Overview

overview

1

Static

static

1

admin/channel.js

windows7-x64

1

admin/channel.js

windows10-2004-x64

1

admin/content.js

windows7-x64

1

admin/content.js

windows10-2004-x64

1

admin/guest.js

windows7-x64

1

admin/guest.js

windows10-2004-x64

1

admin/kind...tor.js

windows7-x64

1

admin/kind...tor.js

windows10-2004-x64

1

admin/kind...o.html

windows7-x64

1

admin/kind...o.html

windows10-2004-x64

1

admin/kind...t.html

windows7-x64

1

admin/kind...t.html

windows10-2004-x64

1

admin/kind...r.html

windows7-x64

1

admin/kind...r.html

windows10-2004-x64

1

admin/kind...ger.js

windows7-x64

1

admin/kind...ger.js

windows10-2004-x64

1

admin/kind...h.html

windows7-x64

1

admin/kind...h.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...k.html

windows7-x64

1

admin/kind...k.html

windows10-2004-x64

1

admin/kind...a.html

windows7-x64

1

admin/kind...a.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/menu.js

windows7-x64

1

admin/menu.js

windows10-2004-x64

1

admin/other.js

windows7-x64

1

admin/other.js

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 04:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/kindeditor/plugins/media.html

  • Size

    1KB

  • MD5

    a031b9efa8e1517f1eb98d57ff8777b5

  • SHA1

    a908bd9dbfc3981419edbdb658f53edf2fd68513

  • SHA256

    44312e60aff6269379a0c0cd754bcffeb50dce2a644b4dd225e02b5f2b82b55b

  • SHA512

    5d23fa74ce8be4e06f521234bbd6d69cdeaf89887e592be1a2c3fae9bfcc3fc7dc3c7a970b2dea7a87318d88e894d0d97da2ee6da03f38b3137555a340ca6392

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\kindeditor\plugins\media.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    fec031b7bd399efbf0f3b4c34c6317d3

    SHA1

    37e0392e88b7265c69c7e6af558a9d64336a5608

    SHA256

    e4dd35bf1f8c051ac0130bacd36de4dc1c554a4fce199a1fcdff567188170f42

    SHA512

    89389b709b2b691561ba12d2f75d707dca303c15370986ab4f8ed2f2cf9f71cd19f093f1afcb156177b96cfb3b181db1f92729c4648ccd21e409830d5b880804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7c28706b0e8f15fc52047cea0d8af02

    SHA1

    ca6c0ab08d98697df8bd49def2fd33374eaa7641

    SHA256

    75c69cc5ab89c9c00111606807fef2cb8c1c81347ea6786a2ada19aeec8c4caf

    SHA512

    a07bcb2adfe3100919bd802efd1c765d5c71ad91068d1a01847708f327682898bc87a5cd2e0283699e93fc2ef0d95fe4e223f091fe58b75eba0a6916b5bbe096

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9213f79709f4f15ca4715c8d4e27280

    SHA1

    efda0f32fed2a180f948318caab72070ce846c2b

    SHA256

    d9d6a205e98c3ede73f37318f68cdf29d3d033de9344b149de6263df9fb338ea

    SHA512

    2dba1c8350f67c435d265a331c192daa38f35ca98ff0da99c330a43e9955cce41fb0ac6cae3e13679108a913affc0a1ea841c6367f218059ca18e8229eb81c4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5dc075ec36b5ff7abea744cafcdf15a

    SHA1

    f7d91b7878a23144f55872e3bf986c774ae4d266

    SHA256

    34323d1d87d62b145350117e179fabe4b51bf04da96f55ebe1a6868fc96cb3e9

    SHA512

    733bc618b107daa2d1bcd6dd7c878a7fcf598347f851b27182f166e3cc1f57e540600b6d857517de17f8af86373e57edfb61fefe6eaeb9974b2eb49bd3733d21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5de244c372fc4c2f97dbff1a329bdc73

    SHA1

    edc7c2180cdf61f9a8198fcdd0de0ce14984fe1d

    SHA256

    87919692bc8bd05df55c62c0b14ba581a33af1a08958054f87f306d0f4a44dd7

    SHA512

    7813be211e568d4089e040343361438cd69a44e88bd57bf42684e99d7bd6cf76cca6db959a8c6543dc929609382e8dac55f70810485be83c7b8bf35cd3bd9981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    520562c7594f8b450f2350b33f7fefc2

    SHA1

    b1b8901ba6e22c920592e4fa4caf51eac92f111a

    SHA256

    ab52b81013790826855a3e90632eb6cf926c73fdd942d5b32ced88ba686f2957

    SHA512

    fb15ed2b73501cf8423236f3e58f22d46a886dc87b26bd616f93e599ca583345cd47c23840bb9fccd132a747cabdcd27cc010ef9da1ceff71d71a6ab45f1942a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cf5905fcaaa881b596e1ffe69255369

    SHA1

    a3bffebeb1b30012f54620a359982bc6aee9a4c2

    SHA256

    04ac5ce1c2bfda80b40ad8f5eb6e40351b64c4ff31bf0c23a7cb21dd127951ea

    SHA512

    2d09eb314f987ec8dc44014af309759833029e581e6b715491e2d85f51246d305fcd823f58c59648b1493b3dbe0390bfec3ba49e3a7cfbdcbc11c07df5e1ce69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c7d01ac0f4ad9213fbd170847cc0126

    SHA1

    597582d7fb6b41dc51048af68f0fc1ed9e1edef8

    SHA256

    76a219ea0cc81bcefde09c64eabb4973a7366a61c78c93c623f4c8faa5ceb166

    SHA512

    459da494cb64caea37085a4cdb48d1cff718a09a099e4c259e7752b3112cf71ab4433a665ef79c78ea6010bd5fc96cf5c43a24a8f5bd1348574502b30cafcfd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90586d0aa25a1cc86437f6242cb38462

    SHA1

    ea672c2c2fe96edf42109d2b641a7269e32559a6

    SHA256

    996c36422e1cfb88e668ca1e30d462cf95582d4f05c34215abee4d92b84bacd3

    SHA512

    14381e95981e475f39699ed8dd6abadbbda7121f4b348eee64f764fdd9eb46b5b78fe05d75d4ab358e113dd06d870762d524beb28bdc35f148a8d8413fd64089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cca732ac0b7fa4e4dd920145c3cc8644

    SHA1

    5e1a4e8945dbe5c38d958635560ff2cec790b366

    SHA256

    aa0ce63e2d3400e7cc71304fa910d40283879249162e954e689d4f629721e6c1

    SHA512

    7be5bdf456a75a506f5404d2b2fc4f1c2f97ab49066dca00802968a210a02fb605edbcfe845218df0318933d545ff29ccdf761c0bc6b3af9f98787dce445d4f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba8e21a499e3b313b9c9ce2807ce2236

    SHA1

    180a5e0d3f0a1eb4cd0d2c25ed33e4b43edae389

    SHA256

    913dfe092c50e33f95564261b70721b66b6473cdc43522c523be2f334e4278eb

    SHA512

    059d43afeff0e9e6c4fcd3f9cd6937736cf5d5c56c87179a9708dae8f1b3485b57d8424d3ac5c676173ad641242b6459aef61a5895a10aaa8b88883720a727d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f7b9656256345236c90d04dff59a737

    SHA1

    79f6e1619a8edcad2279ed83e02d7b1ab44cc233

    SHA256

    fb59553cca83ccd26ac3b60d65d31a8fde06f26587c4d80bcf9d3152a12a34f6

    SHA512

    db73fa870b37e8a992d0adeb3ac526be5b47804596e159d8619a3d39d17cfc117a921a121dbcd4c822224301f61d38da4cf15f28b8c87a4df4bc157b3e6e949e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    643dac4bc90dfb61f8e16ca659884f69

    SHA1

    fcad4b26a30f5fd00f879f460303a2d18e256450

    SHA256

    02fee0251092c8b09683416d4328414d6dd76a04a3cfacd629cb0bf00703d4d1

    SHA512

    df9f2a43e24ecf9d874ae416b2f2786a3aeba05cb3022ceae749342b1f4bfd937f30421ec6a697536c540588bf0b7705eb72899ca56f50eac87479d758908477

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b406b0032abe60a04bde20f9b189070

    SHA1

    a48bd63fa1ae8438f2d297c89408fa37d2e50623

    SHA256

    540f0f4632c1d8995772f876a8586fcbdab9a6414ff4a62aaf3c60e6350b6f74

    SHA512

    7b0e83fb9b7811cdb67ed1d4aac30d2abf72a5bef32f68b4b30c672e8374f287525d000559025bdec9cc5e944f7357955e7bb04671da194508f4ece67c958f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    7c97fc5b4e5d3dadd18a73ccb1df6831

    SHA1

    17311bc386421964b1e69e373fb57a8dbc60f6ef

    SHA256

    0d98ba0a8bb9dc9773621cdc36cab357fdedf51fe4f80b368cddcdc947e0f000

    SHA512

    05af33de87541b63a0666db16314f0be62661131eb6ba8dfe35115ca4680e7077b14e65bf0d820d6bb47dfa84cfd29e30727b1c5bb1fde7315e02e0b84a64e12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3836.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit