Overview

overview

3

Static

static

1

81c1d7233d...8.html

windows7-x64

3

81c1d7233d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81c1d7233dbb64944db5cd00a093bba5_JaffaCakes118.html

  • Size

    36KB

  • MD5

    81c1d7233dbb64944db5cd00a093bba5

  • SHA1

    bacf04af292ec06a07ab40e6e64e99d95ab1c8d0

  • SHA256

    b7efbe38bc2bb5a37e703f3742bd93d23d3a4d045655dc31aa8a32c9d1f101c1

  • SHA512

    c9a9d85dde962956e4d1dabf2977cf23940009b36b65ddf8d8b4d5d0815d0ebc0e7acbacdc8fe153fd3d1486dc435f5f268cfe9cd50b1f578617aa2a735e9a93

  • SSDEEP

    768:xQ3rAVZ/xGn9DO0vXE75HxPlGZLZ9hkny0+wn9A:xQ3rAZ/xGn9DO0vXE75HxPlGJZ9hkn1M

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\81c1d7233dbb64944db5cd00a093bba5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61b168420a14330c6e6112f6a644c6c4

    SHA1

    cc88d9a5ce74a0647e044dcb55008c7485c073c0

    SHA256

    bba293f4ce2a7bfd46292b52fcb94470f4e6156c09c0c63b5a926058f0b89347

    SHA512

    74181000b373bc1c8e5321993376a0480805771db13c296d9db23f6c2f38640320fbbe16b2ea5b02d91ae17a9f2ae5cb7dc4315324b7f190c0a9d1920cd128e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    514b9b74c0ea5c2ac4891da47212fcac

    SHA1

    3df03c9e90ca9477a1cf0d6247bbf6546c80f8b4

    SHA256

    78ee552770e21635a36d2f0dce63b1503c912aa28e95ddca4d0083e776f35025

    SHA512

    22c4612e05980088e0b2c3d49c93e6ef3cc36c1eb05feef3b3ad4a94703801d28003e63c472bad2151cb08defb7f822a8bceee5c11576fa3c769b27f61731738

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8852ac0def6827f530bfc2be96958a0

    SHA1

    453cfb16d0ec1a73ab2404d1db343133d0b3c9ce

    SHA256

    9200ceabf1932150315ff5dcd5d4335fdd15a7d8c6b263cdb428608270608649

    SHA512

    9911be97dd90d5b2aefc37722f41f86832dd1b8900169dc2473f42102c484d0bd23edcf21d94c60fd4f2eedc60666bfc983e4efac6b1066747d76c55ac8311a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a03d3dc5ddd53069c805814e8eea19f

    SHA1

    75f3532b5bdb26abe5fa1acdcfdb6dad5490d13f

    SHA256

    feefe80a718cca7437d2d98c8dd8320da9080d1c14e2baf65645d27c607f9ce9

    SHA512

    36bfd6d1a905808bc3b63a23301667c6ba6a67d29314a43c3faba1921126a7e10f3040b90692e6ae905d10e270dbe05f6f1233060f684bc4eb5797e9666df7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    256da4248b675d048838d978874dff65

    SHA1

    c779fd291fe28a8505c45df86c8969a4f3cc008d

    SHA256

    8b99840017b0bcbbc5f73d510c0cdf9e0e750e7bffc13622c99f7ec9bbe3d945

    SHA512

    cd77771c4856166308c0719134f1df7e05ac51104075f7e64339b02f55b88375e253f6640f8888f293a0395eafb96505047c3de071595dec1c0e8dd9b069de0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f50999afbaeb1a8fcc083f3bd89a2fa

    SHA1

    2e8eb290f933142de7fac52d0714e88042a6066c

    SHA256

    e73fd3739782dab968e917e72700b1c3551ea424c0700180763b8bbe3086a335

    SHA512

    c7c4b41c6bcaf1283a2971cbd941b14d56b5251d82418c6c4eb4bfd380acbf95cbcf449e4c53330e6a0d6bfcdc00b335da8c45c32188123d808ce02bcecb4a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aace5379a97af45077d177f6c8c9a346

    SHA1

    ce259985c142164708ad41f553620d8917425700

    SHA256

    273f74886d0de646cffe5c4cdbae99bd0f6a344cf6c80b7c747e7bcfd10e256f

    SHA512

    ed463231bb8e10b310d063ae76798d56b9bc5d70d8539fd26416c078479eb4e8b6c0190fd979cda9129fd79cc0ab65372a55516c5db9aa00d40242da40e25e14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17871d51a848b3cd6be0218e1be87342

    SHA1

    f3ab74598c0975bc3e43d1c98a3f06753a3c42e4

    SHA256

    de1644ac22d89f3d6d9e64ade231733d3ccf5ff8a0f0ab35bd1d65df9ecd2d42

    SHA512

    ed2dab73d05aa1072d2770ea158532708c53d3674027b63aaa33a317b4c95b046588c5fcbb435670b6c8e9feb1bacf4a3a07bae10fc3456239272ba91b44268c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    431782bd93d1d1df061de1019c776acd

    SHA1

    81a5ca283266a96d4ba22e37443e3cfe20da58e5

    SHA256

    f167be0ee51fa2ea843cdd841405ee7eeb23fd7633867a5da8753cbda1ac2b39

    SHA512

    423cbc16be76095f999e414f1a638fee0f65216e8f305ba3703646e4fd88be7b39c1c35a9eff626d301f449bd93c3659a36ebefad063588bba86f12a9ead9c48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c065665a468684001fd1f82ea6919b77

    SHA1

    1c433dc9cb4d6591ca176a2e184dc236cc8312bc

    SHA256

    c2210246a0a2eee8271898d2c40c5ee327d7a384e90767dab6f275eaaef22e23

    SHA512

    b5b8bbcf9283f0c834bbb73e8cd1522d414d4f10775b39cdb5934777d72966a3b401c618ccf0b2f9465b53eee0330af7d93f04959e8b445ebf3df65069b819e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFDC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit