Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://feedback.fct...

windows7-x64

1

https://feedback.fct...

windows10-2004-x64

1

Analysis

  • max time kernel
    70s
  • max time network
    73s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://feedback.fctg.travel/CP/File.php?F=F_1L0aJJnEdHzWNHG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://feedback.fctg.travel/CP/File.php?F=F_1L0aJJnEdHzWNHG
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    18116e26c05dfc4b8a4dc22218daef17

    SHA1

    de5836588dc8c6e399c55c7dda1d1f4a9232a0b9

    SHA256

    8a73d3605c54e70134482751f07cf4a03f9aac366123b7424bef3759ef4545b4

    SHA512

    2452704e094db81b40d906a4a1f07795d4337fbcd70f3efec3784fbb2aaa3c2fd22df2f80b307d6843458366738bd3c7e1d2d6071532a416948bd1b7eeec01f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08456347df02cafc5f7bdd9bf92cba3c

    SHA1

    79ec021c98d6bb7702689480c794f720f7f65554

    SHA256

    45de07458b1d060e6cb3635946a3c54068f48c0f35e18b5a2d24879ba3bc6db1

    SHA512

    6671dde33f38652182c559e295d82c4fe70de94e3bf7860b5b62def38fcb27e04b604d30f081bdf25b45b2eb5712b0452f1f086c45cc9a23cd91633d1469b053

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68a30a8faca97e84cfa73c34ab46958f

    SHA1

    16de666463d8a2ba3018bd51d820aba7a36456d3

    SHA256

    01e162a54c985f9b7771738c9142e8b0a49775cee635b87e0a51f0b06456fa8d

    SHA512

    72b71e2bbf2da521d1172bf35ee3b5563d3c1c0fc7b794a5edbf04c7d3dc354cbe1107ceb3eec3d77b8863722846a9ebeb10853006524f67f907ac98d5170de7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b2ed2b3b7e07a8a128201b2f17e5766

    SHA1

    9fc398737d8fde558ce4a3e76b7fa0ab9fe15a71

    SHA256

    8421e5d9924075b3724e427cc56245e162c3ad11be63467f0e2ebfb9f559ba1f

    SHA512

    0766dbd3e475d262b40e96bd7129035ea2c2df211222d83b60ce0b72e29faa5c27a10dd02b474db857069009da5a8c3064004d1b1180a963bb3c363b559dab3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    383cb20731bde4d5ea1af4179adb9b05

    SHA1

    40b580882e44254fe650296ed7ff4bcce60cde37

    SHA256

    fde8c25f0449ee4e4330660c5e23a5f1f8b1b71badc925e90dc5ec92a666449f

    SHA512

    16cdb387499b438ee6703f949a13c5fb618d6467fc3885f04f50b1d20f0e9ef3524fada42fa2bc1a5c02336d3bde7724fb2a6a59033d1ec98c71cd249ef49fa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e352ecda6f2df26c8cfdf38752bef71

    SHA1

    ccb8784b34f0c9f666178af2ee0a5befb7658f97

    SHA256

    41fdf9935f64c244bd6a02eacf08322176748bf91f0fe481da032591a4f198a1

    SHA512

    eef7151743cdf60d36ce7dc37afd0514964d72b33ee101ced2e1c7839a10f45452be0d55a6be6604618a9a3deebe61dae4a19161d8a62765d376eedc35261747

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cee506b740300d91864dd7802224d11

    SHA1

    fd6e718195dd7471c8c5148f6fef390e0c9a7817

    SHA256

    f466a6ca6efc5ce03c4b83af0bd52447dd78241c1c8b734a970066b4257f0128

    SHA512

    351acc5137747b94a2e8ab9f8bebc6175ae0476911f471e60910695ae8e570d72561af3fcb62df8b1bad24e622da16cb598b0fb1c439760aff02ca43ca13f7dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07c0919f66808d81cb4015917016ab20

    SHA1

    8edb28ebc4fd17538a4da65ce1e2a47e3158000e

    SHA256

    6cc4952bdcf72845fdc28de1b269618fd6865f7cd4d89e3a7bb53a9bb164abe3

    SHA512

    fa5fd4ad0778abbc6468fd39c42b82887cf14c4e22c294acd992ea3a367a100c75283ec151a2813155e8ef64fec5910c21a9ba0b88b05b382c7c6dda07c72b97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24164b99add7f32208efbd329466c920

    SHA1

    1f39a03c741b8764dd933dd43363aa0d9affa3db

    SHA256

    05b54c1899ad4b98585c1674fe7051d4d8882ab01ac9b4b53c40feb69e6655f1

    SHA512

    3f870d501465379f5176bd9c81dc2fb77436628fb8091e8f0a4156c298be12398c2ac5813b820ab5dfb7a4f85a04cfdda348c9d203e688347198b8fbb5a8f8b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    adcd0359a4fa4da5b157aa87e8db8166

    SHA1

    491ed498df673b36aa89a263a4600070a8510e80

    SHA256

    c62cdfde2868bed6f25535ecc298af7a104ba29b14cd819c889cf8c7298bcc9d

    SHA512

    d7f5fefae8e6d02fb55561a022da13e674ff61724e72f0c97e71fc4e2c339290d002772368429823f6acfa5773b06b94e359ec30a34da43df0a61d7398fb987a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c79a5b7cf09b787acd13d35adadb245b

    SHA1

    0e29de9a486c9211adc56f3ce390edd2f9871aee

    SHA256

    2b3da9c899eda683f755dbea94cbcbc166737f1939e20d54dcaca50909fc2413

    SHA512

    33aebb7c8c304d997d6fef1b245ad91792d55f020081e0fea36092d182004cff45ea41ff406bde8f24d3cecd341ce720b79474ca571d8e486e0ba7c674769802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c15a3770f4ec1ac1ff1eed9676cbcd45

    SHA1

    bf365dc6cb3545abd2c9896c4040b702b696056d

    SHA256

    037dfc2b941b8fd3246f9de1c65b821414fd186481cc1461877327b0b18afc71

    SHA512

    e152033821bb795d3fa8ea55140585cf6bd953ca21273307f420e978b388d0b9e795f0b524cd85696e0f292a3ab761a1c08e9a04d21154548eab0993e4117594

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c0ca8a3e54aa604838edbb6949d85e0

    SHA1

    f1e85fbe389c5beb8d7675193cba702de6263e31

    SHA256

    eaed304d447ef60e0e88e791350337f2e59631f2452ebbcc6d7edd9bef60e290

    SHA512

    55fc26aa8e6c76abda4d9593aa519245464b09ec0d6f3b78313827f46ca1852808c57531dd99a28e24a783a714edb330e79a1b501414716418376c3846f96517

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2dc0a67fb6f33b5dcdb643c369b26158

    SHA1

    904222408017f94ffc42a4c5264d9c1a8d80a54f

    SHA256

    97ab3e240b8a2643095b4c993e5eec1ab1bc81806cf1e9e9dad850758cd1b936

    SHA512

    e02160b6513dd44744ae8feb0f048a0e100a6a6e5a3dfa94a2a50b9f5c78c2ea3264782296daa59dbf9582ab46155792c6d1e560bb2d5c9bc007d8434132b56a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    b041c5292edc1be4328e477f4c59a1db

    SHA1

    88fc04fd5fd9dabad8295d3f6c7e01a600d00dbf

    SHA256

    3f47abdfd55e538fec454bc84fa64271301edbc8f51fb9f27b32a55d1b2ab9ff

    SHA512

    3e34d1bfdd0628216825e57b71310297123629b7bdff04b2ed08e967023f6779e282ec028d1a2616b0797cc039952e717d8a1a460c101ec08b95537e8a088fc4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab31AD.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3349.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d1afc25391583c34e957604cedf23501

    SHA1

    b9fb760ad271423238ae1837e2649ffab3964370

    SHA256

    b875b60f0ed2dfd612be189a482e14973184c3de29306eafaf6b6ac41a9b91a3

    SHA512

    d14532dd547afb27d9b49134272db5de20d483b9693112ee81261e33a7d380234f82ef7014e3f089ec07621c14dc11e90ab801c3d18968b59d981fe752935cbc

    Download Submit