Overview

overview

3

Static

static

1

AJAXinfoPost.asp

windows7-x64

3

AJAXinfoPost.asp

windows10-2004-x64

3

AJAXuserReg.asp

windows7-x64

3

AJAXuserReg.asp

windows10-2004-x64

3

admin/FCKe...mon.js

windows7-x64

1

admin/FCKe...mon.js

windows10-2004-x64

1

admin/FCKe...eld.js

windows7-x64

1

admin/FCKe...eld.js

windows10-2004-x64

1

admin/FCKe...t.html

windows7-x64

1

admin/FCKe...t.html

windows10-2004-x64

1

admin/FCKe...l.html

windows7-x64

1

admin/FCKe...l.html

windows10-2004-x64

1

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...n.html

windows7-x64

1

admin/FCKe...n.html

windows10-2004-x64

1

admin/FCKe...x.html

windows7-x64

1

admin/FCKe...x.html

windows10-2004-x64

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...s.html

windows7-x64

1

admin/FCKe...s.html

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

admin/FCKe...d.html

windows7-x64

1

admin/FCKe...d.html

windows10-2004-x64

1

admin/FCKe...h.html

windows7-x64

1

admin/FCKe...h.html

windows10-2004-x64

1

admin/FCKe...ash.js

windows7-x64

1

admin/FCKe...ash.js

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/FCKeditor/editor/dialog/fck_button.html

  • Size

    2KB

  • MD5

    562db84f2d78aacf7ce2d3448068adbb

  • SHA1

    e3c0df7df4015326fe70f22212ebc44ca5034979

  • SHA256

    30d2d309e49802607f5538b6177b8b05df7726338202a7a1a0964e98228df097

  • SHA512

    ae298f5776e6889a3f4cd884939e77607df8faf899adf7530df2ac16b9b284ebd485de00b5bec2a5da66e532ba54206779c29406355a4edfb028fdb9910fc943

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\FCKeditor\editor\dialog\fck_button.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1772 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ce54153fb71ba61b74ea3de03f53e6d

    SHA1

    8d1aa32f16ca5854a7a5b2e426aa9c8c57b8f58e

    SHA256

    dc7510e1a443062559a4612662dc8accd19a1e6ee32b97e5489b590a87de2a34

    SHA512

    2f42b87077537fa2700ea3db78e0c41ba5c49289a3db36847bd6e08a69363363ac40ab8e2d87cb214a126565bba97e8721f6d0eef002a9b0f1a0b50f30140b8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6ab5120c496af48f9a5a46559b20aad

    SHA1

    92ac2cc867c23679dcef8e3b4fc2a965fbf8df36

    SHA256

    ca6c1fcce2823d64458b35781a3f9c5fb63b19178013efaa23e365c71a9689e1

    SHA512

    71ee7109983c02a657e4ebe68bc2c310d8477b9f0238a139627e8433e19b3827ac4d17e98fde9dfa62b05737aa31dcbc40681db95550b6360078a47347b2bc54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30e1308b0f5788ac3bb7a1c8f4e75102

    SHA1

    d1d7d142816d68136c20d1d63ee57cfccbfabb52

    SHA256

    83cccc7d289b1a39fbcdc9b9acb01bda0d97d1b87c8f6449e01cf6a30eec487a

    SHA512

    ee790f071663f96b0f2d750a25efd090522f808504fe85423e5295a24e4467f44e1f5a612809da2520cc162ecea5d336abc2eeb1b26ed42155ca65392ba08f7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efe522d3a59eb54b32d8f038aaacc04b

    SHA1

    9890979b5da34222d39610fe486bb2f2156a7714

    SHA256

    6eca60f473ee34644ec310318f22483f21e407ef620ae8080fbad2fe688754e3

    SHA512

    7db92c17a71d41daed04ffbf330979215093b08f3d21010a79de9a45d48e5a58247b4257792252ff0ca44a3dec754f04c4e4bc8d83e589cbd0a315b7d498f270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4207a770c6e7bcd3b0f991636d9b3d25

    SHA1

    b643702f743caa6dca0f54219d7fa698e4e5d3a7

    SHA256

    7113cbe51672c2c1fe95e70088adc1ff7e67d7e7ac2ccc45b3638afb12abc9bf

    SHA512

    4b58703e498ab1625e62f4c04498fd6766c2f719721a7173cdcc3f3b8e023e9b8d9e747520d344f253a7dc48fbfc7f7ee7519bd53f943e15779ba27c2eabc3e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b0ba6b973dcbeba8e55322fe5eaa1fc

    SHA1

    01d0fb4caea3a428ae6920e5742980dd5dfbfca7

    SHA256

    5e18f938f5d77ade69d4f44d7be9fc124f38aa952348dbd356479e4fcb192a9a

    SHA512

    3121a97b7526b2ee051facc5fa1a4d57699e3090062c70f153375da414f324b435e63a484cf8d314491d0856bd39f8c2767b1ff7d347bdbf4f03e33e0f47c37e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e40f14b3279891d31f09018f236aa82

    SHA1

    769c78d82cdcdf926409f9ceb129b45c433784f4

    SHA256

    295f174e2c5ed8d7fccf87ef25f153002509654cf85639c8143a138db95a0ec1

    SHA512

    197b51f0d9673a9740df1832a611bfa1698a4deeec57a0157e40b0573c3cacb8df3db03c8ed0df10303586d55fc1ed1739906b0d0404ecc7ca045a11b88ebf01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f14b6296b1eda51d37b75c004a4e89a

    SHA1

    efc6c2b14a1d2e600bc6d7133d89b8bbe3d8d48b

    SHA256

    90810c501ed34a2cf1d4cb56e7566ef0e7469c234504bbc1bdf004fde7fb4ba7

    SHA512

    360e1d43a35afd988d2b599fd93c349d3161b5d2b3ba650873a3ff729f5ccb6c26ec79932beb77df4e8979a1c1ac17358154b00c2e99454352b5545b42a0a371

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cc201debfbd8368135c0613d0d6e5fa

    SHA1

    937665c8bbb9051127aef925d71bb2f9d6d0d3cc

    SHA256

    58f3003b1cba3867b0f9c832047dbfc443bac237cc3621c4ad39617eef94f55b

    SHA512

    5700f3b8c59bf12fcd75ea66202b47fb78f0687f680c213cf821e2d0ee6686371f87d0b112fd0fdf76f000282a7c2a0114f90b94b52075d8f97913bafe7ff781

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a972f5ccee39b446fcb90727d0a8f630

    SHA1

    ced5a205075a29b51cea6b87d3cb364a89d50ff7

    SHA256

    33748a9986f54a8040f5ae78d88109a15e1fcf6260013c461caeb4bf98da54eb

    SHA512

    29b0c5792308beab675bef94be3e98872dfbabc22a735435dd86bc6422ce7e07aaf918e3337c146cb98408485d157d95d6ef2b821b839dd8e1f665a7fa45e370

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7994f04085ad4df9f2de460b2bb0c050

    SHA1

    6a803541f584e9a6a8cdd675995fd17196ba79b4

    SHA256

    ec6f450170c9a9ecc73dd60ec5b847829576303ce11b6af6e2ac966d9b8ca49d

    SHA512

    e3ac813990f20a1c3f1cbac5e418045e417aa08e8df187df2a56135f7bba30b0c43ee3d6c9e997ed4e938baa2aa6c0b5f562db42ad857929a6736d53e054c2d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45c668c9479f880999732817f3ef9df2

    SHA1

    d4fbccb65ab5df0f84293aca05e0484cf2a1a817

    SHA256

    0fe7e4cf931a82ed9c545a5bb74e6414c09001c7dbba7e714dc6ccd2e0d99d72

    SHA512

    1f2aa9a4290b715b449961cde05428d15e3eb8930bff8459fd6f7863270f10b002f64c18f2bcc58c8df5961d60f39be62e537a8ed1f1a1225c3bd77c8e6aa819

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41e559872bdaab0c095ec4dbbc0ef2ef

    SHA1

    633dd34d6be4246b815ef6c44d5364bf1ef64d6e

    SHA256

    29865d5995dae41dfd27f7a0749972c3719d2ef8a83b6ce4cfe3067712ff9648

    SHA512

    a89f6f7b28835d1824957e381e18889d1428158e334e6541e1ac400ae5a3d887e5197b3ad41f3ee52bbdd1bf0a905cb9cbadb42fe9e11f2ad016e63b0e5d5680

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07e0312b5e83f5a458fcd40a892b90ad

    SHA1

    1ad3451a2de69bff904809b2e2032576fe6c8ac9

    SHA256

    89d96fdba7351ec627eaa2ffb845ace7c75227f244f6992a3df599fce1c7545b

    SHA512

    ee3a93d748066e529060b21b551570cb01fbe558ba07fc0d8f04310bb72170b8449ade53b205f9403fa4ad64dd22fe4e731d3328c33e870e699e03d8376d0ba0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d354d1fcb6c250e1e0027b6db2372af2

    SHA1

    67a4575579dba5bd74d2b4c2b42a4cbd6c528ca2

    SHA256

    c14c4aa6b715ad8df8bac9cc14d935b3da80d4ba1e00e6749388b717935fae42

    SHA512

    ebcdb0fdbe7b82f7249c66bbb2a61d9e63a550c7ed5d1166cb95b618e00e1de19578e31365bf0d0f76efe2f86cfc2208f42ceacf0155f5c304ecef24e7188650

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC831.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC990.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit