Overview

overview

3

Static

static

1

a0afe7ce59...8.html

windows7-x64

3

a0afe7ce59...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 01:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a0afe7ce595d44e25fbe4fc1ced064c6_JaffaCakes118.html

  • Size

    73KB

  • MD5

    a0afe7ce595d44e25fbe4fc1ced064c6

  • SHA1

    884ad7641c775cfb236390eaa6825a912b18994f

  • SHA256

    4a91472a483be97d0de4f37586f2c570eecb60427338afefd9432957affb7192

  • SHA512

    2d13c0526fe0e6ed6dc23bd5b9e84fdaf9bfcd68f85e68dbac9fe3452dbcdb00bae26597aadc3cb1b26cbab5b9f4c38403d72cbcde9d84c7a115e865e76b54fa

  • SSDEEP

    1536:ZBKwY3bfhVNAso3hbhIPMriRuT28ZqP3S:jKJrfhfARbCkriRuT289

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a0afe7ce595d44e25fbe4fc1ced064c6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90a2f5897fdd0445bb347728c1a8b2da

    SHA1

    c046a63a6baee4af33117cfe9a7247ec109097ae

    SHA256

    32db132840b7bbc2d578c769edccc5ba5382dac618bafa27a476b698fa7a2780

    SHA512

    590a0bc4e4d91174ebfacf9c92cc881a2c6cacb4e826f0d5a7c5defaf36345a07e07dba520b58c5e1373631041e88a0eb6bf730a3a8449ca632834211c35a09f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b450b31f9418e20adb9d99ca7ab30575

    SHA1

    52a3ef3279b3863c3c3af2a97332bf4973e919ca

    SHA256

    bf97a2b4e568f75c8399c8c48b7d3b9b54d32a3608c8447f9dfc52c8fc06284c

    SHA512

    2046816a38902873054cfcdb0d2cffd18f400a1033aeef604f89e1c33ceb4999a4aa054a27f203a3f0d9b09865bd1b22891d350abdf8b9e30aa14a7c90bf7e98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73976bba402f2758857d3a5df0807ce7

    SHA1

    f21d0e5e39adc3c89d2a5cb104c54445b1bd46de

    SHA256

    46d837cf342094d1e49d38bc025b1f3f375aa8387490ae869b6532159c6ee956

    SHA512

    711fbcac521c6987fb4dd561dac7b21dcbfbe367d7e77c79041cc1e3d52ff6a2e3585ac76701ebc1f2ed1948c58b814736236b465ef0f024df5719a1a8080be2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8b9ff94c82086c7ce9db5db7696f888

    SHA1

    173dd8bf4b1f900a6688e44ef934915718f825d6

    SHA256

    c19bac027d04d7829b2883de1e62e3551a7e60333ce92b8cb984888961f2c462

    SHA512

    5622977566986404f1b9b4fed4aae429061617d27cf63c47648f636d83e467cb8952f5ad8cf0f31f2ca7c2b34da9171e933e2cc5195d4150063b06eff5972d2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f497941ba3371c1c670934d1ddd7158

    SHA1

    83118253c99c46b380d667c0821edeed0613287f

    SHA256

    81b199af5b45c395de9c2a45b7ea3dab83a1f7d10d5e245299258a3e6a231460

    SHA512

    20c0f4e9f154bd9e97b6acca90aecb28e76e3c98bf0e4186dc7af62d759cad857001b65c72f45bd46edee929b5d7f27abf44536d774948ec518d54a42c86b25b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a09dfe3de82da544ce60628807299b31

    SHA1

    83667fb278b6ed254eb992e6f316db6ba9f02dc2

    SHA256

    d38e7b8bda189d7e058cad8e2fac476287c17b1ccb1089b72bd2d8355999285f

    SHA512

    3ca7ab0a3beb31f7ef7219b6eb90c5d18b29c9ff96a7e84a05fe31da43001df02be416fe24384a2184737afcec7e7c4e9d831fd2d191a5e1c06f45acec404adc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a2744e3ce076746deb2d29fa3099927

    SHA1

    5e0d568f355ab7ab730bd3f5c76644416de9770c

    SHA256

    dfcb62732863af5805239eba4eaf143f825511a71754f097d7da134bdcd5c3ed

    SHA512

    db907018d84decbb385462296e81db2b536259e754f917fab389cbf3e81ed56270d57e44266e12ba56338a7922db0bd2c9b673feb5a10d768fe6f3eeb0e782a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba354c78ace03cccc4bf07961d8d3d64

    SHA1

    11b11e9398f5f59bd7ecca8a224bc269ca3640f9

    SHA256

    5a355132f569acfcd3a086621ad4ac0b2d72076883485dee0953e8b5352c6d01

    SHA512

    d0f2ab2533e9c9af0bdffd15b4e0cdaa7b38aeeb89f1fd9a4513aca021d6cf8860a3839cc368ff0d5b1922c945d27b1a2554a7756be702940e51fc12af8723f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    429668493bea536ca72d49606531847b

    SHA1

    66ee6830d78044393a9912df6aa6f3fdd1e2b1b8

    SHA256

    a10b1c1a1d71d699fef59947329aeb6a02a9ade251d38ca7b12f967b4b5ba379

    SHA512

    2a6b2f5ae72fc57a0f96c3089cdbd0610089995032885cbce37e3f3a8e77cd9bdebd06cb1c1f30f9a8963f6062c015642a002a05b1ee2688e0e759e35df93320

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab561.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar600.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit