Overview

overview

3

Static

static

1

8c57ada569...8.html

windows7-x64

3

8c57ada569...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 23:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c57ada569458a141d02afba497e85d1_JaffaCakes118.html

  • Size

    57KB

  • MD5

    8c57ada569458a141d02afba497e85d1

  • SHA1

    4038dcdaea9b5f766cce60e4af5a1bbf1aa8bb8a

  • SHA256

    455199fd159e64b8c93c076427e5966aca916de69d14afc905589e2518a70c2f

  • SHA512

    edaf0217afdeedf35d4bab8f65de3fdd1a4a50ffe58ed19d87dd92aea804c0d8ebddbfaf0352f509efb1b0d0b3f74477f469449b16c0e662d70a9bb44cd0b8d8

  • SSDEEP

    1536:ijEQvK8OPHdFAio2vgyHJv0owbd6zKD6CDK2RVrohWwpDK2RVy:ijnOPHdFW2vgyHJutDK2RVrohWwpDK2m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c57ada569458a141d02afba497e85d1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2508
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2508 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
    Filesize

    230B

    MD5

    afbec03f4e0a260e3b1ca07d638407c4

    SHA1

    af3af9b8274718f6c6a72c56dff4ae14ddb47d9c

    SHA256

    36932fe94afd13f1d101428175641f59f8c0fc9e3123b075469ca181e130b0cb

    SHA512

    51063412b2c3f69ec0963221de842f43bec06bb9af0aec5de03095b716ce1663facee396d6aa68ace8760e109c7b35aedc6e80581bd49f1222b1086cb98f95d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0def9059e7255c5fb25911d386b5d9a

    SHA1

    67fc2cc08002123b5d2a0508d91d2b95754ae6b4

    SHA256

    41d335fd03a85eca57720f09a6407f494c6406b585fa4f9b4f835efca31f2e62

    SHA512

    387dbd37dd4a741c6d94c0faeeb3e0e6e5ba7cdc1af60430482d8f36273fe8f37c78267ebbd9d0b3e3f24e665e3783264c9b802c4d132c5995158eb1393e9b97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91372aea719b2cf1dcef8725cfc38f9c

    SHA1

    b6076a23820474704c8eb5841f32cb14944cee01

    SHA256

    c2e7da9a51cc56fa76326d75cd59e8033a4f5e88cdda719e544cf0853913ef26

    SHA512

    a151bf00ecc67f7f8074cb9f856747426fa80da4fefbd0cfb69337cd2b21e46fddb88a06dd7a6e4cd7c42f43065e06460ecaf62d5e5e495d5c1256d167ff784d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13b582dd054d13c4effd2df5217fa57a

    SHA1

    3f59a24d83d672c35d4105ac840ef7865a05dbc0

    SHA256

    50e3d0fa6a854a302cfdbd02946949845d5f0b1e64a3def9f7344a4498640a7f

    SHA512

    d503614daccaaf594a9d67ec32573cb7363d2d9b0fce0a8edd49e6cab51b99e5b6ff1f27dfbd70ae92e05fda70573f488b289702b4c0eedb374ba89bf1e13825

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc2c79e2d13818960351d2a66a4c8d67

    SHA1

    892eecc8d013e76de3a8a6c8d5bafb8df07afef9

    SHA256

    f56120d90be0e76af69cb49312cd56c202181503695a24d7d4e4360f970abc39

    SHA512

    dc574cc1145b0c6e8bcbf54cad4a6f823bc3413d6358a86827b5cae6621319928d7fb99793e4d39345925cfc1bc53db56fc498d3499a6afdc7ae0551aec1b716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aeb63bc4b5c82a47a1dc1b5d4497958a

    SHA1

    816012aabc0e33406d7d3873dcbe38d5838265cd

    SHA256

    69129e5c2eab3901a37bd49dddc6b4812da4a402029b38dc06a3964c79de8553

    SHA512

    caa3a122cbea3be538478a963be95bf0fe4f83680cc0a87138a0d866a6316ff14314cb226c5b0a1efed5362e358a222589212722159ee1af45b7d09152915c22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5c00886515dd8188efabf4fbfe9d64f

    SHA1

    b255ad858f28fc18c3e555c6e53815760180bdd1

    SHA256

    54b992ade835b9e440130a9367850de01e0b0770845d0fc86231a3368b45165b

    SHA512

    0ef1cde75b8a82c04bcade0e460d1f462ee70430d488d5411bde85586366040b3b6f080611d69133e5716b64064b6848df2a05c24015a0b4ada8e78d8481682d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3866826e0a2c87b16c8cac7eeed98da1

    SHA1

    0731fdbafed8f9564f8c076547f010fa5c0adfbd

    SHA256

    85b511f544d905fa820ca090c85ad79e44d7812cf4f658d7cad5bff65b6cf97e

    SHA512

    5ace7484c370528b13f1819e1d3aeb60f27871a3b81bf0275bbf942021f39c92a4857ff39d0c7ea0380c9e3801f40555f3ff8844099978a88e0764a5e78c593c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbd10df0ecfe0c01fcd7958a1eac6d33

    SHA1

    12f7e351d5536c991f84caaedc37fb0e5a456b8f

    SHA256

    b7d0b167109105cdc318905c58bb4a144a9d0f97686f333525abac3c07415d9d

    SHA512

    0a649003d6560c907470c143cd870b622796164d9db0f601f451ba33d86bb2ca616f11ec51ba6413ccc50a8a8720f55be90043a286c25cf0acab64b07d46e5ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bac2414f4116f650cf3bc7c33211de3a

    SHA1

    d0f81bb09bb41f80d3d0cbd6d7bd51797cc579a3

    SHA256

    1c1d15f3a5b9c9810b4a9b67afe2be66407f3eb8ebb1a4d07d12a6a12fd82f6d

    SHA512

    b58e25d76849347553aea752b67c31f7874918057bcbedcbd9f6dd31253884011c21ac1f18f7c209b6ab505ebe2851dcaf047a19ed4a4fa89ea248d82a0994ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c72e8957be0fc0badfd86049ca4e361a

    SHA1

    aba7c67c9d4a91d711ea864e21fb30f4a863b5a7

    SHA256

    22607384fa02d26db4c5b5d4770efb1d6d9c22c6a60732dd3455df4db9e0d9ae

    SHA512

    b56cef2a02b4427faa89325295faf884af5166d5f07148d8cb95164dd32333f77ce698fbce4a689f4cfbe8be3434bc8f5f7bc5c0b56472162c1676708d3129b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd7ba973e6f0b597f6f7bbcb53c28e62

    SHA1

    5b20a1006a9d78913f35384569b5da1878644b47

    SHA256

    d22c4d241518502c7f4656e3b34b549ce1b31d49b5d74bfad739996ff79fa00e

    SHA512

    470b4fda3b36572866d2a89ef833a5596efabe14f2e9eb0072699ea57a93a0f4595f8c7cd456df592707e0b85d2d5d671fd7e4cf937268f2c7d60da2d3af5340

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e968fd5c5c4cb8bc116189593800a5a3

    SHA1

    fc3caa16b8f06091de5ea1c6c4ce9a3d26e3dd5a

    SHA256

    1f9a6ea70c332583f7fdff3acb4c43bb75cefd988d833b93002d28ac98981fb1

    SHA512

    671c1ac9ba34a953517b6972294ba83315dedf6a15721b6bf0601c06128b2c83ff9f4e1146a4518d739ec952459e16ad307c63e06a38db6376f475f29bb67389

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    85d30d814bad01b020159d3ea4e5f957

    SHA1

    20dc5675208d6c7f3f23c1a08d1b51d584a4880e

    SHA256

    8ed9bafb4201332f94a387e328fd1782761d093fe481691e2e12d31946cffef5

    SHA512

    564f22dad8032f9ad1030a6b148f0790c8c001824163f5ca1060f7cc95e3435fc5f326794e97d7bf0672fbb2bc55746da781bd17305266efcf0aa74f761373df

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\f[1].txt
    Filesize

    39KB

    MD5

    1bb37be24b164d73ed3b8b3a2be5e2e1

    SHA1

    ded3b6110bc805eb586fe864cbd4d65cb796351e

    SHA256

    b4f9c0f5e9e14c3f09773a882fea43ab897a63b25788108dcd28613361da7114

    SHA512

    2fd677e334363629d18cdcfe877582a039760157428ca433f452dc2c4c6dd16f07308ecec720b1b993d7298bdf6b2cfb8214c90bb64524a876e97473d1fef6f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab72C2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar72E4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit