Overview

overview

3

Static

static

1

AJAXinfoPost.asp

windows7-x64

3

AJAXinfoPost.asp

windows10-2004-x64

3

AJAXuserReg.asp

windows7-x64

3

AJAXuserReg.asp

windows10-2004-x64

3

admin/FCKe...mon.js

windows7-x64

1

admin/FCKe...mon.js

windows10-2004-x64

1

admin/FCKe...eld.js

windows7-x64

1

admin/FCKe...eld.js

windows10-2004-x64

1

admin/FCKe...t.html

windows7-x64

1

admin/FCKe...t.html

windows10-2004-x64

1

admin/FCKe...l.html

windows7-x64

1

admin/FCKe...l.html

windows10-2004-x64

1

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...n.html

windows7-x64

1

admin/FCKe...n.html

windows10-2004-x64

1

admin/FCKe...x.html

windows7-x64

1

admin/FCKe...x.html

windows10-2004-x64

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...s.html

windows7-x64

1

admin/FCKe...s.html

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

admin/FCKe...d.html

windows7-x64

1

admin/FCKe...d.html

windows10-2004-x64

1

admin/FCKe...h.html

windows7-x64

1

admin/FCKe...h.html

windows10-2004-x64

1

admin/FCKe...ash.js

windows7-x64

1

admin/FCKe...ash.js

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/FCKeditor/editor/dialog/fck_about/lgpl.html

  • Size

    26KB

  • MD5

    7674d2fb8caf17e0812ecd85718eada8

  • SHA1

    b4ed829cddcca08423dbeae0bd75abba2e2b7250

  • SHA256

    45bb4bd84595af3cda7cb306e621c06a4da82aba57988628a45c33a554b16aba

  • SHA512

    6c50b70cb2db2aac964311aa46955c3b067427e82e6ee069c8e67694455d2e0eb20997dca032a968c232d759866077b23b058df6da04ec165955d65b8c455ffc

  • SSDEEP

    384:vmMRFF8oC+xIBPg6vnu6Jrc1DbJ+tDWzXT0qbi4f2Glm+B1kJrmMXMA/E:vmCaS8nODbkqb39Y0s/E

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\FCKeditor\editor\dialog\fck_about\lgpl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9579eb0294aea9ce0b00878201bd2079

    SHA1

    91317540b3810406c374a06d962686ce70bee142

    SHA256

    ed8624a18d4900181857ae970d5fc019dbf797bca3961f0d320efaeeb9308e5d

    SHA512

    74732f9c708317c5da86143b998be3202bf1ba557af64eeb29853dfb8647e7b7c96c8ac50b2371dcf3e97a4c3278527bfebdef604c2ef8394aeac2014d7586c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d9732bce25bf9bef8487fcaefcf5eb2

    SHA1

    a3e21ab8f1d47ffc2c4a65e36121bb52af89e9b0

    SHA256

    1963129fd795a31ac648c40a0a567012e05a12a809d6f9b284f4c62bcec25744

    SHA512

    fcc2376b70d851145cd02acc1c0d742a17a12c8604d68b09ab331914c858e02247e7217283a77f06a2834ddc42578a991ffeb0ffb207fa1aabfb6b32c7bf12f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca30a96e047f449f1184ea838d6323bf

    SHA1

    6d6914181f382625acbc5f84723e1335e89d4376

    SHA256

    023846a95a69d53c3745995a9b70faf24206e70d20566b64ac1c5dbc080c0005

    SHA512

    f5379ef1f999eb36e8215b990f099040a647f910f3c091140de3b1163d887445b2e0e853ce4b8781771e26d432ecaa762b08c0a00c46f5955b3024da223597de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f70da1cdf031fce5ad091d107633f406

    SHA1

    243adb015a47248b5736daaf69f49afe9bcf35ce

    SHA256

    fcb58e4a959670b762262a3876d10200d85d73d9910cb6ce89518310b87c937d

    SHA512

    6c0da6ea70bd5247e2dbba55293d88d1e191d63c6cd2c9151b0eb7728608c73fd419a8f62d1f63a9a82f1a5eae2209397eb57e54c17f06746a706c157b80cd93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b61bf1a92021e03d0ece6daa3dcf12f1

    SHA1

    26a50fd21ed767c8f3ba0e475cc36abe01ea8d4d

    SHA256

    82cac3e7aa46ebb8b2c12fae50fdc1f7b2c744d80bab8a29feb37f2ff326e2b3

    SHA512

    0d92c5af2ae9c7f1ee64a4efc7a97f18cf538df8f851d76c645660ffa643692504debdad64874d995634617bea63c47342f51ac1883ef1af0df2ce837cd64913

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2D59.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2E6A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit