ioc[.]one - OSINT Cyber Threat Intelligence Database

Website something wrong, and mouse click sometime wrong - Virus, Trojan, Spyware, and Malware Removal Help

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Model Active Setup - T1547.014 Control Panel - T1218.002 Dns - T1071.004 Dns - T1590.002 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Safe Mode Boot - T1562.009 Sharepoint - T1213.002 Software - T1592.002 Tool - T1588.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	be1f0b06-0906-4cc7-a90c-56a5297eb55c
Fingerprint	2fde9b407a8acfcf
Analysis status	DONE
Considered CTI value	1
Text language
Published	Aug. 24, 2022, 10:26 a.m.
Added to db	Sept. 11, 2022, 12:35 p.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	Website something wrong, and mouse click sometime wrong
Title	Website something wrong, and mouse click sometime wrong - Virus, Trojan, Spyware, and Malware Removal Help
Detected Hints/Tags/Attributes	95/2/286

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/forums/t/776294/website-something-wrong-and-mouse-click-sometime-wrong/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	162	bleepingcomputer.com
Details	Domain	285	microsoft.net
Details	Domain	3	raymondhill.net
Details	Domain	369	microsoft.com
Details	Domain	1	covid-19-vaccine-tracker.zip
Details	Domain	21	windows.management
Details	Domain	87	regid.1991-06.com.microsoft
Details	Domain	50	microsoft.photos
Details	Domain	1	ibank.bok.com.tw
Details	Domain	1	bokwebatm.cab
Details	Domain	1	bokcgxmlcryptop11atl.cab
Details	Domain	1	corpbank.scsb.com.tw
Details	Domain	1	ibank.scsb.com.tw
Details	Domain	1	imf.scsb.com.tw
Details	Domain	1	vnibank.scsb.com.tw
Details	Domain	1	xmlra.scsb.com.tw
Details	Email	17	ublock0@raymondhill.net.xpi
Details	File	3	c:\windows\system32\driverstore\filerepository\asussci2.inf
Details	File	3	asusosd.exe
Details	File	1	bokservisignmonitor.exe
Details	File	1	bokservisign.exe
Details	File	1	bokservisignworker.exe
Details	File	1	scsbservisignmonitor.exe
Details	File	1	scsbservisign.exe
Details	File	1	scsbservisignwatchdog.exe
Details	File	3	asussci2.inf
Details	File	3	asusoptimization.exe
Details	File	3	asusoptimizationstartuptask.exe
Details	File	4	asussoftwaremanager.exe
Details	File	3	asussoftwaremanageragent.exe
Details	File	21	cui_dch.inf
Details	File	10	igfxcuiservicen.exe
Details	File	23	c:\windows\system32\driverstore\filerepository\cui_dch.inf
Details	File	10	igfxemn.exe
Details	File	1260	explorer.exe
Details	File	1	c:\windows\fiscatm_service.exe
Details	File	1	c:\program files\safenet\authentication\sac\x64\sacmonitor.exe
Details	File	47	c:\program files\mozilla firefox\firefox.exe
Details	File	306	services.exe
Details	File	38	armsvc.exe
Details	File	3	asuslinkremote.exe
Details	File	3	asusappservice.exe
Details	File	3	asuslinknear.exe
Details	File	4	asusswitch.exe
Details	File	3	asussystemanalysis.exe
Details	File	3	dragon_updater.exe
Details	File	2	c:\program files\comodo\comodo internet security\cmdagent.exe
Details	File	1	c:\program files\safenet\authentication\sac\x64\sacsrv.exe
Details	File	11	c:\program files\hpprintscandoctor\hpprintscandoctorservice.exe
Details	File	1	c:\windows\system32\driverstore\filerepository\icesoundapo64.inf
Details	File	1	icesoundservice64.exe
Details	File	8	c:\windows\system32\driverstore\filerepository\iastorac.inf
Details	File	19	rstmwservice.exe
Details	File	18	c:\windows\system32\driverstore\filerepository\igcc_dch.inf
Details	File	19	winservice.exe
Details	File	20	c:\windows\system32\driverstore\filerepository\iigd_dch.inf
Details	File	27	intelcphdcpsvc.exe
Details	File	17	c:\windows\system32\driverstore\filerepository\lms.inf
Details	File	26	lms.exe
Details	File	22	c:\windows\system32\driverstore\filerepository\mewmiprov.inf
Details	File	23	wmiregistrationservice.exe
Details	File	3	c:\windows\system32\driverstore\filerepository\piecomponent.inf
Details	File	3	intel_pie_service.exe
Details	File	9	c:\windows\system32\ibtsiva.exe
Details	File	33	c:\windows\system32\driverstore\filerepository\dal.inf
Details	File	41	jhi_service.exe
Details	File	15	c:\windows\system32\driverstore\filerepository\dptf_cpu.inf
Details	File	20	esif_uf.exe
Details	File	29	c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
Details	File	27	presentationfontcache.exe
Details	File	2	c:\windows\system32\driverstore\filerepository\asusdigifilter.inf
Details	File	2	asusptpservice.exe
Details	File	3	asussystemdiagnosis.exe
Details	File	1	c:\windows\system32\driverstore\filerepository\nvam.inf
Details	File	44	container.exe
Details	File	1122	svchost.exe
Details	File	1	c:\program files\comodo\comodo internet security\cavwp.exe
Details	File	1	c:\program files\comodo\comodo internet security\cis.exe
Details	File	12	cortana.exe
Details	File	49	c:\windows\immersivecontrolpanel\systemsettings.exe
Details	File	85	c:\windows\system32\dllhost.exe
Details	File	1	c:\windows\system32\inputmethod\cht\chtime.exe
Details	File	67	c:\windows\system32\smartscreen.exe
Details	File	35	c:\windows\system32\wlanext.exe
Details	File	35	c:\windows\system32\driverstore\filerepository\realtekservice.inf
Details	File	35	rtkauduservice64.exe
Details	File	1	c:\program files\common files\bitdefender\setupinformation\cl-26-144a151c-6e5c-44b8-8134-1db14e95adf4\setuplauncher.exe
Details	File	57	installer.exe
Details	File	61	chrmstp.exe
Details	File	99	c:\windows\explorer.exe
Details	File	38	c:\program files\mozilla firefox\default-browser-agent.exe
Details	File	29	c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe
Details	File	3	c:\kprm\tasks-quarantines\kprm-quarantines.exe
Details	File	1	c:\program files\comodo\comodo internet security\cfpconfg.exe
Details	File	1	expresszip.exe
Details	File	42	adobearm.exe
Details	File	1	c:\program files\hp\hp ink tank 310 series\bin\hpcustpartic.exe
Details	File	3	c:\windows\system32\autopilot.dll
Details	File	9	c:\program files\hpprintscandoctor\hpprinterhealthmonitor.exe
Details	File	105	googleupdate.exe
Details	File	10	sdxhelper.exe
Details	File	1	c:\users\user\appdata\local\microsoft\onedrive\onedrivestandaloneupdater.exe
Details	File	3	asusupdatechecker.exe
Details	File	3	asushotkey.exe
Details	File	19	c:\program files\adobe\acrobat dc\acrobat\air\nppdf32.dll
Details	File	16	npspwrap.dll
Details	File	2	c:\program files\comodo\comodo internet security\cmdvirth.exe
Details	File	87	nissrv.exe
Details	File	198	msmpeng.exe
Details	File	30	containerlocalsystem.log
Details	File	1	c:\windows\system32\drivers\aksifdh.sys
Details	File	2	c:\windows\system32\driverstore\filerepository\asusdigifilterkbd.inf
Details	File	2	asusdigifilter.sys
Details	File	1	c:\windows\system32\drivers\asusptpfilter.sys
Details	File	3	asussaio.sys
Details	File	3	asuswmiacpi.sys
Details	File	26	c:\windows\system32\drivers\btha2dp.sys
Details	File	22	c:\windows\system32\drivers\bthhfenum.sys
Details	File	1	c:\windows\system32\drivers\cmdboot.sys
Details	File	1	c:\windows\system32\drivers\cmderd.sys
Details	File	1	c:\windows\system32\drivers\cmdguard.sys
Details	File	1	c:\windows\system32\drivers\cmdhlp.sys
Details	File	2	c:\windows\system32\driverstore\filerepository\ialpss2_gpio2_icl.inf
Details	File	2	ialpss2_gpio2_icl.sys
Details	File	2	c:\windows\system32\driverstore\filerepository\ialpss2_i2c_icl.inf
Details	File	2	ialpss2_i2c_icl.sys
Details	File	1	c:\windows\system32\driverstore\filerepository\ialpss2_spi_icl.inf
Details	File	1	ialpss2_spi_icl.sys
Details	File	1	c:\windows\system32\driverstore\filerepository\ialpss2_uart2_icl.inf
Details	File	1	ialpss2_uart2_icl.sys
Details	File	1	c:\windows\system32\drivers\ikeyenum.sys
Details	File	1	c:\windows\system32\drivers\ikeyifd.sys
Details	File	1	c:\windows\system32\drivers\inspect.sys
Details	File	1	c:\windows\system32\drivers\rnbtoken.sys
Details	File	70	c:\windows\system32\drivers\wd\wdboot.sys
Details	File	70	c:\windows\system32\drivers\wd\wdfilter.sys
Details	File	70	c:\windows\system32\drivers\wd\wdnisdrv.sys
Details	File	1	c:\users\user\desktop\addition.txt
Details	File	1	c:\users\user\desktop\frst.txt
Details	File	1	c:\users\user\desktop\frstenglish64.exe
Details	File	1	c:\windows\system32\tasks\kprm-quarantines 2022-08-24 22:01 - 2022-08-24 22:02 - 000003177 _____ c:\users\user\desktop\kprm-20220824220158.txt
Details	File	1	c:\program files\mozilla firefox 2022-08-24 21:22 - 2022-08-24 21:22 - 000000000 ____d c:\programdata\comodo downloader 2022-08-24 21:21 - 2022-08-24 23:36 - 001038704 _____ c:\windows\system32\drivers\sfi.dat
Details	File	1	c:\programdata\shared space 2022-08-24 21:20 - 2022-08-24 21:20 - 000000000 ____d c:\programdata\comodo 2022-08-24 20:54 - 2022-08-24 20:54 - 000000000 ____d c:\adwcleaner 2022-08-24 19:44 - 2022-08-24 19:44 - 000342685 _____ c:\users\user\downloads\katmouseinst.exe
Details	File	1	c:\users\user\desktop\cispremium_only_installer.exe
Details	File	1	c:\programdata\hydra windows sdk 2022-08-23 22:06 - 2022-08-23 22:06 - 000000318 _____ c:\windows\system32\httpproxy.json
Details	File	2	c:\windows\system32\ctc.json
Details	File	1	c:\users\user\downloads\19aug2022_novel-covid-19-vaccine-tracker.zip
Details	File	1	c:\programdata\gemma 2022-08-23 21:45 - 2022-08-23 21:45 - 000000000 ____d c:\programdata\atc 2022-08-23 21:43 - 2022-08-23 21:43 - 000000000 ____d c:\windows\system32\elambkup 2022-08-23 21:43 - 2022-08-23 21:43 - 000000000 ____d c:\programdata\bdlogging 2022-08-23 16:56 - 2022-08-24 22:02 - 000003654 _____ c:\windows\system32\tasks\createexplorershellunelevatedtask 2022-08-23 14:05 - 2022-08-23 14:05 - 000000000 _____ c:\users\user\downloads\lqb0juvn.htm
Details	File	1	c:\users\user\downloads\af6d72ddb2dcf6a40df01b0e90b7fa5e.pdf
Details	File	1	c:\users\user\downloads\20220822_14.mp4
Details	File	1	c:\users\user\downloads\2022年08月22日確診人數分析.xlsx
Details	File	1	c:\users\user\downloads\8_zub46m.htm
Details	File	2	c:\windows\system32\drivers\dsp_fw_release.bin
Details	File	1	c:\users\user\downloads\彰化線西-名間松柏嶺-製圖報價-2022-08-15.xlsx
Details	File	1	c:\users\user\desktop\bookmarks-2022-08-15.json
Details	File	1	c:\users\user\downloads\soilandwaterconservation20220814164031700383.pdf
Details	File	1	c:\users\user\downloads\debrisfloow20220814163913681295.pdf
Details	File	1	c:\users\user\downloads\克里米亞機場.pptx
Details	File	1	c:\users\user\downloads\-經濟部標準檢驗局-商品檢驗業務申辦服務系統.pdf
Details	File	1	c:\users\user\downloads\result.csv
Details	File	1	c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-11 18:19 - 2022-08-11 18:19 - 000393738 _____ c:\users\user\downloads\196245185991110803.pdf
Details	File	1	c:\users\user\downloads\127044800201110805.pdf
Details	File	1	c:\users\user\downloads\127044800191110805.pdf
Details	File	1	c:\users\user\downloads\宜蘭3mw-20220811.pptx
Details	File	1	10.xlsx
Details	File	1	c:\users\user\appdata\roaming\hp_easy_start 2022-08-11 09:43 - 2022-08-11 09:43 - 012123808 _____ c:\users\user\downloads\hpeasystart_14_4_7.exe
Details	File	6	c:\windows\system32\runexehelper.exe
Details	File	19	inprocobjects.dll
Details	File	6	c:\windows\system32\datastorecachedumptool.exe
Details	File	6	proxystub.dll
Details	File	1	c:\frst 2022-08-08 21:32 - 2022-08-08 21:32 - 021195926 _____ c:\users\user\downloads\20220808_14.mp4
Details	File	1	c:\users\user\downloads\送件用20220719.pdf
Details	File	1	c:\users\user\downloads\invoice_b2b_df71503801_20220808100858.pdf
Details	File	1	c:\users\user\downloads\invoice_b2b_df71503802_20220808101040.pdf
Details	File	1	c:\users\user\downloads\電動清洗高壓機單相220v.xlsx
Details	File	1	c:\users\user\desktop\鱣鰻愛上美女的故事.txt
Details	File	1	c:\users\user\downloads\apowersoft-online-launcher.exe
Details	File	1	c:\users\user\appdata\local\apowersoft 2022-08-02 18:40 - 2022-08-02 18:40 - 000185302 _____ c:\users\user\downloads\ar-m258_20220802_154513.pdf
Details	File	1	397821.mp4
Details	File	1	c:\users\user\downloads\105090119821110727.pdf
Details	File	1	c:\users\user\downloads\105090069961110727.pdf
Details	File	1	c:\users\user\downloads\20220729_14.mp4
Details	File	1	企業資料表.pdf
Details	File	1	c:\windows\system32\tasks\asussystemanalysis_754f3273-0563-4f20-b12f-826510b07474 2022-07-26 15:05 - 2022-07-26 15:05 - 000220176 _____ c:\users\user\downloads\新明魚池國中隘寮國小長青會館隘寮活動中心模組清洗 111年7月.pdf
Details	File	3	c:\windows\system32\perfh011.dat
Details	File	3	c:\windows\system32\perfc011.dat
Details	File	1	c:\windows\system32\perfh012.dat
Details	File	1	c:\windows\system32\perfc012.dat
Details	File	31	c:\windows\system32\perfstringbackup.ini
Details	File	1	c:\windows\system32\prfh0404.dat
Details	File	1	c:\windows\system32\prfc0404.dat
Details	File	1	c:\intel 2022-08-24 22:03 - 2020-11-21 03:43 - 000000006 ____h c:\windows\tasks\sa.dat
Details	File	38	c:\dumpstack.log
Details	File	1	c:\programdata\microsoft\windows\start menu\programs\comodo 2022-08-24 21:21 - 2019-12-07 17:14 - 000000000 ___hd c:\windows\elambkup 2022-08-24 20:39 - 2021-05-16 16:32 - 000000000 ____d c:\users\user\appdata\local\d3dscache 2022-08-24 20:25 - 2020-11-21 03:43 - 000000000 ____d c:\windows\system32\sleepstudy 2022-08-24 18:35 - 2021-05-08 05:00 - 000000000 ____d c:\program files\hpprintscandoctor 2022-08-24 18:35 - 2021-04-05 15:56 - 000000000 ____d c:\windows\system32\tasks\hp 2022-08-24 15:00 - 2022-05-11 14:51 - 000058707 _____ c:\users\user\downloads\確診增加數速率.xlsx
Details	File	1	c:\users\user\desktop\iexplore.exe
Details	File	59	c:\windows\system32\mrt.exe
Details	File	1	c:\programdata\hp 2022-08-11 09:19 - 2020-11-21 03:43 - 000866616 _____ c:\windows\system32\fntcache.dat
Details	File	54	c:\windows\syswow64\printconfig.dll
Details	File	86	frst.txt
Details	File	5	c:\windows\system32\oleaut32.dll
Details	File	1	c:\program files\autodesk\dwg trueview 2022 - english\dwgviewr.exe
Details	File	1	c:\program files\autodesk\dwg trueview 2022 - english\en-us\dwgviewrficn.dll
Details	File	1	c:\windows\system32\acsignicon.dll
Details	File	19	c:\program files\7-zip\7-zip.dll
Details	File	1	c:\program files\common files\autodesk shared\acshellex\acshellextension.dll
Details	File	1	c:\program files\comodo\comodo internet security\cavshell.dll
Details	File	29	nvshext.dll
Details	File	4	dragon.exe
Details	File	33	c:\windows\system32\notepad.exe
Details	File	10	ochelper.dll
Details	File	1	bokwebatm.cab
Details	File	1	bokcgxmlcryptop11atl.cab
Details	File	9	msosb.dll
Details	File	2	c:\windows\web\wallpaper\theme1\img1.jpg
Details	File	3	asusswitchnet.exe
Details	File	3	asusswitchnetmdns.exe
Details	File	3	asuslinkremoteagent.exe
Details	File	4	c:\windows\system32\intelihvrouter08.dll
Details	File	7	guard64.dll
Details	File	91	addition.txt
Details	File	3	c:\resettcpip.txt
Details	File	5	fixlog.txt
Details	File	7	frst64.exe
Details	md5	1	af6d72ddb2dcf6a40df01b0e90b7fa5e
Details	IPv4	142	192.168.0.1
Details	IPv4	1	61.31.1.1
Details	IPv4	1	61.31.233.1
Details	IPv4	1	24.1.154.0
Details	IPv4	1	8.3.33.0
Details	IPv4	2	36.0.175.0
Details	IPv4	2	43.0.175.0
Details	IPv4	1	16.0.1.0
Details	IPv4	1	7.1.2.2
Details	IPv4	12	3.67.0.0
Details	IPv4	1	10.4.26.0
Details	IPv4	3	1.0.2.1
Details	IPv4	1441	127.0.0.1
Details	IPv4	21	3.0.0.0
Details	Url	1	https://ibank.bok.com.tw/cib/inc/eatm/bokwebatm.cab
Details	Url	1	https://ibank.bok.com.tw/cib/inc/cert/bokcgxmlcryptop11atl.cab
Details	Url	1	http://corpbank.scsb.com.tw
Details	Url	1	https://corpbank.scsb.com.tw
Details	Url	1	http://ibank.scsb.com.tw
Details	Url	1	https://ibank.scsb.com.tw
Details	Url	1	http://imf.scsb.com.tw
Details	Url	1	https://imf.scsb.com.tw
Details	Url	1	http://vnibank.scsb.com.tw
Details	Url	1	https://vnibank.scsb.com.tw
Details	Url	1	http://xmlra.scsb.com.tw
Details	Url	1	https://xmlra.scsb.com.tw
Details	Windows Registry Key	68	HKLM\...\Run
Details	Windows Registry Key	59	HKLM\Software\Microsoft\Active
Details	Windows Registry Key	39	HKLM-x32\...\Chrome\Extension
Details	Windows Registry Key	18	HKLM\...\7-Zip
Details	Windows Registry Key	77	HKLM-x32
Details	Windows Registry Key	1	HKLM\...\BOKServiSignSetup
Details	Windows Registry Key	2	HKLM-x32\...\Comodo
Details	Windows Registry Key	1	HKLM\...\COMODO
Details	Windows Registry Key	55	HKLM-x32\...\Google
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\LINE
Details	Windows Registry Key	68	HKLM-x32\...\Microsoft
Details	Windows Registry Key	1	HKLM\...\HomeStudent2019Retail
Details	Windows Registry Key	41	HKLM\...\Mozilla
Details	Windows Registry Key	41	HKLM\...\MozillaMaintenanceService
Details	Windows Registry Key	1	HKLM\...\PotPlayer64
Details	Windows Registry Key	1	HKLM\...\SCSBServiSignAdapterSetup
Details	Windows Registry Key	1	HKLM-x32\...\VideoPad
Details	Windows Registry Key	1	HKLM-x32\...\財金資訊WebATM元件
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001_Classes\CLSID
Details	Windows Registry Key	3	HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS
Details	Windows Registry Key	3	HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc
Details	Windows Registry Key	3	HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\Software\Classes\.scr
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\corpbank.scsb.com.tw
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\ibank.scsb.com.tw
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\imf.scsb.com.tw
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\vnibank.scsb.com.tw
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\...\xmlra.scsb.com.tw
Details	Windows Registry Key	41	HKLM\System\CurrentControlSet\Control\Session
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\Control
Details	Windows Registry Key	98	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Details	Windows Registry Key	42	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Details	Windows Registry Key	3	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Details	Windows Registry Key	1	HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet
Details	Windows Registry Key	2	HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Details	Windows Registry Key	1	HKU\S-1-5-21-3235010354-2071536587-3768997761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet