Overview

overview

1

Static

static

1

8181d6706c...8.html

windows7-x64

1

8181d6706c...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 18:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8181d6706c92dfcd6dfdb58026ac6067_JaffaCakes118.html

  • Size

    35KB

  • MD5

    8181d6706c92dfcd6dfdb58026ac6067

  • SHA1

    b0f96c2db12386abf26727609c64baa57c7e1cd3

  • SHA256

    6dd16df47194c6f4f0077bfae0d515bacc11e9ad408114788883614c97010198

  • SHA512

    f27406e9188445af35d4486d2f0cc5de264bd4d5bbcda30281ccb9f995aceab16207f4a624530653bf06b98c29dce1a4b737f3b373f4dfc85cc27cf0f7ae8a6c

  • SSDEEP

    768:hortRDyM2DLISbLCsNWCh/hajrO25BZyV7uts:kRDyM2DLISbLCsNWCh/hajrO25BZyV7N

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8181d6706c92dfcd6dfdb58026ac6067_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1632 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    381ea7477446c181c4ae54f0added13b

    SHA1

    2e725bab017ba46a2e7cc1ef36a0100258703fc2

    SHA256

    5cc093df7b336fc144b5b6cbe6e0a4056f9709928ba67e5773d5427ecdfb8b97

    SHA512

    6323939f75c7d4bde672fa4bd2b8ffa746256e7b396e0b9ddd7e49bab89b2a450f98df15b097c138c78a99ff5401635e47afe4bca2848cf1965582e1b98b4e6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34bb511c2598c47f67cc95259619aa5c

    SHA1

    d15b11e550abfa05c427ab6c17dcc703c1f44d2a

    SHA256

    53e2e90af5a08369b7ba6e5fcd5d38d2c30f96487ec4e41cc4ef53d71d146b71

    SHA512

    db8104a37ac10b9e17e5deb72f82249551e593ded8ec0abc66ebd85f6cb125bec7619fe10f009fcbeeae59033b95a66bf7e60d99e94ac392c286d9b0d2d571fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39f0f58bdd79703498dc0745e19e031f

    SHA1

    52e51ab9a94fde93b0e53fb5d711fd04c835e0c3

    SHA256

    fad5d34553b0dc5f54c212a354c5d3908a06de88e53b3a5d4538a24622331d5a

    SHA512

    26fd97f4d974c580bdd48324371c1aefbe7e7eec9efaec511c5c8c078684e632bd534e9da3a2d33b61d3e6099d0d102eeaf1e486db021d622fa1d1e26bb6f334

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab10F4.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar134B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit