Overview

overview

6

Static

static

1

a4a7df1200...8.html

windows7-x64

6

a4a7df1200...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 00:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4a7df1200789ee8b3cbc5a12524f2c4_JaffaCakes118.html

  • Size

    162KB

  • MD5

    a4a7df1200789ee8b3cbc5a12524f2c4

  • SHA1

    e67be062d8bd08d9185bf69a6a78beeb95325a4f

  • SHA256

    a492ae2687c901e903a7f7edc586b5b1fd7e6de53f624154d479983e42f4310d

  • SHA512

    3a7ed42212c91d6ad18a0497bf37ae6aea19fffc1a1b879c78cbdec23ed3b0af218ffbebbd8cb00202a2644c66b3e8d3467949d9117d6f9b801d79e4f99a3c46

  • SSDEEP

    3072:rF0o53qGudbnckaYJN4McZf+rf9OFYaiqat6FNajUSXOFEgAUHUopiLFHXPMhPHP:N53qGus5JJZYAYf8

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4a7df1200789ee8b3cbc5a12524f2c4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1408

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    ef2490129cc4a928f6233644670385d4

    SHA1

    6a0533b169676216fce910fc79e5598ebb22ccb0

    SHA256

    6453e3eaa6a76e4f276004eb568660fe0a2c3a5c5e3722b5c0f5e73de2b6a894

    SHA512

    fd7992e128f985ecae3d3212b4a27d763d5bbe878cbc94c6dea4d887f8912dfa00f9e820e76b31e23ec181299eaff9ff613645328de3a0b1d6482395ba7508f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02f461972590fab1f7c24fe890a32d2c

    SHA1

    23ca8df87520cf8a1f68010bf44e76ec3e002efb

    SHA256

    25aef3ac8f1f96f683a892ecf64c2068c67557dd175b78b0553b39f974cf8b40

    SHA512

    513448c5da934db5bf343bea5b04896dcc27acff1e5337d55f827c181411f6c8122b78f34f918cea4dc607a51a617df557a97b45f3f203dde4cacd86a6d17b69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2112287857ea0aaa76302fe72850dc9b

    SHA1

    0be0357616c08a7f6f3a8e9e61c4a069af1f689a

    SHA256

    3f12c93436952125da8330a3214a529459b29f6458960787ea04412f71f02bb9

    SHA512

    ced9f71438cce59cfdc48bdadbbda7a23a5f40178e2980b388f066f4c7641d0dfe27cb193b3c2459b112ea35b291576da6630e02ebcdacbf4fbb94a75de63ad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aecf5eab191247c58989366d01226482

    SHA1

    66fe3ec75fed4bcbe969ce21c681dc631d5a1e3e

    SHA256

    dd98065a68cd93a9e9376795c3d19f2bf96cdb2e8dcd4e92c4bd274704969c6a

    SHA512

    75c2a3934223fd4372fad1353ba8f886a03221091d6e9a107c412373d9fe9c4dbcfdd4ac01b54ba2640584616672379243cc6108fe741c6291d40d5ce0809084

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1b9c80d529da4d4945882868591c2cc

    SHA1

    b4c57a5d3bd709ffaf47698c7bec9205f9743c8c

    SHA256

    5c674a564440e43d2972a151dca7705c05658a817ad459f89d735049f8475339

    SHA512

    5f735d3ccb132a6fdff102ba5f8dd22b492e9c7391130bab182a90135dbc38d806f288b0351dacd4f32a0d482bc3a629dea380ef32412047ee8c3538d5a9b4a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44e94bf65d6e19bba939b812868666e9

    SHA1

    ea024d29c0a4c32f476ad07c74ba804fabfae37f

    SHA256

    97e8d5b09c9d6fe01d7ae33e9f06a973988712b089d6c528f22aa98f27bb7beb

    SHA512

    30f031d9898be08e7973849a6c22c8400df87c8e8a6019af195df5363157082e2b5df3f20b0b309d75f1a6092ea03d584874e83d63bc21155a4f40ddc5a32e60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    138c153147c0634984cea78b9e171ce8

    SHA1

    7241c5c37b097948d406b321982efb963818b87f

    SHA256

    53e98cecedbc2b1cb9df2ce6d46dee1b8be37925036d31e737c3685a3a0ab5ce

    SHA512

    a0541d62a345ba919b0acfdb6a50f4fe0e80db456c9cf60b56b48f4b5d22f16a84d72092201d146ee099849db83ca81ac00414ae32170aa1360853c0ba22d9ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2234c8f2368a5a2e13db850cf3f0ef67

    SHA1

    822b5c5673d88c389dcbc4a1b167007f63f515a9

    SHA256

    df025f81d2be763471dc966439e04d9b9c6f56deed83ddf74cc9a65f50b1abd8

    SHA512

    8076148a66ab14b61200becf2c20f4063597141483c5b7ec78001e0bbf329cf68fb7c380914efb468b262e93a9d79cc9bc3a260a16d5a834302ec077f9a61f98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09c3d9925c94c7650df7c17fac77a405

    SHA1

    78e4746a0825c64ec4ee7acab3765cabe9862795

    SHA256

    8ff248a4763941cd4ee994035f92ef7875103424614625301c194abc94e8f570

    SHA512

    a79866213cd6aa05b75ef1b3d7470d5544e459abb4106ff2d294f51dbbb1327bf6a3a9deb89ae155f3ca5cdc14aa02e6eb8fc271ba9973c0c95c90746ceaf29c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a9346152e414433d831e57d53c363ec

    SHA1

    499b095c81ee157a2923396e36f59256e51a0c04

    SHA256

    e2753d2c6218d05cc37d2c8e4d6bef241c4fefe7280e7bd84b9e7ca0db6ff48d

    SHA512

    aee1e10ff0a37e44c05b8cac23cb5dec97c11d5bda0e9e6343031176d83dc3c3ff4809db6fc3611ea0d78922b268515f1bc7ae7a5354fe353c60bacfc3d112b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d2a5a3dc731cdae00013976b337bdee0

    SHA1

    140feb570b77fcc6529802beda739f456ba5374c

    SHA256

    8ea53575ba4f749b82801c39eb72880dcf294e7b88b4db3404e9fd6cec6ce117

    SHA512

    0fca7918a799604324f937027f4d8b009105e66037dcdc6b9333b303e48e623317917fbd871725d7e76eabe8c038b5c66ef8c3afe9ff424b78f261eb25252d02

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6896.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6897.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit