Overview

overview

3

Static

static

1

BlogCommon.vbs

windows7-x64

1

BlogCommon.vbs

windows10-2004-x64

1

BlogLink.vbs

windows7-x64

1

BlogLink.vbs

windows10-2004-x64

1

ConContent.vbs

windows7-x64

1

ConContent.vbs

windows10-2004-x64

1

ConHead.asp

windows7-x64

3

ConHead.asp

windows10-2004-x64

3

ConMenu.asp

windows7-x64

3

ConMenu.asp

windows10-2004-x64

3

FCKeditor/...ers.js

windows7-x64

3

FCKeditor/...ers.js

windows10-2004-x64

3

FCKeditor/...mon.js

windows7-x64

3

FCKeditor/...mon.js

windows10-2004-x64

3

FCKeditor/...eld.js

windows7-x64

3

FCKeditor/...eld.js

windows10-2004-x64

3

FCKeditor/...t.html

windows7-x64

3

FCKeditor/...t.html

windows10-2004-x64

3

FCKeditor/...r.html

windows7-x64

3

FCKeditor/...r.html

windows10-2004-x64

3

FCKeditor/...n.html

windows7-x64

3

FCKeditor/...n.html

windows10-2004-x64

3

FCKeditor/...x.html

windows7-x64

3

FCKeditor/...x.html

windows10-2004-x64

3

FCKeditor/...r.html

windows7-x64

3

FCKeditor/...r.html

windows10-2004-x64

3

FCKeditor/...s.html

windows7-x64

3

FCKeditor/...s.html

windows10-2004-x64

3

FCKeditor/...w.html

windows7-x64

3

FCKeditor/...w.html

windows10-2004-x64

3

FCKeditor/...d.html

windows7-x64

3

FCKeditor/...d.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 04:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FCKeditor/editor/dialog/fck_button.html

  • Size

    2KB

  • MD5

    db26bcbb6e9df64e37ed74f8dbed49b5

  • SHA1

    78c42aca035ebb77093e1e7086c34c36ec63d6ac

  • SHA256

    bfdfaad54ef8aa79bdd79721631b22052da189b5e5b582ed171c76a0a9388aca

  • SHA512

    619f1c553a675348cc188bb85dccecf25855db8e97ff538c4b8072d3662cadb6d2869984db49e7eb812e6b210873414fea81ed4d58742a3fa3246201a667cdbd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FCKeditor\editor\dialog\fck_button.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c39fa0df878cf609bd526f9e57b77380

    SHA1

    23599bfcd407e27b58cf79175b8a8d92a357a74a

    SHA256

    16f47862a157d9fe54fa068b2a1f0094fda5a5318667fa3fb953088f45743834

    SHA512

    0c4201d6b6316ab039d6db172eed9d600dfd0f680f78f0b8a6021f4f561289540495522919ec9b186d7aeffa4e6b7b0cf94d2d6d39fae1c5ba128881eb165030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eea14a3e6e96b6f08f3ca0c7d9fc5bff

    SHA1

    dfd6c60ba1b2b314880865ee4fdc90998c1cba86

    SHA256

    8c4452c39302eafce6380e47356c4858575d0ef3296de0e9f2c4f8dfd610cb23

    SHA512

    53963dd1bf22a6ead96d39698633402f706e7987c33c371eaf18578a6487baf436f3546fe09b26894fecdc5fc9d7364e5b080b6dad67318deab019100181c30b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de5b150c1b7ece171762e6bcabb44fd8

    SHA1

    425e94fc0847fdb8656e97c19207d19938102c7a

    SHA256

    9a2cf9400fed79ecdedcf469e036dae53b4765f7109831f97cc867b9322aa0e3

    SHA512

    dffbc2014c3e9cf40b5e1cab250580a413e48f82326342ecc7200d02e8956ea0bf3b6816026241ec2a77acdcde54192171de38bc2e14ea57e2c51eeb53ab6deb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80c74ebcd85c78eb0d40cefd20f7d254

    SHA1

    a003a647a5a36564dc0c998a5340b82f88ff51bf

    SHA256

    91e221cc502adbc57b86eaf5f963e45f8511199dca45b82b5d162d895a4219b1

    SHA512

    bf43ea916ed40505b5b543b336dcefc58f941c422f1ee05e8073aa76179d880a2b1089ec3d3f96f8c260379a793cf42d65b25e50caf86ad77c1a9354e0223ee3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfc43b27e3a3427fa46400f54f40cd31

    SHA1

    6e87f36b88189d0219a108ed151b088eaed23407

    SHA256

    e4c60528f2ff66dcb7640e2a7329a133839c19dfe607390c799253358a5b05bd

    SHA512

    6e9e848f9f41cebb8d5cdb038b8b07a6230b43445ec117a4fab990ccd2cef811a7e6480c3afac1f462e6b7d26c0ad76130267bec7285c2d7d8e9c32447bc951e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    142975d2033644c5183998a21c3e28e0

    SHA1

    9a5be6f653e51ea7af52b825a2402599737ba1b6

    SHA256

    9954e4b74d42e9e9068acb326a55076d226ce161c68e9003eb3670b41aa03717

    SHA512

    c6eedfa7db01c4a5a5082c0ce6d26998a686ba6dec60bd5c9a736cf2c6db99ade524f76653d186a1be701c6860f9014bd6df412af01464a90239884ba67849ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51205178036c75c819ae439ec82c237b

    SHA1

    2c71b1343bcc6d0c6a78395e561a8850f3a5d688

    SHA256

    e879e9278e2983dc8b484a52e58dc10f86092de51b81c4ea3144b6713251f3fb

    SHA512

    9615822ce1f5e32eae7cb1f8157386ebce3204638ff3a6954ee7fc85ed6782c0e557a3c52df1bea044337e46a13778aa9783525a183439d9697015db55c194b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9cfd0a2b24400c4ea251628d24169c8

    SHA1

    14da68ddba53af9f4e1b70e90349c3f2a4445a71

    SHA256

    eb8821747f194e62f1b53dd4817872c15dbdae268e1de2df184d8fef59def133

    SHA512

    5b7cda0add882fe0bb7eaa863feeb89b2dd5ac5052883a2d752026142d4399cd02c8cc736a8fd2a249f14130cedf409ee77fc5d3490e72f04b4a1d253cc40a1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1bdd983e4b46447899e4092fd502abf

    SHA1

    bbd822accb0186c648cffe0fb6169d4011e55d99

    SHA256

    6cefa56b5096cff06cb67a59a61eacc850aa91de47a9446883b94a137ee74813

    SHA512

    9b29e540e8bd75d3775cf546ab36702bc8a5b103a123bb81bca5a4f400f724a6920669f63768ef7a89b1a252cc9eb1e9e76b9476917b7c758d30de33a26ad935

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fdb9a3c194fe972d219cd5a72944cd2

    SHA1

    67bd73cea545607755e7b8d7db0447428c46ebe8

    SHA256

    cb1d8b715a664a6c3f32012c3fd9e11a3199541a4633896ddcb8972ffdc9afea

    SHA512

    c7344c30668ca762d6499442ec62fc5458e4d4a30f747d0885c7633040352a078f556ea819bb5c4d324b7437ff65f6317914aed71ae1aa01eb95aa5a64a6cba5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12a6020e698c2f8ebc6408be325db63b

    SHA1

    5be7544fbb9564ca9ff7f11529d988ff7483a2c8

    SHA256

    536391c1d46bea6b0a0e71d9c70958fe35a0e5391230e45194f1466be8a3908c

    SHA512

    62c77558821bef32263491bcaa28ca086fff0ee7c6f13a0a74c26b2ef8e740bc4101c5cc1776289db9227149a9baf25c22e78cc81694c0cb2a33a7fe1c9ca303

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91763c48529d77ce0416402dffae50cf

    SHA1

    d8c3f42533bb512561956580bef4bf5b66335746

    SHA256

    365d414583127d2439f3199e818ee1088eb3436d9cce1f0296409d52df7bcb8b

    SHA512

    0c5c937e21d5675e813b92b0b8cbb89795973a35ee0484d0639e33afc989928e8f3613832c5b99a6f5380f0de5d84c0809a5822b3bf9254d75d518659de527ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef5d7c4555797c1e0e000811bdd4e9d2

    SHA1

    fefc884ccf254a596a187eef672f0f7b8f05786c

    SHA256

    0a25639661f84c50cb2ebd0ccae682d3593fc988967d71fc521288800a191542

    SHA512

    131711b243a76fb89bd6e3ec68d101e36ba1ab69af380d2f88af964a006b4931494c0706d45532ded1f24c115c821139affc86ac006646e3f3cd70eab775f942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3c072c00b7f6e64784c10c0eda0114f

    SHA1

    938e34d54a7153b1da6a31c6d71cd103b5324856

    SHA256

    b88baad536da708425cd5d67f813522f3ae24b2cb4ba4a574da200fc8bd3a66a

    SHA512

    0b0a47879d8935e959caac68ff2feea6b158fd5b65e4c29a80c80bd4a7649f5aacdff1cb6e87b6ed80dba6e4b607b857a039620987904596d09a3d5ecbce8662

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23328aca266052c837965cb10b3f9e79

    SHA1

    47d6053551319f0a6d24d569c048d6af8b61f1d0

    SHA256

    ba976ae98c18b2e5dad287eed5213ac7ac19da3bce123bf7025edf6fd81838fb

    SHA512

    4bc0d8d62791310dcc755cc394a773e5dc5d2f844d55177275a818cad488be7bcb7bbac806135e5bafe20d360a7bee31f76e9064681f2209a8ce9b095c8db51d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db545d478d406599631299a167b72a05

    SHA1

    b19e219d97b5585382bf00ab391c8bc9d316f66b

    SHA256

    66ebbc5d3b1746982cbf615176531ce1d8897f36f7783e0ea666d5365bb4dee9

    SHA512

    2e31e61bc03e85f0638bc1e58d99b091c60a2455b52cd343c5e972bc813bf5c9c1866877ccd9d22dae96ed62fb4ac401c0b6583cd673652af8a32687b75e529e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fbdb193685defa8a8467230b92686c8

    SHA1

    d4814a9917be1526a861525faeac181bda2f00d7

    SHA256

    f88298fd08c740eace709fc5bf2022e868649c599dc9e310c1dc52d004373f64

    SHA512

    a0f3f59bd74b0b22f06abdfc31f25a7579964e2c193870fb4472edba92f73e54d526261e60b816cf8fcbe51cf1d487cdbe9d36530675bb2dd9b33edd390b592e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a38854e8b2819cda8d528c0604582107

    SHA1

    481192b844a68d32f44c766789248555c1646aee

    SHA256

    e1ddd6489f8339fb9b199f9d8617b9223874cd47983a530378e0f0cd670dfa53

    SHA512

    100b32e663787cc5644da571985831265d180be953cca90a29b0e7b87da9ff185f60381ba762d1ac94aad0b99a3d7e2ecd7a7eddabf6727f02b6cd1b6925f490

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af5f948f90ca8d985762497f41950802

    SHA1

    4a6e7c61d7e0144cd4c4da894d79904d4de66df3

    SHA256

    4170c806fc4465163d8ebc886b466e84bca052d378be68f58503b88767e00172

    SHA512

    e3e9627738b93bb40eef1cbbf3a47e9bb79d2bae349aa50406ae108f5d22a2d75bf2856d5942fe47fff753265e06c7356dfcb969770c8ca056ad2939a4b43d7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA2F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB0E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit