Overview

overview

3

Static

static

1

a4281bcbeb...8.html

windows7-x64

3

a4281bcbeb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17-08-2024 21:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4281bcbeb9f6abf7ce0a603da13e035_JaffaCakes118.html

  • Size

    67KB

  • MD5

    a4281bcbeb9f6abf7ce0a603da13e035

  • SHA1

    5ce2b2e4cdd72fa16fbb73a40a19e72f8be9071b

  • SHA256

    8bf9215949c3b0e06cdba583f538ba3b486fe13d45034fdd92533af97fa6d028

  • SHA512

    47f53c1243a17ff01df9d8c568396e05d057205fe871c8c083a13def065ebe48da060c2ba25c087140af09f0c98e08e874f446af2229c8b089f75d6cefec0457

  • SSDEEP

    1536:/rT645QOdZHI8vA082ESlxTOLhmtWES75Z9kmeQUDDklDKSSLN7hHws:Pv28vA082ESlxTOctWES75Z9zDKSSLNN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4281bcbeb9f6abf7ce0a603da13e035_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_B9D8C978531A167D6975EBF6491BFD79
    Filesize

    471B

    MD5

    4b7fa74a907ee85c0ac65abb89c0b481

    SHA1

    10f4f600fc469d9a79ce050a3e5bbe95b167180b

    SHA256

    8a6ba384f44560d5f3eca03f7626a43facb733e9ed58ea33f7ba71966838b58d

    SHA512

    13e36c770ed88e8818d80c12b7b0e7205adae7eafb66265345e353399b231626ee1cd536c137e821cf306ea3064e6a60dda970eb3de38cea6609af7cfe1a2b2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    01fea3fa6557ef1c2d33d3896338dbe5

    SHA1

    c231cc775530b2b852eb05d6799af105dc48a1b1

    SHA256

    6ab8dd776b5b6c2f97b1e152c6afd3630aa6c7ae9f9284c6fb9af6b6facf79c0

    SHA512

    9f246bc24249179c293bd95f3daea7f7bc189abdb115708e00d4803fc39716fd9c32f0532e0ca6601a6db36f1a72290dfcd5e9fb571aa3e9518b9369e11c3e09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    1e9b3c875295f5b8b4f904ea20130ea3

    SHA1

    331cc724915fe4bf897bc4ac2b15b4c7943ab125

    SHA256

    c50e6ab841dab991d3dc8eb444345459e621b700f8eeeddc311e697b683479d1

    SHA512

    7995e3c8ed60bd3fe4e7acf33244445d5abde024ffd63ed12bb706de8cd896aabb7fa640b7880667059c56796d7ae8fc795782d45cc6e7705d2906213416413a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a72a8da9ccdd84f866b1a3d94c3cd00

    SHA1

    2a74250949d68ab585e46640b6f1446b97e89c14

    SHA256

    cab6c83bf8af21eb4cc753c757882cea70228b00149ac064b01178c1b5e2ae06

    SHA512

    60b0344052ebd18fd2e12e96e3bbd08d7b52f0ee0a9ff161204ab6e0d332965073787c922565b2a5ab7a4a48fa6031a0aa6d6c26adb80e9bac67569c73d55e7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e804d066607274c152120cb4edecaaa

    SHA1

    92355faab462fd5d0ab94a0d92b9e3a2bab09b5e

    SHA256

    bf2b42cc0a345969a1ccc95b37502e84f181aec1546bd9b8bb289cffbaff9339

    SHA512

    31ec5e96af3fa4cdec595824ee6eb5b460479011f67f830a3ff08db3beb478e15371b62ee6f8569ad08f1c6dff733c093452d8b0bc13d56cda7682ef07411141

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d06e9e0293e31d7a1ac8f041b1550969

    SHA1

    c3015402f60672fc0c455b00c752dc903fa9f2dc

    SHA256

    fad1702d47b93f21860cd81205201bdcd1b6ce75ba07bd688cdd744d6dfc8e3c

    SHA512

    40f919260889b41a168c4cbecad92d0ec56e2374591cd1f5b7c809281cd2b6cc76d7b74a2796d01c9923fa4cf2ed35e217d2f74f8d5eaf591933db8d26475c43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_B9D8C978531A167D6975EBF6491BFD79
    Filesize

    402B

    MD5

    57d87db72d7a7ab672ac7a5c3c851c35

    SHA1

    c5f7867f1c8ea2e6c78f589595c3eeff5dbd47cf

    SHA256

    15e509d76edfec8bdc23787596d783fe7ea7008a85afaf0b1cbfcba5b94dad2e

    SHA512

    f346a9eca7cff82b6acb7ebac6f23da3b4fd29d6cadac2100e9734df73d28920fc657cfb6c2917e40d0a12231ebf8f6f5416e63ce989f98e2581b8dff48aa529

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d1161d083bb2f723826cc8c04503a44f

    SHA1

    7929880d291c7059561f115fca7c32f0ca7c852a

    SHA256

    63c9e69af6432bc4ad83d38eab1d0658bc5ba54aa1fe8ae3466f7cee04111626

    SHA512

    b02fee88445efb7966db1db19face904977ca2471f5ffd27de7d1a0c1091c6db528aefa4aab30d9b8dd45cbfdb820e84b627837d9b1e71fab3bbb0426b9d326e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d8d1dbb359d497e603fe7afb26ffcff3

    SHA1

    a4cda623b3071d02a677d961744c20a249aa1609

    SHA256

    1c62ee8f53e9c36f245c21bd138085007e572f18b8345cbb52252cc5ba40685c

    SHA512

    c4004ed10dc82f121fe1e8bd35764f51d3ea2f50677a15f22f1e5fa6973bd7cff3b4aee7271dfe92ee8c237af280a80e8b77664191f8bb7cc8d1d33020aa862b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQ313RR\banner_show[2].htm
    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQ313RR\cb=gapi[1].js
    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQFHO95Z\platform_gapi.iframes.style.common[1].js
    Filesize

    55KB

    MD5

    aada98a5b22ec7188655c2c17a083c57

    SHA1

    7c3c2fb8744e7412d8097e28f588788d91b9cd9b

    SHA256

    f2f09baa213dd3dd95edb5a30c7764e4a44d9a79c0831f90b1ad8ebedec9dab8

    SHA512

    a780aa3b9e36f61be8240487e75c19a96fe26d54abf9006680a00af9d1d394e81e517f0bbbc13edff3a7190679260ecd56fd5cdd7c2d2f416ab8982c3277b953

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9463.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB6A4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit