Overview

overview

3

Static

static

1

00b30d05a8...8.html

windows7-x64

3

00b30d05a8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 20:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00b30d05a891b86307af36ee74c76501_JaffaCakes118.html

  • Size

    23KB

  • MD5

    00b30d05a891b86307af36ee74c76501

  • SHA1

    22e877a47f6a53c10111d6438eddba5b05f2700d

  • SHA256

    6ea8c4a6b0e11255b684884995400f39e7bb544ce1b0a0fc4ef2521b9bec888b

  • SHA512

    cf3d60ca22d7e0c2bebcc160e9a0cfee908911fe63c6d8a7ee9ac101775af36d839bac62ebf5aeffc4367c3274ed35664b2903214ff8c8945843cc986a223e46

  • SSDEEP

    192:uwHsb5nuRw6nQjxn5Q/4nQiebNn7nQOkEntgOnQTbnpnQ6v06J4RnQNjMB7qnYnj:6Q/Mv06kh

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\00b30d05a891b86307af36ee74c76501_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    597b87dd993c1ee87c3eaab7eb741132

    SHA1

    3af34c585d249ee7c26c8614083bd37c51885eba

    SHA256

    974a3ae430a99903206b83e28d64e90f7fd929f760c0f59ab576437ca1c95de7

    SHA512

    380b55dfd2b0e356f73349e80886a08b4dbda78d1b85cc9ae36625a02271c536f5bd193065ba834a0a061878d7b7cc864f812f6846cd4e2c408767bd4bf905de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32dcefe66b5dd2d370ed9d42efc721b3

    SHA1

    9707d74e46040c58c8cd82734d154d692f10bca0

    SHA256

    3161952b010ac853885e526a546725f7599f9397de11430824d49352c17ef8fe

    SHA512

    974fef4f1e70226a0d91d2c1bee20b64390d835b643faae3d0886817abe7629b0b804ea6cca3b19cd308cd7b35fc37406325e3fc94ed23d543ff54cd2133a387

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83767b140b0e893c4bca6a4a57fd3fe1

    SHA1

    69a6520f0130d0c9feb459acbf5a837a710f729b

    SHA256

    591a3ea1f4c08b078e87f205c16d669f7f724b00fa3cfdcac3021a46496b0c88

    SHA512

    ebf51db06126ac4e46b48ae5923f0000d31d7520fdf6f32ef125a19a79f5444256542b2be6a9b57144d5b21ece75d9af97ec238489a86cdc670dedaacb491369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dd47bd3b4513c23bf258e8029f3e8ce

    SHA1

    a155fac17cef0210452061db84d0d8ce950956bd

    SHA256

    5141bb45946df0391b7ea3505de261549bd79009336d48bb9947c05dbfce43a8

    SHA512

    98ae98696642fdf3678a041ca099aac8cd58311d2ba2632e4fcdd204510536008ca76c0143b6430e661a8bc070307ae6da511ef6355299a1a0d04ca900f38176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0cd795df10049d5695d1f386d7bb7fe

    SHA1

    9d52faa45b6af9c810fe41798d0b8b27ce207fa1

    SHA256

    b15bc728acef8d567fea6835dd5dde33c60ccebd7ae066a6ba100856a042b7c2

    SHA512

    328888d0c2204fb2a7e77c45b59996587a3731df143b3cae28f843ce9f15320fd4eaad419769ddc4e64c20d9f1297919aa07ce31ef6b74a6e0c99ec9bb730642

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fe5aa8aa472ac6d37ee5e6a0f42b806

    SHA1

    ff9fe980c82d1230c2a69ce186bdfe710fd25714

    SHA256

    f35e2f80051adbb2ceced0e57112713f6a12cbab660129a5bd4eea0ff8c4d82e

    SHA512

    917e43d0959507b1242ca107e1e110abf95b9ba2686b6f53c03117fc446e58e29079df35a7b9d344c9a73e934ededbdff6b4e833929fc09da0f293f7c5c596ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9375962cf68c28eb1392cf1129ff8eb1

    SHA1

    1cc873d7f000585302271cfa7b84d1d13214eb00

    SHA256

    fbf605758d0384fb58b7c4b617279a0b32420b184bcc958a31d2947d90ce98a8

    SHA512

    4c002d8876baef3515df1948b4e9e5049d009e19364934c932e606a3dfac9d061ce0c3aabe691527a87fa67d178c687e106f766c6b0c7bb270084598da905b99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a099d6efcfe2e560f52ef76195e6f85

    SHA1

    d66c45ad7338b9124a90b31319566bbb83c6a4da

    SHA256

    9734139c8a7b1e202e3227a5429843f382e9d9d4b461d6b737ef7320dd2a6914

    SHA512

    8fc56cfaf4a446721c74d54a62606e231874215eabdfe2dea31050c930c6215799ee0b34b0b45178bc6277bf8eefb2796d8fc797146c2167f0f91a1be770183d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c661bba1be3f8c850efeb2a6bfe1142f

    SHA1

    47e28aa1f6019b733b15a3012b715b0a956c0849

    SHA256

    4b701c927fe6ee7ed448dbedba43bad82b8785e00f8408f1697a5e3f13b8f73a

    SHA512

    757b5c826737b4c9c9ba6f121706b4f90c66dcfb3aeccab6ab4dbfc4538aa344a5597cc07bbe704971e3ed86c8043fb5c09e5bd83192aa02e5eda519d88fcd2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9B67.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9C16.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit