Overview

overview

3

Static

static

1

#$%shuju/�...��.url

windows7-x64

1

#$%shuju/�...��.url

windows10-2004-x64

1

GG500_CONT.vbs

windows7-x64

1

GG500_CONT.vbs

windows10-2004-x64

1

about.html

windows7-x64

3

about.html

windows10-2004-x64

3

allinc/downleft.asp

windows7-x64

3

allinc/downleft.asp

windows10-2004-x64

3

allinc/inc_down.asp

windows7-x64

3

allinc/inc_down.asp

windows10-2004-x64

3

allinc/inc_style.asp

windows7-x64

3

allinc/inc_style.asp

windows10-2004-x64

3

allinc/inc_top.vbs

windows7-x64

1

allinc/inc_top.vbs

windows10-2004-x64

1

allinc/wnag_ip.vbs

windows7-x64

1

allinc/wnag_ip.vbs

windows10-2004-x64

1

configs/config.vbs

windows7-x64

1

configs/config.vbs

windows10-2004-x64

1

configs/noip.vbs

windows7-x64

1

configs/noip.vbs

windows10-2004-x64

1

db_.htm.conn.vbs

windows7-x64

1

db_.htm.conn.vbs

windows10-2004-x64

1

down.vbs

windows7-x64

1

down.vbs

windows10-2004-x64

1

download_dx9.html

windows7-x64

3

download_dx9.html

windows10-2004-x64

3

download_ie.html

windows7-x64

3

download_ie.html

windows10-2004-x64

3

download_media.html

windows7-x64

3

download_media.html

windows10-2004-x64

3

download_real.html

windows7-x64

3

download_real.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 04:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    download_real.html

  • Size

    4KB

  • MD5

    a0c34ef47f4929ee02e66d6608e93fea

  • SHA1

    ac6fe442089b9697100600df0e83f691077d7bec

  • SHA256

    1f7cc02cb3c4d32d2dc85ee7333f0b29b4590877d725031e59f550a7a3d61880

  • SHA512

    68272207669874cd21dc769aea15976e7b641bb46e7793f290b91f488ea483e0e71d3e438aafa7785043923378d4d469cadfa4f7d916d3353a8b650de0e1d5b9

  • SSDEEP

    48:ImMq1H8bdhI8o+Iqs7kLIP5pzq9FzTc7NzQYXWdFBNnNgsEGwKSDepw53B8ab8/p:SI0Iqs7UIHqDM7BZmdnGb697

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download_real.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1304 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    503219bd281eab2226964d0f6c33c6e6

    SHA1

    5e5bda6879668707ec4322c6b42cffa57d79b73a

    SHA256

    1037667d5c48e82cbaa31df9b589e97a85ee450c6e73c0e4b96afc4dcdf0a32f

    SHA512

    ed0a46d4f0bd7c53a9e96ebab63548218e88f144e22fe847fcb03a2ed090cc380ffa1ac08eb62487a8cd31b47a964313bdaba679063157e9bda7334326e61175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    937819be650a203b17ada3da8f540557

    SHA1

    874e7e2a73450a49269da1ff51a3384010962988

    SHA256

    0f3f2f033dad0f3b55fd3d0228cf16cdbfc7fbac33c8d99b7116c8a5635caaa2

    SHA512

    9be46d81a24009cede27024a0f3d76e141ddd1f4c727fa11ba1efd24c34e7d6b9d2d5076641c93f4495f656008ceb3ea57319973316603136b885e90cb9b0631

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55c1abf103e957ffecdf152674523d06

    SHA1

    b723960dfc53f5ff2de3433a7a957f17ab2811af

    SHA256

    a3ed9ac96efc3ec03b85d7c50a6d0abb2f676ef3c051a560ff4dfac777b7dd55

    SHA512

    7483d5dbbe038f6493835fa3a7761735749e2656dc81e5dbee86a64226303458d489b8c2054ade035381267c8a8c23ee8a5ecc9e744ea9e6616a8597a1539f81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    879c9a81f78dacc5b6f716c5566895a9

    SHA1

    4d8772b5fecfdee8ff4af0c6adc1ce8366bd6834

    SHA256

    2b6a12c117bab64d1a5524bb6e75514faee7773f0114c423fe0df17d936b0fd4

    SHA512

    341b0bcdd23a575f05f636b3117b44a265d68ea6bba364076acf7bf62133c1e6062e29774ef328bc63ae1c97f36af741476d67b13559c4183dcedb7d7e559a16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b5a5168722981b99174f3151baabc65

    SHA1

    687a9c8b12d0251c9b2d8aef9ee2c69a798a5903

    SHA256

    6121332a2611b8583fabe6a4f34c8e2e207a6bcd06aa06461b6d28768022701b

    SHA512

    bfacf0d3c207db9f6daa5985a68cba65172f0a683c8be27a184fc8a75443ad0f04cd5da5b9f39cfd1b1d7885145e45c5e907718657d57c802f88fbdf92d73508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ae3ee1864288bf6b9c2d272ff5361a5

    SHA1

    6d4d1b4c4f7807264c9afdaccbebe8877f0d0c66

    SHA256

    186b1d3b54bfdcfc5f2f83ab7f8481615b0c10c70c124003aeeb1b28e49ae7f5

    SHA512

    7100c493685b4843ce327a227c5d19a2a59d7ecad7470013e7db66e330c4c550b1b111341345d8d90f6a781b13317b9e17b196a9a36f7a5f0eb3028f761dff74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca43ffb5826ea51ad47f6cc7137b1e15

    SHA1

    b9b9f24ad78c0b49881451d0792aaebdf406de61

    SHA256

    26acce598eb22f057b4707970aed9d03fab7252697c814c3c259bbf2f2a4d9e2

    SHA512

    476925ea458d52717235ed9937b38710ede640540da5be5aa9d09145ac687a318fa17066d794121e959d0008e572fc73f987d6bf316bbf31a8400bc3446902da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62f0057b7ab2c9ff3b1342c1d4f27ae1

    SHA1

    49d3c42907ff7822d6e6642a06cf067ac7a74d6d

    SHA256

    e95fdd0e8124e53c4ff2abad88e422ecb6744de53d0629b5d42510c2f48c737b

    SHA512

    41b54479641d6a8d7f74c95182c40c589e4eb4f36f301ff3f0d713aa0efb87ebea18a90dfc1f82d1d20627d705a3e17150e8f825a5c9f28f29e7cbba1d4535da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    503b4c6106b35129b1fab1d092c7e7f9

    SHA1

    aa1cbd5d0acb6d5a8bf2f87b527e8f07348900c3

    SHA256

    c4b20c50b230447d3b4d6120fff80e13d70af9258d3791a224b1a4b7234174f2

    SHA512

    f52df6519e110e0d87f3775bb8caa3f500ea57424d8c8edb74bc66ca3d77e05091998a91a5f7e322f41f491a1ff2ef57ee299001b14196dd7cd4954472e35e60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed6febb824a9aa83a0a11efa299c5808

    SHA1

    b5ce657b3204c8fa4b7c0d16e534db4ed2d51272

    SHA256

    3116d4ee4d66f08a513582a69914bfe079a102c0703c652758c31fc235d912a5

    SHA512

    8cf44857ea20b5af9fd8cbf66edda2d5c78e7e68516f773e2a4e1e94de4ef69e72bd66a669705fa857d88007ba00dfc6fe1f6c98b96ff244d95a25b7919a2fa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65f2741048de38db570085c5b53f51b9

    SHA1

    c96a89746cb09b1cca52d4f481384b8147d19b5c

    SHA256

    960af04fb9d77ebade1adb2d2ea482df6836001fa4d1024044a050cd92afd1de

    SHA512

    835c24c161761dc853247b19a8c9bb50d0d720f21409095b288e080461e7efc1ae7a3691a28235100bda9e1992db47e0b057e9d80ccf348dea4d76a4171e67e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75f25e1fdd1f9f70454fe0f390849c11

    SHA1

    201f197a71dafbb30e12a01d08cdcb2de8471f8b

    SHA256

    46242f295523b244c59c6110129c17616ff296821fc3487df7277fd94cdb3f06

    SHA512

    191dc923de9a4b304ed412339b26be85c07136e3b2c481b2ed799ea5bc41e60386135539cfe8afae8dcd6be0b2c83cc3b2bffc3b0fc53f67e30db1d859ebc27f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    262596bab1ef291a2b87768e88715aa3

    SHA1

    a5cd44be12d38ba4b49d16c1a876f865c6ea947f

    SHA256

    c1f659cfcbc67a9c7cd881f74079962b8413ac814eccaf903e8c9d9072b77993

    SHA512

    32872fab37406c2602d14612c5a213f1f85843ff76160b13396adf938b1710b692c21b4108b2b047a02c34ac2e4c42104c29b2ef55178187e52dd84d41d64700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07b4d72291a93ab22e8fbb1376d45576

    SHA1

    38dfca14e0beedd4f219723f039f15500898ae6c

    SHA256

    6fb6416d528be4b644ee56fbd9f31136b093f44f8c1ce0b6edf21d390636530a

    SHA512

    fb3dfac2fe3862358dce463a47474d4994d8840a58f8ff6b0848816358cb2a41ddee28ca410f7f44c7341949be81cac2958f9a67912d7228b6884fac584b728e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    203a92c4575481518591655fd21fe7a9

    SHA1

    e4a4b0ed46492b7e8d4fbbdbe5916cd26e48be77

    SHA256

    78f169f65ca5794870e75fdf3b4b7c645ee15c57ff8303a2c9894db63fd1533b

    SHA512

    5f0459fa79e29fdbb04cb33a6aa61c50719fd13122d028d2b64d19219f95ecea672edb14a5f27aacc5e6757458464d3c7b2d941c41e4eceeddd50dd08baf9980

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7c2666ea14959884b27158c29d34623

    SHA1

    2d7a3b09a406d341cd4a72483f63c43fd4722943

    SHA256

    642c77d0bfb8caca4334a26ace90a3b83ada6fc7a8ee096425d9e1849973ef49

    SHA512

    ce9bae419fa11f30f4237e5b5b83486a143c4965ea5a3f611d9090d812c2c7c105267d0eec9f97d53af5333d07c9ae821dc0a1427191f166cd5a09ac51acf0d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36f55b16de15674bf6301ec7478f010a

    SHA1

    926a5effe34f7b38da79851a28874ddcbc050692

    SHA256

    46774368ebd519b7572af5c9126ab258d318c903f64f87d6d71578e0c0b027d7

    SHA512

    4b96902c2722c33854a291e96d48b79876b89c9942f6c38fc23c4b04db6e51a01e704a607a44cd632a3e1a614fb7612ce39d59c7d7c2f1f225db2373680fe009

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90918b5f8eaf6fc2f9798a04c319cc9e

    SHA1

    3cecc4ee73ca2947f6e2b3a0420415d8b2e66930

    SHA256

    3553e5e66a99b5ba63a8ddbcb26aeec07ee55b0313ad0e6297d16f67638a9117

    SHA512

    e1b13d010256d5845bef9ea1162f13b77cb4f633f0fd2f2809f633ac6a81c03c1cf088a4d236b6599d3ba275b4633fc5f0e4077f408ba5fa7c5f05bc3cd3f8d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb33b9e256136a65d36b43a19902464d

    SHA1

    f9bfaf362883afca40848f145371e8a199877bcd

    SHA256

    8da0929c2a424efef260363f33a925c1c49951e88204e58b256a89aa283621c4

    SHA512

    821e6b83efec4323a3ff26e36eab8a9123ebd6d0e2b65dc88f40d497fe95bc9a0de84505546df2326a2ce40a7a50a9a301689d1447ade767107afef7f6a84646

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA6AE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA72E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit