Overview

overview

7

Static

static

3

c439cc4195...18.exe

windows7-x64

7

c439cc4195...18.exe

windows10-2004-x64

7

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...k.html

windows7-x64

3

$APPDATA/s...k.html

windows10-2004-x64

3

$APPDATA/s...x.html

windows7-x64

3

$APPDATA/s...x.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...n.html

windows7-x64

3

$APPDATA/s...n.html

windows10-2004-x64

3

$APPDATA/s...m.html

windows7-x64

3

$APPDATA/s...m.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2024 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/seemao/config/map/index.html

  • Size

    1B

  • MD5

    c4ca4238a0b923820dcc509a6f75849b

  • SHA1

    356a192b7913b04c54574d18c28d46e6395428ab

  • SHA256

    6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

  • SHA512

    4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$APPDATA\seemao\config\map\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    886992f122ee2f49521f4f750abfaa52

    SHA1

    3ab1b3e3b9c670c14690a7821398df1ebe94776a

    SHA256

    7cc5a0f168a047056e71520e9df2f723624b98062613447005ef7fb57ac66a99

    SHA512

    984ba73db9666fa38eb66ba1ccfbc87e55844713daf2dbca1b6ae71e3a2f4b9198fe31d762e8714eccf1fcfd805877c0fa3e7741f60317f4357e14892210bf65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f95978612bed9c5eaca21bbf5c2b26f3

    SHA1

    732f20b1ea902e0a52b208c7c57a6a36b6f7726b

    SHA256

    3fc6fb2d42acf6239f503edd9d78f8e5514ac9c75088c49cd4aacaa6bc265c88

    SHA512

    df0de7eb987b6cfaec49a870c249e99e5961f5b9a569515064c98e00bee63bbe3fcf6b9eb3b47bedcd448483a6d37c1d3fadccc712fcc6601c6d4692d1411de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    138130a7883c56eef13608da7f1f0dc1

    SHA1

    1fd105dd6cb6d03c914db9cf91d2094e6206f359

    SHA256

    7fa8c3cf46123c7953a123be4cdaa617a9ccfcfc258d00b24cc490065b7a9f68

    SHA512

    ab50408939df27c68f87d324240e976c5bd56d652654b09cf09018631f3bacb54e8b4e0d710cac0ffe090aed28cc16f913500beb1740971a955777ab2eca899f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ec5a1903ad22ba4348a2d5ee036c448

    SHA1

    ed3414f74698ddfb1e233341e2a45b943b3d07ea

    SHA256

    0df256942244a437f8999cb1588c6ffb6dc4e02358a2bc8175749e5f044586d5

    SHA512

    bdef71f26fa07aa7955ce2affe77217c72820119db78f026341ee60132fe07e45e6ba4382b18d488fe19006081495ac16b476677ae401e4aaecd64f704390fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e15e6f80d7aa9cadb00b5588223f9835

    SHA1

    807be947afe937f655372022ccc3d106230f797d

    SHA256

    f36d66af7106421b49728a55b6c933a968d7da47c77af1db264d772f5ab14597

    SHA512

    1863d88dab5aaa05da130857a8d1d50c807c9fe51eed7e118ed6adb607b58df956a1ec0ca56f59183edbffada4b0361432c3910415bc7bc58f6b09b65700665d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a80aa26515e26dd14f6b5fb5dd1e1536

    SHA1

    64bdd838f883afc374e9d4774f62fa8e3e9fd059

    SHA256

    98007d6ae32ef2dec51fe11c2bc9cbe2692a5496e41eca124de47c7d0c470f04

    SHA512

    68f9ecb8c06c6714e367e841925d749ab2fde3df05ab528c6ee540285c92eda90518472266c35b29dabe2ccbc468e4d433170670f87df1dde46abe5a9bb29363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97afe2fa95b48104fe6323e31891283d

    SHA1

    20f3874e748104338376225bb65e962632b18e74

    SHA256

    0a2cc5a624bc8ecdadf8862fd14b3cc5338049c68bbb3f8b5645971f4226f0ce

    SHA512

    1d0d17bebd88eeea820587f2aa89ea6080611d68bbdb2404848e18b9f22e1dfdb82686d6d3d017da31eec4288cdb443f87db87a0c662acb68292cc3c09efc54f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d804458ad86f0feb705efb66ab14c019

    SHA1

    95878c7f617c2c6faded2f5d68bdb135175af743

    SHA256

    cb97fbced5bc1d0ebc346ea47789b1a8dba09d7e6872b64c4f257784a3d8ce99

    SHA512

    78f98dc828a1b8fc7291e598cd173d98dc7f8415e2028249744cf289a61e05a4f780ef898b5fba1697c48516c9f55ef76f72f747153e0bfc2f0285f06c8bd5f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67bca25fb727ce7f57d27f82597777a2

    SHA1

    4ed65a05de6c465bac89a3e1aadfd649ad338103

    SHA256

    5909fb647dcc9df70fee11b3b7e6856e236051556bbface9fc7cb0756a324d89

    SHA512

    1f5634a68257df611d662e528c5e56804101a927cb6915e8d0a8d6fd7cc7f720eabc1c2e690afe59f893edb2d08cf745d476431f7e46da5fb85896d5d8cb034e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2a42a0f2a6c8a2684ce297eb9fa2320

    SHA1

    2613d1328324c9b6aa16c0a2ebbbde16c470c20c

    SHA256

    630ce522e1b3ade247f63eac92593602e3868f7497333c5e221ce531c02ff0fc

    SHA512

    5497503900e62e272aca79c932d1046e2eecbfaa6c2bd0e71b62068e8d5c3a9ef9f07f08baa375c020cba3a79cea6a5b4b7b8d2e9c7cbbbcf6eae396b3976a5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30e61f0cda2032d8bfd563d28aa03962

    SHA1

    a6c17227301464c220b52710828a922a508b4eb6

    SHA256

    6379afb21333599a37e3245e8438512ab6304f3ede820ccdb5511c3ac9d1e1c1

    SHA512

    41ff6aa2e73044d91ed307a549a058516d4ab435e6b82d64a6f81f5dc383c2143342738dd50493813b8db19856dd04344626b2f59d9cbb57b892e2c19334c4d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e800f921264389c70a360f933de4983

    SHA1

    48713e6852b05a5c38511ac80c5c9ccdaae7d159

    SHA256

    de7ab781d68623f43e9953a6d749c2779c8e574caed6eb18c0a0c157bca4b5eb

    SHA512

    174cbecdcbecb31c796106d12a98ee03d44ee4d01079204b5fbe87c7f76f0851efa962a1ac4300a44eaa168f254a9ac4a9f86ac7d907fcc5aae10cec8f76f327

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2452ef681dd4a6c11294577249d4d3f8

    SHA1

    85179feee2feab815341231bcbb7c8c038cf6558

    SHA256

    f4c38ae6d3ea720f0c68addf0b84e34216b9810d9a8f3360d1935182678410e1

    SHA512

    bef07b344a9610f60d8cd57b407238eeccf246be58754a931a21f055f0ebcc63a7e3825ca331e89e43c06c62b420721d56bfd3101711c1b5ef4d7e6bc0ccbac5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4D3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar64E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit