Overview

overview

1

Static

static

1

5d9526e891...8.html

windows7-x64

1

5d9526e891...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 20:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5d9526e891c6a8eed14495eb69c10ec8_JaffaCakes118.html

  • Size

    31KB

  • MD5

    5d9526e891c6a8eed14495eb69c10ec8

  • SHA1

    4a58ec5ecd44377905931a861b9bdb009f489c57

  • SHA256

    e933773ca53ceb2fa4422187097bf443f411894f2662b8074dced2403d577b2e

  • SHA512

    0545ff650bf9d68208a8fd0365f0956a05583c96cad14670b52877d64acba6fde0e3796eaa40fd8caa3c9f5503f92005879e70287d9ffb557a4f7d61bca76ebf

  • SSDEEP

    768:qXKqa3VAPesJhggFwcDSlCceNrwGSLXdv9qW3qCEuX:OKqvggF9SlCceNrxSLXdv9qW6CEuX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5d9526e891c6a8eed14495eb69c10ec8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8f21f30714a6e75dbb5968bae735bbe

          SHA1

          33cff9df19ef09bb66d87e4af1f9b63169151f46

          SHA256

          5672e4dbc90dd677208ab247ea3db5cea08afccc625c1aabbb1144ef91babd07

          SHA512

          9e7f3e092bf5e0f602bfa929be56884bd4ff57883d605ebd6fc7d9da542af1b1723a9b890abb2313b99c64df9967f51d83405ce1dabb463fff8b469c03b6760e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e1e159e776215b79eda18687e8b7e0e8

          SHA1

          f7ac3da2842554160f55044c73a331c6290b0d25

          SHA256

          22082714a3631b7ebdd7ff8322d2d54da980b02570d1492f18d9eca44cf9c4fc

          SHA512

          fb1ad862d3d0ffec589baf5035d4f41aa45f97e8ab49af2854dedbd62d81f13d8aead06a11e8425b49ae03e4a60a0c5603a61685a5ceecd66e48fd8fccd24d4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4ad35a5ecf397c1f31c4fde10c404bbb

          SHA1

          c6a8c0ff1089d7812ad08652113a58680b04ee44

          SHA256

          5434071c105cf8ebfeb590a48f58dd86e0d71b4d3dd054e4bafd81d6c819450e

          SHA512

          505c7f9d1782cfcb366f763070272289238a7d2ef83ab802f4971a471e6d6e9003cf2eb88f97dd7ce16cf0e3ab9ad21ccdbf6872539273c557b5f6015fe62a7e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          83ea693717e6a20fa8dc10a41c326f69

          SHA1

          491aad1e02289199e07bf2f827d5993de94da461

          SHA256

          780bd5bdcd45c5c26130970b96e52841e5eb6b6737639893ec3d50a15659f281

          SHA512

          663ae376d189fcc6ac8afc198735ac28d0093a1ca1b949543fa4f8e5825cdff91e335c44f9af2f03da336d7e875f53909fb3c73aeaa39581aea7a5e8fd97adbd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cc6169df802f97142f262abfa0c89434

          SHA1

          3636383b74e0c86e996a5e585d4fe91fffdf27af

          SHA256

          a4ff020290436594c28e4f6931fbfab53c70ec38ddd542aefeed3ca78a743a15

          SHA512

          0b55f0815e7c7d8f1e8babf7d7ab3386401bbfa0cc3c840b688c133b4d90ea5fb7d77df1c8d24b6d877d2670228a3b01a827fd4e81f4d884a35381b3552a8542

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          546ec01de4dfcb7963c6ef05f464ef4e

          SHA1

          ba07f62a59c647afe1dc81407243d40626ce9208

          SHA256

          cabd8e9d5b4434358ca8cb4f1c3ce7c6fc77e9097939d66a96d751fa3e73a082

          SHA512

          b0e1e72b11e557ec2175a97e590617e10b18b2bd69d6c6c94a6ff35b2b0f0214a041e743ace77fefc474f74238a210adf697249465c58ea96cbb700a21679432

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          943cd638cd86896a0e179a3898f555c2

          SHA1

          f7cba1ee98cae2c537c4c01d3ee36884d6ef16db

          SHA256

          ac54d6538aed409508da97e98c40c88e893d705138b48d30d62b7723794e793b

          SHA512

          30bed81d98827941fcb814a7a54d6762981a45b9ef56812b30aeb5b69d947af454170a6f1397dfd387f4153926391ea981e71df6f94870b66e101d0f99b1d570

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          af0389c69772f7f0a818422662bb13ce

          SHA1

          911a5ee26be63644b75d5ee55d67f6024630b400

          SHA256

          855812536061271e348925c75d796796a427c9f9de4244b6eacbc21d1fc071a4

          SHA512

          c17b64da6ce0aee8432e92e0b6e1bf4c4719d942fbb4883642b7e2de99bf94b157499de716e8654191943a3c4743505383d49986524acaffb7c05fbd7757f233

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          25ef522ff914db2b3ed9bcf123285b7d

          SHA1

          d7e7d806c6f5ead0c91b7e7f5975f94bd57d05f3

          SHA256

          4de2543c15da254a5fe19f8fa70b9b12c53c8c3938bac5f70c523b000977d64e

          SHA512

          ff45034272368d1643dd199f022477eaba114df34d0f132c12ef545f25eb5e127e7b67d62133f38d92ac7bd3e5e66b021301e9843b6e4c6d470688c0e5e128b1

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOGNAB2O\ads[1].js
          Filesize

          1KB

          MD5

          ce9eed9a9bf71574b9cf93a118b69711

          SHA1

          14ce82b1c88e00e08467ab92194a09a416054a99

          SHA256

          2e6c19708a1954656ad12fe7eec0af09c2111993549709c238ae4ebaea0990f5

          SHA512

          c270a6b2736d713c966e9d55c79cab0e77334bd46e3bfb961497069f229e3893d67186236f54b7a76cf415c08056e7525ca090ae53636f95312cfe3886a99545

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWMUP5AI\document.ready[1].htm
          Filesize

          167B

          MD5

          0104c301c5e02bd6148b8703d19b3a73

          SHA1

          7436e0b4b1f8c222c38069890b75fa2baf9ca620

          SHA256

          446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

          SHA512

          84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD144.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD1F3.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit