Overview

overview

3

Static

static

1

89bb72523b...8.html

windows7-x64

3

89bb72523b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-08-2024 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    89bb72523b5f577434a2c9208538bb09_JaffaCakes118.html

  • Size

    9KB

  • MD5

    89bb72523b5f577434a2c9208538bb09

  • SHA1

    9a97c9f8c4ec208fcb89fd43bd590d1c007a4ed9

  • SHA256

    d0c58404826b1b68f6f739dd936069cd8884ff0c7f28037ad9b97b21a21d0bc0

  • SHA512

    35dbad1896b96f6f06d3fada993941d8a15007cea4faf9a6a7626a94283c772077289070997f0fa37b1ca76ea7bd175546b69990d522567b9db12b5e87745b01

  • SSDEEP

    96:uzVs+ux7Y3QLLY1k9o84d12ef7CSTU1GT/kzupk8S7NqKsKlVHcEZ7ru7f:csz7Y3QAYS/cokL7YKsKPHb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\89bb72523b5f577434a2c9208538bb09_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40f344c2bf5820231bd5132e02bffaf2

    SHA1

    3571bb0d2d552f2ac68956111cbf715bff3b2338

    SHA256

    32ba17621803aa13425170c680e2047e78950eb05427567eb71c1aa4b1698f69

    SHA512

    6537e18022fdca20e03b9059db4d6a9276548ab418c75627d9ff3b9f9f048ae37e75ade97b86993579f0fc4908311299869ff7a9948807e864c2c85771d96163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04136e92c6e23fe99fdafcf1225924ff

    SHA1

    3c12faabc45f9f688f43367a941a8739776ef1fc

    SHA256

    c8aaddcf276acebf3ece45f6829de03a6c9f56e7aa1f61dc2a83090bcc7ab3a7

    SHA512

    4ecbf0fb19cbc8f38a3abc5c2d0f342201742656788b6cbbf02d87cc880ff7b57d828620d03fa1951d2d5337ae077554f1f3a61e98c89e4078a90fba87008c05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79c2c6a28ef2d1aef1a68349345ba13d

    SHA1

    1d9159ac18d486de602c57302925235915f0c470

    SHA256

    088da80ebd00c44c0ba52a18d7579c7793223bc31188ef65ddd3e63e730c49d8

    SHA512

    95f11abec1f4541f31f1d49df62622b8c692bc7ce1cc6527fb09b37f951f0ea1a35e71a4a59eb7ac7ad957149bbe531c3091e594986310c6d05e1c416ec0d0ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6b1243498776449c8492fcbe45cb578

    SHA1

    f8012afcb6eb15a2e4593edc073c4dd35c7108f3

    SHA256

    c2fc74932413bcb2bef4e659b9e594c114ce6ce54c97a6f6a0bf66e92c193e18

    SHA512

    94a85a866f84a0d6a121aac719196fb82295c68cd590be398dacc20fb5084cab937c2c202ffde0b45baab9d64a945596091cd80a9e605b9eae221a339860221c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1116bf496d4bbeae694a1a442912c893

    SHA1

    d5996c0a5db4c198eb86ff5fa81d1a434457707e

    SHA256

    f1550b8ee4f431bbf8dbee9866caf63028586d574be169af6903c9a3ea48249f

    SHA512

    6558afbf7f20a505b9a81123c691f354e5ec4ab84944de40d56515cb331219e49047dd2f2d839b6a6b7da1fe93b121f1da460adcf2b126daf3518e01ff97dcb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a3665e7e41344bb043e18cd5eada12d

    SHA1

    715c85db452e1386d594c74f51c87660db1a1b26

    SHA256

    7d680307fabdab3fef4e437bc06d3e3702aff675e29f0230391d3b791a799d9e

    SHA512

    89128a6537661c23075edc01d44deefc525d129e01e06ae350412b3252bf077425da89d083fc6a330fe326ab9bf5d38cf48f3333fb2a3e9320bce31b7a5780d7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab52B3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar548C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit