Overview

overview

1

Static

static

1

admin/channel.js

windows7-x64

1

admin/channel.js

windows10-2004-x64

1

admin/content.js

windows7-x64

1

admin/content.js

windows10-2004-x64

1

admin/guest.js

windows7-x64

1

admin/guest.js

windows10-2004-x64

1

admin/kind...tor.js

windows7-x64

1

admin/kind...tor.js

windows10-2004-x64

1

admin/kind...o.html

windows7-x64

1

admin/kind...o.html

windows10-2004-x64

1

admin/kind...t.html

windows7-x64

1

admin/kind...t.html

windows10-2004-x64

1

admin/kind...r.html

windows7-x64

1

admin/kind...r.html

windows10-2004-x64

1

admin/kind...ger.js

windows7-x64

1

admin/kind...ger.js

windows10-2004-x64

1

admin/kind...h.html

windows7-x64

1

admin/kind...h.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...k.html

windows7-x64

1

admin/kind...k.html

windows10-2004-x64

1

admin/kind...a.html

windows7-x64

1

admin/kind...a.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/kind...e.html

windows7-x64

1

admin/kind...e.html

windows10-2004-x64

1

admin/menu.js

windows7-x64

1

admin/menu.js

windows10-2004-x64

1

admin/other.js

windows7-x64

1

admin/other.js

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 04:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/kindeditor/plugins/wordpaste.html

  • Size

    1KB

  • MD5

    bb5aa523d25e931a2e92f408e8aad17e

  • SHA1

    f874a7adb8186fd9f786f8850eba7bcc39cbbc2f

  • SHA256

    c56a8105807ed7a1348c8e93ad77931c262ebc7011acd00e797f355e958c52e5

  • SHA512

    78bb7029fb3473ff8768119a75b46ebb85d09aefb7bcc291c66c77c04ddc163b761b8d3a907c90528e244eb8d907ac3b12dcb8dd76abb4a50c0bd6b38266e439

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\kindeditor\plugins\wordpaste.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1268 CREDAT:275457 /prefetch:2
      2⤵
        PID:2264

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ec47483e33e9f7e735de8b7db6def21b

      SHA1

      2defdca60d828701020d465aa151b2744cc96ff9

      SHA256

      debdf0359274df6a020c5c3e567f9d594358f2ce500e5af88ba7a75de3132b80

      SHA512

      e382a89f888f2beff52cfe0d5b729223910055f4b3b7525f17b0f3eec2ee9e62a953af3c804d242ed50bca44b0e8235482d42adc75abccc77cddb0ff5e7bf053

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      37ae72e0e9b0178ff0fc6f1e3b5a5b1a

      SHA1

      c34faf05773ef2da96e503af8ef3659887719915

      SHA256

      9555d343470a507cc0947a0265244482c96e4774423a99b9e8f73760a6e23a4a

      SHA512

      ed65be3b82f297fa38deb2d22838c581f9dd4999436c90f0bf7b04c05f1e74dbc342574e07bf3b14fc084cc3c60f1892aab62a996b7e9d58a6159e6f4da4936a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      0d95bffdcd934511664b28e2d19d2a57

      SHA1

      f217036d25cfce034e13d14569d4160ba5e92ffc

      SHA256

      3caa7501fd12d281a87b993bf522281747bae4449f62f590a2044fb3aa77a359

      SHA512

      f988d377468bde05a1832d8c584f7e5b717b3b8d17cb7b7d9395c83d353199c9878faf46b02c7a277f44828328f9e48e63afecb2b909dbc584206f5aee6a67b6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      6ba508c877f0895ed05fa043dcb4a9e4

      SHA1

      4717958047fe44ed5db35fffe73ed6c7e3746bf3

      SHA256

      730ae0a7aebaa693f4a1ead8769c049f574db55c9f16146f53ddfc0a2ab4b5b3

      SHA512

      2aff44046577539b0711fa6142be350f67c9b9dafacd53fc4c54b8f97a9ffd7baae700f795af6f8746d0939c77ac4c2c7a7a65a464b5963316cc3c998a1fcbdf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3324784bb853e22aa03479e5caba7ddd

      SHA1

      f8a4db09408274b8b1d068971aca2fa8125b86fa

      SHA256

      ef4b8d4a293c94f1df43fc9250fd8af4e5dc8b4150f6eb79dab69e104cb8a700

      SHA512

      a6ed00e6f3c398f7a395a5bbc29dd7c1f3cd0bf443111f998aa476e6acff52e4a8b121ed4a497d7666402c3f315504fda0b933bbf0a94e49246c8f43c9256483

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ab3ca81dcf3041c9f6ea6eb41632e753

      SHA1

      1a0262e3c031b0c42c90fc7d6914ef7e8f59ba18

      SHA256

      31857c15564abac9d9c927347bb8ca9b2a2cf2a2d55e9a072e4d6d3f39409b54

      SHA512

      7d92fd67fd0b98c4fac07c5f40a29f7d7852146866175103f74caad98b804c8479d7e2f3edd9d95e231b66a78968ff04460aac7693c408ad0e65d29524c0620c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8d0fcc5ed74f659954da02d4bb6b9e4c

      SHA1

      7f6b0c04f96ec0b04f2466901c94779fe2d66ed8

      SHA256

      cb407ba1eba4156eafb78fc97a8dcf635ba922ed468e1aa41bad02aee78a95c4

      SHA512

      a18bfb93cd7022fd7d2dc3eeb28e04e89bc30e8594ba97ad7c6eadff55ea136759e8573aaaba6b967addcff443f1da75e81a59cd8234b57f3acce71fa1dc15ab

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      37f6270833dfd66b107e8cdd5565e117

      SHA1

      a9a449d684eb7f21fa71e3daa34999d5559b5340

      SHA256

      41a38d4810cf694acaac510bfdfebddc39a2609c7ee62ab926c5c5d8b32211b0

      SHA512

      d50b1d60dc9b1e53ae8c964d0391a3a7021b035bdaba09784895bc1956ce041b993cc65a57c11fe62d01665298653ca7a9aad6313621385af3db12046bb6ed87

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      24df950076159907905d75fa71ea460d

      SHA1

      43b06d9c03d5bc5e12481c9e9c822e5cafcae931

      SHA256

      8a87660f3c7937c7dad5f7688be959bce75037bc573d89761d631fe81b7f3692

      SHA512

      c1f73bfa5380529924bc8d2ff53cb05e9536de1c40709026001d65b8b131249234f30fa813ee9121a402e0ab82128bd27184d92a10439989a5fae3c6f6a60d16

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      61deb44e731edd91e130c169d91da2d0

      SHA1

      63e290be61e570238b98203ade921208095d474c

      SHA256

      a3e5beb5d26355c4e597c4530190683d74232ade03c14382e16dcc4d83b96ff1

      SHA512

      645e106232e15258bd631be4d26d275f5bdd2b1fa3b9325ce11407c9ea5b1d62236e1f6bd619fe07591dd15d50153e113e4ed9bb98bd928b1bc194a1d461aaf5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      883833b4ece44521e405dc7bb7d6319a

      SHA1

      9d303f2098b847305a927a0a30cdea6daec1e87b

      SHA256

      7ba53d15adb34097a388f692037e997bfb2cafcc499795e985643ca483d9e502

      SHA512

      1f4e34afc55cfd27490e76608ad82d7a715926d2d37e61b91f6b5abb70faad48f99e9a2da6a20c0111a495820891e14f297a56aadd65a6d8f4682850acf545db

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      31014c00b8efbfbff9a55ddaf289bf3e

      SHA1

      133076f9a65b38f88f2e63ad6c336c2e520bb041

      SHA256

      4e647cea58950cf42dace164614ab36a9e909432e8c06f6428b893aded81bbe7

      SHA512

      9608d1b04e5c8711c2237f0c2337da28e740d98cdb56edcb6b3c4c08a2a2c8a291513344f44270ebce167eb6a5ee5ded8a4b4497565432979b97f09bcd44c9dc

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab4270.tmp
      Filesize

      37KB

      MD5

      54eb16e4e9282d7ec8248c08fc778391

      SHA1

      f35665932bb41b8c2ca0e1319ac9bad258ae3e2f

      SHA256

      63d86c29d80d9de22caa82ac35722d78727a38f2fda292e335baebf66527b725

      SHA512

      6b2335dc0641f05756146a66ad6c2df62c8461c5679ed96210c7260dfa23c4e5a856f209c104d879f848dcb3fee74f0c7a1fb3264d7204c3c36b2750701844d0

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar4485.tmp
      Filesize

      1KB

      MD5

      fa527dcd6b5eb05e72fc51570a2a6608

      SHA1

      3380c5ef74408265fba2f67e790636d0ad0a51cc

      SHA256

      4dc7a4a6cb3be2c334a27a49df89f18f8f91749fe6aa1cf28d548e0e0c75ce3d

      SHA512

      05c0e217c433949cab210102a26ca7f6a765515b228b217e25c7409408fc167b5a59a8494e1181284e9ec72849c90288f3a066faa284e29d871097ec76291a5a

      Download Submit