Overview

overview

3

Static

static

1

95d18ebd80...8.html

windows7-x64

3

95d18ebd80...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14-08-2024 10:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95d18ebd80907451c56bd5cec7fe412f_JaffaCakes118.html

  • Size

    75KB

  • MD5

    95d18ebd80907451c56bd5cec7fe412f

  • SHA1

    d5b6aa5bcd38203613bbdc10211569c814ac572f

  • SHA256

    5b15b4cff97d1091f90f21fc9003e4ec599c454f465def93d8fd12a7bca5d87c

  • SHA512

    6923a20e221ed5debdda96b7b323bdfac60f5884b0bd15f53abcf5c75038da645b6ef4010402dbffb829ae7197fb8b4f76f67e85a839eb4f1ac7263900e91a15

  • SSDEEP

    384:Uu6ZK1o0lNWsdgIKVEoI2ITHgoHR0qG8OlQjFFEyKgFRGHaGLy/rWmi04yUnKOFX:FlSHVH98OlQJeMecX87ZmLGQNx/HqeuL

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\95d18ebd80907451c56bd5cec7fe412f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    6047bac3f858cdd9d44a76d0cd02edb0

    SHA1

    26ef632376dd07bdf3a84ec7e5094f3fb0a7a38e

    SHA256

    9dbd947461d894efbc4a2e4bfde529b81b67b55731339e9ced98323dcb392076

    SHA512

    aa3eb25f668fd04f27a3c140f436d9ca14c747244cb3e590fe082109f81a37243dc1fb203e1f2ea7186586c532304b9f2848355609f5ef60496b153ee157cef2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8050e435e729aa393f8e52370e8af29d

    SHA1

    ee2faa44b588b5c258b9a8f22eb105a33107b718

    SHA256

    010d4d021a5b276dba9948fad02c15c0c85f3e2c6c9bf884781cbcdcacccd9dc

    SHA512

    cff9ef1fe489b261af93326235e4968da3fb4e4a81c5d38f6a95ade22ee9efb54cb095d84b6f3f88277b8428613cf54102edd5f7e66347713511ec700197d1cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8282bdd3f98b573dcd080584e5b0978c

    SHA1

    c2b16160a551a4bd91d17530ba69381742e15ca5

    SHA256

    3f013821b74a669cf0267c65f1cd26088b93a836fd66f0741015e88f781caf72

    SHA512

    eacbc79cbd071c5f7a2fd2619e0daaef979fbc153a10be3b0d0a67e98487c3ae2bca8036b8a91a247cfef525267ccd1442590294f7be1ef3ed153d4112fc4999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13d581b6b83a9cbd0275b2c4a8168049

    SHA1

    f24be479926e94f3ff895a2f173c930e6117bc52

    SHA256

    d8c0d391471e72c3620320b6d227a5b1c6c7935994886004ef467cf0418dde96

    SHA512

    c1114a77c8f79277600fe2ac97216acc9630f41eeab5c58350e6aa2ec5f3ed6ce525c8a51495ed68ce64baddb7eec3131ffdf7d4059574be8619db38cff73715

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3960253cbf83ee6a78d3ec36596c4602

    SHA1

    9e2806e820360ca729f81b786a3853ac10566722

    SHA256

    d5e3ba5369a134c9819bb878c3d3d292d6b5b1ce0f3240ea0abc7ba38e168988

    SHA512

    82adcfd5f9b4cd0c7ac441a1ab66b2d4f3f549097bc02f74d6bb40cdf27e1e5b9e7e34356c622cf7a8b14a7e91f5f4ddff6925edf876846825a16ba28cb52924

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ac83aa82f2f6bfdbd765c26d7472fe0

    SHA1

    b81acddb89d05d637f5ebb97d062184dbf340fe7

    SHA256

    3515d406ea649cc12fe589b3f05e63d9d0cb977cad94848b3e85570d4d4a04a5

    SHA512

    0de859cc3b1475abfc68da3960f6a4fd8772e1d600c76bfe8af023952ef464f2b39498033457184895b459939cf1cb6553f62bc5ba6dcc2017425d1cbb94d412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    3aa4e43e1604460c787a718c686d26b0

    SHA1

    92b37f02b9a4a9503a1af92cbcb2220b20afae6f

    SHA256

    48010b37e9a4ec9d6a10a038d4deea425e96b82d24cc4a784ea61fdcb09acf78

    SHA512

    e7187b363fd6b02690f5a3132805ab1ab1d778f1269ab5590935a93e6e1ddb3576d4b18a6f46499e6ad083e039529960e55c43692beb44a5a0fb21d5629799e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8C4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC3DE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit