Overview

overview

4

Static

static

1

PHP搜索�...��.rtf

windows7-x64

4

PHP搜索�...��.rtf

windows10-2004-x64

1

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

1

PHP搜索�...n.html

windows7-x64

3

PHP搜索�...n.html

windows10-2004-x64

3

PHP搜索�...x.html

windows7-x64

3

PHP搜索�...x.html

windows10-2004-x64

3

PHP搜索�...ze.htm

windows7-x64

3

PHP搜索�...ze.htm

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...h.html

windows7-x64

3

PHP搜索�...h.html

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...0.html

windows7-x64

3

PHP搜索�...0.html

windows10-2004-x64

3

PHP搜索�...g.html

windows7-x64

3

PHP搜索�...g.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...p.html

windows7-x64

3

PHP搜索�...p.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...eDb.js

windows7-x64

3

PHP搜索�...eDb.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 18:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PHP搜索引擎20110614bate版/a/mianze.html

  • Size

    3KB

  • MD5

    5bfee8ed25722574a42fd027e2b3409d

  • SHA1

    0371f1c7b154c15d837205215c25abc3590f3a28

  • SHA256

    ecd3fb9943b6771741c1da9d71ccdd634e4af941a315cdd3de8c91b4968877a1

  • SHA512

    e390a8880ec24b7bec64e2248db2538213b8179c45a23dcdc9a26b3f735475df4ef0d2053df1a09b9683c7edeecc59b786243f121514d458183f017ef4a61a11

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PHP搜索引擎20110614bate版\a\mianze.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03d9e457d299e3f8b4f92f552a7638f9

    SHA1

    1da2aa3b856e81f1a134fbcb05c8c6e126b5f551

    SHA256

    e0baadc29a2b331d61ae3517237d1cf50ef25f4bd1fcb7dfffcf1a51db91635d

    SHA512

    081eabb49df903740f8261101a11763e01fe924c6343fd51b2b557ce42519162bcb0b6fb18e4a042ee6f15d528427e7115fd1c748a65e42dbb797bab268506de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66607491bad7e39327547c4bc7cedba1

    SHA1

    1470595df60df0c562012b60a43080de1245c76e

    SHA256

    d7085b6185700f8b8e1d255de3bd5bb03895fcff77b15a2e0eddf88573d4d1f7

    SHA512

    baf47e9ec2bc48a3cbd851b37134391a3c6b2b327d8185e1813663324ad86566857508cf102adf7bb07016f42e802f1177e4c0aaa25d6c2d37fe54a9eafb5bac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dbdfd6e11c720f0dfa76d1d471ca420

    SHA1

    43691f6c261bf27939d9da40424b954c68c8ab74

    SHA256

    7b7dcb336f0de835455a296752f58d3c1d7458260c4599f24f09d907ca752d31

    SHA512

    485a26e5f8ac09b01540b1842192084664bb0b87e94652c0f2d9a964b1dc1f23809ee2bf668bf32b51545f9d50d1aafb2fe90ea1ca8112c44747e5982f7d5087

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fe195bb17868c6718c74df871ea9435

    SHA1

    1825ca989270d132053ef51f8e0c27bebb301617

    SHA256

    e4b7b307991242194137dc2c595407b414b8351c4dec5ffaccf142e3b381ab58

    SHA512

    6019c5adb4aeea3a6d6725159d24d795e281015e34e8cbd5bf6a64589813605ab507a5107a402d7c840114af77f02ba32d3599537b01b1632a02f3c12f3977a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b08f0a30253a7a935f3795fd82bc62ae

    SHA1

    6d76f0c8dffaead4e09eaf6a38ca65f2cef28845

    SHA256

    64597c9ca8657c76ac531ad421cda52f93e05c8eb364171742d07452edaed2ec

    SHA512

    5e893917a8d62f3a41e54bdd6761500d009091d967daa4945a64038777fa10c737a71a0cb16b6b5c95c2a1bda8997a3f9bc8045661ec2a4160a9525dc58c89bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b751f656266891ffe96f10b4508090df

    SHA1

    f5e53d2e13dd2dfe8f151788cc973d86b2f29834

    SHA256

    70a7dd810914d13562d8e9c44acf7739ccb4a47975da5e2dd0e5ed80ac588c6e

    SHA512

    43f9d66f24f0ca238fd42678929602752191d4f51b9cb4612cdd0559cfc3c1401b10f4c7d4dc73d3feb9c33fd4a8332fa206bd650028632af6137e06363d43fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86f536fd649d902c422e28d64951da79

    SHA1

    babb4084c72a7ee92b2249b015e9afdd721f3d88

    SHA256

    6ed82ff500fd60d51a628ba2435b4ff3f88826f6fa145b318f22f6780e9e0baf

    SHA512

    0b9a19b465d3ae68a71377ea3e361f38a898c6a2f50af9ac7427e9309fb97d6e2a199a690d1d73bfecc82db29c81f41b0799f4f9881a288d9b5d8abb630615e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03edfcd06ede97dfe49ddc1e28228018

    SHA1

    6869c1be3485b7e9f6f877e6eef74db86e4eef0b

    SHA256

    d5878c29cf60cc7213ae70691db0d5afd7a0b37ef3004fd315bba3885bbaee7c

    SHA512

    c70a590152dbd516a5f781432fea560f24f85d204a7594f04625c1fd0e7012a842092d72351763fa099e6387b1b1290859affa99784f786400544ea545dcdaaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01e2e9af98aaa470eca01442279d8eee

    SHA1

    3d8b2897d2ab53b290895f46688f7302f6bd6167

    SHA256

    d92c5dd4c6779e9fd62ca78ec8af4a3d364a4a30de519f26e1beec439a283cd3

    SHA512

    0f8d59788e2bd4a127b0b3fdb8abe3dba51f40a9049a1757c213f02ffd6279b11442ba20653ae72a53c173f33643c04f4bc60695e2b8f51bcb576254dc62afc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6313c1874a3161054b1c8a14731569aa

    SHA1

    e6d1fd08c91afcd66758cab34db11ed73334268e

    SHA256

    ccc04365a0068f43b4c4d5d48ef6b05be9ff90b5e809d8ec9bcc2c1333b5e09f

    SHA512

    a24bf3c8ef3582414edf685e117aa9e25945eca3974bfec20fa23a9dac230bc6cf9fe64a78663de5dc71ea73f7ef16b52b32c028dc4f22e17bdbaf6539f3b550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9e827776d162c4938afe33511ecbb2c

    SHA1

    bd5e67dca5c06e1b47c255fe30d40da1e05f0d29

    SHA256

    c443b3fdc9fc704089365b67cca20c8fb190b74c96ed1115d11af564438e97a4

    SHA512

    ef5e77243174cf0946c50686c4565bef5ce9ad49c00e26ae77a0b4aab9e1a5355f0c95bdb3741806e1c4fbf9a19312cd739e3738646367eac5d5f0c23a9bcf73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa44c755b37ca1835bb4f84196a9f12d

    SHA1

    b29682b269ff46df647479b15bf633edbed56ded

    SHA256

    ce060d7eee0df09c97c2febab1e33adb339b3a3d6000e9f77a4e129c56446767

    SHA512

    5a2704f34806362458fd6c4d7315f0d2f1ea5f8a912fa2c0ccec49220c42e989a73bb9bb9935b7ceee06fe501d7841dc9e4cc4feb374e9aa38503e79df38640d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c87d99df7afe0c6fcc62295cf8b53ea8

    SHA1

    391705f80ecca3d2a4785e88b6bc662e6b2b871b

    SHA256

    3fb199d491e4917305125f14560f0bde4b71a7e6aeb6e5d763d1a6af8246eb01

    SHA512

    73339cd18fa1768df9971dcc4c044122d8e3cfd65a79c5484bc21610e0db252b7de2aa8667a39b3373475b852dddce0565ebc80637f15f6817036cc22d2121b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2271343986d6e460f95e8fd8412581d3

    SHA1

    d474f5420bd7f2da1b9c3b0d4bde732301f142a0

    SHA256

    40cf48587c058024dc920407c557a827a2db9821be33796db788265d8de44263

    SHA512

    85635298c7305295a303612c7719d74fa8809b059f488df5397f247ab021e140460c9c2abce293f8c89f9d326fe68aa36676639333be976ca84be99777ed543e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1cddd4c740deae0272b0f7009a4fcbe

    SHA1

    1296afd0532231fefac14c810a4b88851ab8ed37

    SHA256

    f701fae8ec86b03615c3678e97f09e5f6b60e7817e22216727258b868ad95784

    SHA512

    15addf5ee8f811f91832a88ad60df773ba9a07496fbbc2fabf87d5d47951fc1c4f3607368f33243ae37276b1bc4a4cecbda1cfac09037eb89045a646a62d5fa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    862c7a49ad06cb212bd66136a0e0196c

    SHA1

    17df90ee63f6ff0d47e5447789d6f1feaa69eacc

    SHA256

    4ff40b29412cce646be43d2e6998e21a4c29024f04badc41dd5a249801c36ce7

    SHA512

    91edea419a82f37de8a489e1d1a9ee273accb4ba10e33a9207a9b49f3baeef39c6d58693d8eb195963b4bae9568c3f56d787e2118f4c9153f3648a7d3f0b9a12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    928133963143b08a5d911f7bfe06faad

    SHA1

    fc90492beb6dfda7f60fbc830515f23bcc5d91ca

    SHA256

    c6819053bbec9abf88a2091e292a1fa8c08f02bcb982c816956663b3a9d16d90

    SHA512

    b7c23d277e64a380d551417cb8f4033de0117ca40787db0c642b990426a9e7210f2afcd546debe58bbfa4cc48514e66ccb8df84e2e7a1e8ae77232df2ab2c672

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43c724b830527bfa8ee3b905e99e1941

    SHA1

    e78f4755d40444470926cbf8e12e4044293df328

    SHA256

    ec38fa552bfb8c1bdf4b1a8456beeada1ed1a6735f9ebba52e7319240c84f42e

    SHA512

    1b7321e87ff44951e2daf097b3bcc96094760d7705c0e92fe44c67630d32c312643cb904f15d3c1364ed16575a5065d95357df5785c572efac02d9bee4ae98dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a14e99327577d639b0e83ca86de2ded

    SHA1

    4cda96070ad2291f6f4a5add708d7aa106db614a

    SHA256

    9017b57027e551b3e7b1eb782f7c90f11608c812c4aafebb5f437585dd5b311d

    SHA512

    6c9d41f7d034a86c6281996631451903e58803df3f07b6fd061ba44b876813a2588f414169d2b019a00d505c30bc3a9971255e1edc5d8083c519c2b1e83c5cba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFF47.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit