UNKNOWN
Tags
Common Information
| Type | Value |
|---|---|
| UUID | d9840b96-a129-4aa0-9598-ff013c759739 |
| Fingerprint | fea964ae6cb26df9 |
| Analysis status | IN_PROGRESS |
| Considered CTI value | 0 |
| Text language | |
| Published | None |
| Added to db | Dec. 20, 2024, 7:04 a.m. |
| Last updated | Dec. 21, 2024, 4:55 a.m. |
| Headline | UNKNOWN |
| Title | UNKNOWN |
| Detected Hints/Tags/Attributes | 4/0/33 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.secrss.com/articles/59934 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | muchengoss.oss-cn-hongkong.aliyuncs.com |
|
| Details | Domain | 6752 | 163.com |
|
| Details | File | 1 | shellcode从服务器远程下载svchost.exe |
|
| Details | File | 42 | libcef.dll |
|
| Details | File | 2 | 和libcef.png |
|
| Details | File | 1 | 通过模拟点击断链技术执行svchost.exe |
|
| Details | File | 1 | 加载libcef.dll |
|
| Details | File | 1 | 2023年10月企业税务稽查内容通知.zip |
|
| Details | File | 28 | test.html |
|
| Details | File | 1199 | svchost.exe |
|
| Details | File | 2 | libcef.png |
|
| Details | File | 2 | decod.exe |
|
| Details | File | 5 | cache.dat |
|
| Details | File | 2 | shellcode将动态解密出urlmon.dll |
|
| Details | File | 2 | 并调用urlopenblockstreamw函数从拼接好的url字符串远程下载svchost.exe |
|
| Details | File | 2 | lnk文件的作用是启动svchost.exe |
|
| Details | File | 2 | 中调用libcef.dll |
|
| Details | File | 2 | 将libcef.png |
|
| Details | File | 200 | update.exe |
|
| Details | File | 4 | tg.exe |
|
| Details | md5 | 2 | 06ed2c30954614fe1e8e9e8bd4619510 |
|
| Details | md5 | 2 | d1a88258376133409e0df56740683d30 |
|
| Details | md5 | 1 | 0a5b0607f6db1e8c9e3d2ca0da5c8d58 |
|
| Details | md5 | 2 | b2d085ab9171d577f8b36cf58090278b |
|
| Details | sha256 | 2 | 172dcc050fd15c75b6e03ed55c67871d9197cf4b3b337c89623d2be41b9850c4 |
|
| Details | IPv4 | 2 | 103.210.237.33 |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/与“svchost.exe”,“libcef.dll”,“libcef.png”,“decod.exe”,“cache.dat |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/tg.exe |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/cache.dat |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/decod.exe |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/libcef.dll |
|
| Details | Url | 2 | https://muchengoss.oss-cn-hongkong.aliyuncs.com/libcef.png |