Overview

overview

3

Static

static

3

App_Data/�...��.url

windows7-x64

1

App_Data/�...��.url

windows10-2004-x64

1

App_Themes...mon.js

windows7-x64

1

App_Themes...mon.js

windows10-2004-x64

1

App_Themes...mon.js

windows7-x64

1

App_Themes...mon.js

windows10-2004-x64

1

Blog/Blog.asp

windows7-x64

3

Blog/Blog.asp

windows10-2004-x64

3

FckEditor/Test.html

windows7-x64

1

FckEditor/Test.html

windows10-2004-x64

1

FckEditor/...mon.js

windows7-x64

1

FckEditor/...mon.js

windows10-2004-x64

1

FckEditor/...t.html

windows7-x64

1

FckEditor/...t.html

windows10-2004-x64

1

FckEditor/...h.html

windows7-x64

1

FckEditor/...h.html

windows10-2004-x64

1

FckEditor/...ash.js

windows7-x64

1

FckEditor/...ash.js

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...age.js

windows7-x64

1

FckEditor/...age.js

windows10-2004-x64

1

FckEditor/...k.html

windows7-x64

1

FckEditor/...k.html

windows10-2004-x64

1

FckEditor/...ink.js

windows7-x64

1

FckEditor/...ink.js

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...g.html

windows7-x64

1

FckEditor/...g.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 04:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FckEditor/editor/dialog/fck_image.html

  • Size

    2KB

  • MD5

    560883a3d2129e9347168ab0509f33c7

  • SHA1

    8270b827162562952e9136bd25f50ecc7b98df31

  • SHA256

    eccfd56daa228906e45c92468e6f4fbf0c88ec1af6d6c9e1efa6ee628fd85fff

  • SHA512

    8369ed6ce4bd141f8f00043ce41c03f2a05621b244bb8bc09a01ec7870ee85efe65c7548311fee07a9eb98e937e2eebd5007f1c5b6464346a326123aec3fa2f1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FckEditor\editor\dialog\fck_image.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          635703f3e32024c92d9c1f650540c92b

          SHA1

          c0e82cfabbc66c33c3f595702b33472eada98c35

          SHA256

          1f8efc5ef3c870e552b45450c9600b162c6e1f316578c9d502950109bb45c85f

          SHA512

          1acfb8617af449d7c5d61f9caca2fb82b54e18667a6c1be85b365ea5a896099729175b8d93ebaf379b31acd8b17881bdc89f619396b3c23dd3e02d21b0fca18b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c2ffa9cd1f891953ae55f35eae8605b6

          SHA1

          517863ec791badaaf8f41352d36af4a2c67f41cf

          SHA256

          58921a1a44d18f3fc513a8e20fc1821c636d3d90a6f740378a9d121ed8427435

          SHA512

          9d48aebdbc0902fb8ddf8ae15588e178d9ce45fbdedd4690a6bb94e4bf4c89774332a46d9b5f27c0502d59cfd32453403f96bb4cee5cc16df47e18c8c9a4446d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7fe1500656a8a2f2ccdbfeeaf6133306

          SHA1

          4da1b7bd3d26cac59f787472986f0cfbc238427b

          SHA256

          bc25da15749249779f96de8d86fc7b1147a1df5ea30630811ab452ef5a343cab

          SHA512

          68381e54ea6b33c7e2149e71ecdc8584c2b2f48039e970319c8d88a3f4dfd05878a6c6123af1923b5aaab2d100b6465a56d01b0998c958605cf361adadd5d1db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8a506f6b7cfb23a497da450749aa6a70

          SHA1

          e9d7c180c47e7e27fe16e45f41e139834ad4f93e

          SHA256

          3a263cf444142d8538a398113408c07e07e747e2d5b30660c6ff7380c4601a71

          SHA512

          29ed5a0afe744a7f1cf45974535d770b7e619e7d1b1ca2e9b2b67127439de09c7027b5adb24a1f0ca7d44849584ae678369bdb180a273d0b86a7f71834a764ab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2acb5b9120b27371c2ecac2278a7c3dc

          SHA1

          810d92fcf5e226122602e17f7fac2d0d562e6919

          SHA256

          6fbaec4be80f7ea2df65d4608dac443b2383b0c9c59debebe3e12e6a8735c7b9

          SHA512

          7138b97d640f14424a999033ccef664e5f35232e83bc8d5e2c6a26e93760719b696cc08ce18db977cbb45fa8b289ae0f484836c50af717aa7d69b0e930ac1b61

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          851137b09425f861ce8b415c64687456

          SHA1

          308355659089e59de6ae009014ee094f8e7b24ac

          SHA256

          8fb811bb07e518a82607a58e7e1949db87abc4943040b8282adebdfca4e118db

          SHA512

          daaf1424c25fbdb4725ee1558cde4e268d2f2c8bb5940fce056138ecc51ad962db7701a8fb7b605cc6fc5083f430ae943c263b70806573fd5f34d4cfbfc900b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          23e1b26201b58cce1e5726d32aeb1c1a

          SHA1

          8a09f6d46037fe93aa1d5025ffcfd98507dca0da

          SHA256

          36fab07ecae72274bd45a85cb64ecea1bc3a895de46225183e4d0882a6e5f19e

          SHA512

          60352277da4fed1d87ca818a42a8cd63f5b4ec5de9122e65fe98513007643483d4b605610eab92ae1babf9e64542bb9b435ded0d186695562156e0672343b401

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bd1c267f700296a092d003c5bce3d28e

          SHA1

          838d67e693406363e60957b53f4a101302b66a8d

          SHA256

          386023e8649024a201676ccadeb3d1470a789853889f8a15e5b3e0940c21431e

          SHA512

          74c8970637c2e82bd9a85ddf29a40db92495d09cfceaf0d4cd9f5d7430c6a481d38c6abbad103b16ba543aa12aac0d011f256f9b79dc951b78b124c843f3db7d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          32c157eb0775bfeacbb7bb449e27b3a0

          SHA1

          d6554bc16d0c6679472283835a4ad160dca3017f

          SHA256

          0fff186c654509da7be59658c2f29bc0ffe338d63d5288b7d1b68d96639c2e93

          SHA512

          8d7119ecd8bd866fd5c8689a8a6de336c719b3022700baac949ed8b9e55d5b828bbec114408435097ff990cf2853410ae1deba74b3b01d1ff18d90ac1f875e5a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3347edc65076744c0c096f84e77570a2

          SHA1

          775a55dc2bb402439b12e1f9c1e76a83520a9b1b

          SHA256

          eddf37239f666879c3d5817519fcf9916ab0e8cfb741858de0d18344d1697d0c

          SHA512

          1f3418b3901b0533aacdb9216783ce447c5ff9213a54a2b39662aac8d7be0dfe015c2185db36c75063bc4dd98cf8ac21aa14c4e49c96c26f30c7733768babcda

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          0025001dfe868997420ddc2531bb8823

          SHA1

          a51d85bc4e08ef21e52d176e0fadf3faf698b2ae

          SHA256

          4ff50381fdda77de0667ed8a36263c2b97eec8f593134e75ac0b108995b7df10

          SHA512

          1b4fd28678557bca0b3a63d3d6782c639c4cefc83f9f0d2aabc15eba7e5dbf510f53098bb7166bf95a13fc87287030ce8fe9d7a586c3c23fb042d3c3f7bff127

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          5e44488792b34531b70053b37a9e944c

          SHA1

          08bff7245b42b60592a8c3645db8241e9bbe86a0

          SHA256

          fcb950933759756879f6100aeb71a8dbe58c8e337a0281c444796e76d391146b

          SHA512

          d107476ba8fa62c8f5e1af19b92f43dc4630fc7ff90007f592b786301ab724c1d6f53c4c72c8c4d981d2e2005210961fb22f784bb2e09a660685b164ba763b43

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3192.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit