Overview

overview

3

Static

static

3

企业网�...n.html

windows7-x64

3

企业网�...n.html

windows10-2004-x64

3

企业网�...gin.js

windows7-x64

3

企业网�...gin.js

windows10-2004-x64

3

企业网�...d.html

windows7-x64

3

企业网�...d.html

windows10-2004-x64

3

企业网�.../en.js

windows7-x64

3

企业网�.../en.js

windows10-2004-x64

3

企业网�.../fr.js

windows7-x64

3

企业网�.../fr.js

windows10-2004-x64

3

企业网�.../it.js

windows7-x64

3

企业网�.../it.js

windows10-2004-x64

3

企业网�...e.html

windows7-x64

3

企业网�...e.html

windows10-2004-x64

3

企业网�...gin.js

windows7-x64

3

企业网�...gin.js

windows10-2004-x64

3

企业网�...01.vbs

windows7-x64

1

企业网�...01.vbs

windows10-2004-x64

1

企业网�...01.asp

windows7-x64

3

企业网�...01.asp

windows10-2004-x64

3

企业网�...e02.js

windows7-x64

3

企业网�...e02.js

windows10-2004-x64

3

企业网�...e03.js

windows7-x64

3

企业网�...e03.js

windows10-2004-x64

3

企业网�...e04.js

windows7-x64

3

企业网�...e04.js

windows10-2004-x64

3

企业网�...ta.asp

windows7-x64

3

企业网�...ta.asp

windows10-2004-x64

3

企业网�...mx.vbs

windows7-x64

1

企业网�...mx.vbs

windows10-2004-x64

1

企业网�...t.html

windows7-x64

3

企业网�...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 07:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    企业网站系统.net v1.0/FCKeditor/_samples/default.html

  • Size

    945B

  • MD5

    f0a672694aa731aaae89613bf08c484a

  • SHA1

    f97d3d1d30baec1f4c4580d1b6246192b9cadd7d

  • SHA256

    a0f663463a56ef8ac3dfd2075357c603222cf97c2b75d646d3012d45c6e3d46c

  • SHA512

    d1c5e2a6116083da1b47a79de72a6a50523ae432c649c6a8f565f0276c212112d463644bbf206e26ca6cfc07b503bc99caf8a435eaff28bd3fca64f46bc92763

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\企业网站系统.net v1.0\FCKeditor\_samples\default.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2380 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2084

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac4e86bebdd9d909dec0a2ee8e659ae9

    SHA1

    7b5460589aeba8347cf121d3e75f1a5fd8b30c48

    SHA256

    884ab73e1550c69b5798547066ff55f431135657c838dddcb38b5997518b8a26

    SHA512

    e450b32f2156c4696af6182e3bfe28e41fd1280804c76b46b673958306c3d2df11cac1c5878777bacba553fa833c74ae290fde859dcf1da0b928ad7975d7e98e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad50fe6e7788bd9142f0edbfb24d47ec

    SHA1

    27c5e84848053c4b10770545e96985738454903a

    SHA256

    98b38e383659350f66e51d3f52c1a0e6e7740b6af577719a4bc57ce8063d8bb2

    SHA512

    a752b8d9993a261bf6e5fc9e59ae8aefc8f0e07de2c3a0ccbef7029f58e884a25a9402f4155c9002215cd58972cd5f40769ca241b4e42bd7d23b38ec49f92719

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    541ac6acce5d53a3323c5f9878312f55

    SHA1

    5c939cbad59c87f799f0a0286ee1ba108087358d

    SHA256

    248aa93677dc63737bccbd2a580bb42b29eaa4cafbf33ae9df0a1b28717fb9c1

    SHA512

    337c71918186d29a6c7beec4257ceecd41433169d2f23855053ff316516f39516bb6958e56c80ecc93680da43590564ec5ba33e3715cf8bc4690ee614382daff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38a2b2f72d728d196a46726e4fbb8f44

    SHA1

    160a8933bebbde04a347cb9c9a42b4a901872cd6

    SHA256

    f18f3745c272d9b2dc1b0fd215a975c54838cd4ab67e9c602749f5b62d10c9e8

    SHA512

    f9065a659ed49ea6296f6913d23743d98ee898dab638a13773fc181eff928364826949437a765d15c24d1650e938aa4c505b9d2aed0c5649715a425a0bd8911e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94add61eb64dea6732969fc895962785

    SHA1

    392f22514d0e23c91054d60e45b9493b4361c7fd

    SHA256

    abd28999291b996c7d0b17d53eb0807793ef8430de6522455a63a4e270573669

    SHA512

    d18711030d17ceb63dc6cd81f76d2ac7d7bec69c279b7db19b4568c4104b2cd64195168f8d607404b23df0b61930cf8d98dad62c9e08e4f8d7ad96455a07782f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a89e8924f27da234f01ceb6e9d962f7

    SHA1

    5818e3b302aa696369980c282543ce3d074a6fd2

    SHA256

    1ea68e426a31df841d9478d2756c5a5839c07f8f5e7f79351ff7a65dd33c6060

    SHA512

    47de0de9b8277f8df5fbc882765c3a301477aec18c55580bfe12dca41dae2f6b488652ee973f87d70530bff4fa593bd556d29fe083e0dc3bf013cb4b9a58c2d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    233bacd5763c6b428ce24a0245f068fb

    SHA1

    908b541cd2e50126f33438870df108a7a8797a9a

    SHA256

    de29ac2a10dfeb4e47de0954bbb7ecdb62aed8763ba167d605e25ceddeebf6aa

    SHA512

    39c2fbe972ab5b7a7d56e2de5d7b3fd8aeb3bd0b34a1dcadc1a58a5408373f8e29815c4689332034b6e8c41956365386de22d21a78148a2a51c18358bd58f803

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfe858c7a581f2ddd183c75b2e401b90

    SHA1

    c5c524e7e980f8e70b471e76461091341d187152

    SHA256

    aa93ffadc0d19f37a9bacb303da592ce2c8e169b4bc7855b44010fb652778785

    SHA512

    a26c050840e2c514c7090f31b0f3a95d146ecce28d740841f702a5c5b270d8c5dcb5dcd749fd3f8a2da13efc76d7bc77c640b216f48266a172bb2b2db16cca42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d54df8fe44238be8825d59f45837163a

    SHA1

    23c5df2dae777b3441eb3fc73d480755f04662cf

    SHA256

    5fa8d3896a40c51630e440c320f9252d2a1f85100a3fb8b229a427004f373b61

    SHA512

    37ed271ea0e140d6c3dc6632e91a3f047386f57aa2b15161f8ff30b44a2e5d5f039ec3f77aef13beea1ba81b58712874acbd58c823c32cdac098eefb5b1d9aa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41913bbe84714d2294435795bd590a74

    SHA1

    172b7236d214b666b92c6ea882381fb996ba40c1

    SHA256

    0a8d9b600220989c48f82e98754cad3a04ed270a93922f6d90cf05c1281b6012

    SHA512

    f79632c787e2ed19b56a000351edae334817efb3e44eb4cf04043b1b3721bf7796e148e186208f77152f18a710d2af8a740d0d63f1be352f158c7c6dfeb816a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e15da944b5547da87810b694ee9ee864

    SHA1

    3233bd23994aac976c30ac8999231e447a4b8457

    SHA256

    5b3f0a5bc7581b118b505e58079fc0aaea3f887d7e977272d2185c6527e72256

    SHA512

    06ea5820edbffe2c7e7fc3f3de46625849f730ba36af8acb3c90557641dd2ab52f648ac51b1c39f90e347e51c690d74d6adcf8934e5aa0540f7973d4af8e4d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4ed22d0f777039efb2429b390f3a629

    SHA1

    e79c5cb8a63e992d670b5b14f10b63bf533ea8d6

    SHA256

    06b8e2e344fb039990a173f72eb7db72696a30a2dd828c1e110b4865fff2a338

    SHA512

    344878302a2ccd74f59c5fa210e45fff6c9f613f83c7b1a5083d4e591e91d0a74f3764d951166a086e7af99040e17b4f4333059e308b028c0bdad8043a5c9e9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    162d3f0c24229abb4b1f0a67fcbc65f0

    SHA1

    c49932e1e1a40e0eb0558d987ec15aa42fca2c07

    SHA256

    f4ab1ccab2b443fc99aa05e154f7fa528bfc2c810248fb04133127b0bd53a81f

    SHA512

    1f63a96a76e97cb10f7c7efcdb35c8da44b65268aada28d027d4d8d44d864b90f696897475c3aa74fecbb86a6ab60cca38cc36b2c48c96c5ab62f884d23d220c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d10241a155d0baa7ea5e701a3b436a93

    SHA1

    fe3a8132605dbe8036763b706e672b61ffafb940

    SHA256

    765315b77c134a493884f89b760f2cdf3d06536a388ada25a45cece406d0c24d

    SHA512

    1fa867a097e8caa53fa965cc259c6b43bd4fe54588bc4c6613db3cade6ccfc51f16643f1df4eb212ceb45a1882feef5d84f0118176f0e3ce3aa5ccefed0fc9a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffdb2fa5363b1b53ba0a599b93594769

    SHA1

    845b034692e3054b20cd4683759c60015886d876

    SHA256

    1da0b5af90c0359db2230cbbb1e805568ef82ad7c0a186e9cd8109592fb00972

    SHA512

    d043cb9bf1f9fa09589d744a8c0ffff231792e9318652b61122cb1ec908c879f7cbd1fa3efd94ec223d8efc53ef4cf3de3af34b134e9d954dfd87921cad7e0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ccd58ce2bba6bed42c2e092ecbc98ce

    SHA1

    51f3cbca37da330f7ad04a2bdbc815202ec6cd02

    SHA256

    77c8069c60b8f8b34a4385bec500594f88269eef2932b50462609b96d6bf3aac

    SHA512

    44d48745be600ba617dd0e20edeac25c477201c9ca78c712e6ec290a59b06d42b86aa2b686e2ff063e1866f914becf5eff6ba2709093ad096f9debd0490a7c44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8244a4ad4f88fd9633d9204a9948b402

    SHA1

    5a002f853241f58df01b46a905dd1fff8466eacf

    SHA256

    81b9652fe096dd92a88c14490ef18d9e0c7da28d973c720a8a4eb44a0084e204

    SHA512

    4f5357a61c7dacdaa4458c6724cfc760d659efaf0619c90f149c22702e07426a342f05f675e2ebb6904e7fe141c0948452c255c886caadae784483b5e543eed9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e71643051935bef888a718ef25fa755

    SHA1

    845c15a8a23153f61d82c965e5790504d928bcb6

    SHA256

    3816d3aa3dce0e9acb7a8515bcd2af0b8827d7e7135e8258df0df96b7617984f

    SHA512

    576d7974d962c0ad9745531eb3e5c62e129154a35462fe1ea4df5b852b425dbbe391a8f708c7dbfdc183ef051253ab0e881b13fde7ff2598a3dd28ca8f5ef4e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d8d385b3ee4958801e0b390762093fe

    SHA1

    495543699141958dcee81a3d0eaffba9e127a482

    SHA256

    44afdbd709a2fd34a11e80d745d21280d1e1f4cea92313bf445c7490e2133753

    SHA512

    4eb3aecd72032395917d4b7793415ca4717708f9128a0ecc251ba764139bd17ea62875fbc5f421051886869306355c0d6a7eb092187315713917b5f5994bdbdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC796.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC835.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit