Overview

overview

3

Static

static

1

971be36e5b...8.html

windows7-x64

3

971be36e5b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 18:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    971be36e5b4d9e101e800c46988ee46c_JaffaCakes118.html

  • Size

    117KB

  • MD5

    971be36e5b4d9e101e800c46988ee46c

  • SHA1

    59a1e3166c851996fe7cc89472985efad118f6e9

  • SHA256

    1c1fee1286bff0e9ba51bc56dddd6234da83743b5beef6147e0de63fee1966ce

  • SHA512

    1ed015c2d0bfaa0d04b207d8943d1e09818bd78891c2e5e1c65c3aaf754c24ad6253cc6bb6cc2d2eea4ce8af4cbbeb8e16cf64499a869848fea4bdd909c7e4fb

  • SSDEEP

    1536:ZiCkwGgSCzLgQrDI+R54eId3nf54+SvnP54BW0nhP73t3A/iswJGIcMHxVngRc04:8waCzrR5If50P5V/A/nQxXwQqd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\971be36e5b4d9e101e800c46988ee46c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:744

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_96EEC010953ED454BBCDFA69FC071E7C
          Filesize

          1KB

          MD5

          6bd5607bbe546d745b57ac0616cf7fc8

          SHA1

          92e95a3e508e4e4915f8ecb45109288755aa931f

          SHA256

          df5c1d739c7f902c93cbafdffb889742aab5e52fbee105043adf6a299cd784f5

          SHA512

          88ac50157b23d11133f14c3acb3a78df64af56c09ddc896de5711f73412620b89fde908dd9e4e564944217030ae2af133837ba92c19db2707c22201e1cb9278e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          289c716528334f3bf776ec995441e084

          SHA1

          bc4798e97c1505755e0d2dbd9992ab572e8b64b2

          SHA256

          e1a426edd87182883e08c8c50e01ae8c067cffb5f9d1520814963830958c124a

          SHA512

          bce46fe7887e888cb2918730c2f416581517b9cb973f335439d941bcd09c1cc244183d2dc880709239525975b80c337ca0931ede76ed2df661661813f7673baa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          be34fa4b9992673bcb55648a2392c94d

          SHA1

          0cf43ac6a68feaee5be6bc407e10eee342caf431

          SHA256

          b2fec98f10ae9ace22a569ddf98eeea9d47f802fa7e3c61a16aa7b106d8d6271

          SHA512

          8c389ff97837343c0f5bd7f1080b62bc4423b382bc50a13712d1ce49c789f843c9085eb32335bf15d8ded823aa5b61209852d84decc3ddccc1d7508d329cd3a4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          94d9e8ca1f739b3d4d69f3c71c233d70

          SHA1

          17bdd4dd38a74929a3ca3257ef546fd065c1e553

          SHA256

          1788a1e39245e38588ff85145a343a6436ecbc3efc40af151ac3e0837e430797

          SHA512

          bea89f1893a3df5a5c966ea802f106cc28cbfea485d1a9958b1c03e4b72d7878d0934403158624fb6c9ae3d4f3fca17a8fd1460a1bac3316455b42b42cc90f42

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f18ea0e3c2dce2eb6d40e74b35bf02fd

          SHA1

          7f254738c9cef1571eda031c2527acad15131089

          SHA256

          5683f438df9746d94c8ba80d84137ff6b8d143dbab7a0512f9b4a8957e89d967

          SHA512

          8ab16d12dbfeb1e68397dab07d280cfb5d40a3810b86191b5cece37c241d59ffb386dde7a417fde816ea5d06d436df97fd2ac9a5564be94854530b113fa3749f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c29cfbe31779d9d0669d93cceb004aec

          SHA1

          4a217acb24209aca30208529062363b0563e31d3

          SHA256

          b0adad463356f172e9e26031883144563181b6e80950e5058a4e052a85d426ce

          SHA512

          ee9438093b0afedd2f54ab0919c1ab83c2807d4efab9291c6aa61abeb1a88382245abf859bef2c8ed252a343c5c22426f4d6a41530b79dfd927c5bf4bb473db4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          329d1882e2b2a0a86a9431324d6c8458

          SHA1

          e5623f99e37e920090c9559878fcf9b315a03202

          SHA256

          d4e1578821bb5d88fd94d1cce958583d733177de8a2ea374f09aac80d6580a4f

          SHA512

          2a5f5157c7f93e37303470dceb492b3f7e501a36f5d129a400931ee45d0a1f2773f404650feed3d7be57983f71d66a86e275babb2b0a4dee8ff043091f307680

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          088b00964771c585ddd311e91cb4d25d

          SHA1

          5b4474d4ca3eae72e85277a4816e323a64ce7c24

          SHA256

          9afe517bab3d5652abe24f86a49493b42861cd0cfe652aaa7f0858c8a21e6330

          SHA512

          9e934d2cb70c8ecdee50f97ee236c5255cc743f2a9461a85f65bd681320c8f5f15dc002c1abbd454e1ae4b265fffe9f20019a8fce41596907edbe2399240a0f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c5c6c22502a5ad66dc23fc219151af11

          SHA1

          8a05697cc73cd82bff08bde25cd5111d0bd1e1f5

          SHA256

          d3cda21d7d4950e5cea73803d4ddb7e2e82c61820d2dd8916ed0e05ee48b2b7b

          SHA512

          ef72cb4a3cd310602d6ade17dc1a9568ae950a758efb296802c18116fc8c4bc783b56a89960f58b85ccfeb443c1078f56ac6a31623410d75d40f676bff1699d3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          81e1b243e5c14d9eecc6272de8975d5d

          SHA1

          774656acd9f54d964d44babe50501d806e4de208

          SHA256

          cfa542f19915a808e433c7079893a99e934309285379519d7270cec515b0eaf6

          SHA512

          bfe7f00adc6ef3127fecb22a38614b890291284748eef996d1fb0db26a7c13b83c6d1537fc5b8625626ac2c5c8597f89d3c43e73a4ba06fafa64f4463d9f3e23

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          26827ec15a1fb9e0e1e365bb5b290b0c

          SHA1

          23fb9cf0decdcd40f2cac751a17eb9652bb614d7

          SHA256

          4559f5cc2a8444df03fa780566b729e4830038c9588404de56564689b6337949

          SHA512

          24b41e367a0d9aaab6fa8eca4b392b71dc52b5240dc0160dc25958b13ebf1deca4157ae9a4d9e47789d93ebe2825f94a6d32a256718eeb6929e2b9b9d703a973

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\context[1].js
          Filesize

          368KB

          MD5

          1a137f8bb783de685568ecc03ef57ed8

          SHA1

          cc124dedaf981be63354e31006754d96f1c6008b

          SHA256

          c23601ae091dfab117bb42cd15bf321a679c1c350bfac2963b49d0a7055084a2

          SHA512

          bd75d9efcfc748a229a489b116d77b155db4bb710fddde72751a3655cb1e6944a35edb00a5c3b3f6b321a5ae4552ce94dba7d3e436caf539044d82ded7ea7d95

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q98GZSGI\t_poll[1].htm
          Filesize

          178B

          MD5

          cd2e0e43980a00fb6a2742d3afd803b8

          SHA1

          81ffbd1712afe8cdf138b570c0fc9934742c33c1

          SHA256

          bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

          SHA512

          0344c6b2757d4d787ed4a31ec7043c9dc9bf57017e451f60cecb9ad8f5febf64acf2a6c996346ae4b23297623ebf747954410aee27ee3c2f3c6ccd15a15d0f2d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA843.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA901.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit