Overview

overview

1

Static

static

1

admin/channel.js

windows7-x64

1

admin/channel.js

windows10-2004-x64

1

admin/content.js

windows7-x64

1

admin/content.js

windows10-2004-x64

1

admin/guest.js

windows7-x64

1

admin/guest.js

windows10-2004-x64

1

admin/kind...tor.js

windows7-x64

1

admin/kind...tor.js

windows10-2004-x64

1

admin/kind...o.html

windows7-x64

1

admin/kind...o.html

windows10-2004-x64

1

admin/kind...t.html

windows7-x64

1

admin/kind...t.html

windows10-2004-x64

1

admin/kind...r.html

windows7-x64

1

admin/kind...r.html

windows10-2004-x64

1

admin/kind...ger.js

windows7-x64

1

admin/kind...ger.js

windows10-2004-x64

1

admin/kind...h.html

windows7-x64

1

admin/kind...h.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...k.html

windows7-x64

1

admin/kind...k.html

windows10-2004-x64

1

admin/kind...a.html

windows7-x64

1

admin/kind...a.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/menu.js

windows7-x64

1

admin/menu.js

windows10-2004-x64

1

admin/other.js

windows7-x64

1

admin/other.js

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 04:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/kindeditor/plugins/about.html

  • Size

    1KB

  • MD5

    ac31ddbcdb574018e203ddcbf01449f7

  • SHA1

    3be7cc535fbf1a60feffd331aa6790647f8645ca

  • SHA256

    76d8c3f08ecc38c43043464a54e5ddb8cd730d9919644e4d6ea14e1cebcac204

  • SHA512

    34fe1e14733bce680aa066118a4fe135b1618c5dde6406802f6499e304ad33696c5e563d29bbdbc668a0a330f0a6c9cd9bf5e32f45e647eaa562e1c4a0fb4c7c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\kindeditor\plugins\about.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f79fdae7cac1c3bbab873e9cf5cd78c

    SHA1

    03932a770cdc5271a49bd3a359aa5cda6a23fe8e

    SHA256

    8a21d38721d2723f76d3d8198d38047f71845cc1ff27bfe9593dc8ce4f384f55

    SHA512

    e5f718b726f46ae2db67f21a6ea11a2f418a5f6ddf354678fa102c2765b7ee918c3b859c27f35d6da7a9fff0aa10f50b7392b5f6d74819ec419e0572e8a87e21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    956673073ce1b4dbb0eeceb8a99054cc

    SHA1

    aed37123580b6bcea72ce79856b76d68f5703709

    SHA256

    8887b2ed044f6febd2bd9c31f9839b143af387677c86536736540510c1b9d8e8

    SHA512

    0c453ebe03edd237eba5fc7efb21167ad0a80533bf0d64926a38ffd4f4e39f0a59a10a61db301103047c357e533402fd8e0293f385baa3c5d1e9b8142d64b7a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f53b4c114a4ef89e06c8cfb77bff35a7

    SHA1

    c97cbe4b75d3c89b4582c8f6101973e6a607b8ce

    SHA256

    271c1966443f5f47eba661e4b1052ba35d69014a8bcc9d63376148c12bfd4d78

    SHA512

    21bff69413f57bf7ed82d488e8e203e5a9388fc7deb32c6d0d0434187e39de0e79b5c36fb0e371593a9a5548723679589e1ed44828d5e74e38407177ea69074a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a7dda813e6ad7ee60a6f26704eece7a

    SHA1

    21c04ec1f929782c02bbe5bcd1f91e5db7015e57

    SHA256

    cfa0170ba6022c7d93d44250ba8b049e9655eaad7f612c60152585a2bf1d2aa1

    SHA512

    ad61a6fd3196abc87ae4ed8ef0193e56a61d6bc41ce8361f1693351f476e5e6a7ccad29f7d232446f650cdfd1f65f77f8b2c19ed358923f66228e2ae97c7696b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ed23d1404806b22c332d06ef057bc52

    SHA1

    fe65f8b96e8c8595f80812a56186c954dc9cbc34

    SHA256

    6470d9fb7b463ef5233ed2ceb9d508c0c446a0e7484cf65c0feb5658676e886c

    SHA512

    702925688c635ae8e3d67bc744542138faaa77be0d8b1c3bac6a63bb45a57f6d82675a24884779d1e6a70fa05512b4de853c3338e5ddf12779f8deb3bbd5873e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1b557fc655464bc515c836a5e70d5c4

    SHA1

    949be83005e0d1834b1c220f8d6a785ec20adfcd

    SHA256

    1c7a2cb0d708d93a9cea65effd046c8b21e8ba6840ca18b8730555d03688a6b3

    SHA512

    447029348876b6aff9935ae5010ae69b689c88844c63abed423310ab0d18d892b4663cd373b1e3cf70f63deb8e7405afcdf321bde460b2864979fbeada2f2d2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8aedbc7f0ed8bed5071bcbb62e080dd6

    SHA1

    00c27c7d91cd7c2b0f85387fa2550cd512efc3f4

    SHA256

    42ed8bf31dea27ab906d8646d0cf22a60427fcf46af0adef07b1f4b72607d433

    SHA512

    fd70eb4f23f23c5507f49d6b2114d8b2294bf8c7ed46ae9639594c081b06f393f7d08eeba3b12887b2f510c64d51372a6eeb63cb26d79e283a395ba0159a4fe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4e4185bae0b1ed27cbacfd8fe840e4c

    SHA1

    58d363beab8442364e6ae82faa54abe4ca7e7a63

    SHA256

    621aac5d5fdb218d71c06aafdfe2af09c8b70b169ceb0042bad53b4ec2112a05

    SHA512

    495261fcf1c437362bc305c2ec89673fcc728d81be3d75f841d63c93e5fea94a0180fe473e90d990e8a80e365e66f8a86efb062c2b13dc1fdc3dd07f46214530

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc00410d0ac98baf5c1e31ada34715ce

    SHA1

    086870e92127b089d4e7ec58d1f42cc18896cc7e

    SHA256

    88c44932543bd0b67a6a45c6ae40a9126a2095123453ce6885078717a1dad4cd

    SHA512

    8aae9a8e52be5e9bce958aab85201bdd368379653b829dc52b1e592a15d29d77193d115e00ce3f10cc0b91e880bd6a99921afeac1865be043fc75877f3c3f158

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a3f89af51b2c68ae9ffb34dbc20f5cd

    SHA1

    b008ce4572be619da9ba3daed27c03cdaf212d13

    SHA256

    204477632fcaf645b1528a03464877300d6ceff15debc002579ee2abab040861

    SHA512

    27be3df6709432c9f569deec681b00e2099546f5a69b9d0733dbb5f49fc5950a05b7df883dd89cfe66673c08bd5f9a0493fb8ff7199a3ebb28e19e133db0bd04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ea74890e297e4abcc2f56af37577073

    SHA1

    996d584899bd32535fb10e807f93f68fd8ef35d8

    SHA256

    82d69a50b88237e94b267a9f13f852989061cb5f7c9382132878135abf3b39c8

    SHA512

    a9d777e410cf48005d64d161d41258cb550facbd8e5c83131bdca29abbba50cd7e08c7b1003cdde55605cad014e94690299ea479ad9279e03074702b576ee200

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    435d5d5200552ec945b14a8cc247048c

    SHA1

    cf36988d10b2e7ba20eef43874aa5218a6a78236

    SHA256

    1d1e3b4f4eced78048ddf6c0ebb1146efbf9956d22c4b05c9121855365078c8c

    SHA512

    3f01a1a751fe428b30df3185d2266095c1e1e36a5d35408b97980f037273a6fcf8d8fea764418afd9774cc4d9b0e2154a874f4a2447ae5697df14ba248930773

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6655fa7d0b7c25b3963b7deb3ef0569

    SHA1

    1d35fc5a93084f84fdb91f21f8a63c7af300990c

    SHA256

    875182e7883a643d3ba3b7510078729670f228151dd971727af8d69ad7edc586

    SHA512

    d5e2dd627d8c98e7f1d6dde8ab7ec0c0bff1002883b7e0c513bf1056a8721b2586f440328e496fde7b41e7d1c853b9739dffa4f94daa5671b3a974ed5b1cbe2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6d80c48c69ff02b1c165abc6b2a8d73

    SHA1

    de736145f63b5b75d2929cbefd86427bd37aea90

    SHA256

    5647e84dab572f9873478f273867c3875e890377d27431255bbffac17771cb3a

    SHA512

    b3918e2bf9baf8dad66df687372031aec3210b0055537709ef36af76215b4db6f68725c618b0eeb76edeff9b5f9489a7f5d675c488d4945c2a9000afec44184c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9e198cec87d64da5e710f7a7b5c8e64

    SHA1

    365c536887a1ef14ea193012b0abce74c95f504a

    SHA256

    f3c94c8ca67ad3b1182b6f0fdaea1f58bd1a0a7337bcea51d5c234c105fde849

    SHA512

    6e80481770a44863549763b17da913172bce27aa8373de064c80ee9354297afc551b1b2c2818b23a7e69ac5b536a3564aecec4ed58d859e77f5431b73cd5e24a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b8ba0cc5a4438f1fa78c8ec7b937b72

    SHA1

    547ad44c5533d6eee4894ab5ad6bd36d91521814

    SHA256

    40e429e92d0821f200a9840f6af3749c7d209bf5d109b22fdb4adc789a514423

    SHA512

    1519a578c9a29cbb102691cd154a28fc694a312bc16e68b8ca0ab3082dd7b69e740586292dc01b863bd308f7e00589df85fa9038896b4cc399b8c9e5c5549869

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e583415754cb2b85f6fe26a11f6a777

    SHA1

    3c1dadc8b9ae555fea4ba396ffd17077a5f7310e

    SHA256

    3a235f13db99d6b6d4069a1cccf7097aa0a3218bb40fa6a6d3b6126640dfd5cb

    SHA512

    1d3b239b16535b62fc8d7c972a9ff8c891c3ba82bb98204548d183b5cac65eba1dc30a17f7196296347c66a8db404ace833d64c1fc8db3178a93726b9cbcd145

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b9f046f9d4b664c7317cf3ce45baf51

    SHA1

    f915dd98ea7c2a153684af5cf0da35f5d6d7b6ec

    SHA256

    f59fcbd7e321b5612415003fbbe85617961915106d0e5f22cbb180744c6bad31

    SHA512

    70f1d56db9a217418ce595f792b9d7975215e8017c82e8daa2028f4e182289f9d7d0a1b7186f8108a383a7e9b2dc6a5aff870326647a0f85c6b4522e574b29a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7c4f5cadf426ba48929162183c3da46

    SHA1

    88bdd6eac3ae94c474430ac7043392f0417b1d4e

    SHA256

    4e0ab7ec746203aa2b45303442863e1f04239da434b483abe00ced204a3cffa4

    SHA512

    25e2a7c2d841cec2d766670db71a8e35b0a9c55054213a78c95a12c0244015bbe68c0c95cc214855da70e538e757a2a050dd63e9c5c8c97706465c1829c78aee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    471fcbcce6b550dd45ad011fbc66bd99

    SHA1

    2b3f0034320670c07e2a3bf738884838490570ce

    SHA256

    0968648eae505294b693dd3f7b48b2fa9b31e5ce44ef60d85d651bd774716356

    SHA512

    527e10a46d0ed6cb80c1b1839e7c358eb8fabf104002e5577f5148a187001d87afbc9605016cac3a4768d1c3ba05b84f7626a9e6e16bab1096b1503ce9da1368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4507a5d046944baaa7df7ac6a98be9ba

    SHA1

    500f151642e0ef637d6289f7e3801840dadb6932

    SHA256

    78fd72a4615af90d3b93a95419b7383a14952765ea9574c577049ed235747b4b

    SHA512

    9db23722fcd94e57890043b1bb9723f398570006561824670443f3d8baff880d3126f008249421cdc6ec2c6f683c15987f1faf275a4998ff4678102699797615

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7CC1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7D51.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit