d67a72e0a463fed8dc11b0436b5d841eca9e124b3c1333296ebf16e0b7360ba71112a4636d36b41efed1c1ba072aa7a64a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\表情\龟龟.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2152 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a33fa93b5bf9caf1fa1963cc01978155

    SHA1

    e170400f6508f50ba71e4dfc1328e509806c4e9c

    SHA256

    133048dcf745bed2146325c3f0c3412e51f3515508104b21f958a38fe79aec5c

    SHA512

    9729a0abd331cba5a74c0f378334e7bf3d5ccaf8f4a3ae8ce0d6d32ec83c644504644ae64ae013d7a3ac1586be313480be3ca0dcc341e1d5adc432f88460170b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57dbdd223448e6cb17a8c0719f7c172c

    SHA1

    6d547bc75a7cc6bc0d7c7c32a2e858225215d777

    SHA256

    76b74d9cbe358d96f3d4f2aa75ff0abdbbd705d99e0364a7248f4a82137493aa

    SHA512

    713a8f5b356cd103d8692a7c6b25fcc442ea5f0cc77fb9f6c6684994533c70383cb09431b3a1aea5fa1978fc1a04451068b3b6489e3927d7c1fe8533f1488ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0acb9f3a54fdf3e5c5d461499687e630

    SHA1

    2dfa7364ec2277b3ddafdad12400794b5c90869f

    SHA256

    c4729c1bd6ae8067566efdf693ac71bc475424640722c21f128b74004cfbd198

    SHA512

    0e5188070c707ebebf8ca497facbd691f8681ed6544e96a40ba839b5b286cdd69f6d0fd7af1078c5d25d4ffe46f8297ef380841f1b0ff6e8798aca170c0f273f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f24163589e48c97c8bd409e0eec86aa0

    SHA1

    2fffbcf231270ead2996f564d9bf66474331c039

    SHA256

    89bcfb05a51147b9c984e135c338cb8875f40c736ab9c10baabbf96d5893d186

    SHA512

    ea438bd1f797a916886d555a583015f8a6a9b6d7ffe6f7ac4403f724b3f02278537f9b48c51418cb5a7512ba4b1e856c2f3cd2cb3f1fd2d6353769efd2d56073

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08fd4ea215d7027c910f0793b6ec8ac5

    SHA1

    fb295e3b0d77338506e922b18aa4440666ef9e71

    SHA256

    46cfb28db99f7c7d0f6999b570adc7b3f5ab9df126e14b9da16f5dd86cc24e19

    SHA512

    741abcd19b8251fa6bebc1b328b83dd5d0523ed9fb3add5b47ebefb16a7d9e67bec9b67b941b9514891a88d722e8874ccbfa9d5a2cae77fc57e2bc87c24361b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c34fc1703491590eb609e6887947cbe7

    SHA1

    26f86a2a03c5cc50b98fdc254306cf3bf6f49c31

    SHA256

    ace7c764a1c44197943d032907ce23287d21dc0767684d917d20ea74848c3b8a

    SHA512

    18a92eac6357cf7077616f0ef0a3e3b5de5bda0d6fcc1f02973b999a687dc00a9ddb802551d2c14dc1ea09b977fbf44d23448e2232a073196f986f3809312cbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ad4d81aa8454896604ca46cd526c69d

    SHA1

    1c1ff4d9d08bc9e41b0d3de062f1daa3f053b2c4

    SHA256

    9372a1b6223aee2ca123f9add987e6b0d58d93fff8c753d3bb3e70e22fcce95e

    SHA512

    0a7544ea3baeff28525479d9ebd33d324525180fbb3a2919959a811c16698c08e5c9f19da9f6d520bf653dd904a7c10499068f7046e8558669c73b466e29e6c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2b5683b1e82a11033072f8ce2d890fe

    SHA1

    1db91c7315f5785a7656c07e4bde2a7973073e30

    SHA256

    2b9454ad8d748c9eb2ab083c53c8217e371f8828f12f8e740ddb3ddb2b499c67

    SHA512

    115227ef7d441d56b1696602ffcd95cb13ec2987324862992fcc758838c45184a4f07a4b51ec8e7d94820fe7d9de8c72212f14d09a4d0b10443ed16818b80cfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da47a3264238a0df718593582d60b14a

    SHA1

    96df213d79a3a1642501fcefa72c1bc6cf4a36f4

    SHA256

    24e85e45ed95b4a080aa93a582a337d37c64d2c7f2caf92e5a1d08dd11b0618a

    SHA512

    817a0e2c3491a3d295e2cde8c0ee4478d243754634535c9b05b98f3dd0ee508ec182b54a9683e08bed716c4a4278fdcd9e2de7bbda50dbd49272565b3523a3c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07578a2e542d380302e26aa23c1c6630

    SHA1

    93fe86b6440157f0dd96e3917d950cb71b04da45

    SHA256

    6b5206f4e067b69f2f8e140a508d77ccde3e13d4ba66f64a26837f062210dad1

    SHA512

    702b5e14098383f94fd8898dc263ae7368552ff48fa5c0152c86c5a800eb50263ae88c7bec5f48d2605126ea95000cc3b8187dc7c722cfdd4c34240a25592d2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cb52059914ada7c4709d591d625b091

    SHA1

    45fb9d01355dc9939e02be2235cda07b5d97dddb

    SHA256

    e61c989570b9beba5e544c68cd0a7b7a980a3e0acf3bef59527c17462994c7df

    SHA512

    14df5e2c5d0a7dabede66721f9bd1fe19c84b106972826b82a013cf9a03f5432d6e6588c25f1ac18451535675c7114bc0990f7ad3d65798c922ea17a8c8e3b4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0d23218309f2192e382ad4573c2b910

    SHA1

    d969cc3a091e4a15968a81e9cd227746063465e6

    SHA256

    66124a683626a87413e974b938d973c4123fac994d83ce8835f50d3c08d66db4

    SHA512

    3aec19a1c91a972ca9c024227ee7d0b7ece021393e61ed5f762a7d2853d7327cac7c37c85a7967ca6981a43c08eca5cd18633c6fe3927734d7f8f632024cb639

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    726c67876bacb33d2ed7bd48936da554

    SHA1

    df0ef536ebb019d400fd57bd7993a998b8f43800

    SHA256

    cfccb0a23ca04f7a8e3c0cc44bc951f11629fa75627e42837ca2ddb444d23689

    SHA512

    a87cd8aff4b1c4d93c3528c8e42640206c4f6d1299784ec292308473a990ec9b801e9d3acd4eb6526b2974f6d835382f207cda7f9662f0d283a9c639ef019438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    178e36e821e7762171d0f84a2a904a9d

    SHA1

    afba541c94f9092d890d1391de9dff4c8edd4c1b

    SHA256

    2fa379979424df667c4d064e57d049f66f26589b23169ff7c62f02e049849ed8

    SHA512

    0f36ecd2cc1a2833161be23f830f928a2bdedf18fb110cef61e1feb6827e80b090a9e9a8bb8e877f578a97af2e646837dc9d03063a06e9e19a4312c60a021030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7907317bdaac4a88fe5e33adf41135be

    SHA1

    4ebdc721b412d5cf252a0b2828c93a74b9ff768b

    SHA256

    2a41b77af65c88abeb32b81504735d42621ba85d45f5a341f6d8ebe9218dd6c5

    SHA512

    d995321ebebd70f71974c9c71b20eb55495f47838a18c377263ed50cb3e8e9696777ac20db7a69c45ae29888b3ddc2a350e8987c02b838f751461c8179f18e06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDDC5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDE64.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit