Overview

overview

10

Static

static

10

2024年全...��.url

windows7-x64

1

2024年全...��.url

windows10-2004-x64

1

Monster Hu...ed.exe

windows7-x64

1

Monster Hu...ed.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-10-2024 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:572
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38c7e3a734e89950ccd27c7d011542ee

    SHA1

    2c454f1ebe5548a6a952b7b08045e3d8a05269af

    SHA256

    f12678b3b27418a9fadd890cc3f2178c09e66804e1cc2b2db09d16a26463e5a9

    SHA512

    5251ba45891571137009411b73aef26196b02dcd3090676a86076e43d6519e4132d4eaa78e2e4223eb99177d485f1ec837e64cb2f7d542d232556d81f62c34f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10225b574b9f4a97fbba4b646fb6c6b8

    SHA1

    283731db7751f92aa9dd7a204953b278e3101c18

    SHA256

    84298c2ad71441cabdcbfe0d754be97030a08c5ca1f74ef8c8e7929136e7043b

    SHA512

    085a10cf3e195e7565f8ee3aedc25d12d53bb7f0d3741ac44eaf053faa3b093e76d35754c3a56190e36851e3f9aad3ef4aaea11d192f3d68db5c7af15fe655fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c85d602f3f91c3bb5b53adc20ba54f26

    SHA1

    d41bfd6ef5844c09a691a750196a336e7eee5b1a

    SHA256

    79d981c9dec456dae1129aeb19084b4c814cd98ec03cb26d7d2fd49c40ff01a0

    SHA512

    8e8deb374a8493b4ab38ce29be3100c05f7a0c99fbc8803266e6310a2668e8cd0a7d8012376a7d350710288c29b0715f00f3c57705db69e8d367a64cb1ab3053

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1896b00e555cf8b76ecdfd4fccd5d8a

    SHA1

    e6d7cc8ae757828b442f4f17d4447dc7cd203419

    SHA256

    72884a8ae9d057d16cc755b2888d329c92f48f346295ec6029e96a6b35469fb1

    SHA512

    ac09859923c6ee633c4d7dbbaed283176408daf84f5ef70dd2878f1659600a6950b108b32e95732ebbe8442feeede47f3e23243fb524a59a19f51203c1353ad3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31373ad9cfde177e23a949efca189098

    SHA1

    704689c65df0327436d30b7c875730c2c63bd63c

    SHA256

    703671ead056739f035016594caf68314c3d4d941a864af5a9f3587f33f951de

    SHA512

    63251ba4b2d625cf26388447e1d3b0feb198301d503545ed71427b9a3c319b922cf6757c3ea95bc82c72cacf17e2f4cd0bbba3590cd3ed33c8174433d31431fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afa0f4f9543b4e3ab3e881a8253fc0de

    SHA1

    2d1f63936adb84f8661268056236c819360593ec

    SHA256

    ee634842a7b720f3fcea494a0bb976510429a1466677616d6eb6e7496ee52115

    SHA512

    e955757ee77f3c1826f02b91d7b220e58457b1fb289c5f50ee2a1acbea37dcd12fa2a09b2f2d6cbcdeccee7c9bac40eca172381b095271a4a8ee99e2689740fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3135a3c7a779272614999e7f51e34299

    SHA1

    32fb408511af6870a7698fd07716e58a9106ad1e

    SHA256

    7d7e4d96f6b5bd97757783ba05070343b06e915dcb0472d9e247afc20053d9ac

    SHA512

    af05e22dd6c0d4c4bab8814b2319cbf0b9fffc7cea558d114d0f0c6b3269b596ff1af386c17f8f3d5ecbb1dd971c2b658a4f33c34954c8b0cfffd7a1f570ab80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01375ac7e5abb69887460dd12c3e1012

    SHA1

    975016476fd77e735e7ada7bd2b9d506bfa7bd69

    SHA256

    5ae242c6dd67ecdddf6c42e7c548d6906af7d01e13210171984fd67c914a380d

    SHA512

    0592577e0bcdfcd285548c9e5750f7cd6f60ce5e73e9e79ce98f3f89895304c0e8e97d719a572c256332ca978e98da0b989eb0258a459a2c1f01ed232dbdd381

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12d4ba1b8c6c5704b536193e0bb9e1cd

    SHA1

    554b9e6303c73c1c1a4136b6beaf5d80ff934c97

    SHA256

    4f15f5043b3ec34f54a05b3da1a150c85523f7c88bce345fcd83fdb7e4e39c9b

    SHA512

    d3b5c6592be58aa92ab8915242d6e642cc66c5ebba42031550558b28410cba57cf54e009320946d67a6a97f96a17cd5db88f7ddc07c8d1058fa4a921b79225fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fc03831f891c5320add26744c117609

    SHA1

    11d59533d7b3e8c3dedfe9b7201cc2f7bfcde24a

    SHA256

    c80fe9ee5a99bc75e941ab777e978817aea1419b77af1b41aa39bafb2ca0eb47

    SHA512

    c4bb6baee1878f0c5b3fceaecf2f9303d11e4dfe57249e45548c51926574aa01bc08f7513f980ff4b36e8e5aaaffad466d57218f6c588092cf4458ad36559b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4131cd3d47ceaa6aae323b4a5594a089

    SHA1

    4abaa7602f4afcddaf3d6f3a520e2a1660448a7c

    SHA256

    52451f49f792f3f3018223d223cbfac0d93fcaebbf1fbef3b3e833c2f4ab770f

    SHA512

    cd2cb45cca09530986ad1fbc616ebccfad5368c3e7c1b5fa2b5e4717667651e93c048b54597255dc93cc9e374f9b22a81efe26df515ee7c9dcb455161341441e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d974f6c8d8dc648d378eee0f3451ea3

    SHA1

    d0ef4a9ec94e3f98522f8682f49440c20068ab90

    SHA256

    b84fa19a45320ff64c818a7b8a10858347b5912820b71456196fe1d26baf92c6

    SHA512

    a0cd42823a4ea16c358c0e53b4c2831fe49a1141e22bf17e394c3e58a6e664582f3b0e5214dc9592487899cbbeb7a2aa8cc8cc6cfae50600a4f20f9a885d422b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b976f1f8dcb45d6288ba8e5c86fc301f

    SHA1

    32943407fa469c198a9511a4eec4d944a53f8301

    SHA256

    8e5628ae25f03a14262d4a0e3e3c497c008533985432bf7ffde4844499384dd9

    SHA512

    60290d299bb2c3e485a290ea08f8acc569418862d7ed48b398ab0d238010d83fc04dc7f336c440c823342716bd4da3a217da5579e0deed651a1ee68f2f228290

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb2222e4c371b302e0fb0bdc61cb28a2

    SHA1

    8118b9e865a44a7da0ec04227c6ae58130a11bcc

    SHA256

    ef548f82f395eb69cf0a9e9a5cda02f88e59ac24e0c4859817465ce2083c690b

    SHA512

    fee4b40bb8dbddcb25cf812e0aa2ab58e398d38837e4d7ccf80a85e886b80d6f560e0dffb43954ef28af146012c8e3c862d5a46f46d27afb65c8eccd32bb2830

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e67e107460a95e07e045c21bcd8d351

    SHA1

    3df34eb8ef9c7d4268a83a198c19f4227435c2d2

    SHA256

    ad2b89c16e662afc76c9f487a790c7421ce68af8ab97a2ea7fd882e9db930da4

    SHA512

    1f210f35dc1fb7f9c408e1e92b6bdd813232bcb7a527ac9404f083af2a8bbfb1464b70ec2ef706887bf3bfbacc605a62dffc2a46ac745792c7e7e0051f2ec834

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6daccec7c3e0cef548cc27492ca6df00

    SHA1

    6d792bc718806e7664fb71cd9aa5530314a5abc6

    SHA256

    b43c67499bf020da8ce202a38a461d0f8ed5ca61d43d0a9cb22ce2ffc3d15e04

    SHA512

    d799af97594ef896f711a22a8c70dd44e79c4638f012e172707162cdeb28d402feb2e254d22cb049818e72de39c90741a69e59c07fbcf074fdc08383f610b131

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52152765302fdf2fb1ec437a9a5d22b6

    SHA1

    587959f3c9d3b18307f05a73a195fa069ab93df8

    SHA256

    0f74e645cfc3cb626106acde992728cb6be1276b3a34d7508ee921b9003a82fd

    SHA512

    f5cc88f6cc453e769e110a2cb8d284a66e43db22a3651c577a524db37194ba913d6e9335881a0dcea0437a584bb849e008c32f4d257392edce4d217fe9208708

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    908fafd2137be10467e020616d423511

    SHA1

    399031a6c4d45186db1f7ce01c1509b4cdd4ce29

    SHA256

    c24cb4889123dc0ccffcd15b23b2b08ba0af38f53465c0352f6d4e38f626c112

    SHA512

    76ab10179031911d3fab43f761a018cc40d1776f5a5d8734297dc223c44ee4539888b77f8cc6f1d5b4ab7742bd6a9f8fa89105daf45e05ab19588b12a447c768

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6b5d2d075fdaab1a23a4caccd4b55d2

    SHA1

    1329decfe492e4875206d2a0de2cffb0731588c3

    SHA256

    6311996138aad4ba698471a6ce0a70d8f214cbd2039a3cae6d77a36ba5381d85

    SHA512

    d5086c9ae6af6eb99527b5435ce3f28871dc478317c555851bf64cacf1a6bffc58559e18a511e03775926e6f4772b74fdec85eef0cf1890830bb8c9ec3c27d0e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5B7B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5C49.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/572-0-0x0000000000150000-0x0000000000160000-memory.dmp

    Filesize

    64KB

    Download