Overview

overview

3

Static

static

1

6f77e56b8d...8.html

windows7-x64

3

6f77e56b8d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/07/2024, 11:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6f77e56b8d4fc9280dd2221961125a18_JaffaCakes118.html

  • Size

    207KB

  • MD5

    6f77e56b8d4fc9280dd2221961125a18

  • SHA1

    0625f0ec7996eb4ff71a0db4bfe5d7e9eabd80c7

  • SHA256

    77f5175027bed348374e3c7ca1ba99047b2315a76944d82fa575e18c4720aca3

  • SHA512

    6e2ca4b7828204211732e5b4f8107e2afaeb1c49d837bc7f4c92441c355a7a2120eade72399721ded4668b3312bdc78c404a25ed59cc7c3c741fc3bcb18dd354

  • SSDEEP

    6144:KV3AIIIW3G4k5QhL8atVa5iVQ5MIsuQyf5bTM+MdBXpKgXpgx4t4bO9mge/bE6zc:iADd3G4k5QhL8atEiwMIsuQyf5bTM+MB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6f77e56b8d4fc9280dd2221961125a18_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
          Filesize

          854B

          MD5

          8d1040b12a663ca4ec7277cfc1ce44f0

          SHA1

          b27fd6bbde79ebdaee158211a71493e21838756b

          SHA256

          3086094d4198a5bbd12938b0d2d5f696c4dfc77e1eae820added346a59aa8727

          SHA512

          610c72970856ef7a316152253f7025ac11635078f1aea7b84641715813792374d2447b1002f1967d62b24073ee291b3e4f3da777b71216a30488a5d7b6103ac1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          1fa0ec1aa09e32f3b6a3d96f66590ae9

          SHA1

          02aed398865737526f40e1a5be157c0360baa342

          SHA256

          d2f1842746a24fd68d3f2e1f7e31bc997036815948ecef2e77696d128051aca3

          SHA512

          1f0491e19b27cf69a8e275b4cb15afa8d98e62034b2aaa98f6392b1739f86705f5d18889ecf6833f95b981285dc6bb6b21305f62b1264f79c34f3e4491c567cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
          Filesize

          170B

          MD5

          444f0c0a653678e6055582e58294f25c

          SHA1

          030d6bf1004e448d30b01294d375f993638e1ffe

          SHA256

          8974c86fc4b9ef98c5c02d4423ea454f3dbd807f1440d752cbfb107cd0537198

          SHA512

          5c733858dee92e8f6ea35fdef9af5750b07e1af4a517317bd47323ac8bc1d35dab99c0896e79e49bcdf034fd035de8354e1d86d465b2354ad3aa14082f69c882

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
          Filesize

          170B

          MD5

          22fec56dc81c63a315db33f6ed1e51da

          SHA1

          c94a549bae2fe6e7e5d7eb6fca8026a297bcbf60

          SHA256

          f4c1227eaf72e107ed917e440c28833d9647a0bb7768a8800af11247a06f6fd1

          SHA512

          76612b0ca544e2a48d9d1793d7f67dc8b8f7ab118e4041f4a9456052f3c59c6baebb6265d94947f23026a6dd09012658758536b3f37e57f41621fb4e56ac49c7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          aa5be96d49ca9ab1aa27bdd6805161e4

          SHA1

          d578d50b69dc1ab504dfc97d92d4cb2eb53da7eb

          SHA256

          0db5c47a19a3924e0c2b0c59865271a143701a8562f137c7e0ad26534268e226

          SHA512

          1be908009c8ee6bacf215bde21e810d98effb1cba29d53722bf07a1a18bd7b22e9d8da20fbc4b777defc53bdffc00921936fbe19fed2bac800e612bfd1f3380b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          8a78e9782eaf1112661031975ac191ed

          SHA1

          4e0a76e29dd8d9c570988823f106fe2b9c8eb33d

          SHA256

          82f824367e58816562de3c4118e1495814659f931657b047a1328202e644eee9

          SHA512

          614456f17f2988c6c197c1a975117e2cfde2b4e8b56b8248143c92e6e2e67b610fab6676af55b03e24fa2dd76e34339edd2a44ce44061951776c956f47ccc835

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ba1262473d438de36a7aa24207ff8ced

          SHA1

          3eeb856cf0f39b5d3cbc96d4fc61e6cc43692171

          SHA256

          b97d7d25e05385461c72f936ae37a127dce1c498900c3c68f2a2cc9acb8282aa

          SHA512

          f926201e8039ee8d3859b8c67a8fe4cddfb89ba7a82734ce1483978565174c8eb89d154621522a53610267d7c3897cdfa0f35a78b3ca6851a0848bc90c91b5ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          53053d2fd81830c98d301674c205985d

          SHA1

          960f08ac1c648a20e7c52dbce812417b15312747

          SHA256

          575ecd923b334219d59c63cb5ec3f601fba61aeddb426264d2240223d5a4e14a

          SHA512

          f465641310946327f0f4a508b10a0b6f923808a35b2d4ef6816cf9a70c451e8c93095b471a28d129055275bd62cd235226e3ff397664c1deb80499ca561b6bb7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7ef6c71966e346157deaf665d7168593

          SHA1

          d964ddb1df1260897f6ee5acd25d990ae7210823

          SHA256

          ac5d1a56cdb0bbb4a51f9f2ee3b1541186fb0ae4e1989b9952c9483de0158cab

          SHA512

          53e383da9f7d5219665fe6beb846af1915c5ca20f3a637d32fdd874e35363d29488584159e2c9fced1d12ce019a6023cee53505abc7de7969d59fc96d825e231

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          15ba2bfdbc6639c7567015ffece8383e

          SHA1

          6c9cf235782af1a2747ff856594c29685d523b47

          SHA256

          c9feb75043ea1cf07be231658f6741ce4ca79b2e85aa4593598956db2159bb35

          SHA512

          28ed80c08ee0512771d7d32b5df619cfcf68930fd77cf0d5cb776d31a6a2d525b27326e9aa493944c89b3fb345bab00f2fa0da5d57ae63f520113c2ee0dabb4b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c037e01eac83fde42e917cfa88167079

          SHA1

          98c853653908cb9069295bf1883eba9e0f3ffdd3

          SHA256

          339cf8efa830074f91c79863af4ecbe78d12597ffbb398f966c0631751b29ace

          SHA512

          dc7c5ef89a3f465093286a1e2b3d3d9da18c444d1efbc81da674c0da179b5c2f30562e1bfc601c0495709341fab656cedafa685c9939ace33d060ac4fa8cdec5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          be5881f7e11642f56d1f31595a001171

          SHA1

          2c1c8714ca7f9609465f91b5c81a84836748a87f

          SHA256

          d524f02b777e78fb4221111c849578f5da12499b53f023e8b45567273a941028

          SHA512

          ca62f257773cb58d878f6ce022f185652ad69e807d24ccd6f81e3dcc2a9a7ac367c332ed6f120f0ff85227b7edb2562672a937a9ff0bc0fc6bbbebd152e6b66a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f0582d9b242deb2fd38861a84020d27c

          SHA1

          8bde651f9cd7d0339412163d17fe1283522091b7

          SHA256

          731fe1830ae373e041dc04480e684d31eee904a0b146520ac3b73fd28e846d7d

          SHA512

          ff00fcff56e7fc56cb9a2b94a69fac333c5c1baff33d794445039f9a11f86e93c7ef6612e4bde45ed6c1a16e168364ef337dcec59298aeeeb4eae49d740306fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9139df08ca68b4b53c047b6924d50848

          SHA1

          6894d5fa3cb4c0f39a5e8611eb68e04fb4dae970

          SHA256

          5d6fed939e919803b98ca9f1df128cca595b0d35ceb092695e22f84f6702aa4f

          SHA512

          125b3776cb04f475d9e9eb3c5363d83858cd12bc3f6ee89f0722725291425edef28e563b2fd4c5d434ac67d4e64164f6a1e6f7d4490e27371df3b4042b0b6cb4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b172b7549585cdff9ea8a6f3ba00b9a9

          SHA1

          9b6505a2c917c44616f4fa07d112232d63f8e692

          SHA256

          26aaf3a56bc85fac6ead3cce21ce8c28780443850aaea3d353203ad311e24d4b

          SHA512

          d8d93fe1be06190fc67c28c7e44c1ca4c71c1cdebd041dfcc9be0616368b0ac75736a145290a24c992fdcb6a0034afc0aba6f949d31b177bbaa617ce3fd7534c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          08fa669ce2dfca7a6d044fecd6671551

          SHA1

          67840eccbc2edbe22a7ed7659141f1255fa50037

          SHA256

          439a04992febc0905d58e299b11a59604d88b8848dbe31a11d4050adbbeadd40

          SHA512

          623be23eddfdf90cc676cf03039193a04e9b2ff710fd22897ee259e71d781ea6fcaae4aff7a8738faa519ab0b5ece3beab3a6250c8ad3b3db3b1efc39a4b7271

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          35d6387b5f62750a41357fe7d33931d6

          SHA1

          20d1fffd4d65459afd1ddbefef4231edf4f1a049

          SHA256

          bf8af70a4a470fb4e3d581d9285f895c595e48da8b436f1eb6eb9977dd997d28

          SHA512

          a5090b75c6f95baec9132ad5336401a1f6bf954fe368a0c98819bb153273bb4943950a1e0425baa86ad47050def6a6c4bc2d6779a96ff3dd93ae093084c4d791

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E1IWGZ4\3636781319-postmessagerelay[1].js
          Filesize

          11KB

          MD5

          228da4ee667de7d4cc8382d5b94f9fd8

          SHA1

          292b62c41fb7f7771cb686e7f5cc7ca0d9b7a1d3

          SHA256

          8e99352e0cd0d72871f3f301d165edc14fa22f2aeaecfcd95c81bcf1f63cedc2

          SHA512

          0c9002ad86c7745064afc7d218f1b6f278b45a947c29dfd120bf9ffd3906e5a6e926cfaa5a07af9f2c26dd0f9b9e8c8d81fb35a959314547d54356e28f6f5ca5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\rpc_shindig_random[1].js
          Filesize

          14KB

          MD5

          f03c96248811fb7bba5b92a7929fecaa

          SHA1

          7938e96aac5714d34a1ba76972f79d52b5f403aa

          SHA256

          dc138da7a3e8f2591ad7e46811e2681412705798dbc3baf5b08b953b6be7afe6

          SHA512

          568fcfd183f1d8c92c28257b9b0ab1e9ae35c445aebfd56de7dc4c45db129972f3ab4bdc6d58701e421bcb8a14e69a5fe77449c853cf49a612ba917fd0bd9fcb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHDSWW5V\cb=gapi[3].js
          Filesize

          135KB

          MD5

          cb98a2420cd89f7b7b25807f75543061

          SHA1

          b9bc2a7430debbe52bce03aa3c7916bedfd12e44

          SHA256

          bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

          SHA512

          49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW15VCHK\plusone[1].js
          Filesize

          55KB

          MD5

          15a42f20a492648f7c1595ea6bc99244

          SHA1

          50f3505e5459985af041ec26a6b412cfc2dc1cb5

          SHA256

          03998e7490f0e8f7d8490dc68ee8020101ddb4e8418567dbaa93426d15b721cb

          SHA512

          e5f256c59f1d22526b3610789a178ad06a2cab4a9c6c4238f72f67bd49c416540d5af74bc651c39ed2ec2558d1391ef77c30e68f9de73d0d07f34f5fe234af55

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabBD4.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarBD7.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit