Overview

overview

3

Static

static

3

asset/admin/ads.html

windows7-x64

3

asset/admin/ads.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/foot.html

windows7-x64

3

asset/admin/foot.html

windows10-2004-x64

3

asset/admi...o.html

windows7-x64

3

asset/admi...o.html

windows10-2004-x64

3

asset/admin/head.html

windows7-x64

3

asset/admin/head.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/qita.html

windows7-x64

3

asset/admin/qita.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/js/conch.set.js

windows7-x64

3

asset/js/conch.set.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    17-11-2024 15:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asset/admin/shouye.html

  • Size

    51KB

  • MD5

    3df78afc5b13afe4b4889fd426adb081

  • SHA1

    7416b1a311cbee30d6608df2667fb78063a2e96e

  • SHA256

    02f83978258c4d8966425d951f537e15a4c72549aeb5563d6ee44b0558cd29ba

  • SHA512

    dfd1ccb4a77d900fd7ef193efe065895b92005b7b5446bca013906a156030c297262c2db0b302bceb3b16638e925c5681035c6fcc0035e30245508ebef78c856

  • SSDEEP

    384:37liN+EIlLn6XHSwAIVS0ozIK0wGl/4IQUmUckWd/TjITko/:rA0X63+65eIHA4RqQP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\asset\admin\shouye.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a521e0b3602438f852bfaee724824782

    SHA1

    26f6073d13e04a08e66e1357ba41f8a7f3dc2afa

    SHA256

    0464afbe8e73dc6a3cf79542c2787fb1fdf52b28729999c160ef3eb942dd5eda

    SHA512

    df41bbb70d930a2b4564c2d0fc9b644311d811a56dc99b4aa88b51d91a4ee75e83d0f0f2d8ec8ad0c8f7cab611b831dc89611e36c4e8a337004b4ca8da646e20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dcb5405f86b12f3b70b0f4e8a3e02ce

    SHA1

    1d0cd5190ff15996cc8827bf628710ac8d21ae78

    SHA256

    6bfcbdcb4fed04593e9a14a3450c2d890853af82446022b3b9d72f794ba3da43

    SHA512

    d7b0156a223a39478889f2c6afce5b7e2996374e8b0375a50faf6cca1410b21f3e4e4ff31295c09eeb3da989a84998a283ef3d5c7466ded2e6a03cbcf2f1bb1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7011c87033afea0155ee8b2c970b414

    SHA1

    c41c2704f55848f9f1b79e3fc4877703fa208485

    SHA256

    0086d6d20ecdce64ee86434eb7b5b38ec95019c48725d80c084de46816658b21

    SHA512

    3830893093dceb7d1b871d6722658d2003cfc48eb9fba0f8f71e842e4df50838d8febed5bccd5eeaeecf368e6e654f87cfba9a8c8fc9be013688d2a13fcf5b11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a8be9ea6b98bd960bfdc3fe3721a841

    SHA1

    f191ba10c584a5289532f34762c016718fd967c9

    SHA256

    c61135fa15cd51523ec03055d884fe39f4e28f36c96888a74a652d4dd82ff081

    SHA512

    e099b3a6fc63b9edd9c60e40a5c005edac231f2c39d7ba78a5d7ff21bf5206487f5619b814435a04c356944640335866580ef095acb20950d8e1f558582ecf90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c895d624ca1c2d285bf2f1e498f5d9dc

    SHA1

    3f3f6aae30b7abf07d16a385f196240f3eebcfdb

    SHA256

    fecc8f19e9ddb4c9d5666f86f9bef84f6127913f7b61d06d3ee4eefa40014239

    SHA512

    edaa981f81bf4f2c73a6fdf6054436383255ab0b0776fb427eb0dcb6e6a67fdbd09fbc40d0cc57191f971107747a9d2e7c91c6f2e1611b67e972476dcb8b8af5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a891f196912cb246cf83314652fab28

    SHA1

    4d3f1f0da3acc29d951ad95ef11985dd403118f8

    SHA256

    318ed2573af1c33a42d987b4ea10b71c85bdf5107df36473b8c486db7035940b

    SHA512

    a3b8557a52da20573a7bf82521e0c5252a5ccb42f9d2eba44b8538306722b02a25132d7a770c3bd018bd7c3cb37d85e322c3df08eab831af31ecefcea697915a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    051fff40c1043e51007b65054962ffb9

    SHA1

    2420ebc593f771a3de83f1dda6e95400175683e3

    SHA256

    d2141dd4a5842a4d142e78e241fe8107cc58658b6c0151d038d572d6193f5d94

    SHA512

    607da07a7fc4985586b8bd3802aa6a781b4e2f3c5b89fc1633d661fa18c9d747bee50ad2ffaf1a982dd9e70f0c9d5eed510007305db0f4caa45afee565e61a14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    548c04f7bf9fc336939160f10d5fb813

    SHA1

    9ac2ab598e0bb82702c86b14c1ef8285bee75f25

    SHA256

    8c9f4d6362fa4669e87d45b15683078b9d4d9711e5d7c3d846d1a83fe0fd1d77

    SHA512

    c0a08d05dfacc5a9baa37d388da9d2b3b617b55df8b26cb7d1c5d5bd1da898fee9be7f82f32c336835cd7ba957efc4fc4a571de2e4b358ecf644a982be33ad7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    504fe19884be9365a272d550f72564fb

    SHA1

    25f25c3f0665d8420768bafad0b9fbb55de61b9d

    SHA256

    12eccecdcc7bd18b6ff87b8d0fedfbe22cf9c118ff4a1a008ab0e2737ba8d84f

    SHA512

    16fee74804a6ef76288a106cd6cfc4d4c0e4ca51ba50d1c1b5c81fda6f317f21fb1400fae2a0be2f5aa39db928b5402c88b83ab13d3e82443c341a2a3ee658ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daeb4149c476d0c6c31276d6b60240a8

    SHA1

    5cea268f573dec90c506f5b96d0d1befa7a0dd88

    SHA256

    dbd953e65f465699530cff57d370a6dfe42b62ff7bf69d42fa2ae576d9a58897

    SHA512

    606a29c03d6065902d6ece6aa6435de4f0a82bb553a1b5504be61bab74e27d3003e1bac5f78842a57ae201e2df993d65a015909dbb0a736eccb4e363f36556e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d28b7c01e5c1c18dc1fbc0f9f8fa82c

    SHA1

    c4deaac66a42448e37abbe4c3324eb3858f73fd0

    SHA256

    8f1466b64e70c6a6ed9214330e33652156fa963eb6b0763fb1e198e833b0bfbf

    SHA512

    985fd4cdeff82b37c0fd57c6fe8b7e255b8b0e152e805283274668f1f7394dbee5db7094c9f00242c764323ae6fe36016a403fc3e78f8a924f42ec91081ed409

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d651280e4115cb65a2d75e3d27e6d7cf

    SHA1

    a9a91adae601e1b6a53afbcdd785d9517079e19d

    SHA256

    4dfed72a6fb9cea1f62306242aa0229340e57abe30de0d9bfa22bdebb2cd1b26

    SHA512

    32508e64b413bea7466c685d3e0d198fba0f6c964d8a6155fe82101ad4270e74f300d9434422ac9a3d10d7da615e7e533c27f9bc41a6054abea01ec46e4b0e5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d5813a37d2525d01500749f59f9da91

    SHA1

    6b63accc587d7576e45519fcad82dfdc7c2379e1

    SHA256

    5c3025fd2b94d1cff8faad099571ba8f2f41ba3abbec7ed9b1c7b360dc4b7d7c

    SHA512

    49adb2b4532ce23c8fec00fdf10e516f1c3ce100b20b32d09953c75062fde2c5625b495871c8fa414aa65504c706ca8089ec571eb2e1d5b3bd1d1a01bbd2cfe0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82f785525c42178ad1c3020abc224fd0

    SHA1

    fff2b0569d2856d6794255405acb322252571a69

    SHA256

    d79d44b514305c58c09a817b695dd4e764065b21f570b57bd3cc589704821390

    SHA512

    fd52ba84bafcf80db8fa3f1f30b6f9f91ff5531ec8b34d7a13cccb2e5914eb77f1b1f1bb59e6c5602d5c34e2589c991b607292a06e644963172bb284b9e3a93d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bed50e94ff9f4acec0aa191f60ca9dc4

    SHA1

    5578cddfcf45368d688f77dd1347f0cf42bc98d0

    SHA256

    f91af33b4f3a7b0d32370a6a5d3209c28d15269a1af30f1cc8e93812b055f332

    SHA512

    5da045d562aa83563754618e6e670810e75a39df50e57c4ddd5ebe922453c3093411bca74bd630fefb8ac6a3065baa65a54f7ca3360a8c233e1bf9c8a5529472

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41547e90d9e2a814700d1cb8459c45a4

    SHA1

    cdcf1cc46e2982a64441503a068a66930aef4e01

    SHA256

    67cd29c580344237635d2462fbd3078cb81bb049f777eb4d740257674d985c2d

    SHA512

    87f34066a740c6489abace9d8a586feaffec5af457ec3ede4332e80bca6b37f3cec8fb17c011ab68a235baed222424dd9bc9dc986ae96a5a0831a8584c1e9e65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    912d007a2cd18973ce33b837c5ed6d25

    SHA1

    f75cfc90ccd1e015e9f51e019f0c2bc981983c94

    SHA256

    db59453426ee47c16c1b450f07bedc432abe331b2a7687a0dd1425b9473f4a26

    SHA512

    d931a3e0e7804c5237f38bae9ad42d72780f1aed6f2cea27ce824903aad15a825c4f32e81386a9f5b8ca49bc8256949ad89f6a18bb39a727b57b3de08eddfa33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4f2583f8330cd3153c9e7546ce0a766

    SHA1

    ceafc16b18b784b43c3c8773d0d0f4f2de6425d4

    SHA256

    829233c3e3918da088cdc66d928bee65cb86dc15dbcd652c424004d1719a6690

    SHA512

    1c2185d69591d9accec057d5efcce73da71952f337cd1aae017dd6a17d8a95d141e23af39205894544e1dfda3b1696df35e14e65c9cac6262ed955824eae0de7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2636695ef7a5e06e3221ac3bec532755

    SHA1

    dc7c5d2a12027c4c7cde333a02e1fa082cd5d2ba

    SHA256

    5695b19b06aec4e97addd45250adfac7801df3cef651df894dc005ba1e596d46

    SHA512

    d172e7ccc6b53b908878d59862acee1bc81d23e18a1084ec76d8c6e050b0d0918976181ac40894431e9c52f42f6136ca5bf731e28157a84239f096baf8dbb67b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    181619a2af830e19bdedcefa72b96c4a

    SHA1

    3c609ee507f9217494cef132220ca365d2a91e8c

    SHA256

    f83fc3ea90fbf7a475990fe32259d8ffc4b7e94c2560a5a41b07b1c5eace9425

    SHA512

    cfc2cbc6e7a5e8b3edca258153d8774c6f4509852d094806183ab2d53f6e70df63c34f988d71f6874ea0d17486fed8f758e83165edbc86d81ce0d89d19e1f180

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab898D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8A5B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit