Overview

overview

3

Static

static

1

863966b4e2...8.html

windows7-x64

3

863966b4e2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10-08-2024 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    863966b4e257da536546af68be67c5ee_JaffaCakes118.html

  • Size

    10KB

  • MD5

    863966b4e257da536546af68be67c5ee

  • SHA1

    3db978438b433c60c9bf370a264ea1b9bcd91ceb

  • SHA256

    1b0e439e526ae4b2d52804011d4bccf66905816770639d12828260deffb8b449

  • SHA512

    10193a27c6512e302b557a279633ac310f5e464fab125dd489f657cab6ddfc74e4fdce1a29d280af504bb5dd6fa19c1406a4e51244ebb3d56684f2067a782582

  • SSDEEP

    192:csz7VtAYS/BqBJ0IaRX9/cZ1JxV0PHb76f:cKtAY8BqScoHS

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\863966b4e257da536546af68be67c5ee_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2deebc0e41144e28b876f1e130dd9301

    SHA1

    299a3a00b0a790c069bbb3579b458e7e68ee05ce

    SHA256

    ad91b5e8f03505227a189754690721adf5b75d408c42d8bd70ad7ffb972ec7c6

    SHA512

    b40e90743c2078f8ac5cf1cadfdbc4f5092b5daa7687b699c8fe4a1c7946ac5150ed7370177eac5767723e22817d41f60b317a4fd361bdf326c73730bd930776

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bce82b4a2b9ffae6b11bba28be3e774

    SHA1

    535dce19fa28e73c8f94ad7d42b94260ba32cf20

    SHA256

    0339e007fd020347d0bc49db575f68c908666ca4122aa8728a6ea4bb3722c361

    SHA512

    139f30c395ff07530bf5f4cad41f323f4a6145d184f73c479c87bf2f580fc22e427e2efc07b7c6f827d988d80cbf5955abbaa4727c557ea2a2d6863fd25a0b7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e58f483e0fda7b18931ad824beff43f

    SHA1

    19c514423a14a61cb2e8bdb373574ff3a4e7417f

    SHA256

    552a349d8e6ddf8cf8fcdfcf3156e15908fa8f6cb70fcae82c1fe893fe1dc354

    SHA512

    57f3d748429b3ecb9d407004d2a855b9b17b3d309dda0acbeef563b3e5b918f7984c4cdba671f8314d51a0ee9514b2885dd4b070aaa0861825017c17c4261a7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50777db33a2fb5d42f93e5d213c10ffc

    SHA1

    97ad52cae04cfc07a94ff623b41b80262b6db547

    SHA256

    4999944d3c3708776903f0e1a2854ab8d77e4c44f98e3df433c63d8b051f0e94

    SHA512

    d9dd6a6e2ceb997659d0ef389b437dfeeaf9b220e1d330d786ff5617631c60c4eb9cdf710ddfec835bc0d72190a0217991969865bf503a5473803bb66cae3916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7cd7d7807415b03e5f0c3b35e05588c

    SHA1

    dd0f1b8aebace6b9c700294e713c626068a1e9d4

    SHA256

    01102589163a674fb1d0bee8b9e9d09b564028de1c7bd4d903720575600e79eb

    SHA512

    338eb66d7d7d88e5ff19ae7e8d5a08e7fb66317174a9f84a2f98d799ef44240a8cee3292359730413a7a91f6a6aa26889bf2479089d433f2757555664d4f4d29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1764db1ef5e7974eeaa94ba71955af76

    SHA1

    02267aa0c028fb9f469cbeb3a45c71177c7626a6

    SHA256

    606623727c8aeefd90b310eb0533892f826b5010b84df4936dc78127aaa798d7

    SHA512

    92237cd434f4b7ee3f0b24e9e33243b4e9582326fd60f466074e7ca9de2ae5f74599c5fa3f6d446b09ac3126ccb1fe22da6c15917ddef5f9a5ccc4590936e6c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64ae8cc429c025bd1579163c4db0adce

    SHA1

    907eb61731f05ef9ce69f6464d2d0b1f102dab24

    SHA256

    d5fc0f0fc09ef3998fc8ca61a869e17979e9e14158369c246601e4bd9db7e1b9

    SHA512

    8a5a639bdc2e0089c9b728840bcd8881b97ef4be8e57381d69ecea3cc4b8f8f24d1cf3cc92b93c339a2861df9fbaf131c942795e771b8567f076bf2b7764631c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f51fdc81a3cf395ddc1bbef7c48b8db

    SHA1

    749c8c2fa187eea38dc75c84354e355556397fdb

    SHA256

    31eccb077e432c3d36477c073922d2b670f8f409d4c094915731780ea9294d5a

    SHA512

    a8b9051050c13f1224368905e4a179911772d0e1fafa8a00dc0e9fd4b9ab00454ce8ce731cfa136a8939c50c68b81d185640f2f7c617a63ac01c4382dfd103eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD46.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFDB6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit