Overview

overview

3

Static

static

3

App_Data/�...��.url

windows7-x64

1

App_Data/�...��.url

windows10-2004-x64

1

App_Themes...mon.js

windows7-x64

1

App_Themes...mon.js

windows10-2004-x64

1

App_Themes...mon.js

windows7-x64

1

App_Themes...mon.js

windows10-2004-x64

1

Blog/Blog.asp

windows7-x64

3

Blog/Blog.asp

windows10-2004-x64

3

FckEditor/Test.html

windows7-x64

1

FckEditor/Test.html

windows10-2004-x64

1

FckEditor/...mon.js

windows7-x64

1

FckEditor/...mon.js

windows10-2004-x64

1

FckEditor/...t.html

windows7-x64

1

FckEditor/...t.html

windows10-2004-x64

1

FckEditor/...h.html

windows7-x64

1

FckEditor/...h.html

windows10-2004-x64

1

FckEditor/...ash.js

windows7-x64

1

FckEditor/...ash.js

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...age.js

windows7-x64

1

FckEditor/...age.js

windows10-2004-x64

1

FckEditor/...k.html

windows7-x64

1

FckEditor/...k.html

windows10-2004-x64

1

FckEditor/...ink.js

windows7-x64

1

FckEditor/...ink.js

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...e.html

windows7-x64

1

FckEditor/...e.html

windows10-2004-x64

1

FckEditor/...g.html

windows7-x64

1

FckEditor/...g.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FckEditor/editor/fckdialog.html

  • Size

    5KB

  • MD5

    d90751e4d9697185310ffa39391c1ba7

  • SHA1

    4c1f2990b9d207c4f806f146310ef8af29551c68

  • SHA256

    2add1ed44415445b62e04c49c2afbd8bb644ee349460a195275b6748f8f63dde

  • SHA512

    6e11e9ad2b7216659667a55b1d8c6d06ecab897011ff8afdd7c4136ad9806a8710bbcffe8cc6351c46ba9a0b6660d2fd8944fbfd10b3d28d516f797e96c4f537

  • SSDEEP

    48:I1UpvIqCiO4b+61+cAgAM+lDX/86V1+Trk6rAwwULnSYRIDBxYmM/9+qLAUKJIQY:64pCiTV1GNP92hRjAhgjUJIQYYPw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FckEditor\editor\fckdialog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2832
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38473f0f1570745208d182db22ecc65c

    SHA1

    f5ccea0a290b9b8b45623f831dba93f5781e0b6f

    SHA256

    dd03b4a46590e4579bcadad31054b5bbb373461dd8d11480869a3683ed65003a

    SHA512

    0bd2343cd65aa0ce02e5c7addda29f1bcd28b11bbf61b611c3ad53c22c1a423cf1b0771ca5a9a06a1605a51f86bd975db7e016f7a2ebc3209f32e91fc6cb35ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    172795658335a13228845f9f26affce2

    SHA1

    0e7761f50cd7cfceea786347575721352a9a0e17

    SHA256

    6f29c6a40b475cadbaceb0857a58125cdbe2a31812c87b29fa32e7f2ff5bd2a6

    SHA512

    f9286c43fc4bbf6f6befb975379af3cb2bbaac19827629e5a277d458ee9df0314a60aa29d274e00d0b4023676be6d59f0ef4b61833c586e3eb56d0db9aeed352

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51e4c57e3e18f23ddc4c60a4d2363d9

    SHA1

    d7fe863cab739c819d1200681776403d8cbe9bdb

    SHA256

    272e48762460a75326aa3ca257627f2f8d1a31722f75bc37d65cba38d480446a

    SHA512

    c6a56c0942a3e922956ec2c184cb28eb357e4c299893d09b2fa3b5d06038542acee410507934760d0b8106890199f80d12b111541cbbca5d62e3267bccca22c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e569d2edebb46c48f05a205ff2b5e3b1

    SHA1

    22e16f5ff7a0b6d438aad368e3d958b526571528

    SHA256

    fc4be4a9ce637dc08c86d5c226fdc5f49fa9e20ae227ad9f285de77da6cac273

    SHA512

    11741015fab0156e9182e9a832c05fa86ad8fcaa6b1e92fd74491fb385e621bda5d4bc02d9b41cf4fbc925720562fd1943c7b64bebe63f9aa544db967b967b0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    316aef313b1ec8c56b8bf4c92d1e7af0

    SHA1

    baa03a627388c4f17d7ec471e9df1841310a14c8

    SHA256

    445d4dce0a28ea37ac04ef74f2cab303eceaa82b8b14fce3442242295df38019

    SHA512

    336b911e10360915d33c064c54d857613b1e9e6bbd4e348139a689525dbc00d4bb514bf6caaa6977d0753071fe1b2bad9603a20016dc230f2c1f55603366b990

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a3130898357740fa43a4f11b6d50802

    SHA1

    cd6acfca5d94e5b3b268fd422bc7c83dd9e1a349

    SHA256

    37db639a427599493e0e6bc0bb375e4b5efdf5c81f9656760fd8e38086ceb965

    SHA512

    5e70b7a24fd681e90f7524b337da9599060e98ac95754b6f63a3259db69fe78ff64a0a363be6d72d8bd56a7ae48c64e47a83bdc2afc2232fc44dca285a37fd83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f7c586af0012ec5c3b825c3dadcf49d

    SHA1

    839d0072792593a788e739804038a98ddfd31056

    SHA256

    0820f665beeac74d4c6cde355a41ec14d6aebf88d0e69a30ace353eb99996ada

    SHA512

    861105a496acf2020903d970e15caf4376273bf679e83cb882e5308040cc21e958516e77f44ec72528d39d139a369bc5cc4d8da66f8adb256ec6f40c55d1e812

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3d16843b25aee211c9db4e29679585d

    SHA1

    81880cc95b504e03cd4fca3fbc1e21c39c385ee8

    SHA256

    9a8175dc82f08da7b6864db3ff7909fcfd5e29f09b792710baa23a52bc13c374

    SHA512

    b0370b7591112c7e70c971b7ae5bd6d4493b852012e14964453a088601a5ae5c8bdd44212375dd212f2ce0579f4efc2f93bce56ae92b082c16f006b8188bbd55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    753323300863698fca1aa09bf0a2439c

    SHA1

    3349e4dd2b45fa827de4710384d0b27f7f449f75

    SHA256

    58b3741babeab7f1116dad91e7bb5a91f976adca5e5f39a83fe38cbe5dd363dc

    SHA512

    adcf76ae032bd874754419e5cd697fd3b9d5eae68ebb662a13bdb505ffe4f06c55dfd65ee825fe920d16984ccb0f0309e7dc936e0ef791c81f028a846563f567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2b8b8ab3d6d082ae3ce4c035752117b

    SHA1

    dcfa4d5f0b27d8ea77fb262c2cb606e373bf0cb6

    SHA256

    7d62b1f05ebd822b550144b5958121fb4072195a10829523b7f67712409740fd

    SHA512

    3cd4d9425f3a95f4423448e7c6d6cf97ddefba52522643881e0463cf99322ac36190c13ed996f22e9ac1141eecbd0344abe11015ef52db3ad3a13742ac5d0cb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52b55f8c6eff41f137648b451c0a1fba

    SHA1

    599d9b175b5db98a31d1a8c8ad67da692355f5a8

    SHA256

    d57446b5038564499a7f03e28519503dbe7d18c169c61d2ca61454661b2a02ec

    SHA512

    6a6be05c5908a95f77c9dd59db905475c16a571f79047eb321c3b192c2370ad84e774d3bc98759e9ac56699ce275cbe93b263222ba1a1f81357b57b35c4b9fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    202928f1bfbfc03d1bc6aa0c70b9b81f

    SHA1

    2889083c6b3ed5f55caa621d4898a6cfe2ad6bad

    SHA256

    348f1df3d4e44aac54e0cd6b2e94bdaacf9fc237f39b1b421cd971c0d3e6a620

    SHA512

    1097d222b04588e45658f0dc7e860ce0dfe746110ea090887778f4d3e5dcbfbbe5e68489fb12ac4b09f43cebc26ca111f31f4bce99fd3135beb3cb575878126c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c674e6216e60d50eae9d52c92d3b40aa

    SHA1

    4b4519024cff3d515886c50e4a973338b34c631a

    SHA256

    00b3ed9f33a4368438d0af7b046fa1dbc72735f43a26dae6ad4917f969ff375b

    SHA512

    81176627dc1a566191bcde4fe9469273f47bbbc649fb15dad6517d92396626c8940aa0c9ebf6db26c62bc8b58f0297753eaa03c2d3ea7dee9844fd3cfa57274e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0a501a116a2b6672e0ba751251e6913

    SHA1

    bd44310a59d105e20b84082a3faf7de03e9362e6

    SHA256

    9a987e40fac2bd584db2ac00905c437bdb4d7f98756ec638e24f54f7fc7fb4cf

    SHA512

    7c6ba001de998b8e93a50f741a5102e6d07b73c9a90cb99f497253fdabe830ebea370a5bbf3b0ce09e2e10b35b4b8d1b59ffa455a31325cac44ae33157c388ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    743db46795352e348d6396e1d8e8ded7

    SHA1

    11d2567c711a1ce9fcc98d28f818a0f9be82199e

    SHA256

    a855e3217b8258225350b52490d7bd7ccd1275bd511201300c8ee3c81e4f2e09

    SHA512

    f5c11ac6d7c3f54a550b604dae567140f6a35257497b52b40324928a2425605b6bdefef2ec424911c27dd58fa79a4d3c72c0d11444b15f9a562d428dbba94698

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7119dc3e61a153250782932bcb59640

    SHA1

    b3e9356f2a5d2f5931589bea41f281abab15224f

    SHA256

    bd6478bde6e2a346a0eec4646e46c7f614a0a9c42286a2e52a9e20d7e1e8a118

    SHA512

    bd1831612b3ad3e7892f1618d7f654812a17df285cf8027665bb66c548dbbecc4a401ec07e54de1d858934cb0ce67b39636f1e477f1b05db8b5eeaac0e6cfb76

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4B27.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4CE2.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit