Overview

overview

3

Static

static

1

404.html

windows7-x64

3

404.html

windows10-2004-x64

3

admin/fcke...nc.ps1

windows7-x64

3

admin/fcke...nc.ps1

windows10-2004-x64

3

admin/fcke...ash.js

windows7-x64

3

admin/fcke...ash.js

windows10-2004-x64

3

admin/fcke...ges.js

windows7-x64

3

admin/fcke...ges.js

windows10-2004-x64

3

admin/fcke...dia.js

windows7-x64

3

admin/fcke...dia.js

windows10-2004-x64

3

admin/fcke...oft.js

windows7-x64

3

admin/fcke...oft.js

windows10-2004-x64

3

admin/fcke...mon.js

windows7-x64

3

admin/fcke...mon.js

windows10-2004-x64

3

admin/fcke...eld.js

windows7-x64

3

admin/fcke...eld.js

windows10-2004-x64

3

admin/fcke...t.html

windows7-x64

3

admin/fcke...t.html

windows10-2004-x64

3

admin/fcke...don.js

windows7-x64

3

admin/fcke...don.js

windows10-2004-x64

3

admin/fcke...r.html

windows7-x64

3

admin/fcke...r.html

windows10-2004-x64

3

admin/fcke...n.html

windows7-x64

3

admin/fcke...n.html

windows10-2004-x64

3

admin/fcke...x.html

windows7-x64

3

admin/fcke...x.html

windows10-2004-x64

3

admin/fcke...s.html

windows7-x64

3

admin/fcke...s.html

windows10-2004-x64

3

admin/fcke...des.js

windows7-x64

3

admin/fcke...des.js

windows10-2004-x64

3

admin/fcke...r.html

windows7-x64

3

admin/fcke...r.html

windows10-2004-x64

3

Analysis

  • max time kernel
    72s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 21:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/fckeditor/editor/dialog/fck_button.html

  • Size

    3KB

  • MD5

    bffa6e0406e99f44a7bf74ef48a06bb1

  • SHA1

    5f2f241f182517ee84c788e256c9dede8b9478d5

  • SHA256

    23bad6110cdd2c401b86142df2d290341fdec34e01eb7fa773e92f2daeb23b2d

  • SHA512

    d370ebc08f09e9de0190d617707aa4ce4f3d4aec0b81edd38c33668089e4ef946fb0406ebd9b914ca9eb8a8d12a133ebd560d3a9040e2c2870f9ef1af19349fe

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\fckeditor\editor\dialog\fck_button.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1944

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9eb51a4ad2a3fc8ab3ed8ba61a6ad34d

          SHA1

          958f5c4510bcfcb920dd48e4f2c8cd4897666994

          SHA256

          7bdee343b8ae3d1cb61ff5e68c2fbc5fbf3b6534e80b6e526704cfb036592a94

          SHA512

          a7edae195be72c2825303290dda8c197a42c4042cd348cbb53a02c5e8aea184d4133e8493bff8450c98e08560b10012d2e688908cc1e065abc9564794608b5ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          750d82c1571ccaa8f3492692bc9c914c

          SHA1

          7bbd9d6da3a5dce8c1355d14c9a12a20ae448af7

          SHA256

          d2c84ae2139ea7847bb7650b7dd5faa24b3c3a6ef4e3f68e2cd6ba99d605852c

          SHA512

          a52c94eeccfc57d81987d9b903c1ff865fb5576ed6a97bd298fb1e8a14c6334028d22b29491583b58365e88ae74e4916b5c9713dcff19b2a941a52a519df9bd8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e87c9317ff3ff82eab59edc53dc87a65

          SHA1

          0d1de5eca1b606f638288a022c9bc083e6807e8f

          SHA256

          de2ceb5f63376373c28dc011a7112a938ccbe8dfb8aff51cd1fc075b46511189

          SHA512

          ceabe4791b7de2056d4dae1ef70a9195c4336a321d24ed9f0f3b658cbf0aa01f646d132d527d5cd65d20349ae3731ef1bdf25d4d0093576435e36c69796a18aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          eb2298d4272da898aae77b2a06ca27f3

          SHA1

          d605d542246550833a4f3df99de6a9fbcc4bf916

          SHA256

          e73e9dc715b9b0197e548af637efd55152eadda2d087ff311cbfc701d38a8e9e

          SHA512

          833645df5a492d5c12680d0d8844ec696b78f86b9e3ab40a7d5333ebee3877890da736a56eb5887a4aecffb38e2d31e0ec5e33465039cf46c9e2929ff4408880

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          131ddc4765d8c2007d785b4d722fd211

          SHA1

          3d85e7c07bd5a16d6fdcd528372391dbb31730fd

          SHA256

          db7f91b3182f33d3cbf8326c73d8b957aa3fbd684dcf5bb351020dd375b881ca

          SHA512

          613e79b6867ef450f9a73ffb963fbfbf6984adee9d09bff26d5d49a35be18f0b51230568294978f1dece1dd4c9dee8ca463ac410bef613fb6c89fe1063831a05

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bea7addaeb6f41bf3644d9f4c333cc0b

          SHA1

          e6bb3805e49a5af5535c5ba3b591e80b0f6d524a

          SHA256

          2d53aa3f36ac9c452b4b3f14fe89dc612401c98d2e49b96c996313d4f68e50dc

          SHA512

          ecda61469ef863a1b4e3a79f2ed28465eab31ad1790006abebd12caf7158819e3d8fd4169cc087af874806e2cd381c65236d1ae8b41b916f1384f5f039cbe55a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2f8574bec4f02785f71e798401731bc0

          SHA1

          d9451539e1c32c7e3492aa9d36cc1682d85a8783

          SHA256

          0fe498cebd86dae1064558cce60721370d273b44119cba8495b047390b7581c2

          SHA512

          26d0dc7988ef543d480f28ed1646bbb78d083d334f7e91508938eb1b8897e97b89a2095d4aee8a3dd568c8e4bf8e83f19dc8f82368942dc3c1fe776635903b4b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          21f6d79caa21a08d601e67d50a86a6e3

          SHA1

          c1dd22fe324f651c0725af1de6fb962b1fb8ec4b

          SHA256

          dfc65151500cbcc20cb18807cd33226d3bdee78504ed214e1d91e583b9029af6

          SHA512

          e65f6523f46e5a7ee7a696faaa7a93a41acffc01d94939aaa45946997e62da1e07ba0999eb10c9c739d43aa32db04bfbdb0dee8b962e03d92374e63c15926b0a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6e9a790f11df63a5958f55343aa8e1df

          SHA1

          3e734ecb712a81ffe3c5a6d706bd9a8a19c21146

          SHA256

          6e5765197df02fd197c48609d9ef999260679d0d94dd04d9e6a224c294e4ba4f

          SHA512

          1242e7e80608180b8d9f7eec34fa88a54d2154c7a3cfa95cf097cc60bf994ee82005668ab4505f07e77459e1d0f64fb80c483955959bbb635566e885d1107b88

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2b563406b37d0f212867c87665dc2672

          SHA1

          f172ec4b4fa107b687c02be0f97cd1d99eacc148

          SHA256

          9d3d35b5655fff878cd89d026a4e0d98d22e088cbecf27176a2e1ecc43772f24

          SHA512

          6cc3953aad76d0912e9e69982fdd0295eb121157dcbcc0bec2e9e1026dc8010a7e8f00cbc22d2bf7311c7526665a05dac2eade878ba808c93a2b8af6e8005f8f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d3a7b5e281aa32554c266be1c434d880

          SHA1

          50cb214c943108593df6bd3269e0da16fb4b205c

          SHA256

          3fe6291b34f1678d9fe782b04efdb7c4fb2802bdfe5557837bc0e1d569fc4222

          SHA512

          7949c88b7014b7044f7c0350d1dea412c8cb738026d372ec1ba4a3a491989c7c3717940e614cf5778a4687211c346af904a9ff98a11c199ba333f6fe392f4cfa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9b0b24d1f6452a010c35c41ecf677500

          SHA1

          b09cdb5bf2c06294fd887a5c4b82e1d5fc75c21a

          SHA256

          8d3a945750963936a6198625082658605cfa42140720d3addc9abd98335bd400

          SHA512

          81bcceeb77361e27c6197452640a49dca5c0db8c5f70c343f0b8707b9710ea04f75de9aeaab5c53701be915ab92202f86277bbb14aac7e90fd0a3d72681736a5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d97c25102645f00684146730452f59dc

          SHA1

          58aebeff337d11fdd6d4885fb86acdb085d7710e

          SHA256

          38f3546a1fa22ad483adae40eb19a4fddec6e29f69b78053a60f9c19c8506512

          SHA512

          a2d486a47bb06f745c86ca1eb9355df36ed9ebfb7010d63fb119a1c35c25713bbd026d5f46d31611740b78efec8ed5a7f84b747d3f84e33a134b8a57a920d7ae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          875d60a0d89ed4f9d01ab2747f739403

          SHA1

          1d1bd0216a7380f4ef8c054f61d92209dd8c4cc0

          SHA256

          36357e4952f0af255c58b6c4669ec9eac42ae02bc1e6b4329dbf8318a3821265

          SHA512

          e6226e96fa922e03513275c01079e2138aaf684b215dbaa099ae62e98bd5a40c679c972e77bdd5324e4cae8c31e4ecaa95a987644fa54e2903946f2a1d988e18

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c2372ce459fb223e84db4932e77101c

          SHA1

          eb0c8085cf2f7553f4263e5615261693afd82f29

          SHA256

          37466476aecfefc866b15ad788cc3bfe5246962caaa144a679904f59b783ef50

          SHA512

          9aeb3d333547ad671c97aaf08157579f6e4bc5c190ebd69ed9993ab130087f22e50e6b145c4ae6545237aaad6e11a4d056a54317b7c8b665d247d43533fcc7eb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a8e76917c5814ab6170e5d3ba874819

          SHA1

          a02f71c56d0ff03189d71c8c5a940be9c08e4168

          SHA256

          a092e15efaa0f679f7cb2344246d88683cc3418b6741feb0c8e04067f4a5e702

          SHA512

          d595dd2b57fcfa5ef183dc6e86b886644212274d324ee2ed79ba3a111ffab3a12dd6a7372a8dbac0396a5b60b90391bbfbbe5086e5332d23c458fcfdb4efb0c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          42f56b80dbf961c86275ceca46594d7d

          SHA1

          ae2075e552d0d34ba1b6c8d8fc41dd52ceb19441

          SHA256

          02f3d800752a0017901c04f996aff1dd5e5215cedef9e51967f6bc8ba876e3a6

          SHA512

          a0b79bde034eff2526b6b92f48d5608ac7d97073ae53ffd733dad31135bd4de456152314e17a865cd1b46b57c709c3d03f209f822d1221b6d97cce619609e0e2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a43e3648421f4fdacf9375181212cf83

          SHA1

          dcd222fd74cedd7855ac8bfddbfe2cf101021432

          SHA256

          cebbe7d7e462e96a1339138e282d69365e173dfd70673c107a9b2a70fdc04982

          SHA512

          d074485a3df82ac6ef5703d284cf62284926b25e7ad119a5d54cbcf05b15cf2888d33386ce49694af33fa83ad8e0f23896263567329106d9ed9112e44be3a042

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d7542c73d9db1d2fd4f766435a6e2f28

          SHA1

          b7fc4f8fe6a61dfbe91bc68669c7e9516774244c

          SHA256

          ff3868d1a9e072020f98af55fa1188b4dd334233a5c108542ee664af5361d458

          SHA512

          9cf02769a1b10e3a4bba1c4377a3a226472265fe82bf5e14067572d334a29a4e2709abb793ce818824cbd70c4997150591e49a5ed84eb7c57de12aa5530c1f91

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE6E8.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE7C6.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit