Overview

overview

3

Static

static

1

83920aa230...8.html

windows7-x64

3

83920aa230...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09-08-2024 21:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    83920aa230746e458d23b7bd9b68cbb1_JaffaCakes118.html

  • Size

    84KB

  • MD5

    83920aa230746e458d23b7bd9b68cbb1

  • SHA1

    b8360ebb9f42c9ffd859ac90189b618dcab52389

  • SHA256

    dae688a05ff545a2d63f98b5ed4889c4510c366b8bd07c25e8a0ccf2b90d8dfa

  • SHA512

    0a18b8bd56961ddfced043ee5236762c1860d1c44b23f1cd74caccd9bd9031e2f9eae5b5fc85e2c806c25ec62e19cb009f4a284269fdda6afcb2cf01882f83ea

  • SSDEEP

    768:EzcGhC+l0UtSipHqF2gcRwJMJ6U2EyhzOMsXnHyGE4l:/+WYKF2gcRwJMJOhzOMsC4l

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\83920aa230746e458d23b7bd9b68cbb1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1152

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fac7ccbbcff45931826b0f91261eb5b

    SHA1

    ad5c94b3eac106316a5c9ab9555f5a7a3b71743e

    SHA256

    14b05015e4701e3ac0c844db1fae78ef25cbe304435e9b305caeb38484fd84f7

    SHA512

    a46c1e901da657553050e2b050d1d5776b28a182687c05ab757d0846201af7d021131d93d4f083aebac3d9e59aef32e2fb6a08871817092e031da378a37e4df6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59f86841f9dd1d7b9c8a6f6588798fbd

    SHA1

    8950b098c1123a9532d3c68fef697a54b83a0664

    SHA256

    419b00c8d23bf6f2013385de3be2a024e6944af33de246f2e3d93519a0037df1

    SHA512

    13f0629a9072b0f82e1f8b0e357a9a27ffe67a1790ef93dc61d780746324311334393a96380b9366a3b50a437a11afbcedc5d466a38b9777673d9c0c4ab57c24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a95bd38191d276016496678a1b8ec105

    SHA1

    f72d8dac42ba5e950d23e6c6746aedc9f092dcd0

    SHA256

    2c966265d51a6541fcc9d0ce3fedb8f7e54b66539126edb2395943eeb17d5ea7

    SHA512

    2f96b8ed1950d2a0fb938199c717eadc68dd2e5f8128e9819fbb2de1965a8644455ab6c27b6eaec433c18adbcc36384debda8abd0b25b3ecaff7465538916cd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa5145cbe2101f0044319f0cb43386d1

    SHA1

    0000c590507ec76627562d4e68c171ef078b46cf

    SHA256

    1e1cadcbddbb9c63122bf9288de02f02a3544bab9e05dfae26e25dafd33af968

    SHA512

    7bc370d7ef4fc237cf71636cb9ef5bf6851f72de79e5e332b7215c03bfa3cccabd25a32f1077ac472c4949bc9707ca39085f61a0e721a2de6c5f49c3079ac08d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e48de3feed9154f7b1eb17a4db74506b

    SHA1

    801cea32b3995e5a9f87718d1f386e9ceac4728b

    SHA256

    09395f8cc8ddc08ab36f7d7c4add809d516d9983a628225c14259c692e1bbc76

    SHA512

    17ae16a3ae3ec348a19c36703ecbaac1160ff279b6243197884e666d04b622b1005290d74572d5cc50974a92aa626efb3d19366cf6c73406d547fe0de5d3aa27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a595185d2bc7c8178013ab2d5c5c556

    SHA1

    e2d7eac78bd80ffd8f64c9a12fd73960ff04c24d

    SHA256

    23fdc080f3982b2016e4a8004fd43d60836503bd65fe9b699c012bc4cf5f8928

    SHA512

    55c347872672e830edbf44ec83036b3b81b64230cd0703ccc703614f67cbd455d7b4fc8a19f6b08b9a52d942f8a00415b487d74b1dc3e11b8f7e93d01e1f4499

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1D24.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1DE3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit