Overview

overview

3

Static

static

1

a4818a953d...8.html

windows7-x64

3

a4818a953d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 23:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4818a953dd48b1889be0794e738f023_JaffaCakes118.html

  • Size

    95KB

  • MD5

    a4818a953dd48b1889be0794e738f023

  • SHA1

    5cdd5f9197cfafda69c6c46e8b13ea9085d80ab4

  • SHA256

    62b87b4fea4909350a308065733b676d28c16b5f637e290f0ecb214c99a0d1f4

  • SHA512

    21349eab4fb374d72cb5dd1ddbd5961d072e6af7a0d69b654832f0020bf1d022db3851c73e6262b43db4582e174de25cbf64622ab8358ade349b405e49254eda

  • SSDEEP

    1536:Fwgr8VSeO3aCyYqKTeY9Q8aS6cgRrasfPm:deO3aCVTJQNcsfPm

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4818a953dd48b1889be0794e738f023_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2464
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2464 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49f5dfe2c1a7c5214ce13619fe37b670

    SHA1

    236b72dcd50819b8afe0fc56b1ba7cc5f9ecbd67

    SHA256

    cbf6600bf438155b8721e5a68e78e9d8fa87cf3e2a1169934ac2c0d744ca811f

    SHA512

    b624fba0661d02357cf70fb953c7a00575390902ceb5f558d4c4c105b83e795c5d6bb54dc53c53d51cbe684d48bbb27881990a730e94a2b576eb9c2ae2c49db4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3be5edf23966a55919558437c13d895b

    SHA1

    5f00f7e04d734d7471dad2567c262ca53d39166f

    SHA256

    f616cba9e5daaac5489c3cab50321382d35ebb606f780d10dd0574d46ba71261

    SHA512

    18f4e4919f5cb1e53adb058c6f74dc44d7beeb5bec0aa6c55a263190a8b5271261d57dc4d59c5a3ffa1c28840700efbd98f9d4ab80ba9f44407c79c4b39e368b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bf4bc16279bc4a4fbcce72c6324112b

    SHA1

    fe1555f5f90b528bd2ea10d535afca7e285af8d3

    SHA256

    9779cb137ba8963b3c2ff10bd461d126e039ff99ba6af715658c71f8407574e9

    SHA512

    ba81ebef651232b63907fb6f491fc28ff0a4e572293d5622d1acb5679ea2f930aabcec994266b016478eb02ecf0f289beed25c25020489a0ab8540c51c197052

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27fc96df79a82a36ee5cbfb0d65b6e41

    SHA1

    9752a16a5ad0b885299fee1181e1e82b5102feb0

    SHA256

    e7c1956757a619ded063198806c5567ff0ed19ae59a42fa1cce6df7626d37563

    SHA512

    69e1c735e26892312145994c22e50b5aa3024e71a28e29b93245316fa86c30179a2dcf8920f8adbd3fcaa17ff596f8ec9b8c850203616d9f93e8dc8b85f6bb76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3fa061346d3228c6f3b6c474ac7b9d3

    SHA1

    151e7e839aa2fa5b0d3af2d608e01f3910c67698

    SHA256

    4fdded989252345bd77e2992ecf2c295bd727f82415d3145aeedc14aa8050634

    SHA512

    b213509331c11b4757eafca4883b86759b0155f057406bdb4800660ab0c5f73f324ac77c0b6cdeac7a060b79dcad79414dd6af25301e1e2b30ef4ea8626f4572

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f69b2008ac24ef694f180432115a2bae

    SHA1

    1df24b439d7a2c8f7eac05f2f09d92eaa634d8e2

    SHA256

    6658ebae3392b5d53a7c84891f70b0ac04f91f1a3521648a2157a52c8df78c3e

    SHA512

    896fb7098fc371e23b6402a72e19b83032fe1cf0f8141d7215fa2295fe41881e4f9897af53251c3c173bcfc646fa0ca91b68383342765978db841f272e453f5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    034b38c91f976ab076bb1fecefabf5ed

    SHA1

    f0234d3ece20b56beb5ce29c89af526af64c51e2

    SHA256

    c34ecb7e84e75cb8a8eafd47d2fdb84b52d699fead8fd63faae584d36a03584c

    SHA512

    65c58e13988e8e707ef1dd5bb3277de715b661cfd6c28f20a3557ca088a9a02d2666906b0f0a0e234049a1a78ad30a3888b1876019d4f87ff33aa08cbfb1d72d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\cb=gapi[1].js
    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\jquery-2.1.1[1].js
    Filesize

    241KB

    MD5

    7403060950f4a13be3b3dfde0490ee05

    SHA1

    8d55aabf2b76486cc311fdc553a3613cad46aa3f

    SHA256

    140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac

    SHA512

    ee8d83b5a07a12e0308ceca7f3abf84041d014d0572748ec967e64af79af6f123b6c2335cf5a68b5551cc28042b7828d010870ed54a69c80e9e843a1c4d233cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\followers[1].htm
    Filesize

    539B

    MD5

    b313434b4d14b661a731ea9bd8a56e71

    SHA1

    d920e518e6fe285b81c38e312f6b81e8eb360335

    SHA256

    e877e7e548432cc321461921e714ab03f380f90f2370fb722c1fdf638612b3b2

    SHA512

    bf7f0f37f63ff3ea05c7fa04e8793fc09e0487cf198e5f139d091650b891cbc5cf47e66ebc2f56fadae114a7bb81a41c52f7c1a4193d2d4c4747b315ac453af4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\followers[2].htm
    Filesize

    4KB

    MD5

    b21e2abbc1c08e1b8d7a5cb052ed34dd

    SHA1

    30c4a3fcde5f2362a8fd1b05843f6a60fa458e97

    SHA256

    5b948eec8d39277ff9f28d0080cceb6301c0646444a7e1fc660b8a286053097d

    SHA512

    6365a4d06ba79a015e8683ba840aec9da6398c043a8d7693239d552c34226b8c16ef2f954d181a7d7b47344cb3e031f78d084851141641b570551fc108b43402

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\jquery-ui.min[1].js
    Filesize

    232KB

    MD5

    e436a692a06f26c45eca6061e44095ea

    SHA1

    f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b

    SHA256

    7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040

    SHA512

    1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\platform_gapi.iframes.style.common[1].js
    Filesize

    55KB

    MD5

    aada98a5b22ec7188655c2c17a083c57

    SHA1

    7c3c2fb8744e7412d8097e28f588788d91b9cd9b

    SHA256

    f2f09baa213dd3dd95edb5a30c7764e4a44d9a79c0831f90b1ad8ebedec9dab8

    SHA512

    a780aa3b9e36f61be8240487e75c19a96fe26d54abf9006680a00af9d1d394e81e517f0bbbc13edff3a7190679260ecd56fd5cdd7c2d2f416ab8982c3277b953

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\2549344219-widget_css_bundle[1].css
    Filesize

    30KB

    MD5

    1262fb3b6c8a66bb33af5bb8de15a59a

    SHA1

    7ce924780c5287c5dd8dbeae4e712775ea1f83f9

    SHA256

    d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128

    SHA512

    59e35343fe3288bec0d002d1a321bff62d70ebfda1f06c73771bffeb8d1c60824fdce39ad3437db9de5df4f08e7f4322611efbbdfecd3292706d244909c61386

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\cb=gapi[1].js
    Filesize

    45KB

    MD5

    97ab56ded8cd826b58c124058030da4d

    SHA1

    04f994cd4b40c490b9c74d63448f9d2c32c7a2ef

    SHA256

    18fce43e4d8544e00831bc6823175c15aba51a48d28e3b6e309ef9e5145c9b94

    SHA512

    b924c3196bf485995f5546af3fa0958ed28c2d8d474acba3f20cbdb65bce7742439e21a426a88f10ec9359b2adb48c0ac3bebee1014a143fda130ff20fe4f108

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBA8B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBA8D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit