Overview

overview

3

Static

static

1

85907eeb15...8.html

windows7-x64

3

85907eeb15...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10/08/2024, 09:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85907eeb15d2f1f2f69e9621c06619a0_JaffaCakes118.html

  • Size

    26KB

  • MD5

    85907eeb15d2f1f2f69e9621c06619a0

  • SHA1

    6e55dba90bfdb5f4f52d4bc168dbe3e94f0d5783

  • SHA256

    48eac6d728079c71b07917ea2a157e9083bac05a5188331416872843b31890a3

  • SHA512

    2faf4eb464c65adfc900da49b84922654835de65c6f4a4d271e0719c0be1c66f6b91a24cb3d27b8f2ce7a43eea9ed1592cb7f40f9d40aceacad65d3d2cec2f5b

  • SSDEEP

    384:Fd1s1XY1Vq1y21XeqKVEFpef/VEADs6QYbpZf76kpOcAV:Fd6e6Z8swrOcAV

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\85907eeb15d2f1f2f69e9621c06619a0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    a70cb08902898ec0b8bd641ffdf125fe

    SHA1

    e73271c1ad9d845a45697887f964df8afcbfe00c

    SHA256

    91ee87ae69e123d009e05cc58bd91746e72037ef3a902f586a27a9c3a5afe240

    SHA512

    272da182235a56af8653a0a49ecd808c1947e9ca462c5f57402e65bbd61990b893d76a41d94a1ade061aa88ae6f581fa9fa2eccc316185e9437be0da9432b3c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19cd7949f926e0a6e5306c9241fdc0cd

    SHA1

    ebcede8c1134836526510a3d162734fc3dc9c35a

    SHA256

    a2f16ebc05e4c1ec21c5222a2da5d4df593d9759988e44e1a1fcdc0ba368dd7d

    SHA512

    bdf5d0968f8045ccfc629d80df33b198d9e74e8b8fe6bc39f22832ea7f3f7bbb7404d2e52fc86fee9bdb1fee20d79ae2c3c4b94bdc7c50ac7ade0580eb94b3ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e4a630463808db0a85374233da241d2

    SHA1

    6d44d970a426b8d8e071b4d14ef3df4c7724dbbb

    SHA256

    c4ec710cb97eb4d4c32033b8b21cb982db6113bb85a8019d2ef90b5309d7fc8e

    SHA512

    7033fb30e76bdcf0de919966e37573099d0e05ac2deff5325f6687878d0cb0d41a5d6df653a56bd86d1521894a4ca0d379e788b650bf18d2b95a56a789a71743

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    259120fc4342b2ee4d179c318574b856

    SHA1

    1a166ebeec0ae7ee4f143f8e68fc6f3a27454203

    SHA256

    e2c137c1f479ca203ed64f99e8c334852aaf9bde3e08a780c41e56e7f721c5c4

    SHA512

    18f127e94b58c2c7b8fea9e5abd6ff5c9cf40ac6680b895014252a46184dac9bb24fa2f4ad8de269eb65881318f78ee49d79b8202f0293f358ddfa0d6c60744d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e1b9b33949288dc1f9b7b3155b9be41

    SHA1

    ddd2f25eb0ab5eff0ba613e295f4dc7fb375983a

    SHA256

    c3256a4cf1ed956719b13d2a4012a73ac633f0b329cbea91ea1441e510734f16

    SHA512

    de4363167ac9b1a8f94ba81616581d2211deefeb665582828d71cb95e398c7e10eccc562e2f403854ce7a5351393e775e50db10a05124536c3bdcb5ebac5d79f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55a742137cb98df4da84b29ed9e1cc82

    SHA1

    41de439780f3398944a964467a6d93c053f3bcb7

    SHA256

    d8e56e9553969845e3ca45bd70558112bd655bf07fe67310b6ea9c4962e2cc63

    SHA512

    f2831ee1c4732b933c728a499d0669c87da00ffe9fb4b9c5ebbbdee14d9fc9c5a275545cf7a562d1e30f714fb433d73c4ab4092595064d088c15aaf86aa6ec63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c986557f6572ff36a6954ca22d1da66f

    SHA1

    769da6cc2bd5892b1bbedbb615534e90e40b5406

    SHA256

    0a0cd8a19090aafa0f468c19058a1142c3a8ccab1345b57b9a358d19bb18b8a3

    SHA512

    f59f153c762886554bd1e513adfb10f536a16121383e3ac19e61f8222a9e4801c4b34c6dc2ed2ffbd3671cb821799f19be52d295fe499c9a5fd9e5b46e1bb871

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f08c72425c211af66aec85197b05e293

    SHA1

    932132ce32c16346c6d5755a73c3e372a0a29395

    SHA256

    fd68ba312c38bff1967d3c412cce36db5412f7db1e12bf0c9b395912366e6423

    SHA512

    72b1685d01a79904ea160183df55b3398d492ff0d22fca2b2125f3a0038ba3042323404d670f106571e1fb23550d8e0a14883d12f88185f2d64c456c5a7727d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2af86bfbd0b2b21d7d82a6b623f8fd6

    SHA1

    4b75b060760d0a2cbdb757305eecc4573318e37f

    SHA256

    c65bc37308f2927704eea7026cdb012adc7c7ffa5f5a8f68c0651715ba1ef6ac

    SHA512

    2660f7d55e096c4af02122026d89ae0e9a4c4a6d9d21da90d5c578ffaad3175b8f9501b667746a61403776f52a6d2d42506e49517cd536a1ae57642dfd023f7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e2bd2923f2435c22315d60dafb3b7d0

    SHA1

    d3d8d3ab6c0074509a4764d15c41a3f9ba865c9d

    SHA256

    11e2037dc5ad05716c14bedbac33074f8840b1c9535f37f49914c68ff96efcd4

    SHA512

    5e0fd5a97a4405228a03eb81d24aecc7edc4fb2cb23daa7eda14422c2007a99e6e250e06530b03d50464bb8d0f70ac5b893ab672493cc85e9f95842608935381

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    576dda8f18bcf40955561f582b254fef

    SHA1

    82eae91b9cff521efe525db6fbe919097a64cd29

    SHA256

    dcfde9c5e8d4edb46bc178954c2bbb2806a24300b049e6fa3a16358bb3904fc2

    SHA512

    158cb19738bb1a1b67f8b12ecce6ba194be4bbd7197a3cb2cdae72171476b3aceba43d26ad3b64a194d3e00c2c54938ba0b9ea4a97eb99acf6f59d3252820ed5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\errorPageStrings[2]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\httpErrorPagesScripts[1]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\dnserrordiagoff[1]
    Filesize

    1KB

    MD5

    47f581b112d58eda23ea8b2e08cf0ff0

    SHA1

    6ec1df5eaec1439573aef0fb96dabfc953305e5b

    SHA256

    b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

    SHA512

    187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD92.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFD95.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit