Overview

overview

3

Static

static

3

asset/admin/ads.html

windows7-x64

3

asset/admin/ads.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/foot.html

windows7-x64

3

asset/admin/foot.html

windows10-2004-x64

3

asset/admi...o.html

windows7-x64

3

asset/admi...o.html

windows10-2004-x64

3

asset/admin/head.html

windows7-x64

3

asset/admin/head.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/qita.html

windows7-x64

3

asset/admin/qita.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/js/conch.set.js

windows7-x64

3

asset/js/conch.set.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-11-2024 15:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asset/admin/yemian/customs.html

  • Size

    1KB

  • MD5

    53cccc49d977c0af2b622b1b04e9e3a4

  • SHA1

    2da6131fa0108f47b71ffe1b899ff54dd9b9ba73

  • SHA256

    d31b9430879c4ae167da23be0b44f2ce522f2fd255f76dd5ff83714275004d23

  • SHA512

    8e6c644475d2a16bcf5ef6c2ff0c49f02192d98d52616133afbb27185339bf3f1536f9b0c0ce577c1ac1ca94b499bfc092d7376bf3a0c816352924f056c59ef3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\asset\admin\yemian\customs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f626dadfec52db4f019be518e04256a

    SHA1

    5b1f182420e44b1834231f3c01e80b1863f63f3d

    SHA256

    698fbb8d82fa0f70f70e59873a6c21c119a06feba4b1db984a3df9d2c65cca0d

    SHA512

    081d594b7bd319c1947a7aed96bf460ba84faec2dcabffc73919f53ac3cdded1998c4ac5ae6a73e85d8f6e0d5a0cb9817425946a1de5d3b4e39e92848cb2c544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    114051e8f608ea3e6881ad151d137ecf

    SHA1

    96c2a5e1cd07f89eb0b01958c2e85584abd9f021

    SHA256

    2ec7a3a54bed5eae98adc0a9a2f35620b3ccb3a10a634e193b57e43f9a087d73

    SHA512

    0b01d70c778a022d721fd2479787c23323fafa3710c9c7db8135ddc7ae7eb3c8ece04996aae6d1ffb094efee07faeb70e6327868832b2b9f79a32bee2b55a558

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    457c5eaeafcc68948d5cba08ea8b20cf

    SHA1

    0a36b8e45708a9b3b4298fe7fcc99ad8dc7433c4

    SHA256

    5fb857963d6fd17f263cc5df29349741ac0a6bfe9ae55da32360bdeb348a6a7e

    SHA512

    a83e66780aa9462b036bc845d785ab10e7462b64c6e281cb69b6694b4870bba6de8bef09d8acd5b57974a4aff78bcd2a436bebccc6052af56149a26356326bc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31da795705ddf75c98b819e0d926e48f

    SHA1

    eef5fe6cd99a241dc76a298183f34991e5e27274

    SHA256

    6ee29456a27437809d2da983f8e064caa46d456bbdaed6fd0d0a8e460765493c

    SHA512

    46a96a6cf1e80fc9a3975dce5b5f2c42f8b53b69bc61aad7916cf6eda5df0b17c92ef945e54503c86d8641f77bc6bf29b9f0fcf47c1355e461929cce1666f3cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adfcb1485bbb82fe3a38961c959c8c3e

    SHA1

    eb40fddefddfd2257802e36ce75760a14535a932

    SHA256

    81193b1e1098935030d4ec15a58e8b4d90fb0ea78221708a2fad3d0a309cd775

    SHA512

    9d89b46a9e24ebd80e69c360a6a3bf0eb2b90086eeb1a3db2d9518be2558e277e2343f3d58fc365163d7e9456695ce789fefa49437ee7ba511a0a39951c8a548

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09c3146dd82959f6add429bfc2078b11

    SHA1

    49deae0a4fcc832bf704b7e803b10a56f7fc1deb

    SHA256

    741969d49b6fab924d84b4ceddffdef902d9973ae4a7848275fe87832f76aac0

    SHA512

    723c6df943ed190287124dea84c457d318e9b11fefa39a0f5be01dbf121f592d5bec3c40cda4cbaf50278644b7f0fa43b8a01206517e4d1d72fca721caaf0c56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fab986cea8a3ff54947902997196ff69

    SHA1

    77c80738efc10169c8374c7863c64a2a1e553268

    SHA256

    c76ec831980bee2ee41e125d146ce2980f08340ad3f3d4cec9208f045d577952

    SHA512

    98eea2778f1b9712e22490479bec5e720d50ea112cf8eb5f85805b1ba57e6cff34651951e88eee4ed7514e0325bac9e5f0cd44cdb056b9f85eb828c48f26f18a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4600813aad1bc50c5ab8e438651158a

    SHA1

    1de4e5fac240e96889b524622662108773e7922e

    SHA256

    e462bb700d6034956b511514285f91147b46eccddf110cbd9be962e61cda13fe

    SHA512

    40e738d7a2efbd0e66906e021e8a46323bbda33a5e20960fe5ef72be15557abd89f47e8cd9b6f35de1a16895a93bd657d93ecb8a480c2bcb2c90b4a91c3f4604

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58b4705b2f8b4c862905978268da9508

    SHA1

    2518bf03aa1b1344b054d45f1febb1f40fd0d9f1

    SHA256

    1f3695a294065b3809c01e0b4adb1e13c31706c54379912c44f168ea7d1f6f72

    SHA512

    bfd69da7218970c0f464d7b7449c92de49be31b37aa598f643770f872bb45de823d88955c2c6e970065127e9efc43487cbf4398bd9e7ed8c31a3cdaa9721a1cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7db3aaf23ee7129e6295c67cdb202120

    SHA1

    a6f046ec56a983bf672ae9f0cd89469b15c99204

    SHA256

    9b17962ec0bd3d76ad3eefb36a60c3622d959b76a9f92dc90fc99e9a15b5dda1

    SHA512

    48b5de13edcf89dc82a0365e290e93d2c5242f145b7432d38378b828b0514f7be66df09cc539151d6689bb8ab93cd0d22a5487a5d99d5cfd3bf403862cf7a15a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fef5d2968f1871ea36a404f0ab0e4f8

    SHA1

    4b4d11137b1ffa7d8d40e2032b31a75a176d8280

    SHA256

    6b3025bd521c52e2c15e77b58a4eaa1d7b5d307fd0b6fddf30da293b5a0d9f66

    SHA512

    84e6991a66b5fec39aaaef6ac3123c3fc9c5e9f26d9126917f451a520255dff32a070955089967fb5bc8ca5f559494e1eefe32c72d7cb30b50cc2a126ca68660

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24a7a286ef47774ccaab6935604a23bc

    SHA1

    2945fa039eff61c3bd7b90e7e902f5c059639bee

    SHA256

    cc022679990b45171804b40870c0712e0be6fd27d74f797f8a9ff3275d8b9c08

    SHA512

    7dba93b774cb0393b9530d314d9b30c68b2840b40e0f7ca87dae9f0dc7d4fd5d4bd9c7f87cd3142d6a65975c9ae5959fa0b453c79bd1ec1e0bfc3f91567ed31b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f62dfc71f5b948d0f72a9082e5d9e6e

    SHA1

    8da76270493a5abf1fb33c58e79322582c0396aa

    SHA256

    02d36be47271b907e887bb43f2115824d74b594cc667fcbeb0c089e1e654e3e5

    SHA512

    b69ed973108406c9329a7e8dde7e25784cd889fd56c71c845683dbd3be1c86942f24c9a9e30650dec670740fe840ffb6cdc9e53e4ffecac79981b010cb374bc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce222f837ed1ee52a05312b03cb32cb5

    SHA1

    f443d30fea05d1c5e2ac5b459b24ba19941a88e8

    SHA256

    0cee2d1c7caa51ed6bc33ca74b687057d2a21367da3560c579bad240a3cc41c8

    SHA512

    4e7b1fb6f113f1ea080091d890e2b87336eb00653110e572e615fc9441c47d6f8a4782dd0c8733c47f513e5073db852079eff2e51cd58650cdcd9c6f48f8f53c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7aee1ebbe5f6822e8d0750a65c3ec66f

    SHA1

    f85842f1fd1c2ab4968ccd2fa38da2b78fa13122

    SHA256

    cd289fabc2d0eb394a3ac7ae75270f6ded1a187eae2803f992f43f854adef14f

    SHA512

    71a743cd6d264fcf80363133bc946a704af6dfdc3e382dd281281ea65c54b64f04b708aab403b7d2584145af66217a13ea85d504c9428e4c6d1d63076a5091a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    951ddc2c8472b022f6a4df16543752e6

    SHA1

    f4be27f5a4940a7b9143f9bc25c41d98c5acbca5

    SHA256

    f131097db4cb421c26995124e48ae37622e156a4d2874fc99c64cb1251d41db2

    SHA512

    e95471c6dbf80bec80148e7b5466fd6f809665c31b517d35adb6cea1c02edb5df625b67b23c9a87f2174394119c14d61483d3eb532439aede311c07c44d44850

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccd5102f60d18b8b474e648c10a57ba4

    SHA1

    11f4f5e6182cd10631b828f2fce09ccc4f438dd1

    SHA256

    1551765b530b9f9ea8927ca5e9bfbae6cfb84a7a596c9cb635b794539ca9f793

    SHA512

    2e32e0b124f8b8608ccbbe99f33092487968939c9eac8989f88e65dbd808c019a02080142abcf3b02712006ec73af4e36b4999ab7a460681c3a2498d595d01af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24cc939ba1bf4d870c2fe0a79b04cb42

    SHA1

    b1fcbb195efc4193188960692b66c3819fdcb93e

    SHA256

    ec313acc16fc61833b99c627a16f86b04b253dce1f5d63f4d7d32486e456a1b4

    SHA512

    e2631b0c715bec8559d68c325b5a5de696e2c50f9a1cd1ecc275fd13122dd3238c79e6ceda9e177e09f87d5c6c710b2b75d5125e5d33534352b94c6fb20d043a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    350c073fe90b9eddf52f1b91e98e9637

    SHA1

    101b305d401f4569ddce23272f13927d90d16c3f

    SHA256

    748735b8b8bdae290cc8f82d00b6b3afc9edc875ee5a2c6502e29e4c781d735d

    SHA512

    5a2806807a88ee9f3bc91e852a94ec0a6c6ac36216d44abfdb2f83bb91cd450d3fdc2649f72eb2f5b1c77153533513477787c55e94714e6f1a9dca18751585f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab787C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar78FD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit