Overview

overview

3

Static

static

3

275620948/...e.html

windows7-x64

3

275620948/...e.html

windows10-2004-x64

3

275620948/...ug.htm

windows7-x64

3

275620948/...ug.htm

windows10-2004-x64

3

275620948/...se.exe

windows7-x64

3

275620948/...se.exe

windows10-2004-x64

3

275620948/...15.dll

windows7-x64

3

275620948/...15.dll

windows10-2004-x64

3

275620948/...se.exe

windows7-x64

3

275620948/...se.exe

windows10-2004-x64

3

275620948/...15.dll

windows7-x64

3

275620948/...15.dll

windows10-2004-x64

3

275620948/...e.html

windows7-x64

3

275620948/...e.html

windows10-2004-x64

3

275620948/...se.exe

windows7-x64

3

275620948/...se.exe

windows10-2004-x64

3

275620948/...15.dll

windows7-x64

3

275620948/...15.dll

windows10-2004-x64

3

275620948/...��.htm

windows7-x64

3

275620948/...��.htm

windows10-2004-x64

3

275620948/...��.htm

windows7-x64

3

275620948/...��.htm

windows10-2004-x64

3

275620948/...��.htm

windows7-x64

3

275620948/...��.htm

windows10-2004-x64

3

275620948/.../vt.js

windows7-x64

3

275620948/.../vt.js

windows10-2004-x64

3

275620948/...lt.vbs

windows7-x64

1

275620948/...lt.vbs

windows10-2004-x64

1

275620948/...aw.vbs

windows7-x64

1

275620948/...aw.vbs

windows10-2004-x64

1

275620948/...lay.js

windows7-x64

3

275620948/...lay.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 11:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    275620948/HoHo/Document/Install/VC.Net下的安装.htm

  • Size

    1KB

  • MD5

    5d5bfdb4c8b52b98432953db3591c4d9

  • SHA1

    73962fab5af87154916bc319fc757771ca871a93

  • SHA256

    b51ec195118e5d0695f21d0ff144d8196ca4b41011426f83b980d7043e9b8e20

  • SHA512

    820b0876e1bd2e3fff0365d168534685ad7106aa2771639f2e3eaaa040cffb92b851697433b1ba2017879ee2ca61ffe080931929e797757133791a07eb501f7d

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\275620948\HoHo\Document\Install\VC.Net下的安装.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cc6849893c181d640f9b6611dc2fe2b

    SHA1

    ae4c7095d1fa4ac63bd91e10d00ef90cd8a21510

    SHA256

    7d33852d1adfd874b6d031d8f23dc9e27dacdf7693670396b90d91fc5fc020d1

    SHA512

    289268537af3345c64ea88b83a12c7e822040328545178f3fb044582769876825afc3cb656fdb436d0db17a45203945c9dc1780dbee9414d066e2cbbd090a57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2efa04ceb48e2c4105e9d9bd83fd327

    SHA1

    c55591e6317345c23c4966843767773737342e41

    SHA256

    1433666f27e071f8723d55a0126f8dc96e9578abb8867cb72312a1ef83dee88c

    SHA512

    fbce92727306918cef0e5889497be6f3550a8ebffe821d124aa5c5ead10522b3f2cc5325ff2d9dcd8cf40a4e8619b301b78fe45886a1823ccfb6420a607159c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    519706e2714efcf1734998ab5767f19d

    SHA1

    ca4dbdc0a5929012ab6f6a0ba232ec4fa8396161

    SHA256

    3beced835f4a35f95f869c559fc2164f140a0fa171fd014fc05550e3b0e8b768

    SHA512

    e31496bb7854e31d333d510a905067e5fa968edc8f65a50063768d1f59abaac01425412632f418217b8534f522679852f35048cab9216ddb14a315f9b15aaacb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    174e1d01eed428e9c0ba5efccf3643d8

    SHA1

    b14a719fca31fbd07f47f08ad8174cabe3997dc5

    SHA256

    bf418b3cb876b03e236a31ad0346cdf40e7cb373cd8bdfa66440da3656f1d259

    SHA512

    83b57d3d1f6811adab3d3b79cfb3a55d3a8a24910102b1d9cddb0bc6f3098cb3f3295ce1315abec603495d06293ad42f12a7e5f003f4e406a9075caf5ca60701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2654a19bc3dfbfcd06f4c46614c7cf82

    SHA1

    0e3054c859864ad8fada2fea632d60e97598dba6

    SHA256

    722eec5a31a1a774ddc2333540c25ca6cd211e95300777b66df596dc1806821e

    SHA512

    069a09779e067b5a186d8c56da65ffc41677a50222bb45c60011b8d000c56b71311c6f272a7ddd87e322ad84c6331c7f9c2cd4e112adf22592b174f5cf2b482d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    650a30084ec4b9f2a04c165388926ef0

    SHA1

    fe06eadcf17e43f48965bd2ce55cedede7820a2e

    SHA256

    90f66dd87f4f2f6d1c51e46adb06aa86483f16dfb8a051902c653ab68a6f2275

    SHA512

    ad7decda6cccf33b4a949a143dc3458f58a47db15b3c6e983d787e9bab5c1de9146ac97290d0319add994a59cce9d9f8c57a98b3ada3ddcd5229fa13f174a063

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af75bff19b982df2b1e42706344453a9

    SHA1

    c2de482e805f2d4597f38d3ea0a081f7401a1945

    SHA256

    ad007b75f1f63e9338b813ef58f54b629881fd68634d8f2c6255a77b19669d93

    SHA512

    8262f678ed90bb96cd9d48346cb092030d01a1b241193020bb572bde0bffe4b1f333663baeb3b7a4073c1530c8198338a477eaddab99a1d1503d1a03d3cce004

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47aa235a3aa41d5de77edea93ee9b703

    SHA1

    d13bb819d02a0b62355bcc64f453a23688835d7a

    SHA256

    dea4172de0c6cac04a07eb24747c0e0ed85aba30bcadc71e1290c8a29327625b

    SHA512

    71d75141df11d36835b5242becc4c3a96c707161e6ebcbdce73f8ed32ac054327968b3ac538728f395ab2c5def7ad6e19d616da2973e5dfdf7186538e3594228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    203727bac5003c5cb22fb2d559ab9a1b

    SHA1

    bd83d12bf27ef64e0903bce0a81cd57b3e01e4fa

    SHA256

    8656549ff2ba0aaed6eab20720e7e17ce553b9507d3a81f83215a517740c98ef

    SHA512

    9247c1aebeb1652528dc8203ef09060221f1f4a5b63902fb0fd3562cb4f144639f0af3b28bc64a75d201954e1710e605cc6b0160bdc4397b6de5b6b66c02befc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db66a10e1240facb3ed3393b76831e5f

    SHA1

    6984b1f80a79da9289202d03a5c9c65087660cb3

    SHA256

    159877644d6a6e320b1df2e1c0656fd814c399cc3475536526d1a77462fa84b0

    SHA512

    ff1bf2f34e4dfbe3d3d5c23064599c2260107476e2af855e04810a8acdc7bd4f1bc48f55d111892a422ac49c2e883a457ea0d15b293f97b578c225c7d395243a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4601456ad925d269bcbab9d76b27990

    SHA1

    59f6422125c1a539b11b39d0c88e05174e9e9580

    SHA256

    a9b10c98172e56597c4bfe0e83eb7559e234becff839cbe08f2d213db8e47a5d

    SHA512

    434fac40348880aed6dda6961209c957c6e371319adc31096c1e79f6d31025898ddf20ff6f7de25f9d52b3dd7daee0516b254976b1921e19883878453e359e98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5343e1f12f1bbba9bb683d76249f58e4

    SHA1

    76fee34a34e213196eeeb21285cd4aa40993388d

    SHA256

    16e250bab70bb6cd759fc251673b06170a0a65976fbd04b0c653027c82dafe6a

    SHA512

    096ef3838dfb4d5eac5c2db36e965b7aacf7fcd0efc85b9b8ac150818950fbcbbc9d5e86bca93e07a82675b18780e54f2532f784af52425cb590c1c656b66d56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4e185c64b6d112483728dd13664842e

    SHA1

    531140ece05ecf2734c784c2d611a76fe087363c

    SHA256

    f6c142281e35fbaa967186d28551b3109b611aa2596abefdc0b4e2b7f966b2be

    SHA512

    a34716becc1a1fc3f3e7ead9eaa70da3d436d1d64c5319945d7123edb3f71d3471fd5b1bdccb50b2e27e1f4f67dcca7c55ff1a4e18c2ba4ba689633ea45507dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b9dab0ffcf762be5233639cd7620c7b

    SHA1

    4077844b2e590bab9ca6e04b206f2755f9e74f92

    SHA256

    39619f941c04f7264d7c2a81291b826d70cef1c05d00e863b546ebbf3655709f

    SHA512

    39dfe35ca744617208ca6d79be46ac1da16968c9ef7f5efcbd0eaf8d093a73dbb00e45edeccde50b586cfa83049e29c9f2f9d18acacb0fefef9cfac2ad5a76c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d44ad7c3100d8927ac2600e4985392e4

    SHA1

    0697c68bde802ac8b388be153776d26815bd7a2b

    SHA256

    a2dcf8d3b8943e7e28d7ee28e616ce682aaf4a73c1b927886d6e29be29052b61

    SHA512

    4b7e8a2f71251b8617d172fe6e11ff678f44e2be168a42fbcf33765eac99ead958efd73db724e3663ee4f8e1079aa728b0a475c19d9a3b0911217b7589cd567b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bebaee72a8d6044187f58363a465f37

    SHA1

    93ca7035c20ddda95769b66e7f241942e17e5902

    SHA256

    c853655da99ba81367b7a1cbf7cacdf972edaeb0cdd35657858a62091b07957f

    SHA512

    a3ecffa7aa16084ccc890f17ebb8ec425a7af22950f0a5ea2b02740f44209f4ad7f11e77468cadd3a5d934fa2b885ea2fcbcfaa4d85180ace64083ad5c21a8fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99be4c6cbae7d35a1d2d8151fd84c75a

    SHA1

    a1aefad978cb66994423604ccc097d6bf7b43323

    SHA256

    c1fb40edc91976ad17473582208003989044d6f138766362957190b39f0efb9e

    SHA512

    34d38a27e818cc8f6dce3a1705c9036f99f7abf84749716f419f9b8cf37ba11965748ac52d6f2a59c1de1a19d47761dc5ab74c652aab9ab491f1a7d02fdb39ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b55660c5203f43bd22e3f7e91e43d2fc

    SHA1

    20700bb00386c3071f997b5254efd10588e7c678

    SHA256

    76359a4771ef837579a7da45e779332049fa7880ce1647ecd7eac4e325ab2f20

    SHA512

    ef2c7da3731d22abab1b89fd396c912a1f31b3f4e42af3dd1624bd9390f91c8ddf0c1f15179943be9593c3c638109fc862b4a1dd76f769966f2748e9189f5baf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFDFF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFEB0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit