Overview

overview

3

Static

static

3

企业网�...n.html

windows7-x64

3

企业网�...n.html

windows10-2004-x64

3

企业网�...gin.js

windows7-x64

3

企业网�...gin.js

windows10-2004-x64

3

企业网�...d.html

windows7-x64

3

企业网�...d.html

windows10-2004-x64

3

企业网�.../en.js

windows7-x64

3

企业网�.../en.js

windows10-2004-x64

3

企业网�.../fr.js

windows7-x64

3

企业网�.../fr.js

windows10-2004-x64

3

企业网�.../it.js

windows7-x64

3

企业网�.../it.js

windows10-2004-x64

3

企业网�...e.html

windows7-x64

3

企业网�...e.html

windows10-2004-x64

3

企业网�...gin.js

windows7-x64

3

企业网�...gin.js

windows10-2004-x64

3

企业网�...01.vbs

windows7-x64

1

企业网�...01.vbs

windows10-2004-x64

1

企业网�...01.asp

windows7-x64

3

企业网�...01.asp

windows10-2004-x64

3

企业网�...e02.js

windows7-x64

3

企业网�...e02.js

windows10-2004-x64

3

企业网�...e03.js

windows7-x64

3

企业网�...e03.js

windows10-2004-x64

3

企业网�...e04.js

windows7-x64

3

企业网�...e04.js

windows10-2004-x64

3

企业网�...ta.asp

windows7-x64

3

企业网�...ta.asp

windows10-2004-x64

3

企业网�...mx.vbs

windows7-x64

1

企业网�...mx.vbs

windows10-2004-x64

1

企业网�...t.html

windows7-x64

3

企业网�...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 07:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    企业网站系统.net v1.0/FCKeditor/_documentation.html

  • Size

    1KB

  • MD5

    20a64a949ff5ad2d9c97b5ba47089fa6

  • SHA1

    02e95a0c1dc0399805b11722520fa86645790868

  • SHA256

    9e4ef4b54659afd15d78fdb2f4afa6cc35464231be3f512cc7225826327efdf0

  • SHA512

    4226dd248e7bb0fde08874dbf2d5e7322a4d132df3ce381e117015668a24d26f7142666085e191587e7713560a159f25e7fab318aa762d9049ded026147dc9d5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\企业网站系统.net v1.0\FCKeditor\_documentation.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfe382db74f47aa267b2402dc6b537dd

    SHA1

    91e3f56b960a6d060c93e7a5d5850750eb2fa756

    SHA256

    ebb71dd7a3cbe8e842644e1ecb4b603ecdc46f9662d5d2e1f6187d48a077415d

    SHA512

    c7419b52414d13ffc195ef1164fd394662095ec6fdb50f64e71630d3d729474802ed634b0a0c95c3c86e5bfac3e0802f45002249657ae0e8d5fc4c1765480291

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    245e670dd15d411e7fcef04a2a02304b

    SHA1

    f360077c6b48a2a2b3eef3bee2217df5954287ed

    SHA256

    80839a074cbb7031ff6f89626f2edb235d3487a44d5d53579e25b78de5963976

    SHA512

    2b61d4ef496920725a40f431f01ccce76bc92f4a4dd68d72091e8518bec2810ad35105ab25319a58e39b935d296ee3102d58ee8470ce6c45e7ee6ccb631584ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32ba63d0b297ed5b21e19b810e5ca7cf

    SHA1

    3b5edaa676d3a100d2c2915256eba99f22100d25

    SHA256

    676d08953fc6b61710f431cf3df0b014d53a579e2a2bfaef04f49182ecaef198

    SHA512

    0fc1ce2427b4e66da92074c67ce3d725334a89b100d64bb5748f2f71773f7eccb01764490f00558a6ffb6717f41995f28d8df5642a9e67d7695571b182e6e49c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7786807b1245ce837b055df420e0f15c

    SHA1

    194bd1172b731cc2fcc6548cafe9948ccb019f8b

    SHA256

    43ea8629b31b051e1cf5aebf5a808ab8bd33a065ab25129770eae2bcbf96b7d0

    SHA512

    034cd402027394a9860621227e7dd411fcbfed851624993e0c26b07f0775af4c42669fb04a9ba50eb8fc5a995d6378f7bd4b9c22132a6af90ed4171ae3d30f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b08ce13008523d54ee93972355e6dab

    SHA1

    dea49b8ce16d22dc441a98bb447e83cf0aad8136

    SHA256

    76d1821caabfd7befada9791b269ea90ed6b160d4cac294bcbb6985cb7f325c4

    SHA512

    f0961abc0274b5270844d83c75baf6303f98654b988ddfa2db9b60e9a79c3fcf746c8fe623117a7a09ecc8f39ee6b14cd09a1050ec50f871107de8887ca7b90b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9692ac8c2e0e3b3b6c58c10efc207057

    SHA1

    6fc4e79760116e3afc8fc80cff4ffb1e159bd867

    SHA256

    d38b3a31be13d8b6dcf9c7f63ea4bb707178e29a0e02d841203238371f21d174

    SHA512

    c16a77102417737bec13256a7c4731be117d11372f20a0be7f54d7039074f668d2e9536c6cf1839032c0c84ff1c365f131ea2afdfc8bc6539a13fe38a1b68229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab5c6215a84e0836e366f2aa230d35c8

    SHA1

    ea165463c47f48e627ed32296db1b3e8bfde720c

    SHA256

    918d591f6a6945ee578fca79e3a363240c8d8de0355e77f024133493472e19cc

    SHA512

    c9d8823ff3bb2b6e5c122a85a3f392d22ff123551235904a5ae08220488c737ba8ff6dc9052a4194644566b934140838ad002d34a35b3b0e6ce26bd873cda461

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d0e2eb6edb5b3e9e194fb5d12ed99fa

    SHA1

    bee58da1745f298552d5ebd0fb4864f6f0be17ad

    SHA256

    23148e28287583aec0f040f5009316572a51025133f3aff4dc403fbe2dfdbe67

    SHA512

    d5a8ce3e9e791f6a4685413798fe306037dd2e516474f663bcf83195369c3db906426700b2977156c7afe296aa3aaa3fc83e775c33c716b6a5ecb41e8f912ab9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92c66a5b2593325dfbedcfe183a02de1

    SHA1

    17103969de3d5652d96e99966fa700d751af4db5

    SHA256

    73c25de2cb59ce7c85dda22b2b0d4440201ac53db289e7b0e3da03b3c333b316

    SHA512

    fb429af77f27486c353f586a38b4788c6767601a8266f67c21771dd5a4398ba82d1450d7fcf94d97e826e22d6f7e862fd68f4c7bd21c1d379c1ad300bc634235

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf6327fbea6399937f961f0ff4d1a755

    SHA1

    abcc76013bc59dc2bff6fcb544a41728d4fdb2f6

    SHA256

    dffbb7d816b6c067a8270178add1564be389163c8696002d706e39613e0f59b7

    SHA512

    4707f0def54481adcbf0b1f61608d6caca33165239f0b1c3b04514ce9852b082d14e902e3f125df0014bd2dff37de3a859d02de3d73d82caf10987602f125d22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a4da96bbeb0a0f8661bc66f81c5aab7

    SHA1

    5bbcd0e8a36f4cc7a072362d0446575a2b3decde

    SHA256

    202b28fe6f56ee5814733f732668d44f451039576aad21cf354dbadafc44b2cb

    SHA512

    f37b1d70a1a626a9e90b1d5577602b1b6f84c09feb1bd8224b75ecee469e26c81e6a86355ea20be5adf3ae73c9b7e5b2b086262eda4a3aaada2815d488387bd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32a99247d5ee86c36a1d2c0be4dd7351

    SHA1

    626e99e09caa322c94f2ea9635cc8d6bfd0b80f2

    SHA256

    33eb02470122ec2aab6257d8b4b0fc10ee2edadf98152b29122bd929bf83d46d

    SHA512

    27cc6af34e360942e8fed71855186accc98ca6e032ac16cdb26836a7a0344ed589d0af7ac7c9714ef1ede5dc14b78876957f8e11b6da9016e506b9a1724f4014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1684913fcaca2794d0b29cefd4754997

    SHA1

    95bb0fe0c4b19a85dc85df9acff3cfcaa19bd568

    SHA256

    490c0cdb4bdaa6d5b0489b73d5a652c9d603fe338e435b7624f2e0ed4d5e80a0

    SHA512

    fac299ee19927ddaa532f28084e55a53bfbbd8a34b6993b9ae4808b9d9d063e0cccbf26a1cd6276b4ddf4ded08a46f17d01d96b0801d85fef52a2ee7530fb4e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4deb602461219a8d5ef499c6b4a355e7

    SHA1

    de95d045b41f077e8c6eade9d422ffd99cac6876

    SHA256

    acabfa81396dfa71c94be029b18116a0e6bd8861f8a1e32c3862cffeb635999a

    SHA512

    471a15476d5a5c620799274dac3c150a0f0e37cde1e16c5a50f56b6be3078f3fdc4e6d2ff25954c39f455fc7875511d38342461037b21d4012234ab3e9795ad1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9534e7c27f4e3b687bcb4268cc3662e4

    SHA1

    bf96b08146381e86f8d011b9ec91a4a8b1735ea6

    SHA256

    68bd3b9d42b31128a2a3be238e253d00034d63ae4b64c38577f4b0323b2d2ca0

    SHA512

    a67f698e68da60977e1e26b6f1f0deb0a83ec34fde608711fcec5ddf33cc9b8c303786ba680a7c98a2cd04633d84382c7a21dac77a5b2d718abd08e8ff17466d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f90bf056b099052921edbd13a122f87b

    SHA1

    8c28ccf315bc4814d5cce3df6491b290012e70f6

    SHA256

    08651edf5f9718c6aa3cc36b4bf4fbf42301dfa950c52f2f492427dade43bfe1

    SHA512

    51b116559e51904db2a7ab359825bab75f3503e155b93248f751d1cbd3d7c472babbf5a02d62775cf4e866ce638a5823340967cdaf613a128237117a21e5059c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    272026a37ee0bec7766240cb38ced768

    SHA1

    908a929e9a0d3c08e4f5d6a3cfa521215b1f29cc

    SHA256

    c436eac5d33fd24c11843534d6d51b9dc48d919b5f52f339c167bd6b59d1694f

    SHA512

    72de2ab18e168c127a88faecd622efcb06364163627f1fd43a6f75ee414bd3054eaad46b68a3a1392121b640eb583e6e3f569b24fd7b42f11e0b15c2c33dc9cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a59d6a916560b38820735bb3a33bee5

    SHA1

    50893c35b09e975c67cd657f6a170bb5ccb6f8d6

    SHA256

    4acfeba45505c2efbbf10d19ee1d0b1744350fa2cb5728a37d19d7bd9a6e9908

    SHA512

    1cd73fe978d4c8f85c956e7b0a4e1d78e9fba7eefbf9f94e71b913902be1fd7a1410b3be6a05601a8957cae58cd0de244e8cea89b84c137d48276a92f9bf1fbc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEF41.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEFC3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit