Overview

overview

3

Static

static

1

AJAXinfoPost.asp

windows7-x64

3

AJAXinfoPost.asp

windows10-2004-x64

3

AJAXuserReg.asp

windows7-x64

3

AJAXuserReg.asp

windows10-2004-x64

3

admin/FCKe...mon.js

windows7-x64

1

admin/FCKe...mon.js

windows10-2004-x64

1

admin/FCKe...eld.js

windows7-x64

1

admin/FCKe...eld.js

windows10-2004-x64

1

admin/FCKe...t.html

windows7-x64

1

admin/FCKe...t.html

windows10-2004-x64

1

admin/FCKe...l.html

windows7-x64

1

admin/FCKe...l.html

windows10-2004-x64

1

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...n.html

windows7-x64

1

admin/FCKe...n.html

windows10-2004-x64

1

admin/FCKe...x.html

windows7-x64

1

admin/FCKe...x.html

windows10-2004-x64

admin/FCKe...r.html

windows7-x64

1

admin/FCKe...r.html

windows10-2004-x64

1

admin/FCKe...s.html

windows7-x64

1

admin/FCKe...s.html

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

admin/FCKe...d.html

windows7-x64

1

admin/FCKe...d.html

windows10-2004-x64

1

admin/FCKe...h.html

windows7-x64

1

admin/FCKe...h.html

windows10-2004-x64

1

admin/FCKe...ash.js

windows7-x64

1

admin/FCKe...ash.js

windows10-2004-x64

1

admin/FCKe...w.html

windows7-x64

1

admin/FCKe...w.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/FCKeditor/editor/dialog/fck_flash.html

  • Size

    5KB

  • MD5

    0b631f085d3c9187f0c16b482f4d446f

  • SHA1

    ab66a9fd3800e8f4b019b20387f8f14ac5053767

  • SHA256

    1ead34b5235f144fee1a6fdbd9285eed78aa8e83969840d4c41cea6ffbdabc6d

  • SHA512

    e9031e1bf1292c5c3465f5034e028d4662810ebce4469ec5a008cf84af71af99ef84353b9ce3a22c9acc50d17fff03de1e8a5e88a3b6f614b143bc4e0c881033

  • SSDEEP

    96:jVVyO28YyDOMgfNODRr2lWcWJ22hIl0DqqWJ2vcJfz7iauTWJ2z/Mlp6Wk+DVYXI:4xfNODRr2lWcWJ22hIl0DqqWJ2vIr75v

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\FCKeditor\editor\dialog\fck_flash.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44612812d4ed5156d4b36ca15bece371

    SHA1

    06f9e345e8378af5308939ba89d874a08dca9344

    SHA256

    751f529b9b5c597bf64062747d914b0f102d38d335bbffdd73181695c0a82172

    SHA512

    04bbfa7a253c1ce844cefccc8aca5e57f3d7e55eb2f4924c3582fe9b2006e85a53e12f0c3d778fb59579fd839d2215ecd9c6f92e091b1794b64856fa5c4a70a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a2a0d636d801608d8045055a23611a1

    SHA1

    fc72629fb966a1f230970a3625d4ffd84b402d13

    SHA256

    0810714b6bcaf398b8384a8be4315cf5e8c3af9a3b72d9970a5835c8591284f9

    SHA512

    9514f5e6ee3a1c37d27b78bda557a547762227fec91e5b9c039bc0aeadd69065da857caa670baab361e170f3275ed700a8544e7565127b33f480b204b8296ec2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a386a9cfc9fd41bab2cc5a4be001359

    SHA1

    c661f71cf419fa6421e1a7485b517b4ba700cbe4

    SHA256

    79249cb7718a96587c62dba22cc988efd93066860e7ddea9d1fb84a7f427ce12

    SHA512

    444e86a4a6499b8d9a5b3fecfdfb41f7989c604dd6422d1662b65e2332b6eb37244a54c2a8ea31c2b35329ef2a9cf72cf9becbd2d52702193d83654662ba15f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5772937e12dc2d667e6d7a151dd9efe0

    SHA1

    a7fba03097e24ff9f236876636fdc54a045d123e

    SHA256

    9c80a2e898d3f0b5f7cefe7d4bf7bfe8e1e525d514442c41396ca7a890b91648

    SHA512

    1defe25999acff27d51ef074725c9de6bef20ff51a52fccaeb384e003639e0b3e7b2045975339ad280f56c806f14f391a40aac934e32c6157f34299de3061760

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7792d311dfbbeaa9e66519491b488df1

    SHA1

    2ddfdb18e8fc2b97e2feca31d09b8b40dc472928

    SHA256

    ee266d8c9bb750886f9a981a21db048ec68cd43436c50dff2074789ba4818468

    SHA512

    c7f9f906557845776b99e3762d423a736f5db472e86ebe9e3aca2637f847fb14ddaccfebafbb7190aa8612c1426850352cd002632f8f374bfa01d698d373b01a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80e774afb350f6bc8b325566a14501bc

    SHA1

    cdedb46e7f172313649d6a5ae5694377c78eefde

    SHA256

    e6edad7f1153efb3f191dee97d000898ad9fddce7dc9429a634c471538591414

    SHA512

    f5c023a85a7bfd788f0e6b06c0e8f05e578d0ca6dbe06f8c3209d2bc6912091e8ccdc32de4f7614973f45bf2f0b65fd8a66c7511a20de0c78b47f305d69cbd7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4a1b462832b491eeb1e783e572f4721

    SHA1

    713aa66f7fc745dbb19d421181231c546564ee81

    SHA256

    301ed8377e9ea4c6dddd6257f9361ff589bb3da4929bb64b5895191876f0a736

    SHA512

    414559b590bd3977b1b71c7d71c64c34d5eddf91f81cd5ee4d9e0f7b70e0d6d92849033a1a2878e58e7f3eda8355535f8a55738e0f31e0187e357ef7557ddcf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d59002836bbd9881480fa4a60c6558f

    SHA1

    e265800a5699ac61a94df2f1e3cee1c3544f20a5

    SHA256

    9a875aa2bccc2a26a481065f519e30fabca95967ef6b61971a12572a626dc294

    SHA512

    1072d6ea48745ffdd0d445c1f4f79160886184825660ebad090188d646e8fa0465e340b596e7d1ed1f742c21ba912efe1054a5e2e84eae155d8625ae11a513ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a226cf89ca002c8f496330dc00eeb82

    SHA1

    07bf6e82cc173821161a2cc2efda01a23cb3f232

    SHA256

    06f9040222f8b8b11ed34150705fb89a7fc2061a5866491b62fbd83c8f6b5de1

    SHA512

    7a1b321de16c2f84a885f6ef9fe7dec601d46b3e7e6a6012366a351db30ec8b61040c2751ce67bb09a473e23459333a8edc2c8610646bcb9ebfb5bce91e0ec51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    635c3c1031448afeb05ceaa7045942a3

    SHA1

    4c7eb2a745d52eee9f801fe390d17554a76ad02f

    SHA256

    781c957054aa80f4089c055cd2e2e340a29b127611633bcc41bfb3732749a58f

    SHA512

    f88a9744fec03522c188083c12255146835fe65e2d764b3d5c5b5804776222a2e4c5dc421a3538f8d8e40a00a6e46d589386a2feb4e069ba032c92b593ed2058

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe609737232dbbc08209bbc35936b641

    SHA1

    873551575f6cd4726be6ea2c03b980d5d7728335

    SHA256

    a36d7b0581d21305ae297f2e34c9120d5b9d17937b00e94b27e16fdeeab688e4

    SHA512

    49046b2765124bd49a7fd4bfedd5865de1b6090349dd8347b094de7226ff3714df05b97d837273f318d6dd6c93e9b07a004427e33e47bba07df3e68e1f43921d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffc869881f20ffb8ca3add32928f9bc2

    SHA1

    0bf767e7ba1d785f7a59441f8ce54809241ef6ff

    SHA256

    9ce5e4b86d3a71ed08b7665966afb075fa0631318b923683ebab3a96a450aa98

    SHA512

    2d3f128056696746b4a9e92714fd51d9c754b060762e4267f79cb76b02fdc16ebef15339b1bfd4f8072dd5ea3cf7f85ec85cb989c3c338f82960bb2cb1744e23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ced42635f3f0947773b55839610d1bf

    SHA1

    8da6e6c32c08c7fec781cbd5519b2bd7c206a243

    SHA256

    f0fb3f99989f5fd8e2c639a9bdef55cf241d6794daaa862d7b30135bd84c6c44

    SHA512

    3c8c19cb07e49edbf704f16b916e81d719201409ce00fcb9fdf12583d7d3c9f647bb8f6dbd30eec8eb97bd893417081dd8b1bba20b8aba8bacce93b7446987dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    340aef5027cf30f5a8e1077edec0c6b2

    SHA1

    d037bb4bc26f504f2ccd32c4bd80a8e6a5928bba

    SHA256

    ede0458a1bff37b1009e0d55349f0fdebdf4fe6a700d648e4178430e40c2a268

    SHA512

    b3e31298bd40436ea7e2a62d8779938a4d6c24739ec21fcaa56ff5d623d3af5a11f2c8680ceddcb8d143b23ff48d399abe3c2c4378c02f7e580689aa668c68ec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E1C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3ECF.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit