Overview

overview

7

Static

static

3

c439cc4195...18.exe

windows7-x64

7

c439cc4195...18.exe

windows10-2004-x64

7

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...x.html

windows7-x64

3

$APPDATA/s...x.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2024 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/seemao/config/map/www.m18.com.html

  • Size

    2B

  • MD5

    54cafa3a6d69c189cf2df3978fbdd435

  • SHA1

    ab34955f0a30619fc4faa49013902031d85ddc46

  • SHA256

    e12a7e051731cf1dbeefa2142a8e1abb1eb5898e2cbe4aa522120829a5588dc7

  • SHA512

    43e539801d00eb39811341d67327e0e8b7d97677e08c8cd14d501c1276592a80dcc0983306f292c702a7553d34bad9fa768cf9d046059c3a4b2a1a0a892f9410

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$APPDATA\seemao\config\map\www.m18.com.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    147e787fbe188e460047bd448098d80a

    SHA1

    70f79f4c14759088b8eb607a22cc84647dce62d8

    SHA256

    4088be1457f2388e215bf1ebfd2fc0d9963771b5d9c19f484c246882868e99e2

    SHA512

    f26ecf4814a71712a4fa77f00d2256029b4ba78fdb0c90ff0b829bf1b9b4f9e7dfd0a2f270c0bfeecfee0c0dc8b0c8863a4b1266d4d1a86c36e3769ceffcf1fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    214f31d73ba4de3dcb16d0c55d599c07

    SHA1

    a14c75918b256746f546424ee87e279d6904279e

    SHA256

    d4cba427f6535affd9bee87e05ecc5ba3fce11c7fdcd31c10d2a797aa4863d88

    SHA512

    f2c353dc183377e9921e14dae6fbecae351b0cda221a580b469bb5d107da422e8354cdd34609d85ba2d2f33dd5171cf97293716cfdd83a93a390728f09697367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f7e99f1ca76af533127dba390ed81e5

    SHA1

    ebfe94d2167708b11ae48a6e9e34868bfe29ca7d

    SHA256

    3a08759d54aabc84c77196fa37b4fa139d51276fa42d1260caba1fb454491a65

    SHA512

    1bbae978935b3a087cfa984744169f6055755f7ee7db85735bee55a8322c300163d68fca53b94229d38ffe74e88ef5ab2241e0ae79a9c44fd6f0ba57ef83e1e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7765dc137e837b5dc245f407a5cee54d

    SHA1

    2b29e5c48746044ac16c44276c68f0f04675172b

    SHA256

    09e08f33080f8ca1a8c5a152adb9041d0323e79f6c06a856d1189ff42bdda565

    SHA512

    3c6bb33d18841afaa8f4224218bfa6304409bce3ae8112a6e6e822aa0b8f98e47d7685e15885b4854b37412e67505e8af1f163cdd4b329dd5ffa71791869356c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5701d9bb5dc8870cc2ec270c32d56bd

    SHA1

    b56f39bfa26f35593fbf23f29370bbebfe1c115b

    SHA256

    77254f0e4a0c95e1da8a1f1d8eee99e4871915f44013d5699aaf0a293ae06d82

    SHA512

    10dbc8b688dbf1c5386b989e323b0db70fa9316fb14e12bc3cc6e2de98486b778e6c1213f15e3e3586c371b3bc31d1684437c228ff12c7e15150ac3cb3d569b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0dd99fa6c234d809a573061f010ed81

    SHA1

    3dcf7bbdec01fffc918eb288b2a358d04a7057cf

    SHA256

    fe7d167de95389fa6895cfa43e1aa8bf1a22a4b5273a7cd42ef78a5ae68e1107

    SHA512

    5b095320fa6eabe95bd5047768409360089ef9cd1e1401140b841d7934673ea8ffd11fd7c3c06e3b46dd7d935d66e483e754fe1616caaadce70df0ddf266789a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a36bac14014c180863a19e1027a6e9a6

    SHA1

    b9b8b5951df23ec012fce1a9e5801304d475b073

    SHA256

    32a6f536216e35f92a26fd5bb24079c597725177222b9759d08adfbe22ba6515

    SHA512

    53c8fbd859941a206450e2b9c753a7431996676bff2cd5afea1706178707ba12653300c43421000f3fca8c7444f6de8a34c43fa8963d138645fd4d995e441923

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4793b4b9d7ba63adae297dc18b65d8cc

    SHA1

    1dc1b083acff183682a42e70be056e9c41e7c1e5

    SHA256

    ac98fe43ea781ed952dd2e2b154aa53f92125ac175ab4be2ad07c3072ae55bc5

    SHA512

    8044073d1280e0a5133e1a4bcddc3e7b77d91405764278c0b875765756a62c36b1fe8c3e00b393d83343df3660bd76ef0dbe498c78c872eed7aa8cf42f39fd34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c3fdbc1f90aa377652483a340d748e0

    SHA1

    5784ce211e5a7075ae0748596b0461bb529ffecd

    SHA256

    013a7fbaa9d6524f73f4a414d98c2e06ad9464b4f82b0f30206aa885927df96d

    SHA512

    83f7d9a4af364e4075268ad3e4b95adee4085ae3d1cca276194e672db1ced79d69c8588a8d061d941df0afff5bec1bd729f74220941b9d3e24d67236e329e4f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29b33c6c368a82283ab5daece5fd95ad

    SHA1

    0d14d788c2a78b6c7a778d54ef0deebba1c67528

    SHA256

    ad03f92af9b97feed96249463b65d72131c8379fb31bdcc09470835ffaf396ae

    SHA512

    46ab9e9c150e19fb45d7da92750ee1a251b3563de73f35036d862c0c4f495dc1bd892603b4eca20b543f0bcaa3e2f79477ee092564897bf928ba0924584e5787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cf91835cbfa0aec5d92651368581559

    SHA1

    48c62c8eeb464b6c046a2cf827ef6f085b825f99

    SHA256

    3b24fdb0489c262fa4da4cc6e52460c1c2b406693e4f346f06175c4515f7b6c8

    SHA512

    8e39a896d2bfdf6fce6106afa1fb38bc31f65b296e709acaa083a9d994ec6fd35b7807064eec66b0764dcb6ed0d74531a2ca32cb45129352a181b7c54b7e35fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b978045658ea612afc4abfe1d7234678

    SHA1

    293ca44e38398a50dbb9d75f88f3b9e85c94a18c

    SHA256

    850b41f6eee1b88a6fda39c49b613460b1bf8310ef76fc9d021afdd752c734b6

    SHA512

    8dabf369b970bdd318c3531c0070e374162f592af3327c4a2c383aee09585dd7d391e17ad4251a01a296a2753a2c040223fe02ff13cda6a1635fb23a34835fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a7ccce69453c6146d333a74707a0251

    SHA1

    ceb6b88bc2872052f8012ab000f6b3a28d9be9f4

    SHA256

    53774d15b4babd09989a9ffd0afb9a61e99356e403a99309c087aab1e857693b

    SHA512

    1744cd9e449ed5507c830a72dabc0a021054f858312eaeec69f4d5133ac85593ee03c80e56ad9397ae850ad6099e6ca175ccfaadb3d3ad55ddb5fa348e72a559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2f2efc8a5614148b3bbcf9396b65657

    SHA1

    001e79d7776b84e90ef68dacac00670ec4a8df76

    SHA256

    096a1b660d50f047dfb9f418eb601d2f97aefa609e70e5df3433d959f7e89b7f

    SHA512

    238ea4eb7f32f257615cdcbbbe013ed333885c7ffbb39491510fae246cac56d2d0120f6d46e739c6e3cf2ba530002efc8319eae034183dc827092245471c42d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69ed9dea5a3c823b82296f87875f0a76

    SHA1

    7e1521d378c94a14bf5511bfa7ff07a7792bfb93

    SHA256

    7abb282a8999a48c33b7fa913f9d90ca8cf30be471d15dc04b9272c941f52497

    SHA512

    29f9b3978b715afa3bf6ad3a2a60955265de33242409cc5aa94fb2adf3180ed5ae2979095e8759b2afb8b892aa24e3e6508b9f11c4181687300cc0884ba40306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03e40ba52096e372cea8616f5ddfc5b6

    SHA1

    c6791b57df9d90451de7dc23667c3a3e609ed1b2

    SHA256

    aed88e6c80db08620d26a962a92af0d15ff4db74dbb99528456643ebdf2dc9ff

    SHA512

    364c4cf5d6ccbc8b5556f6d4677a3aad1abc6980e02746a80067720ae32c387c9bd6b38532ac88166affc2a2a075d4d7235cb21911f1276a3d4e02eb21560a24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7376c7e7b424df1edd7fccd31c49eba0

    SHA1

    db1d5d304f0e2c3e551f240d683ec0785828a899

    SHA256

    268bbddc7effa35151dac459b2a0bbab02266cbb34c31be4edd7ea7d448afcae

    SHA512

    cbd9b29ddda73374803d0cd577130445934dbc42fbcfc489002289abc944061f19007337100375f8b5c06ef1b664dd3cb925dc0f62c2db5dc9c8acdd78309803

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1170cb34b248da14d7c4cef01f6f77e7

    SHA1

    4a6d14b8c8400ac41ed3e7d4df0a6d28d35e147e

    SHA256

    9cb2b9e2d9b94ea16045db382179d9515dcdc7cda5b71ae847624f8414683271

    SHA512

    93326e0cec268cf13e9b43545b4352ac8d56d58457e35945b8375b27bb86628a12da4f56b4f43be4981e97666d89bcbff9b6f99ed78bed90d40745fb6cdc1a53

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1D92.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1E6F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit