Overview

overview

1

Static

static

1

2ba70b6cde...8.html

windows7-x64

1

2ba70b6cde...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    73s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2024, 08:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ba70b6cde483021c23534431b485093_JaffaCakes118.html

  • Size

    6KB

  • MD5

    2ba70b6cde483021c23534431b485093

  • SHA1

    0238c1b4a0eace9823645fc8f3cd5b7c5564ac9c

  • SHA256

    920213286aec93a6531c7328cb322fcfd59d0dfd5d07a66bbdfa0758e7c6d9d8

  • SHA512

    236f35bfbbb0cad9d0a75c24f858e7143ffab93e7e2bb9b28da478ea8080786b3c6a1868289ab5a701cb1c0a28f299ae34f6d616803ea57182f0555ee0e9b684

  • SSDEEP

    96:uzVs+ux7epLLY1k9o84d12ef7CSTUFh/6/NcEZ7ru7f:csz7epAYS/Q4Nb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ba70b6cde483021c23534431b485093_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

  • flag-us
    DNS
    analytics.hosting24.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    analytics.hosting24.com
    IN A
    Response
  • flag-us
    DNS
    counters.gigya.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    counters.gigya.com
    IN A
    Response
  • flag-us
    DNS
    membres.multimania.fr
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    membres.multimania.fr
    IN A
    Response
    membres.multimania.fr
    IN A
    213.131.252.251
  • flag-us
    DNS
    fc01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fc01.deviantart.net
    IN A
    Response
    fc01.deviantart.net
    IN A
    52.27.45.179
    fc01.deviantart.net
    IN A
    54.214.192.190
    fc01.deviantart.net
    IN A
    35.81.236.82
  • flag-us
    GET
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    IEXPLORE.EXE
    Remote address:
    52.27.45.179:80
    Request
    GET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fc01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Mon, 08 Jul 2024 14:07:25 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Server: nginx
    Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
  • flag-us
    DNS
    orig01.deviantart.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    orig01.deviantart.net
    IN A
    Response
    orig01.deviantart.net
    IN A
    54.189.14.144
    orig01.deviantart.net
    IN A
    34.218.68.46
    orig01.deviantart.net
    IN A
    35.165.70.199
  • flag-us
    GET
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    IEXPLORE.EXE
    Remote address:
    54.189.14.144:80
    Request
    GET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: orig01.deviantart.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Mon, 08 Jul 2024 14:07:26 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 0
    Connection: keep-alive
    Server: da-redirector/0.5.2
  • 213.131.252.251:80
    membres.multimania.fr
    IEXPLORE.EXE
    152 B
     3
  • 213.131.252.251:80
    membres.multimania.fr
    IEXPLORE.EXE
    152 B
     3
  • 52.27.45.179:80
    http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg
    http
    IEXPLORE.EXE
    606 B
     634 B
     6
    5

    HTTP Request

    GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg

    HTTP Response

    301
  • 52.27.45.179:80
    fc01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 54.189.14.144:80
    http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
    http
    IEXPLORE.EXE
    608 B
     387 B
     6
    5

    HTTP Request

    GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg

    HTTP Response

    404
  • 54.189.14.144:80
    orig01.deviantart.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 213.131.252.251:80
    membres.multimania.fr
    IEXPLORE.EXE
    152 B
     3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    analytics.hosting24.com
    dns
    IEXPLORE.EXE
    69 B
     124 B
     1
    1

    DNS Request

    analytics.hosting24.com

  • 8.8.8.8:53
    counters.gigya.com
    dns
    IEXPLORE.EXE
    64 B
     129 B
     1
    1

    DNS Request

    counters.gigya.com

  • 8.8.8.8:53
    membres.multimania.fr
    dns
    IEXPLORE.EXE
    67 B
     83 B
     1
    1

    DNS Request

    membres.multimania.fr

    DNS Response

    213.131.252.251

  • 8.8.8.8:53
    fc01.deviantart.net
    dns
    IEXPLORE.EXE
    65 B
     113 B
     1
    1

    DNS Request

    fc01.deviantart.net

    DNS Response

    52.27.45.179
    54.214.192.190
    35.81.236.82

  • 8.8.8.8:53
    orig01.deviantart.net
    dns
    IEXPLORE.EXE
    67 B
     115 B
     1
    1

    DNS Request

    orig01.deviantart.net

    DNS Response

    54.189.14.144
    34.218.68.46
    35.165.70.199

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7252b475c48c02167f0c13cb9c2924c4

    SHA1

    ae204e100ef74a6ec480c26acaccb0daf204fa19

    SHA256

    6197be716a0ef4de4e4699604f702dfefc0633ab85ef95ab67f8e40eb8ac6d49

    SHA512

    1e68882fc23044e44b20df43a71b838ee9de1fdc4eddf89a803de9fb6ddee91c4cfbeb26622d1a88955f523f10db00dbce388786b09d3beeadf972bb7a56678f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23460207783684423f09bf734221e49b

    SHA1

    6b4ceca068f811f33b1bc69c5273eb2c0a7e6554

    SHA256

    c910e6ccd188d8afc4669254a307586c570a7c05cd562f64cd155321a737fe23

    SHA512

    42667aa0ee8c20e622a66629e55650f3a85d63f0ba29eb4991e1350c55a16546e89854325397ec9669cffd9765414722d6613e36fd37a6939750a19220b80d33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e0b36d41e55a4a1c9148b971a1791c8

    SHA1

    9997f75908f219aff82b0dd40fde9cbd039cc8d0

    SHA256

    f5402dbb411de736b2b7870c7e5e9da2a546f1b219699f91f52cd36adebcb094

    SHA512

    73515a1589765b9798a38cb22599cf8b730f03c1d41f459fef74b319c6c9c90a8e691709255a2e04c20244134dc4b135edada9a5c67ed85f352c8bf05a634250

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2851f09b0ed1f6e3729e59529c456bbd

    SHA1

    1aa7ad956fbf693d013d537bfee36a552388bf0b

    SHA256

    5c9428094974b5da7360f73b695d0519484254a54dd37e6d5ae05e0b73d5a79a

    SHA512

    73387d97428e96fa55c9b951b30aac8e23cb83fcd9fcf2454661eacf3cde8c8594442137631e678339f668c4f127fd00025ff6cd694564b17959f6ceef9f50ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ad999f0037939d3b3c6f8b3e18ece7e

    SHA1

    c1e282f2b2af2938cd18e1f4d6c6ad88c8f007fb

    SHA256

    ea41218648247583a9895900906da5f773ad235e4a862806d70ac88a39998b28

    SHA512

    837e7c762c784f6faf0464a70657ea80be901098323ca05cacb2f403610963771da0df6091249ecedbf885e4b55d858f746c8abd65b5cbcebe1af7392103c503

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    335be09a47a81f8c06ef5b174f853126

    SHA1

    a0716b58d9fc46c70a9ea8b90e57fd307e9566aa

    SHA256

    ca00600c3ff53a0252ff839db5bb8ab2d24cef5b01faaa08c062574441e3dd8c

    SHA512

    ad1fc594dad1bdd76b34106d0fcdff806eda887a0087f0eb3a58d82447842e13db1803fa577278821e0e28b6d918f5fbd0fd44cbfb2ede65dc1cac926b186463

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef07264879f386cda76fc53d5f8c17e6

    SHA1

    0b6b373cc61cbea810cd241a48493a4aa70772f6

    SHA256

    3263874330589183b1a575610ef031d2d26e28f66229e08a41444be0c1d96492

    SHA512

    f1f0763de5d2dc2d2d59350d1eb3293bb805d42f1ea2855f0e5b1c7a91b99b3109a95b6f9ca4e83f13f1ed55da01e78186d776224e64ea54052f9ef19a16aa5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60faf9bc49b30daf14d3c0c88e91c171

    SHA1

    4e6b2a417e252c2e9e4cee51fe9c5196f507bb41

    SHA256

    4888a1ba8978a4449d29309b4ae9690ed85d2acdaff7a0b127080319b3abc225

    SHA512

    449cc6fc62185a99b9bf3ebdfd1679ef147c0576bda6f808f9d44fbb9147d16ed94acbf9e22e4600371fb6b594ab123889283fcf123479ac40ae26c1f9e759c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2762ce73c8cfeb9c4966f809adfb61b

    SHA1

    c81818112fd170aaaaf4eb00145a1ccf3f3a29ae

    SHA256

    452d6932c0f705cbf181ac607eb7f77c83b3fc3833b8b4b83b9e4a727bf288be

    SHA512

    6ef8dc22da430f695600d1282549f3fd3c68b426db337053f5a75888302030c3a2888cb2fc8dd266cb4cb1685b6f93a1c9a57e33b8601c148e9872f716a9f86e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d034e718b34c9b0c7d287045adf69183

    SHA1

    0c5be678588ea4cc4433c4b905aca09da17dd4bf

    SHA256

    f9dc96267655ad9ff5418aeb310ae5b81faac4737587cc4a97e62b9e0433d2b0

    SHA512

    fcc88749b82989eefc72474bfba3ea23c48ce59bf06ab37511bed676a0f10792c34cd26ae99226c8b9282daa48e9c918f600dbf64555e0664c369b3172a27308

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    270685c030e798c7db7cef91fff83d09

    SHA1

    e1b5dec72ad730b4d28180799d25159dd9bd6eb8

    SHA256

    1478a2f43d36a2689ada97f351caf46c77ce4dadcbb21fe88eed649de680fd28

    SHA512

    806309a621036015a06cb45af4e0a45d1beab8302f42d18d54a9fc7b79f94e4178149d91ef750927d7d72bce4a14785ba33c526d042f8486c6a7944c8d652f65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eae16e34cf7eb9a0cc4429b3e6204e7d

    SHA1

    68816fe88dc80fc4f3ab54d275ebbb626617c562

    SHA256

    6069a734a05572dd89ddc18722edb0dfa25637f30bef0e324217f462b87b552b

    SHA512

    d194c30a0737c6a0df416c429502a776f78d3453c0b5dbdecdf467c49060959e7477a6b6c8d059c202cc0fbe509bdf798e340ab4f041a3cda48f914426feab6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f20ace6e77fbc431fbe35aaa173bbe00

    SHA1

    0f97269ce4da8d352845dc347246ab8656389355

    SHA256

    24bd275ada2a8f10f7c282df366795749dbffd0b15b87163554b3307de84a919

    SHA512

    bbac2221c89348172d19e75bddd7fb64feee55d053304166e1b0e3010fd0a52b4e9bdee4bd932dc94205cd57c9ef44da0a3e59bbd34177781e7ecf66f595a37b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48506b1c91a0e3882935a3273db8364a

    SHA1

    9491d34c40d476f15fabf1f9b5ecd1257e8eb7ae

    SHA256

    5f5bb3f165bb4d428c9f089723142eb01449be758766f3d5f6e388080ad6699f

    SHA512

    909d23985c74bac500da9224d080517ae2c127faae158b3ff51819e4a4a67d97a68835e854c37b18bb7d7c13440a20cc1520263c3f24b62e8c3fdd9f0b034010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c482ba126f4bae3f93b9cf79361031cf

    SHA1

    a9cdb15dfc36a41da46cab3404129aefb5a20aa3

    SHA256

    7adf65217254d57d8094c22d9564872537b3d0040d4ca16a156c52f2d00f24a3

    SHA512

    a3f369f71285e358b83fd269d6c95ae2b41cd11f730b4c3aa8bdf06441e4c23786e42f1dd49fa1a3919152f0dcc47a9cc440b44ff27dbb3ef0dd65bf78d93d5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4305c0e5aebb9c9867816f4262d7b154

    SHA1

    eb13655df2a9ae96791e20f2cef90c588e164e1a

    SHA256

    6bfabdd01c003388dcdb06b1409785850b65166009cd508bcd29f3ca0d5f7736

    SHA512

    6ae78a966a2198421fd4d4a8b8ff7643ed1452c0be740f5219d1c4b096bd52d4752ccdbe39944a5d3b09c851076b790f1e9403a6e69700814fe841f841c9524b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89f790daa9acaf97c53d6d4bc2784a78

    SHA1

    bb9ef5b22aaaf9cca00ff03556c61a84249130be

    SHA256

    dd5d9129bc7e88179d7be85c3f8fc71b2949b275fa81e5fbbef7727daae20d2f

    SHA512

    76d365036c3ada00f3e52a9dc1263177c197e0ce5b1e76a51762b21fc949faf4cd74782facf096a867bc9b6414e04e33e1fecceda8e346b4336be1240b5112e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5181f00f1dfa0fff0769e3d603490f6

    SHA1

    d43b779bbc901c1c32d9c01b0e4ce1b2c65a53a0

    SHA256

    6c552f172ee202a81c7039b236f23859c6d3b30426ed121193f0411d655dd19a

    SHA512

    c15a96e0ee33fc597c1597aa6adbc0c283638ce4094ee56326395ea1d9e4c39801eb2f5e8b0d5d2d0addbd63d09af35e95c8384a3f1f3b78ccc2c1138301a496

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eca7feedf0b0577371e27c57f2c37f02

    SHA1

    4ce7c004c64d2d0169c20a4e0540f408ba3190f4

    SHA256

    81abe255e94f29e02d932e09b85a79070c35f08b3e473cecf9a2f2971035bb75

    SHA512

    4d11715fb185007a353499364134b383c767a9acae30a29323626d0c9591c1fabbd759f0c7cd5b9e824aa6da30828c3ba3b3f257f672c1b7b4fa0b46f00e5428

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9E05.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9EC6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.