Overview

overview

3

Static

static

1

a4b3fa3876...8.html

windows7-x64

3

a4b3fa3876...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 00:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4b3fa3876e1df024d3a36a223597ae2_JaffaCakes118.html

  • Size

    7KB

  • MD5

    a4b3fa3876e1df024d3a36a223597ae2

  • SHA1

    ab27d20a0a343e9d53fdf577c5f58b148381f0a5

  • SHA256

    173162aa5d58632d644a622eb13f5e891539a3cd4bc1c470f9a16cfa782fdeb7

  • SHA512

    302a60634b8518f1f85ea0b4a80e3a80e639604fcf0b56358646b50c2f8ce92f8cd3e20669790a15deb0aef03a2b1d78ab9e1fa42ed1d274991efeccb7325b72

  • SSDEEP

    96:uzVs+ux7FfLLY1k9o84d12ef7CSTU7zMcEZ7ru7f:csz7FfAYS/Zb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4b3fa3876e1df024d3a36a223597ae2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb904b50221b5a2a7ea229a20ca272bf

    SHA1

    c3ccaf949d7d959feb0ccc990415959e1f93816f

    SHA256

    e8ef8f1e75796e7387264f3c91a7ce1e6b9f36c3d29a70c411b8dffc407c9e5a

    SHA512

    be8eee2840bf7e846f99f727312aa603df9336b4dfdc3d3efeebda5df27a59f8d2ddc2dd5c0b52fd4a3873addd958a4741014428407263c791595854e4a56612

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    627a95e7dedc53d1475d11f7cb458595

    SHA1

    a4163c7aca9bb125bf2f61dc50cfcdc612d24cab

    SHA256

    083d4d7e4b8dc76c6918f638b7679acbc43333d218e8dfe35fcabf60b8791628

    SHA512

    6fb63c818512bcb2418ec2a2fb93e193306037a2cb60741f92f4ed026c2169ffcb198a6e0b6c13d4761b43355fc54bc2dbb231a8d1ee4364150f3821e6cc1cb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fa4edb817c6698f1efd7a0da250d517

    SHA1

    1e89376c52cda59d5d5e17c39d649fc78c581135

    SHA256

    97a9f6a1479fddeda995cb790cc423825d9c1c476fbd277866a5328e47e4c402

    SHA512

    a7da54055bc53f0c764c39e10beb70caad58543640128c36eb443579ff84d9f8d47487077805f73e01166043f70649e5cb7461ef404cfe04e380c1d131305d8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea9169a7be8aa9b68762f8d998a78163

    SHA1

    11a7057cc70cfc18a58c5b3f9ff8095233ec651f

    SHA256

    dedaa9e1e86bbae54ddc891b8ef96130d7a14146c2fe153e3a0995ec34623795

    SHA512

    4de0315d614d9c5a1156b67b0775e37b1e5cdd2fc075469e760d53b3abb22568b43f5dbd2598c2821742916af28fb6b88e6f79ecd61c7c7b3b8df001abd5eb67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d72b4850d21f48326ddba2c353da372

    SHA1

    aa021b681106365b43918729f835180ffc8c8db4

    SHA256

    edf38c78514bef731cb85e69639b78afed634fdb09ad304ad973d68370dc8369

    SHA512

    14115654f2e6f9b88dbef341c478df068ada81f9388455e068ab6d6f9c1d9fab69f1218117a7fde37499feddf205c2d43b3ec44530f2149e0f080bba4f4b8473

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    777a0dff94752c188593921e3f4c603a

    SHA1

    c9024a39f5036a522a1b16bc25859397eb9e81ba

    SHA256

    e391f937a9845ffa6864061b9b5aec85b2d369e1245fae0fa59e542bd90fe965

    SHA512

    4ad547378efa6f336d7d73f9fd41f2ceec4e97d75e6c9b9fa7c6fce9d91f99b22d29e9981722fa51c9e72f3f45275336006ec020969cca5bae764558d6c87487

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1746925a9cf181f404ccb4e44d1cdc91

    SHA1

    c5465e2b6eb7a889c3e7124ffcc25f5803f4c531

    SHA256

    8f560ffdbab8aceb37e0c6a2e955af1ea9e603df59386d4b86123fdb898db92c

    SHA512

    efe739f9b68a3a8d38b67800be333a78d20720fb1cad6fc0398b69906a0bba4da3f9a4a37c0d9ab7d6772b8935daa4acdfd8abe80d8ef4f7fdce10d13ea0dbfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3b5fdfcae21a81f45b0a1b749d9383c

    SHA1

    de23d9ee795790c8553d89674933fe0db24ef1f6

    SHA256

    685c2f48ab528c0d9906ee923c9677be29751734124af81e38f4a6ce45c7481c

    SHA512

    038aa46fa13731cedf5de0304ed4b9849e2831f9a2be982fa158f8a520203015f39e45ddf0730fe9b428a92e6128a17054ca47fc46ad22313244cdeac0fd80da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3645ca14cdb9b207ede2dcdcf9ed5b8

    SHA1

    e42269a896d55b5900d90c4c090768e70527c276

    SHA256

    282311b9b0c7c93a77be322faec39d8ebe3e7d2842334660065c1e22dc54c347

    SHA512

    f4518b5af0e764dd28c8dfe43337d185e9e49f481a169295afc77251d74711717c4e0cdc9c90ff5fbaa80c2a994ad83c4a781df0bb789aec580962cdaa708496

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcf090534dae9a4feeee9f7141f1f17c

    SHA1

    1c2ce08a60369268fe2e6711ba4e25c983464b80

    SHA256

    c220c1422332294e655c21388c64ef3f2c6fc38f8ce034f6ea75fb03dc73917d

    SHA512

    dacb5fae810179456257e4a9c800e33baef28b769f52ac698af469b61fd484728f3efdddc9f5ba38930be0947fba8b89596b65dacd3f1484d167e75f5598079d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b073416226e0a08867d8bfda5399c5e

    SHA1

    0e2efb701fdc76e42b35b6786a9c4f6efccc7e8c

    SHA256

    ab5b8f9a18944c5e5ef3fc8962308633be20acec4d242c743bafcfdb434b1f7f

    SHA512

    c810a50a55f2b46fc7cd797de5d9c7cd002de56ffee716b713dc9aa52a3bafdf8ba6b7b833c94f4db5aa48440b879a8a43e3b67c68029f338bfdba7b4758e4b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5cfc571005d9e0b8d168d89bc933bc0

    SHA1

    4bc2ea3861b134262d27ee266084a87b53edd7fb

    SHA256

    b48ff17179c5657f73521c5b48f0408fe94d365cb081b05dceb6eb364e189d75

    SHA512

    be6c56605fd2f04d02f9215a38d29a91cff99f0a528aced2e2c2f6b7d1c88bd7b956093ac3bc5069b5f0c326d983c287d85cc7d92137ca4a3873aa330871e608

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF0B8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF128.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit