Overview

overview

3

Static

static

1

6fd3155945...8.html

windows7-x64

3

6fd3155945...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/07/2024, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6fd3155945d66bfe2ae3218d84940224_JaffaCakes118.html

  • Size

    36KB

  • MD5

    6fd3155945d66bfe2ae3218d84940224

  • SHA1

    554da8a179ec988630297b612cb4a2e177e76fca

  • SHA256

    b94bcf2e94009b60a1972c937d460f0243d81c152100b60df6bf13e11ae512f8

  • SHA512

    28e5ff74b4ca999300cfbb00356166aa91b405be3ac9a7eb8e5e527948395ecfdc3108bf2b9087d0ca55bea40cdb8ac6748170c9f69a19b73f7a6dd23837c21f

  • SSDEEP

    384:RLQ/iL95+Iuy89ZNnauV6SB7gqgEs17tPwvBBOdY+:Rt/Y5F5s17t4pBCY+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6fd3155945d66bfe2ae3218d84940224_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fedb6ad7d999d4b32031c5eb35f48145

    SHA1

    3748a74c4d2b04febf620d27a72799b65230d49b

    SHA256

    a66b320e98d6de1094a86f7978a2c3bd92401ee5199466cdcab596b94fbd966d

    SHA512

    472a3eb0888bfe75f19cb5aa86a71754eafe6b3800a1410357196f49603fc9700a0c2a8cd0e54ce50cf5a10ec52ef6623c9e170526453fdb35f01ad55c6d45e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b55c05455d592aa3c4b6992b0b15080

    SHA1

    6c1f76b928ba7f6cc0948d3eda452d9763cfed2e

    SHA256

    24ed5cbcc62894b25599e5eff749910b6dd2beb0c02b2e156e40b47f3c32e7b6

    SHA512

    bf602e5cd07dcb7a09f093b9487a23bcd83f7fdd55577b3d48933ae0720f7cb3144bab6b67c0e60531604c26cad9204cf55a10664a60645386f283ed9a5ba299

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f37b7e7c9bf50358152c7ccff084057

    SHA1

    907043212634e4a0f6aaa2bf3ec60a675d10b985

    SHA256

    b3fa22f1ee953300e731a7dec50c5fbd5ed01db5b682f9ef633fbf2ff6b9d673

    SHA512

    a89d515cd1713ff32e26b134f154fd5abbe1d2c2644893279b841b8711b255460fe0b41befef621aa5057ffa3ae51e406ec0ec6943482286608767c5c493e9f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efc160b72752fa3a110e51c939ef5bc9

    SHA1

    3d7658c4d4dc7b2ab68a2692ca1a2ee07660f43c

    SHA256

    a6f68a7e9ed444fc565eaa99061fc11c236c3d40a0b45e7f4793e23042171b1d

    SHA512

    80462fb4c50382dd249a3968cb6fddbf43cfe860a18528b4a033a3b0b192352bfed91452de1c3590985bf3b7ecbdf7606b23988a29f85d26ab38cd4f9b6f871f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0077d4f762e29fa79c91fa5bfe47912f

    SHA1

    8de94015e836bb17f9b5bdd7fa77e2e486c0eef7

    SHA256

    7ffc31d38011769b81855b745071a3ecdd70a65d6d70dea319dbcba03a84091b

    SHA512

    e99671331fa240f57d4c633037c9cdadc4d45acd4cc52f64ff71bf5935e39b6f13441915390f72abb78094d2c3799e5b705c86ffd096280850188f59e5ef4a6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    368f68ea7a2cfb12c91d256607f38ea4

    SHA1

    374565f7e501f07e50a134a983d15291eb920e45

    SHA256

    6f24c6a2bde1558054c5a1d1bd384dd7c075da1f8e01021550f20bdcd1240233

    SHA512

    2b25ceccbf3064e96c60299cf4f5c761b5fc3814ba987546dd198c10ffa79167e292d0ce991697195bd999670c5c4537a4a8efa3ee8955413dde0f7f888af42a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    455d2b0874a1bfc1b79ed7335b4370b8

    SHA1

    7f77a292ab3f8ca4bb3dba40056723f4d4f144d6

    SHA256

    a423820223a5e78947769ab4afd07c0c8e1435155c2cb25c8b9fbfeeb4123ec4

    SHA512

    487efd760e910061d03b708b3f6c637f444c039ed294d5141adf75e030c3ba623516dec20839dc890c83f5ec11e9a5f096e5e4890210e7af2785f026c7427958

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cc8337e2c80a263b4c43e899bd9cc28

    SHA1

    98655598f6edfd34d373dd7e97254f8a602afa35

    SHA256

    9d7dca01905ce55e06c37736a8e3aee7853eff0bc9238d9a3243cd4f80b945a8

    SHA512

    b96007a642b6cfe19b8ea0c712e707b83f2b924d2414123f5b63f54fdf3124dd412223c6ba949071e858a8ac38aa79de54f8e1eb9879f89326cd5164bad1e1f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab90CB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar919A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit