Overview

overview

3

Static

static

1

便宜房�...de.vbs

windows7-x64

1

便宜房�...de.vbs

windows10-2004-x64

1

便宜房�...X1.vbs

windows7-x64

1

便宜房�...X1.vbs

windows10-2004-x64

1

便宜房�...ce.vbs

windows7-x64

1

便宜房�...ce.vbs

windows10-2004-x64

1

便宜房�...DIT.js

windows7-x64

3

便宜房�...DIT.js

windows10-2004-x64

3

便宜房�...ty.vbs

windows7-x64

1

便宜房�...ty.vbs

windows10-2004-x64

1

便宜房�...ce.vbs

windows7-x64

1

便宜房�...ce.vbs

windows10-2004-x64

1

便宜房�...C.html

windows7-x64

3

便宜房�...C.html

windows10-2004-x64

3

便宜房�...ld.vbs

windows7-x64

1

便宜房�...ld.vbs

windows10-2004-x64

1

便宜房�...cy.vbs

windows7-x64

1

便宜房�...cy.vbs

windows10-2004-x64

1

便宜房�...ews.js

windows7-x64

3

便宜房�...ews.js

windows10-2004-x64

3

便宜房�...nt.vbs

windows7-x64

1

便宜房�...nt.vbs

windows10-2004-x64

1

便宜房�...t2.vbs

windows7-x64

1

便宜房�...t2.vbs

windows10-2004-x64

1

便宜房�...ll.vbs

windows7-x64

1

便宜房�...ll.vbs

windows10-2004-x64

1

便宜房�...l2.vbs

windows7-x64

1

便宜房�...l2.vbs

windows10-2004-x64

1

便宜房�...dwz.js

windows7-x64

3

便宜房�...dwz.js

windows10-2004-x64

3

便宜房�...in.asp

windows7-x64

3

便宜房�...in.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    便宜房产网 v1.0/admin/PIC.html

  • Size

    1KB

  • MD5

    38ac41110a58df16aab26a9500de7607

  • SHA1

    0e9450a72de5e79f838d76ce67b80cf9016e8bcf

  • SHA256

    e26f7985fe605205f7389665de2f58b87ba6132f2fdc404d4289013c9b89361a

  • SHA512

    4547bf3f631df997adbc0d4f50bc0e71a7a70fdb3c878dd4b4bf7e7713b65a6900b79df31af2a518fa76154256ea8b0f6b7e009793fadf920b0da48d174ceb2c

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\便宜房产网 v1.0\admin\PIC.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:372 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59a4162379cdb9ec3d7d8d7f835e6998

    SHA1

    5976ebc843c4e181d4af92bed77ffcf868c78d2c

    SHA256

    0c2814a4cf36247ef8b1b5d20e2299849ae189ed57db4fb73cbc50361727e32a

    SHA512

    b42608b9c3629f3e99ca7b001f645f8acdebf4095483048fa224d533ce7db4ecbb0f01edbb55d3d045644194ef3a5d04b9ec8bda94c56d8686109876b2a7e5d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61d6c7f81778125611a65d26fac7b5eb

    SHA1

    ee22075bfd2381810a455017d78a497ba03b9124

    SHA256

    57ff5f1b6a80e09a1ec5b688d35573171fbe1a62a2303256295d2331947c4c2b

    SHA512

    8f93c8238b2ead5d7d07ccdcb0cbec9025f7700428fde0115f0512690060ceb62575e1d64aa08dbd7ceafa4dba81be3ee0940a2079a59d0048175e75815c1fd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3f2017b8afecdcc5361590bcad3b842

    SHA1

    03b2e60e20353c16ca4b2dabe82a1a1faa03657a

    SHA256

    1aac976a4539c5da8526bb44377141f891fe0e790274a10feed832d08ca94bec

    SHA512

    32db5e08f5883e22c153723edaf97e10eee2e9a8d007d80d86568d32ca730122a00de5bd1aadd1520c0ac506ce19f174f050b146a065cc5a74a60bf4b17f70f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8348002f230857ab4e4883d411259672

    SHA1

    8c501d167449313a18e095c49979a8b5d2dba868

    SHA256

    2164e0191efa195b199386c004e1dbc17ae7b98b86a8bb7581b27fb71c96556d

    SHA512

    4d46ec1fc271d5953321367424b61b9f1f6ad690d910d108896c7e9d14f35a37b3fb720478f681e993e0684cdb5c232fb68f18a605e7a91ca5066dde6fde21c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb6ed06c0df5fa1345421afd93b81667

    SHA1

    3541199596b98f6a90e93b4a89f04598fbc25846

    SHA256

    947224bea7af132348cf4e33f83e28a129952d15bce8ad29a3e46696cf001fda

    SHA512

    2f1adb954ba00f69c6615155769aa94b0bde342c14b341f0b9ce668c52a0c77f6e459492bd219b62c9cb2b38c5045c1ab471370a6cbcf00491a98948b4a0ff22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    993a6a45078901f62ed2f20639f9afe6

    SHA1

    82e60d28b5fcc91945d5afb659b4bdadcc45c07b

    SHA256

    f19f74d3b2ddbed4190b47a8961ec29b90d864ad9a339f8c42f21b48ac5f2953

    SHA512

    3270f88f48c42913ef1871563ce45e202b877d4ac50d20c1fbfea3a4be608e8ba96174777fcfbc72204519a5f42a152ec16f5f89f3eaf85c936b89d553687918

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6afa0740c4c7378e58a836a87af3928

    SHA1

    a57f9b185175ff8c559de2d5bcfa2128783b563d

    SHA256

    8d4419306eccda590919eeef66b313cc82a6ca93df6f7d4b04557af70aa5019b

    SHA512

    653dbe9bb5296137e72c527e87a49258ee8221556cda06f810133ffc70b8b7e153e450f961cdac82c61f1d3010181d907d4861d5a630d6b168242a91373396a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78cc7ff1e44818a3251443add8c92787

    SHA1

    2052469fc6da6d1f9a5836990bfc8d19432ee2f7

    SHA256

    da7fb7038deb13c20106c7f85b153f5c70ae3f723e4fa6478648d0ebdf9aecd0

    SHA512

    8a379803675aadabd49dbc7657e65bd8a8fab3a64d9dc7668711ac91463ca54e0d9617265ed51c5c87ee2515960407bdf1570a2e3bda180ca00deb86d3a5e015

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d00c7a5244a0f708971d94491df8d30

    SHA1

    f3702fda3be9e80a268f5abd12226a5af3f6f93f

    SHA256

    c12f6405214579303305ea9307e8997fcf4296c819a00579105dfe75cb8a6a6f

    SHA512

    e296de4efc861f8ee06849298b4f5c3a31cb801d07c5e3672c3a507563da65588f8c13fcea8df4d7800d2f3f347e9276519c0ec4e15f984e0713c1797af7f8a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee25f311fb93231f91bb21c2f32ceec5

    SHA1

    6322ab557f46511472292c62376e72804277f071

    SHA256

    e1de58e18cd0cedbcffd254883a4896c4422a29b643e50b19c0017f5879d27a0

    SHA512

    ed322b2f9cc861d7cbf6eaae73f0fc0b174ce86f15ae4724b0785b33bcea8bf16daa4b1383be5af4301cd031d7fd60487836377a36e2602dacba4266ac852c79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    614c9301d855218a799b30a45f5a59a6

    SHA1

    a116584509adcfc9f5e8394903d9a1b67acb1b76

    SHA256

    5f3897cedf4e5600d8007b329249950f8ef7b6201cf347fd84fe1bcd806114f4

    SHA512

    36e3da581b8b54aa38e7ebdbc82f231f554f2182fb7819f5005d5bed7563777fde90ab366bbc32823287ac4be67a0f89b2e6a2d1c977cd5c8c75167560e77976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d737d612e7ab3439bc15398d42122a19

    SHA1

    fbd9c02f4d31e83de4cc6ce63acfff7d94d5ed20

    SHA256

    ab90819424c406f82af3d1bcf77bb7a258ef12bc178c829e44247e921878e3d3

    SHA512

    43dde1c9ce15e1d718b4307d301fb418b10c8a37bb8242614b3e37ac673ff9de33b0e332e83d3ce5fb9e3419854202ebbbdde3d347e4a9209959febe2a6b141d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17a8ed2a946f655c4791a7661aa6539d

    SHA1

    08930b487aae2ba2f46efe161ac859d4d794685d

    SHA256

    e00541f58e57b6985b377dac9de37c63344c61e51100e72205ba83afd8d563c8

    SHA512

    7a42429fa6abe05da706b1d2e83c47dd230f6bca9ccd73417a635d8af5ec0982d37e2c3d7fc1178a99723d31f53803708890766cd9a755c1e67f887e8a047d2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21fdfb6dd82f127ea1082fc8cdeea407

    SHA1

    18c0ac9b1d7382a953800df5538bc9928687f40f

    SHA256

    99594f021ac6638129eed27cf6925ad23de80e799ceb75e9c996df6633fea7a7

    SHA512

    1796ddba102f1ce67a955475a6ac4f7a233b40dfb6bf74683cf731536ed2c8ad98ef5fb930d07959470a01a43cc8d2a0208b8ec055801ae0d2c71a650d0c50b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24eee9a2d1357e4e883d234d3ee1a078

    SHA1

    73203c57d37e36889478e53ecb36ec093cdab9fd

    SHA256

    c2b1432369c46de40d1c6c5ac2230bd7fe5c225786f104cb8c7af53cf5aba085

    SHA512

    f68ffb28d4547989a28081a34b335f305d6be958cb9872f6b796397020ee50978b74fd5e0bdf5ec637cddd99010cabeb82d192a12694bc9eb52e4c46b62a214d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea737f57d09565cc90b7c2a9cd75418b

    SHA1

    39971de153115947368fe08c71f4fde759ef3aeb

    SHA256

    69546b1d4e524977966dde562d1367657a3a0a9283e80d697fc67e36bd81fc79

    SHA512

    bad3b76405f120f8fa729a97e021a49e05162f02fac872cd810658a57c00c94d7feecfe7fd9c25c3790dcd9d55fc74ea5ac0e6d803282b18cb1fc4f030006002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5c79440c1bda71081724245f04c2751

    SHA1

    b8279fe3f199c04313bfe5567f874e8b30b9325a

    SHA256

    5d2b256fcabd1171014a0e540f7f7cedda54f4c9ec53e2ea408da6bbe2836b84

    SHA512

    63fc90e10fbbc6a50d5c1a621fa0a3a61f293f101dc8006fbadf9467fa06cea0ad36e3501dfc694fd5c4fd3488bb8a305911286d10c0bf355943375f9aa666bb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCCC4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCD63.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit