Overview

overview

3

Static

static

1

9ff2889d63...8.html

windows7-x64

3

9ff2889d63...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16/08/2024, 21:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ff2889d63ca3938def6c26e55ce2db2_JaffaCakes118.html

  • Size

    6KB

  • MD5

    9ff2889d63ca3938def6c26e55ce2db2

  • SHA1

    6fe7f3dad74dba8e389fbbe931fb6df2105aa932

  • SHA256

    d07d193c13980acad53b19eb207be0b7955b4c9ac1de414c79f875a058b6ad71

  • SHA512

    eee02b954d455c453c671abb71a35b261274a2317dafed4bcfc47a7c6363e7c3adde4329c85a54be0f1aec452a61b19202b33c198b66d0dfd02e0d83fccaf63b

  • SSDEEP

    96:uzVs+ux78HLLY1k9o84d12ef7CSTUrLcEZ7ru7f:csz78HAYS/Ib76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9ff2889d63ca3938def6c26e55ce2db2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eec5ab6e76062ddf52da3e1c03aa9b1

    SHA1

    beaccc3bf6c3093c6a47084ab295ced36108725d

    SHA256

    3e372976a5ed0e8dc2b653c9f05ec4e919b25b6b2f37aa578be3bec0ba8227cf

    SHA512

    7f2f0beeb5b46fa4f78b71ae045276413bf09ea70d89200519a8c889d093046c257a983c26496438f629ae15da2697cee245dcb598fd7df07d0a0db3a54a1ecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abc89e74618328632a269e0f1bbb5a65

    SHA1

    7711371b2a1a6965ac3fc6f67dd2b6eda2376fcb

    SHA256

    cb9f2b81b13e081883493d8e54af16764b75cbe38e0ee8037aa3be72dc5d6da1

    SHA512

    ec195cf774ac6fadd6fdf3034626f95579f5b511a9dbb5acb5a08a2a2e9e8169db6e4da1e0d483b6e169a280415b8efbef84fea69c3230c0e8e8a7e2b08bf030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c49a074e0079e5e0cd999c4ab638c180

    SHA1

    c7ff52181a5b22113dfee34115f5537de14ceb81

    SHA256

    d5dfbd7a3435b48aeb7bbc187e6b02f0e16ddd6a44febc9b278ff81da6575c7a

    SHA512

    62795ccf192e4eb9afc6765a60ccec1b190cfae5476e3ed6713ec7e387321fd441e799cb34515cdba1b8f818d8f782c61f3ac9d1dd23e707eb987ef728474341

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1cf45bf699f294d20429ddb55679ef8

    SHA1

    75ba0a15a86756aefd4e66b7b1ba4d5f25bef631

    SHA256

    5d045fa0266197894982ddf203c05ef737bbbf963d3fadfede4907b0d7d5b2ba

    SHA512

    f73cd92108a79b3780b75ecab7341042197c4f8155cfbaeb7b349489a2fac2e05e85cdecf57a9fd73421ddb77c8ee7a44ab3af682cca7d274e6a822bf851cf73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e4b9b81c8a59018be6af93ac676da9b

    SHA1

    8f7f3fba107f05303989f8b1d25a428566031895

    SHA256

    d6320eb14b5c39096f65e09997bcbfc285185b395438b55a144f7ab84cb3a4dc

    SHA512

    901654750fad8615b3102a7ef2011a486b70459f69cac55e4c7ec733746e1c306db1a6a4e348c7f0650ce29bce4dc7404bc0acd82ac72bf41c7b82140a28a07f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0e24fdba932ff32966e8f76cbad5cf0

    SHA1

    dd926f09b4160c6faf3f97c07909d74f3ff3cff1

    SHA256

    cca6c4969eee651645b090dcec2f18c6db62fd51469ee742ad603e242ed298c6

    SHA512

    fa23329a1a1e141e9db10662bfb344b5135a8190bff9880dad21e6ad0b3e9a7557491a58c53a5975f5d7753a1b6d981e8dfa804b820b40fd05126c772e9e4191

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26940f334f907b94858023ee15526f2d

    SHA1

    7bfff8f61c3cda19450fcdf1c3adafe07ef2fb08

    SHA256

    f3f9ee175493e921540b05b83e65f5f92d73d4fab469021514634a05bcc91c2a

    SHA512

    09e63fa1562a9ad31128608c8bf3e43cb5d543163e2c7c42ae2ee2798790f9611e77838347be22a2ad38b3a16288bf446aecd5ab56c2363d6586c74cfda17796

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d3451e00f4c50835422ea57dad6ca21

    SHA1

    a5b3387599b0218821b04fd997599ae8632b4135

    SHA256

    559fd4052664edc87c91cee09f1d81a0a0bc7e757db4a5c5c4f1fbceb1155664

    SHA512

    7f12edf2eaa6c2f1a92314c25dca6a725db255a854f64521d29e8e92a2905fbf35ccf9db822f323b31d04732660a579e3a5a02b06baba90d2f8f956a67717a88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a27beda2eec9c9d6195302f23aee9cd8

    SHA1

    cacdc77ed0bdd6e59dd671c66b4f609778de4562

    SHA256

    b2817ff4f26947c7510b1d8fec776c98d663b551ea2940cad93a18fe7e010410

    SHA512

    eceb4ed7ff13b5720cbc377e9788c8b37c77060258116886c5856ac0bd765e1acdf1d60e6fa0dcc0f01344d698804d20948f4c6bc83381bd45151ad1f4d32f19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9acf954a5245b2d998e802c774744d0a

    SHA1

    6ef072d41c523c59ada312a0ce7bf23e8aefad00

    SHA256

    dfcf733f73e7b8c1768aa566936905840a8eb2294d7e0feba9e66cfccf51813b

    SHA512

    140c85ce37ef1a430330c919359300ec57f04353d587d3ee41471dbccad3b3fa84e69720b2d630383af3bc6d922c65a3d9bd905a066c6821f4df8eede1936cd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac1baa85fd985db495dcfa50dc83c320

    SHA1

    f7d72c93196a9c643edb580c8b30c7cbb1979058

    SHA256

    6f16cff33cbde33b7c9968915ea33a5bd733638d33b8b79b53c31db151641724

    SHA512

    8bec1da39ea71fe9804853ef04a09ec0ffd3a8bd43c28b93cbea0e24d148cb3339652028e4e946390c6a6455c79abff48d8f893222ed71351ce9ed2e659cbbf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95e2b6e568fee53fcf8dc8f9743f0263

    SHA1

    5a25047e4afe94dae5de7b0e8b089153686329d8

    SHA256

    c1d7b3687d6d724b6ff53230391649d226aa1e10c3b0c90174f8426090c76690

    SHA512

    b4b720318fa0766fbb4bad6bfc928c6db3700e9fb2387b158326a6a1b6a06f9dc0989b416e61dd81775022d8ccb0561fbf3b022dad976e63c772ebf3fec9f3c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ea60ac1137d12e1d3e4ecb11c187eca

    SHA1

    39cd7e537d63d95194daf8f2f6fa9ad1cb941981

    SHA256

    425e26906186946d7048c3316f9845ef3348b104a1318ba6db6957ff5c3047f3

    SHA512

    64e77cc08ed185ad5b413ec2e01db32eea0ef84874e3b01aea98409d4c494166758acc62b4c0dd70513d280647262e80b0545ffec4a749f7a287e0702a32e634

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCB7C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBFC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit