Overview

overview

3

Static

static

1

a6b1936f17...8.html

windows7-x64

3

a6b1936f17...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 11:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a6b1936f170fe921da2af655496774ea_JaffaCakes118.html

  • Size

    6KB

  • MD5

    a6b1936f170fe921da2af655496774ea

  • SHA1

    8e609ab2ab17f50a17a8b615186e817d2433c492

  • SHA256

    94cbb551739a5fdcaf66a576dbdefa97a2022eb5ed1825ac733de158e1d83411

  • SHA512

    4718129aac01efde66cf729154b0f096db15801a8e8f66c7e5616b7e1f5912519478e6542bf6f48744c9c9c56b6cf72e745d55a1cf50ddd736516f8b74beec8f

  • SSDEEP

    96:uzVs+ux74KLtLLY1k9o84d12ef7CSTUrdOZncWZ7ru7f:csz74KLtAYS/DnD76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6b1936f170fe921da2af655496774ea_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2572
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          63d017a69f6eb69ebd31306d558927d1

          SHA1

          f1e8bfdb7005d8eff73232e5b3f680ef8c8cf769

          SHA256

          eb30764da888bb09e49a27a2f0afc244000a6636edd5d5313ddcc2d9661e88a4

          SHA512

          875c3fc0c95e9c3dc37c2101f448dd0e87b3ca3db80b3e35352f424a223a73ba65a129aa7b3a209a6a3c1af7539bff28ba1b550180c92188a0a5faec8905f31c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          38057db5451c4b31f2648ca89712d179

          SHA1

          72f6bb5696c7e961a0a535ec9bffefb7f434eb09

          SHA256

          d26e014d3f6f0ec04c51116ddf601a0f2a5fb1a099abb7acaf867c125da26c65

          SHA512

          d55969ef5d24126608d5fa0a31eb606c7158ea2d91067a1477c9d4f4d0e5901d4926129ed4bfab133f28c08a5caeca6652dd0361894e5b77d6a58d88834ffde4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d83d38caf7cede82f64cfc20f879bef1

          SHA1

          907c3f3f4230cc479ca9b52dcb20433fd9fe85d7

          SHA256

          85c85cf0e61c6084d62f7d22cd48e2974f7e5d0a5ae9104e8b0ff217dcb08cfa

          SHA512

          f53583a7ae06cab9ca1324ed2b3c9f5f8b0d8c937196dffa752f7cc1ad14bfad84d8ab014478ce41f595dc13ec4ca942e85ad0318c9b96a56a652c9d53361a0f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          01c168a5bbd0896298b2f6735c7173c7

          SHA1

          ed7bd902efead32d452ab6bfde9db637bcec42a0

          SHA256

          b2c832e213289b50df8e585b8c19f1bd4059a11010e685a26432ba88ff412966

          SHA512

          2c72c76fc27346485a878313528d9b171c800437fb75772c1e725a591127e257727a89e2fca7778fff6e1b5c637aee0bf611548322c153582593d989ec7f3fd8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5ea18a0f4462092a2b992d0ad89a70c8

          SHA1

          c4644b65ce3688d57fd346f2e4cfab33ba0f9cf5

          SHA256

          e7177944f848b873a36b707b5f64773217560e47bd632dc6dfd0ca8318909fc8

          SHA512

          1e1c551563062c6109c46d67585a207b51ff69a80952d7bcf0314334d8e9b65df0c99e99bb888c867837e41b1c8ce3dfae2fc7a92f2d54d23302a16aa2420093

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c55b5ba4d0a06508b7648ad1d1789ecc

          SHA1

          f0d56fe591823a82b8384d528cb4b31a0623b095

          SHA256

          be15eaa98667619f4e933907bb4fcd5ff0252754fc196bab91a7f1162abe34c5

          SHA512

          af19c4f47bd5ffe72b0a493c8f4beb2604a746742ee63a50217b91e2c854667db23c6fc5627837d940567aaf57b91dab9b350d5d4bb860af3fa89d63ad0079b1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d6f910264118f6d63570bb9044c6b963

          SHA1

          d8f1fd22ebd6d5395ab2eead668763c0c3eee250

          SHA256

          63cc1bbae374ff0b989cf21240a11abfdb1c2759a65d5c06cf2579f36745b499

          SHA512

          a776aa73bf549dde80061d1202eb9e6a9d46e7b66bba057b77c147cb8692d61e994cb543125f9bfac213bd3093facb6b169a0118a7e6bbc1cae150e6feb3e0b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          614f0675f8d317065441b7c3868acd37

          SHA1

          5c995edf313d55ee27601c169723fe0731de020d

          SHA256

          912a08ebbb025e6ad5635f551346f5fef65a65b10e2f39de0be7bb4cdb2ab1e6

          SHA512

          aaf4ba488698b6d10f2b90cc538147dd890410ed76213d1640f70523721939b817531411e9dd36509b2ef191e4f5b448f431998e663e180012be210180cdbec8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a3226fcbe9b6d6b440097caf0f07e30b

          SHA1

          1719e19296f7f64d630897dee600518c08a7fd89

          SHA256

          828835ca92c1a231569a5700c5105ed316360e8ec9ca8b36430045fe26e0d737

          SHA512

          9fa8959cddc64b336a8438078f51f79f5027dbf511f643f506c24f57df1635a3c039751535dc5589fa2dbc0cae41a9e0bd24f84307e9f4f2e3f023a9bbd01375

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4bf32c58bbb8e9ecb2b514643ac57747

          SHA1

          7f897770dd97246e601e4902e7d7b7f2d625c96d

          SHA256

          bf37e8b681743fac27b9a002311a42ea9e3150c2d4db69db7f97f5919bfddae9

          SHA512

          fe2eeccff55102dafc75ebf325e99a37760edf60c2f9e4e852542cbc02b2c2d30bfad1771cf4e2a9915c12b1b81feabcbbade08efa31cd94edae29f19c918f3a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab85D.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8CD.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit