Overview

overview

4

Static

static

1

PHP搜索�...��.rtf

windows7-x64

4

PHP搜索�...��.rtf

windows10-2004-x64

1

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

1

PHP搜索�...n.html

windows7-x64

3

PHP搜索�...n.html

windows10-2004-x64

3

PHP搜索�...x.html

windows7-x64

3

PHP搜索�...x.html

windows10-2004-x64

3

PHP搜索�...ze.htm

windows7-x64

3

PHP搜索�...ze.htm

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...h.html

windows7-x64

3

PHP搜索�...h.html

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...0.html

windows7-x64

3

PHP搜索�...0.html

windows10-2004-x64

3

PHP搜索�...g.html

windows7-x64

3

PHP搜索�...g.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...p.html

windows7-x64

3

PHP搜索�...p.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...eDb.js

windows7-x64

3

PHP搜索�...eDb.js

windows10-2004-x64

3

Analysis

  • max time kernel
    71s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 18:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PHP搜索引擎20110614bate版/a/search.html

  • Size

    1KB

  • MD5

    c981086534d5982c03619267707b49ce

  • SHA1

    ed53377ba8b88c29ce6a1f9ab284004c836fd7c4

  • SHA256

    827d0d8d192b59dc6c52e62fc377b2d73fa57b7307b3da04c5cd246e54abac99

  • SHA512

    830148da7eb586167bd04f52805cba0811763337a0af7acb0bba7c5ec9a30cdf615f002a89b1f34a715277f873ff4ed7122ab66db280d54b9956f74bfc7007a3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PHP搜索引擎20110614bate版\a\search.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ff0d8b76415af9d8e187b068f2fccc4

    SHA1

    b9f684f48558d3164273f9b2a4d0579591af9c4a

    SHA256

    ab5feb5430a7b66e42ffc22a4ae0f2a0c48ee470c2a794483c186d9637ec8779

    SHA512

    3710cb27eb783aaca13f2a59fb435dac1e081e5ba086af1f7a2233762f46df036549d6d74a5007ada202e588287b2f08b7dd492893fa7451f183c18210db4aba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28c00fba223cef0438b88434e88067f2

    SHA1

    29529520f582b72250db97a5c73779569b9b76fc

    SHA256

    0c54f26f056baa8662e88944b410deb43c62be8af66772d926b633d6c272db03

    SHA512

    6e99490cb337433445c4621a2e217e5d926041374722b756a34cba1c38ba4da229431ae1d158c856d5df3e2a096256f9cdb6da14062b02d0ee4203ca211f74a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab268c4698c0dea17d6a6849e4bd3f22

    SHA1

    c58f2713ce8186bb603b44cbd4a6f09a091d8ff5

    SHA256

    8859d77155b0a2c664dd04f95c146822e5e9e4fcea31dd8cfd7f9be351b11441

    SHA512

    2e44db3f2f2e437f3e77bad60d4bbdcaa30af0874f93c07d78886b6d197caed0f9a92595d9813f982e0294c1a308c2ab5835a60e46192e52abdd08eb4c911573

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10a08381a4a34dd2779592558dd77f4e

    SHA1

    d05b7e94efd26c8d7b19825e3625161ce0954591

    SHA256

    2442353d6fa18938cad014f50a9f7089cb07b82f078ffbb90e7fbf357b98f6e5

    SHA512

    12274f3accdbe826e9cd5ae845ab6e431b242131bd4695ad25bdd1c7e5e0a847da98cd6ca670a0ea6dabe4dbcd34498c59a9656dcf4adb1d6e2db63a9f643fd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3612b2459a5abe905fe03d14ff5b8e0c

    SHA1

    6e1edf13ceb87a4758ceb543c77fe01ecadf7368

    SHA256

    c07bddc676a96271aa3d427cd5c3b50a022c5ac45423e183a7f0ecf27ef4dd90

    SHA512

    ca214af19f49c9592ccab0fd2e0a8c409bfc861f1e3ffa12f9662fb663db5260794fc99616609537fdeda0d7f7c7e7079af2e92f9de9f75bee430895875fad49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cac799a1ff0bb8bbfdbaf0e9603c90b2

    SHA1

    7a46e6c143ce14707f40c968dd3ed7b0a6d0550c

    SHA256

    580b547abb2fd2af068fddfdc83ddc85897816e65ab64b4224ad8a055dc30977

    SHA512

    fd8b057cd6f211b2e242b48c22eeff3737cadba79ba28f558f7907f245b662d923ec96357811d4e13d7795a61800d5f952652b84a6b13958d92a2364c2ef1681

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    837d123f4003f9a1459384fcd908c29a

    SHA1

    827db7e15a39adabae8bdf9f851b4a82a42609e5

    SHA256

    dd5f4c841b069a53664ae8be6caafd89b54891522a8560c730a7534752afe47c

    SHA512

    43f3563769f717e36c58076154f773f39c15103e38bd56743e7c18f2a8bb6f9a2df7284fafe06c2ff77d71c64843ff0f7ac9e0c635129ed925dafd733c3396cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dfdc45a342e572059a4c9e53336cf65

    SHA1

    03b779b7a44b4dfe8345eeafc7ab4e8f5971fef2

    SHA256

    93ce7927822a3949e8aec7f666f2e1082ac0bb09f84b3a7ccb367d2841441271

    SHA512

    492060d7f1880fe5a2b8906be385261f66daf637fa0fa6f2c9f8e3b34654e1fb49dc7417058a11ff933d32c5aa2ff50a66cad1154992caf534ad7591aae8a969

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66c5116abe162adb6882aa6867cf4e62

    SHA1

    6df7fcdb47f335be7c238780994fc07195bd5841

    SHA256

    05888a1e16ed8944de42874c5fe8a0e803187801eb3773271812ecc41475a5b5

    SHA512

    ae6b4a1a562c727490603019a8bf61af6d0d7867bbb9f41737518ec7acda93ae2aea93b93f5c1a75b3791d885db773f6128c9fd9920a529a85c8c9a2c2718620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67b1c7e59388d4d4b2fc3fd848177c89

    SHA1

    50ccaa28da7aefa16f578653f83bcf8754898fb5

    SHA256

    5ed6257124ca27e5ab86141e39116429f0d65c9cd0ed6690298aadf0b785db2b

    SHA512

    3d069a7af566c67ccb9e573681f718854798acef1b41796904910028cd9420c1239f71b6b1e1ff5457909a6351cebb8cbc05f79103140f7fbaad589d19ea26dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10d46a2b7134732aab0b2f4c23fedd62

    SHA1

    fb5b29d8cc75c6cdd5c7649edcc62786aca60fb5

    SHA256

    238072eff3b5f50cc75b8a2882bfd4fbd9033e0d20592acab474a16296d2eaa0

    SHA512

    344d2028d9812fb3549bac84b68c84345f84640d46273765d3af47c501b2f45cbda1d2d0df7857eedd07cb686377030388938a4eee3b102981ee024f532b9124

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f630fdd4796770b7e7216feb470ce7d3

    SHA1

    116122236d58db6431468a1526f217e55e39e8be

    SHA256

    ad39e66c260336cdd7f3ccbcb4d383d1e00279c30819e790df8ab68c2b4ae09c

    SHA512

    7a21b166a1c0e4afabf677e3b500cf0f96f62715249889359ab40c8449f4f43bdaf55632ce61e398d62726cce93f22a8123ed4f04ca773a934be3254a55a2363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    552ddf98adcdfe5cf17332fc8f3ce69a

    SHA1

    4b26c8bb2c916143d2dfd5fe2cffa332469c54c9

    SHA256

    107008699acf56c7d5806339cc7e876bbca6d8b570c47873339e47dcfe2b64f0

    SHA512

    e06e07210f63db9327f0d023d6f41fdd373be57b19b1e0b4052e9083cce8d652fa295bd453a6311265947b3dacd9f7c5dbf6206f229a2d74e8f3605f8b58547f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68fbdb2aecf3a6a831b6480ae42736d1

    SHA1

    ce11009b18b2a74a5c73e7d8ac1e999209f4ef8f

    SHA256

    594ab69a2c894753d3f7b9ab87f66be46c510e8c3fb92f1ee9fbc81b2dadb309

    SHA512

    b0fe993fc1c233b621f89503fdbc0f819882c3421bdc674704b4bc4ba63ef48a46d9472832d60e193339260646940f2a61476fe84b66bf6f82a2d43484331d03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a892c530d8eab7d50e004b745fda421d

    SHA1

    fe5d683836a7079e183cd7db5bd7244a07197e1e

    SHA256

    24999c74e492c456bb53ad349b7a84010c0571ddcec0612a1b76a0cb8da98c93

    SHA512

    48752bbbdef452dc7f39e33f3d85f14d10e005255bf16e869e9e9660828b1158d5b9de482fa0980258125eb8f23427745373f9c5190af22bb2cc0fd192199cd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70f2c7548a21541273eb13837094e60d

    SHA1

    975f0b1ab228edaa98a0f2626c53c3c7957cfb43

    SHA256

    70091e505395bbf98f2b79b655a5c69bb701f1e81a5aa6013e33d9748f4244db

    SHA512

    4f7ade08e9651f3f5b367d86a5b9c3ed33455cf2864ade52c6bd5c3b401960663539851ff0c626877d7b6fd866562dec17a435b9f99c15f82c0b0f765d8f6cd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2f0d34ef3247fe8f5cbf167d56df4df

    SHA1

    cb6180bc0705f1fad1117e24fbd1d6f94b2dec11

    SHA256

    72484b819448ec14ce9fabae11d08942e5fecdc35e791c4f246f7f252b6fd9e7

    SHA512

    304b803cb2687054537c1e5ee041b713deab09de78b3077f99fab5535e33990cf52d5527f61b0f7b77ea3a0d36ba6fdd031b023ad5afd3a7e5843e728403c2f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2EBF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2F70.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit