Overview

overview

3

Static

static

1

887afee252...8.html

windows7-x64

3

887afee252...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11-08-2024 01:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    887afee2520e01bfdab5fa83e61beef1_JaffaCakes118.html

  • Size

    10KB

  • MD5

    887afee2520e01bfdab5fa83e61beef1

  • SHA1

    be3d2ad6cf5864f27edb3c85a2c310859337767a

  • SHA256

    c9da97cdd2fa44afcaa12957e417e09124bb91f65c30cf58a2b88c414a2e8c02

  • SHA512

    ab76ee460f266a7d81014c05f5866c41d69973e2a8f2ca34bc71f15c912290438c6dd92d0d3d598272c1e9f7f390487696eadb65078eaea85355e648be73edc8

  • SSDEEP

    192:2VblIsr03cbco8k/w1wvqLkZcoBckcPncivcocOc1ci01e6uBuLbdU8d:sblIcuqZ/gu1BLmnbv/NWN0e6guLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\887afee2520e01bfdab5fa83e61beef1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f8b366047b09d1fcecadef76437db7d

    SHA1

    5f6d308cd15d98f3c91d6cc87a3782bdbe8f0b59

    SHA256

    6d247a822469354b4bd8fd3ad6ad9f228776a74b8901e4ae973f86bf88bd3200

    SHA512

    8eb0e44af4da9b57e64dfd7c470995299ed7f562716a933707479f5b3f2262dc537eb35f01b3c9d0185f7175d3542a378a7903e0331f4b2f2a630f5677db0ba0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    775386ae109f09df7eddc066d4353b03

    SHA1

    977fe637f21592fa5b57640f8ee6e0351b8da384

    SHA256

    8aca63a62481f1efbfb9f87053588824017a7b6c668ad6efc3e1635c9fa64ccf

    SHA512

    994e98de2cd028ffbd5f374e01c3214a98d0c6b6661e5f277ebdac910646ed3d63dd9d7ab3a9e95473785c0a3b72ad5fe6ba2ce5f3c0df9a576a98dbb5983ee5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23df7bea5c8c5e51fb69c68ec9a23718

    SHA1

    735372e87e85da9408c81bbd7e2603a5cb1c22bc

    SHA256

    2ba37374ce80b7904af09877e39365f93637186cf734e3f83b2e2cf100c36560

    SHA512

    aa6b534c47743b62b8bda50780a15176793e9c400d425854784265e2ea3dbb8eb5e231f6165066dcf1df396c2de236e66d1bf1753c6cffd57be246cbffd9fdde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    395f0f337624ce5a10b9bca2f0805528

    SHA1

    83415ec83691fd096ce91f8238376ab5bc899c62

    SHA256

    9e0e363932ad7fb618250ae9e04f8df676806884354e0d8af76029c7f4f4bb3c

    SHA512

    593d0a6f7e652e9370c4e3d42c95e1051344b5229c5fc5ed156db137e10054d2842550ad0bd03de5b62f4bdfe589a4af08a72338ab79c9106b6cd75ebb368cc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abc2db96046ae68984c9c8c61676fb1b

    SHA1

    78006e14a1fdeb19e42083ec44c77a65f6cd36d4

    SHA256

    b6b93c997506ccd908db0875b6789d8af6fc89f1848db8ccabf9bf3054f3349d

    SHA512

    81f08b114f96377e106460f59cf6babd0d237928c3f21ed636c260015df51f2f175d4760059298e7b9efde08290af1d50123ab1f44450f0d78e82e4d5711a0e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f4e7b35cec300cae5d8911d51a8a181

    SHA1

    78590c21cc6079abfc7d5edc4266c551736491fd

    SHA256

    8e71b79e0f415f7bc01bf5881a4720ff2927517ef4c9ccef0561fb87220083ba

    SHA512

    3667aa9e3ab8c93b5059909d78a94b63e342075324d89c52fa3cc25d666431d62f94e0bdf96210b3f07fe3c23c11700ff4a7f23974ec5bf34dae37f46e3e25d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40dd1b77d5437dda77448439537de321

    SHA1

    196e501533e37b8bc98be21c93c6909cf6230739

    SHA256

    57015c6c240f24804c9cdc1439fda8fc23a7c83583398aecb5b01b12dd68e8c2

    SHA512

    1602b49746c6895ef92754d35c08f889ecfb1aedcc7b03b3de89afe9d471e04eecfa4546af43933b5f712617f4645ed3663cb01320ab286666d4866f8cc6c88a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6327757284e553f4312598e3639c0f33

    SHA1

    2e605303c7b46a6cbcdfd3008c37574b4786c471

    SHA256

    b433315329570a457ec2b4f92ca1198594028838a2b274c33eea53f301733891

    SHA512

    ecd2be1ba804c3688525e9bd2a57999acf3669316b9d62493849c9fc4af99c3c593f5d844973c84797528f8a5ce1895cbf77ad4a105000082f9d3272589c38bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7c06b0b4c26cfe1afb50406a1c7b93d

    SHA1

    661ef91913f673dbaa3e0273bdcf8d3780b3ecb8

    SHA256

    4188f61e350dcfedc9dbfa7ed75dc8168e8fc07c70554f6cbbe4b1927ef02907

    SHA512

    77823c42bf9dccf3edfa3d523e3dc4bf7bfc0fb3abeb4585a00ffaf7fafbdd79760046031aff7661f2bead297e47c588a2808095eb92416a02afba55715c0fdd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE08F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE140.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit