Overview

overview

3

Static

static

1

a271152a70...8.html

windows7-x64

3

a271152a70...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a271152a70390bf24af7c3b808ae3ca1_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a271152a70390bf24af7c3b808ae3ca1

  • SHA1

    988835bfc294be33555fb5acce494582a76465d6

  • SHA256

    27e19c20a3feaadc88c3e2159f72619b61043ae7b10044bf435c5c6945c3a2b7

  • SHA512

    516863c05aa0e14bfceccdd9bd7b5087731182ff3aba4576f2b46e981ab822955dca570e0fd869c0eb32b35ea3fdedcb45d87f1ec92e61b4fe2ef6bf7fa2a129

  • SSDEEP

    192:VWCk3GDG7GSFGNGeWqGUpGtqhyjeb5ncOnQjxn5Q/HnQie+NnknQOkEntdRnQTbI:ACk3GDG7GaGNG9qG8GthQ/RWSTSQ/jYT

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a271152a70390bf24af7c3b808ae3ca1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b1bbd768dc8365fc0e3a30a527173bb0

    SHA1

    94f2658220fe44bd21dc3b27516cf40a38bbd92e

    SHA256

    2850be7681a00faf378a7e6dd4dac14bbbb77e085f6bf271ea220a17565a1b7e

    SHA512

    18e03fab5fde7bc7670e14aa25965077132866d6019caa59166d6bf826eec6249cc04bac82aa9b8bd0189126503fca9b319c5c0a7c6744b41fd8fbc180823078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c7e2ec1c3cc1ac561a3209c5cbb86e8b

    SHA1

    5a1ab9b2efbbf374c0b2d67a8290e6c46c4b1e1b

    SHA256

    2ab3ff534be6417dc4a3466d54df37aa25a5aa9ce684335e443ae1c30215003e

    SHA512

    42ede1f6ae60eb4d063624445be785ff0d9d2af6471c60003d6cbad083c8dd88ec650e1fce7f9825e6200cc2dc8c739ac9a7af92f23504d729f028fa76ad8ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    120f65da7183d1a0560e895ad05f250d

    SHA1

    fd65b3bdb69269eb5f56d06e0b266839315cb566

    SHA256

    27b4c59db11e1b24b145222655e39bb62aee24aeee61688bf384062ee848dcd0

    SHA512

    45e618f5b4af43d0cc3f2633a7e764c257831e6fc20a481f22233619572d775e5bf2f4d170324ea99faaa2574e6ace0b31a9ac7e3b4aa160ed5a12fbbb8737ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    66b733308e5435329d1c54bc23cdb2f8

    SHA1

    9d92ba9ff24e44b5b226726fa3659499d7659e59

    SHA256

    48ecab6ec55d17edac1ecf1fb1f293d8c21278b3ef1fc18bf6beadcef96e5013

    SHA512

    082276c1b3037fd9e7dedca90e0e43efd73741546f5eec1c551defaeed5deb46e8a55c89514f8541f3f40144f376916309a81c447cfdac5be679d3c7029aae22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf8f16fc94ddfe5b7c980095b7222c69

    SHA1

    af7d6c6a5c77f15faf79f7f671fcce9a97356fc2

    SHA256

    7bf4d0a0310b7adb996bc2aecb3c425a3224d03898b0cd49f9c8cf320ff7dfe7

    SHA512

    1dedf3a3c7a589889f2637bd2b3ea9cae119e4db16116bbdd0d6d7d712204b8ab63492602372b5bd19da460efef5620c6d7e1a30f7ce83bdbd47001ad345e239

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    01cd901c3b76dcaa140d340b74e990d1

    SHA1

    5ca4341c641c44eaa5b7036b4f821ade56f316ad

    SHA256

    cb9ae426bdf1abd8e9f06e2215230b40f8c1297d680959db91e04cac1e04bf69

    SHA512

    a92e77e0fa748abba9035a2a646ec13d8ef68fddc22e4099a439af560c78233cf863ab8522e9b94d0a33b95a00c337cdc9d24e149050d44c910352dd347963e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    390856fc35799adcf3023dad86f0ef96

    SHA1

    08c90291fb1c72385f511ec5b69bedd2b39d8615

    SHA256

    00b2977c7424abecfa0ffabe1273b49c58c109abd3780fbe2b15cabdecd84769

    SHA512

    0729a2474d3cf9b35398006f86f07d332920056f913872271a130e95efe55224726d0bb8e451954d1a7310f360b9371297b7e2bfb54ffe48382ac40fac205f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c57cba6b78e2460d74a6109eb6e39cfd

    SHA1

    6f015df28ac4fb92668595778ceaef9d5cc6976b

    SHA256

    c920a4915224a0e41191788c994b48a0baed70ea94942a46fdaba0471afb8328

    SHA512

    238aafc631381923bcab2adf643ec6640e72ec92c5a7276eb9c98ab7673b8ed2f1ca5c81a82587d74ea6600e2f46d7ddc12e5f3fbd44e2b5fd11b37c600c0517

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1a8d6bf2362fff406b1658d8153ffe81

    SHA1

    12eb86e6d44625337a477bddbf653970b070adb7

    SHA256

    2f7ac791260839834a15414b902b6aafad0c6da318542b01f1f984137f825211

    SHA512

    de84e87b0c85aaa76efa8f70158334c415fd99224064e128b249c6367cbab3d472cba930f208d9804630836c77fd9a18ba5259dad3b691f4bd35705ffb748c28

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEB1C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEBBB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit