Overview

overview

4

Static

static

1

PHP搜索�...��.rtf

windows7-x64

4

PHP搜索�...��.rtf

windows10-2004-x64

1

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

1

PHP搜索�...n.html

windows7-x64

3

PHP搜索�...n.html

windows10-2004-x64

3

PHP搜索�...x.html

windows7-x64

3

PHP搜索�...x.html

windows10-2004-x64

3

PHP搜索�...ze.htm

windows7-x64

3

PHP搜索�...ze.htm

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...h.html

windows7-x64

3

PHP搜索�...h.html

windows10-2004-x64

3

PHP搜索�...e.html

windows7-x64

3

PHP搜索�...e.html

windows10-2004-x64

3

PHP搜索�...t.html

windows7-x64

3

PHP搜索�...t.html

windows10-2004-x64

3

PHP搜索�...0.html

windows7-x64

3

PHP搜索�...0.html

windows10-2004-x64

3

PHP搜索�...g.html

windows7-x64

3

PHP搜索�...g.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...p.html

windows7-x64

3

PHP搜索�...p.html

windows10-2004-x64

3

PHP搜索�...o.html

windows7-x64

3

PHP搜索�...o.html

windows10-2004-x64

3

PHP搜索�...eDb.js

windows7-x64

3

PHP搜索�...eDb.js

windows10-2004-x64

3

Analysis

  • max time kernel
    89s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 18:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PHP搜索引擎20110614bate版/a/soupet_net_phpv1.0.html

  • Size

    1KB

  • MD5

    30f826762a927dc5ac99db765225d624

  • SHA1

    4be9456caa2505a31011ec0e3afb1b6a9546d2b3

  • SHA256

    abbf6ff5ac87438a9d044f9ae2fd17758f665927591fc92055f222f94794f87b

  • SHA512

    356095efb9e720d143abbfb4a3ed83381dc97bb56a16a7203e0f96d625e302f200416979f4141c8599274e6381e77a18b32ed091e45d15f185f09cc917ef338b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PHP搜索引擎20110614bate版\a\soupet_net_phpv1.0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99e129a4c0e241b2360939300f0f3c08

    SHA1

    8a4beec4f24dc1e4b4bee0f829c692f0f6ef8261

    SHA256

    f6b78bf2b8cc0cb4463fbda8383be8dfce1dff9c7ebe56a2661323cdc6e38324

    SHA512

    6e2af5457efc0ecf954bcf3ce4b5b91ea0f5cb3541f53315757ae1f7ef83212a7c5e3d918c9b86326179a4d7efe555ded473f3858ffd55fc976b51e32bebaa6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d24bf8ae69a7a9d233b3382a8e3416c

    SHA1

    74d686f393ddaccf989f49941f1c38d5dfcde69d

    SHA256

    7fff3d3cd89b461887f4e2e3338c24122306af0141cde9e2bce11862ab95f111

    SHA512

    46de697f2a5455c022e196e272d424d5ef812f4868153ac1d5272c5a39c98cf9e48c2a5611db12787eec0519870ac84f25cb610f5ddac193bb326b964ebd8a64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88fd8954348a725a7393a4870fd77c28

    SHA1

    46605af45c020a98f2dd7e579295163bd0b5c224

    SHA256

    9be6ca8964f0a087b1bac15de3e8a4d927b629480d95809d4315cafa4aa58aad

    SHA512

    850c7d1a16a518a7bd93b0388e891bd2adddff4d6e570d8691698a10bd8b72d7c539a2259a7f53d4090fbddb38210a85c0223ded2e5dddd92dba227c55d9f9cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    142cfec64f25791d74602471cf13a53c

    SHA1

    ce10c0c82959c6c654e3e8ef2ffcfd5b9fbb9583

    SHA256

    b268704f2ca257855dfa69fd6e0706d8833db676ea97ed99893fea52d344820e

    SHA512

    141ff2cdb86f36c52d4b5262766ca6d6e25f5ca0485a0ba09f0b9b2c994c63d53c92592a7dd2658f55e8226eb2cbfae8f6102a9e73bc30e581b42dbfa98204c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3a1b350501df92600b3e3993e00beba

    SHA1

    2c9ffd113325c514486904944d00e336dd35dc34

    SHA256

    ff824365b0321547de9974c0954de501b73dea21dd3e4beac5f791073cd33adb

    SHA512

    a3aa18579dad4c44aad02a76960bac73d3fece782a5c2106a8b3f273d50622a4bb6714172e325110624d5f449fa8e0cf04f3ed6de2557a97083fca172f2d6266

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b21c1735885a580fe44843792d794dd3

    SHA1

    f0acc6b327203053650cc77e44146ad1749ae34b

    SHA256

    04b807afb4325bd73728712b24125fb67a0ba377869a48afaac9c070c347310d

    SHA512

    50c7dfd05ce4ed7f58b72e211fe99763e2838d0fdaa229e5d965b7d8c8bdb7ce8a805befd3be419e3f922bd51790326696592d1ec0f80782c3eeaf644481cc1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b10459de8cf3a20b4becb06634e10a72

    SHA1

    005b8ae29b68aa0757fc0b2309192f3d8ed275fb

    SHA256

    353edc226718cf04bb8967ce94f9feedf7bd6e4c1c8e27fa6cbd593279600fa5

    SHA512

    6002e61d91689b90e58b48d843a58e375c179b121f88b48c37f300323e63a5c0f3525ddd31d303a299d5c57cd04158370e2f5fc34027d39380ffc1aa75d20dbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f3da2192269f4d8070b8745cc4ec726

    SHA1

    40fb5a4250ad25f357f6f4908c1d911bc5fa4e03

    SHA256

    3cd60eb62a360f405ab3cec74423ea0e2fe0693402c25685beff6cda7d01fa8f

    SHA512

    3be783a3be968d06718068fbfd7fda18f67e0436e25fcac86fdb70e7d5150dc5dd25331276c72212515cbc37f765623e0d4ab80c4aef409ef505f4ebdcbbfc7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da62a985dcccc3921d78087454cec819

    SHA1

    23f81bd80c128445d670889dc3f0bf4b83bc5374

    SHA256

    7cbb2c73ee2128824f7bc834156feeff4aafb720ba5839ee9d2b5c4df53a8c59

    SHA512

    4b719102b458f7d19d64fe65d75fcfad07ef4415d6123d792ab3122cf9f75b9929621309c4ee087f772bf5a83241be59d6ce69f25a3bebe0454a541a1e69b77f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d576eebcb9bb29b9f49af41a9e823c3

    SHA1

    6c51883cd7846cfcba3598a71fc87da333ac33e5

    SHA256

    769ab1c2201204b40fec9ba358281866047302ad5b62bf1ad2592a57a929ed49

    SHA512

    2bb3bbcd23459b38430aa8017b4b42bfbc7ba48e52828324cc7f75528c428d64a410a3bb18aed5a19e570886727eb51a55a067a86dfaafe778e69f4a65c620ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a29b43bfd5f310f8dcd4c78d7f6cb738

    SHA1

    88efce9d4182217313aa760969e45cfad12f78b2

    SHA256

    f5f731ab26249ebb65fb3ed0440ce459e7f409e49f484f7b0abde9d4de7f5ef6

    SHA512

    342d45de41dd0e326ddc6ad84ebd0dffcb4baa4a6c92b0569c067c52610d179de42ea9731815e7e9e2cae119b701a9afdc7545c3dd5d6c915860df5ebb75337c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea7ce80836a690575fe155f76284574c

    SHA1

    adc1452fb28dfc7539591d023ee4446b4798914d

    SHA256

    69bea592f43b8554b5b65e59220f2beae98f73c707e98b344c68cde29226395c

    SHA512

    a085e3a7302a42373c16ebf66a62943cc529e8399510cb52c6a905b2db2f550cae3676be13ac0acce1778e04ad4ff4156e918f011efe9e90862d149438afb7a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b41caa76f60573e491fa8488a140b720

    SHA1

    c74215290b531931aeeea3363a134e6112231914

    SHA256

    9c90a1feb2be0fd76dc0555ab10a448658ddf046b1b537eb4dc1428e247f91c8

    SHA512

    6747c6825d2336a367165e5d47ca2cc2b3952d907272d0a3466a3d8f6073685d1442d84866afe0bbaec2e613be6c3ac6ee034e57b7fca3952151b4b68e764006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58deff5076837b90f0428f458fd1ad0f

    SHA1

    d8f7a7f2400985a447aa1e6ab5748674f7de89ef

    SHA256

    a4a50eb2ff249238d7f97041e09e2c50f9292b117920144f204c13e926d37752

    SHA512

    9bdd5eab3b1912ba3aedac2f95c26e3381a70b5de5d2441d3ce674e1ba9b15362bc884cf6c5fa9bb567630075b5510f42928f377b3c933532e74dbbea0504441

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14875b9ae98d7ed3346b7890c9e47258

    SHA1

    80ff144644dfdbbd4ff4bd356ab964169f902d5e

    SHA256

    09f796739085343e90ce1358c6e6528e2349677d3c138d0734f5e3bfcda9f459

    SHA512

    613fa8e7d0a5bad94c62898b45d96da2101396aa54877bc2faf697f5511aaf72ad0ee62ca4fdc6cbd5264435256ce8973cedca7a439332cd7e2fe4cac64457b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64bbedd826ef9fbefb491db58039bb55

    SHA1

    61661f212f260506468719bd9f3bf70c3b2d9856

    SHA256

    86b536bf3b21afc79562eb918d979b1528da4daf0c6aca9f0bd00afa208d9a59

    SHA512

    0d2cb82799178b2e27e98d1df07b4f3757baf0f1c05abe53ad3aa978f849017c153574732ccb3f4be6ac92f2d9645e367f57e5bb3f7741c4609112d88dbe2d4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbac653fc185284d63d64e455f33cd95

    SHA1

    592823767300a5cdc4c090ea88aa7e95e49aec7a

    SHA256

    7d491c98f54434d4fb74357f34d9f6016d07f374c0f23c2ca3fda08fd175e0f8

    SHA512

    7980eb2b9df4ec4308c91a231f1ca50cbee6250d673ed0685a7bb82ffdf9bcfaae15b208577f0d8b7dd735adac2f501af2a934412ef58707469d87f82e27ca39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2668138ec6ac3a4e51bbddecb8491f9b

    SHA1

    f24318cebe7cb5e2dd5b27033bc0663b4652131f

    SHA256

    593fea863082bc650d57a3365200573785d0764f70c2310ec577661bacaa8ba9

    SHA512

    6736e82bbec9f5d393b40547052f1e659dc6f5558f89fe8b9f01ec75cb9a024fea4e90c93fbd4ea1117a59163925ceba1093ad312a6de3f3490222564f497953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01ae4e44d947b3bbea3b398ea9b801da

    SHA1

    86913b5c1ac5af58f6ef035eecbdb76abf8d62ff

    SHA256

    a68f7522f77c8a475fb43a033047f2ac954286591495f5836df08187c8f5b67c

    SHA512

    aa7d86760cf2af3a5e9bba235a9d47d0f70b15282fe86c2dc54922ea1780c03b43707ab0ae194ed5c3fa94ae64f1a515867a7a0e273d535c86d786049e9996ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab84EA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar856C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit