Overview

overview

3

Static

static

1

#$%shuju/�...��.url

windows7-x64

1

#$%shuju/�...��.url

windows10-2004-x64

1

GG500_CONT.vbs

windows7-x64

1

GG500_CONT.vbs

windows10-2004-x64

1

about.html

windows7-x64

3

about.html

windows10-2004-x64

3

allinc/downleft.asp

windows7-x64

3

allinc/downleft.asp

windows10-2004-x64

3

allinc/inc_down.asp

windows7-x64

3

allinc/inc_down.asp

windows10-2004-x64

3

allinc/inc_style.asp

windows7-x64

3

allinc/inc_style.asp

windows10-2004-x64

3

allinc/inc_top.vbs

windows7-x64

1

allinc/inc_top.vbs

windows10-2004-x64

1

allinc/wnag_ip.vbs

windows7-x64

1

allinc/wnag_ip.vbs

windows10-2004-x64

1

configs/config.vbs

windows7-x64

1

configs/config.vbs

windows10-2004-x64

1

configs/noip.vbs

windows7-x64

1

configs/noip.vbs

windows10-2004-x64

1

db_.htm.conn.vbs

windows7-x64

1

db_.htm.conn.vbs

windows10-2004-x64

1

down.vbs

windows7-x64

1

down.vbs

windows10-2004-x64

1

download_dx9.html

windows7-x64

3

download_dx9.html

windows10-2004-x64

3

download_ie.html

windows7-x64

3

download_ie.html

windows10-2004-x64

3

download_media.html

windows7-x64

3

download_media.html

windows10-2004-x64

3

download_real.html

windows7-x64

3

download_real.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06-09-2024 04:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    download_ie.html

  • Size

    3KB

  • MD5

    09d8f9959939f17d0a27424b40166082

  • SHA1

    d8407ab4e541ad3bf9323e95984cf2b5c37beecf

  • SHA256

    30b680351ba336e0da798114475cee3295fb1ca3ec681494fcd0d978d7164169

  • SHA512

    9278c85b5ca06b074eefeaa6216dc252bba927774e240ec2663062056f70cee24f1e1e1dd986fedf45370a4c42f3f513ff45874352a5c978791e23ac43a50b4e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download_ie.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    393c1d34a2b8f2393814c8c1e3a54d72

    SHA1

    15c29ce8f2f05f6447617a4b7669fb8d54972088

    SHA256

    362f8ff4dc76e9d2fd71a0ac3588edc47b63e34bbeff98be021a05fed08397ff

    SHA512

    dd9db91edfad3d8e0630df6cd409abecac79ce7b598247eb9159b964805b4b54b2482d23dc53a1ca018e95ff9b421de7219803ece8f6e1ecc995835f7cf9d6b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67c0b1fd0ec6b79452101d2973b5897b

    SHA1

    03191a7a63fa7ac32fa511485927971ce860f7ea

    SHA256

    dc4b50e97b8df03b235481d85144b25f09e4c8fb4a535bf4e766740b5a3d25b1

    SHA512

    a1077de75051ee5552028b5faa6463d7e4a7b10928bc9649530019c8a5dd1753ff771b485a8ef3d19420dd77e0379f992fe4997eaf46fc93952d0708c773eab6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    511f2b18f110bcadaef469e2bc606a8f

    SHA1

    346e3c005860b304c9c4d7545e96679ec0b9fa7f

    SHA256

    513a0a1551affaabe8445cc6c0033ac09a607149f0c885ad8eb3f216010040de

    SHA512

    b3d6d2cc832d02e86a50c37a96b3303a593aa8635fdca61d8ce9ecf801c3da1cf05201914207e94349462b2893363731d8424c7099ac7328d5fdb6d5170c858f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ace747db9da4368fad067d7da9a1922c

    SHA1

    466600b20817412c837acca7cfdd1dd4f02283e7

    SHA256

    f62a444f1d62754f2ababf868bacac91b7eec77874817dff6a387d2521b4d1b5

    SHA512

    d8ac3a707034d2f7cd7b94794d8dbd0dd59ce961b7b327c4816db0b868afc7d4c169e9fb32d1cb17c7273b93d6e219665cffede7d392bcd28d8d2a2d39e136dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6218ebc0330c47328ee7466feef9f5b

    SHA1

    2a0f9d4e83b964004f17750a24791741f9cd3f61

    SHA256

    a19d7228a583aa1e606306d3206794261132975dd7fe9b1b2f7049b5eeec6169

    SHA512

    8de171dadb07a80827079c35abfcb9014f10356d2781cbecb375da3f6c678317af971dd369c7c48e2f6d5d3212bb887f49433cd45b0536557f19ca3acbac891c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d86e27e529674d4eb1a155bb23884db

    SHA1

    ffb647f80e45630d2a8ac54f86c6c3650598913c

    SHA256

    eec9196f197ca481941d8b1ff66efb0041c20511dbb457260153561338bb34b5

    SHA512

    1cb46a0a112548c7505ae580602e284311aec91ee543df24e8169fe6e8d9104d5b713214fc54160e28a6a6d98ce2e09f9f02079e625cdc91ae0bb9d7d1e30c99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23bfc0b76db796c8b8239f75b2f29926

    SHA1

    f9fd3abe458d381d44984f28d806d961e0b04623

    SHA256

    190ba90f1e1a055f7827536b4edfa5f88f827c8f324848a7361ac7b48fcaa586

    SHA512

    5b5fbedc88e0d7323a6c5be2e439c03e88e0966953e0f8ea18a1e3f244e3ae6696dd30622bd47682926e8a7c918099d66b7dccafa199a962d4b3647d3b96016e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daebffbb538938ef56b250f3d56ef47b

    SHA1

    28211f916607d03171147226f8d877bfc83a570c

    SHA256

    4208cacf235dcea47b16278b591ec1d100771337bb41036ba4e48ef27fda9dd2

    SHA512

    6c8fe50544fc861c36c3c2198a0aca1a0a3b859a1080000a97e6e5323d8f87a7a4296ccb05cc41eb78fcc789ecd6106460163773fa1a306d8d0cbe2fb2f926ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adde3cb5ddc6e80d54a83f5357c34e26

    SHA1

    9fbed86ab164c11ae769d25663e73af378704d52

    SHA256

    9f7372e3929542a12f4168746ff28baeac03d31e0e2e2dbca04e70e78c53ebcd

    SHA512

    4f8329561b7336670373aefb78749c4ec3b93e962ad5d825463018fb34c38d4c06e2ebada79610fc5a1fa3190aeb6a4bdeeb420c1d01a1af2d883bd89e2010de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2836a497f4eb14e15ddc70ea64fe6791

    SHA1

    cd2b2e83cf758d38c77860f28c249b26987701ce

    SHA256

    3c27eff045ebf3ac74f3687ebf5a4381e4759459c6f54833659f88dd93a55806

    SHA512

    5b5a8413ca1b5b0a62264d67f6a4bb43e905d5afbaf3eb1f395029db5980529541edcea8ea9a27010121bc39e3efb6ed7839d3140bbd08a5e76949695d27af2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d281d60e2b6916cd095b744ee01cb44

    SHA1

    e978bc7fc54788c4e4a8ab3ea0e6538fb707f097

    SHA256

    762076115de4cc06bf45a2b968a35acf49564be815f2700e7e388468450eae70

    SHA512

    0fd51021f638822e4aa975135334e2345bf89a05610d1dd7dd738d2b5010cb55b626b100f898bf0cb4987ebdae9255ef07ab2c01ef588448c04a94ab0055faf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6d0ae8dd9cf7ffa9cc26cdf25033bd7

    SHA1

    49ae80f4e0326f9bf423a8f7acc20325e941de22

    SHA256

    2b058174070e55dd7ad89d1cd0162a9f8869c7f352c376fcf67af13ee6a788bc

    SHA512

    99271a662d554263a685a39505e1ff10894940be0bb00aebcd6c7c5f8cb1412b22acaebd4af61f6fa91e05c23c8eee5a33e6c0df6bfaef8c0dda59faa0310a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cde6dae0b1380027cc61d4e35acac9ca

    SHA1

    292d750e1fe84f7ae400709f4d79cf1cddba5f51

    SHA256

    2d1cab02b39962570be1523cb1bdf111449758ed97e9178a08289134cac19093

    SHA512

    4a1ee0d1cdce267c92d2b6aee52bb8b27dfc7e6aeb88f7744da20fa726c4ddf6ae0df5ac93c6e5180a20259febec1b18907a2be526f4be6e07aec262215f6040

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ebcb25ae725931791dc0d4d9d0e99f8

    SHA1

    211a8a776cafc92d4ea2841ae928e398a224c518

    SHA256

    e38f3b50e363d87f7086da2b375e74c3098566b5de6c2d17d3f76f22cc825a50

    SHA512

    d4e5ed25c8daca1e7e4ab22ba3e3b18becf3383ee301e8e19753a0b85adc04df042fd3ef0f518dfc59e70d72cd6437bd24024c1664a422b698b6596cc345d0a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    715c464ee5a8fadf4b7ce568dd7ce361

    SHA1

    7d4615c9b34e26490071e6a9315abe2b8659c35c

    SHA256

    b3c17f9ceebeba23d749a672cf956427b00af732adccbd91de9efc56ae1f33ca

    SHA512

    26f08a9e65c3c7be94adb9bf579696598140b3f7c4b16154ba1e590e3340cc80888fc8708b86cb21d65e1c8e37375caa054b79aabc7123a3258fd8a8852eae58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75449396905e2f96a1ca22a1554bfa6f

    SHA1

    f10a4c18d9ca0444c70a6fe5782376eaa4be37a5

    SHA256

    5925565550495e702032b4494aa8033809a95ad799d26962a077809c2dfcd00f

    SHA512

    fe460a1668b1c4a5ea3827580d4f82f51c884cce5392daeb55b1bedb5e2b2bc2b510ff7affea5b155e7c6f76119830300df5cfde69205219435574af8d05d1f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ef6021775c89385e76dfcf928a037bc

    SHA1

    9ff3e6213ef24ff4ed098ff818e53cd3b1b70cf4

    SHA256

    675726503f43e85314f0a94a6a90c4e1a5b6234a6e26b352b0010eca697dbdc4

    SHA512

    d4702df8dff6bb9f46247d74a591b6fcdccd273f0a8fb5f342339665db34024467afbd53b3b2f11a2416cc189ec984d4e99c68c975a35182b1e04815050af168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9a8167a3d63d28805fec06a58f07753

    SHA1

    20dc445e0d23c554b1c628fd60c98d93111f1b2c

    SHA256

    21d9f32c84d083be01879a622ad93fc224a5a71ddc64c0acaf4cd1a0450c17e8

    SHA512

    57297e8aa4ee121f359264311aa481fcca1e25102e243b3b680269c7cc0fae63c2dd8751241104ca5174866420fcee2c08527be48a3cc0a620388ff3a14abb39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a95c5f80a045eb16dedbc850f01d814

    SHA1

    3dfb9cce74cb788d8582d5eb089adc22418e7c97

    SHA256

    7c833bb65608af638da447debb12f0e0cc727c05a8ef8526fb6e9fc28497d099

    SHA512

    2aa1b0462c77084bb5ab08ac3604ffca152fcc5f57d767aeb98e04eaa9275f8cb09c1a0b0506f1c0b201bc0629dbc452cf393a885db97d2d5498ca30f1c84b3d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8C98.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D48.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit