Overview

overview

7

Static

static

3

LEGEND注�...pk.dll

windows7-x64

7

LEGEND注�...pk.dll

windows10-2004-x64

7

cz.htm

windows7-x64

3

cz.htm

windows10-2004-x64

3

js.htm

windows7-x64

3

js.htm

windows10-2004-x64

3

kf.htm

windows7-x64

3

kf.htm

windows10-2004-x64

3

xz.htm

windows7-x64

3

xz.htm

windows10-2004-x64

3

yuantu.htm

windows7-x64

3

yuantu.htm

windows10-2004-x64

3

zb.htm

windows7-x64

3

zb.htm

windows10-2004-x64

3

易模板.url

windows7-x64

1

易模板.url

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-09-2024 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    js.htm

  • Size

    4KB

  • MD5

    67d2a0acd73d340131905765dc41a9f0

  • SHA1

    c90c9a1218cba9c0c2ede2b44d8693a0a3cec7dc

  • SHA256

    5835356ef7da67e78d037c77059f5df6b49b324f496ce4187035a410f9c018df

  • SHA512

    17867a67aec530f1758a14f7c7e2efe960bd5efad5d289ab357199bdb229ae0b3c07ef8aee7c215fe1a3e12039bf4c020273bbbe6774b08144edb6a30fe3e9de

  • SSDEEP

    96:SeuKuMv9XKBso7ntTuyxF3PAUiAcAcAcAUUmJJk3tgSYqEnKviqs+7MjU:S6xuo6KUmnk3CSYLKKqs+7l

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\js.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2296 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    871d24c23930a5f3766b95feafc57808

    SHA1

    fed83d1a67690d9176d18a25c369b85920a5ebc0

    SHA256

    8c9d81b065ecc9bd46d0ff86b2efd2c73659b01bcbee2b553f00b95232f6c0dd

    SHA512

    cfa53d10f0b1561d23dbd0c3fdb49d8236ae97e5175d65c68f58fe890273b172c1da3bd4623bfceb15733d7ac5d582a87567ab8643096751672e0fc5de571b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    638e32c6f91c3ae12ae5f843261b0d1c

    SHA1

    b339dfcfb94a69b14f0150bd276392fd9fda4372

    SHA256

    917895e560573682f06db57e30fb5bd47ce010dacdd3fd4a8ae12eca4a6c07db

    SHA512

    0fbdd223dd0699e05fc550cf728688103c8d5fcdc28b296d19c7b738e8923ad35d940b86aa88f523811999b632721d505cfa29b9424f355cf679f175762a75da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bfd2d92e652bbcf1ed3cf9a2cc94ad6

    SHA1

    1f422224a5e70759bbc141ff49f14f628e016265

    SHA256

    9bca291e362e3afb9de7e0ffcecb24b81d60f28352a70138d89a69a7beabfad8

    SHA512

    dfc6fb09735ddc96f718b7d0b475ad9bf26a82bfcdc51c33424f2805405f70e16e54d7d8c12ef516230ac62a7b07753afda5156d5034d30c71fbf656bebb82d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b4cbdf24b1093627faadcb9a9e48fd2

    SHA1

    8b57245612a1338993b1ae70fa2227bed76b4209

    SHA256

    2c62b98da96c273eb5fad1790bcde95f7049ac503b18c8cb61ca8d0f8c0a3ed7

    SHA512

    d02de85923087459ab3995671fe1c8bd8bb830f783611430cb39ec457fe39aa128362ca74a344b3d9ffa157c978f12cc9e77eada03d6c0bdf09fd4b297474ef6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    577b3f403c9b9707baf3698aa2f7084a

    SHA1

    015d01a8c998bcb629454ec07486336fd811c5c6

    SHA256

    995c44493a1f188cb3cb826cb2414767cbbd66743a09ec97bbe6a13db97e61b4

    SHA512

    0810cc81980a810d8d7ffbada3c98b2c4664e70761ac341991d25b9a5c2a39a375657da5c148649872324fc74f7217a4b650019d21d2dd9ba6b6471cf8f4b29d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a50fd2fb19a19e62e5cc8f937dbe9435

    SHA1

    93601d72bcc1bab43337aac419610a3154f8b9e7

    SHA256

    efec5efc696fe16d65009dfe7835b83d2e24a65856784e398c411c245b65349f

    SHA512

    15cfb45046ab3ad452ea0380488e3e5e794f39e99b20d266660d112dd6cc7d79478f96cb5ef1ea49f47dcf83a1aa24264294f4da39b0b73b481c57dc4498b3f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5323af90018d62d37f3c95769e796b6

    SHA1

    8cb44102e5d1beb7bfecf1877744b49747f9b46c

    SHA256

    96d870dacea9797f6e969e4009c2ed3e786585f2711c439a28cdf768ff01ea88

    SHA512

    3fa506b3865f5ee319d42a818f1eb22ad9836ecd2e0e059062597344f76e2dd9100498c70758e569a56484365a7fed5e001b295f0e00fdad2022d9bea78b431d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0b436b8d6f4a7dfc264dc76de5e45de

    SHA1

    4c5c304d619c6921fa0e95c76b75fca6c7ed9eef

    SHA256

    48c5d5bac6b7f85d9a751ce75cc84d3e0dbc4098f0264535af614595a0c88b63

    SHA512

    981ebb333534811a920c73448ba3da962ff53ef695f8cb3f5a1bcc996ad431b8415a456ca687b4b2129b9623a36c1330c6a14a27602905e3a9aa6244862b1d9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    254fc9cc7a8f3a207c59a84a998a80d9

    SHA1

    1c1a120e1cd72ba09628dd06f132a82fc25a779b

    SHA256

    e1b4baba6bbd4989af34b6617ea3b77955f0b40b5f8390843e57a8a1f5f7f866

    SHA512

    7c4a5344a291fbc0e09d22af55a8f8e42c40baa76da7850497c54f13e60197bc4072370d3943535d0538cc4931d37774eff5b4c85717ea5c716da34e896b7823

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d075a2a048b384c5f70e55885634155

    SHA1

    dd01b13c0d0120936283d32224877062b441d049

    SHA256

    36221bc2c774424e6817ee276310b297a392f64eaaa0310ea879e50c910ba9e6

    SHA512

    964a6a2b9b5a765e7731c0af47b336c021eb07d21dbe3b4b8d0b49ceb92c7251df1dd99e3599b6112ef1d5927275a2d24b89b37b24f97479d6e2baa8acd22eed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12b4d6046504ef1f3c1c69362546252d

    SHA1

    5147232784a55d34673cde6b6fc3a5075df6f29b

    SHA256

    8812585cd68231aaf6ccff12dbc62f6e740841b5696687c85fdb7d461a39de4f

    SHA512

    0ac256c3b5db81cfee055bf07f4a73553bfed30c828db40fa456042fa3fa7b6fc37dea668a85805a6f48991c7a7841178fad38055b89a62d97a9da9ec7eac68f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa53b352c6eca881577b9e3833909f4a

    SHA1

    6b0de5230dc45f4ed462062acc644c89a3bb6ab3

    SHA256

    01359701f595eb5b50b71a51a8b25be6a00941642bdcba6b90306f4b73785767

    SHA512

    418f11295399f184230e56e4ccfb2a01fcdbaf66886463a8afad140894cd56d1b5805ce0e211df80bf9ac41cd8c37569db02443efd74a4f5c6dbeb7f8af54274

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    350087be653dd602dd3be7c94675987a

    SHA1

    55d7e5770ac180ff3c8fee24c50781f6a389e93b

    SHA256

    ceea174ced262325f5bf81dfebb01e921b52d8a1b9ab6d4401ef7110405bf4ed

    SHA512

    4d0d0395b17a8089e4e5b2043f64d613b681976d5d7dc45d9968c3d385924c7c554d402625067ffaba3b88591f1c0d867300948cf94c3932870a73a15c507ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86c28f5c123fd2244a048c7856d35dda

    SHA1

    eeeb2c3a6d4f35cd84f9a15c45de63a493be3432

    SHA256

    acae6ce2d2e852e6796c151a5054c06e37e6e14a410524455275fd158bff0615

    SHA512

    f1db8613fd1076d7515ecbdf5ba114815461fea801809063ac579c7c8efce8da0918619e9a0c92410e60d0e166e7e7f4a80a1611a0c127e7934cf30fc3ecb6c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb677653351db0901ea0df1527ad6b9a

    SHA1

    2aa96c93dedceef0134412f7540179b66acf31a8

    SHA256

    5fa3d80dce1452b39e752fad0d77890f35aee189eb4b0007790e1988aab42892

    SHA512

    aeefa5032c875cf6a6807390f1c38c695aee249d81ed84a13e3a94faba1de5f56d3116c673ea951921c20e2b335c05680ef42064edbdd37f261d93f546a69093

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE959.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE96B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit