Overview

overview

3

Static

static

1

a41ebed772...8.html

windows7-x64

3

a41ebed772...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 20:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a41ebed772b5034b9f263f85adf24782_JaffaCakes118.html

  • Size

    10KB

  • MD5

    a41ebed772b5034b9f263f85adf24782

  • SHA1

    b81779ff22c64e35437948b25015df90a5eef989

  • SHA256

    17be3c933a323e983d44ac40ec5cdfd074d9065b2acd1f9a84cc5230e758e31c

  • SHA512

    04891c60fa75ff876e72ef51b45cd2ab1592783da06405cc49614298d9ff9c20a463dfb7af553e045dfbdf353aedc97ba025b85a55ff068fe9c07b602bdce493

  • SSDEEP

    192:blZe5t3rGeWfFk6OUfcdvzBKhrdbTFv4jhdNwxjriTO63BwPg:bE3ytNkPUfcnKhJTFvaDOxjriTxGg

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a41ebed772b5034b9f263f85adf24782_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2484

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9c6dcebae311f6d0db3b5f31a9692545

          SHA1

          447256790e469897f574766fd36579cee1b8bb54

          SHA256

          b246c84cc35ff83ceb43d9004ff6ef9b6508ee11ed7d732ad33e193f3c8276f7

          SHA512

          fe65d2b4a47616102c06179940d76736090c5986fd1f43d462501ce560ef52f9ceb608beb0e1b953e93eb5756a6057d7f6b6954619ac25f98dc6ead1b1a22089

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ceb1d340853dddda536ed2e7bd7a3ab9

          SHA1

          2b059d6bbeeca78e7bfb0def27e5dc5a830b83c3

          SHA256

          d8be09f2b72213d7c6751ffd0eed238ff31b9e6d888f120db5e36f9e36c3cad8

          SHA512

          040591a7984de7bf327e0607ffc7844b86a0b8b00ff9045e6ade9ca934e998e6f9af531aab04e1a36a9c3d5689e26316e82b08b5051cf32b76466848a96333af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e30990ad56403b362c9e1297a2ba56e7

          SHA1

          bb8e5202209af914b5e703eebe61b0761a36e53c

          SHA256

          f1428aebd8c4a827eef3a773d598d171034bd1a5dc9c901bff9afa1cb4abfc0f

          SHA512

          129b35c9759c305f2369994a6b6b5f2cb309af94941687a7e744ca5af53170a421cd2fd404e11dca7e25fab5b12a5904bd341014540e9a0f213f13183852704e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2f885994657052c7f22276fab04d77d4

          SHA1

          eeb7c888995e9a341e9c4a99b394d5643cff9c95

          SHA256

          f6d175cec48419bd6b5fe0da2fd972867df65be2389c9ec918b8fe8f878db5a4

          SHA512

          e3d148f416562f23c9afc488c4eef0cfd4a1d2e00543fbf8311526e0e7f839414566d41d3c04f2e4fcda59909d9c94e0c37b89991bef45c6c3da3750469fcc5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e980c544164001ebf6d17ec375b7123b

          SHA1

          9bffafaa3db81d1facd0656e53eb892fb740e03d

          SHA256

          f2575d5f6040ad808bc7775d7ec5734b5597b1a851d0d2acd1d8d9dc252b2e6e

          SHA512

          f07a5169417003c986c70a011faa307f8f0b537e175b27d51ce890e3112d535f787499457d4ac1a6fc121b4a7ca718cc7e206923bb2642f0078d64ff41e76e26

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e7374d5941034c5da3eda20b2935ec13

          SHA1

          610cd894d770fd69429410e8c9344d82f1c2b7fa

          SHA256

          236d67ff1d3df9b6e1163193cec2fa1670bbb3dee5b8faf15e2cafb93ec3935a

          SHA512

          f31906574c975ba4da88614cfbffa0ec2e63ce6027b03e86c56a4f93e7504bcf4dd1abc75c4e57a7110b5cdb77cfb20dbda165cdd26a3ce52938392ad43a79ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          779d187894f1a8cef3e940d73a4f0dcb

          SHA1

          299eea92816f6ac6a091b6f33f28f2849d590b62

          SHA256

          342ca4ec6c797b0746b3b8079fb9310f6d76fb2ade87a8157491f5e10f0172de

          SHA512

          55a8d61ef4f0eeace736e087e0985cab22257a287b7f61b3b4c53dc49f5f8995ad1569a563cf090cebe84b83a217e9d767cf263b2dbf2f4c55a90e3fffa4b6b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          038fa3db2c491245e26e5fe6aede5c06

          SHA1

          2a5ab5103613352e2517580736a554c5b32835bc

          SHA256

          1173a282f1f563762b6fa766fd6aecff6ed335bc355d5063f15ce717bc32a6bd

          SHA512

          97b25f6dd64bb997710af058a51dccaa7874d0c27ea79a8888031ccdea19ac117ac1ae3333d6fc90be55928d4dfafa9c2f61df0464dd1288c140a56d934a0257

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dfd65ceba91ca3f9350f7935246c2072

          SHA1

          bbbecdcc1e5fdd1fd2f53660f2446cee43449549

          SHA256

          dd6684040e4d408b5dbedd6a95b35e0e4d97e18df8eb0180d5e5e39cf0287f32

          SHA512

          af70674924f6bbcbd65dedefa48a790fb4d303f95e15ad118c1a1d46ca61060aee5c2155111578a400f887a7efb5f59f427a3e293252a93271429c2fbb158e04

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ce6e61f36cab431c2207909b1627c0c7

          SHA1

          27d3f352126d5027d1690f95f81d506e0eb2ad18

          SHA256

          350dc8c0df51baf639ccb00bedec63fc69e0bbe38bfbffb35bc06e4ddf236aa0

          SHA512

          469fbcb0f84325f6337206d56101a54e299bbc622c999b14811a6e62afce621993164703377cf382c6a3abd1a5898c2647041fc11abef98eee6aa3b6079e0133

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9b8d4a723586e5e4b639f4d6cfdc19db

          SHA1

          91ccb23f6556dbe5d88697bb66c61a79e617671b

          SHA256

          18e535deace808e87a6db0d6af0dae685c590acacc34bb844bf0d56ddc792929

          SHA512

          2d154fcb1a8f0518184b9a4d34743731f9315ef6091e85cb29463827bba1870d73d4dd99663b694e6ed415faeea41a6393f8a7af813eeb6339a9fe9d4e8ddd3f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabCC0.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD40.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit