Overview

overview

3

Static

static

1

a6edbdac3e...8.html

windows7-x64

3

a6edbdac3e...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2024 14:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6edbdac3ee0087b3a75ea132e452d34_JaffaCakes118.html

  • Size

    30KB

  • MD5

    a6edbdac3ee0087b3a75ea132e452d34

  • SHA1

    5ca113a786610468f8b9a1f6f3faed135f95ca3b

  • SHA256

    215f1bb639e49f2d925d821b6fb945cdb704debaf749740947bc191738969be3

  • SHA512

    bc2ebaaec4ad75153762f0224f711eb876cfed2870c600c99cbf2afc0678b0b3d200e6b38a57f7933231d0130d50eae18ed101a92821c84d84fcbb343f68c5ad

  • SSDEEP

    384:iuuNXC2+FuN+xitxiZxiZxiXxiyxiyxiYxiYxibxi6uqqkp:wC2+0uqqkp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6edbdac3ee0087b3a75ea132e452d34_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d123fb00dae83db303ac0d6242c0300

    SHA1

    ec16dcfd683a940b9b06a1d60bfd1e14e09db9dd

    SHA256

    795fc4bfacee8caf26fbfcf5991dbe4d0431e7fc5202cc28eb60a4883bb0ffad

    SHA512

    d1898fee3f090972a995c0bb92e8597d395e7b741ebbf7a19781d9ae936cdc05dfb8f407eccc4d40b102dac68d9663b384609e47b3df30ef611fcb23c7f8a26f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bc8510ed210917e37bef8456499c6ee

    SHA1

    bcc10f4bb055e9a39359e34ec1b82ff9060e4c1b

    SHA256

    e0cc66f4fad91c6007a826be06582d54da72aa4ef08f12dd968d7a79705c4352

    SHA512

    33af173194cc2c82bd4792eaf32fa092f8cba164d749ecf73ad659654e30a1dd8b031e53528866a0e0fe26f17896010d70b01dbaaff3ed77a984d6a4b2ae5c84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed9eaafc3823cf72602f341484f1151b

    SHA1

    cb7ed6571bf9b4c104e00d6c6063afdba3d3b507

    SHA256

    96b6c4eecfd4c9619f139d21c5b09fb3346e5e90ca6d6e65372f8e00b1e7ec27

    SHA512

    37195fa3a7342d2756b22d05a2df1360d7b16f92e284b9f0c4c2aeec9dbbe47b349bd8693277ffa8465c79427c2375362542c37ae1f62b94dc1bb7c8ccf0043c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2039bcf051fa672692d150886cb73a6

    SHA1

    ea9a016da98f0eaa2c684d7b561dc3088a9126a4

    SHA256

    6c2a242b7825c0a52e0a8b6c712a60f6000c65cd01119fe608029e78b702b0a6

    SHA512

    ea643926cb317e1d5b20e680926838bae756d1024638f7d994a07b5ab522b93c6c04cd333c40072538cba7d30ff367fc076dc703e6784788d731d389de58befe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d03593284d362688c38a1a397bd7848

    SHA1

    091159f73c79640656376d39fe4c54af2b23b983

    SHA256

    2a344b58e4c5f0c2fb08ce854f7d0cca65d73417d92f882056f43cb95febe940

    SHA512

    079bcdb504511fa8b657cf415f0a4669da2298b5d8b13f0b0b3b5e00a46163d84d0a2ac3d3bf77ff62ce06065526f7a9fd977ea56b2a8a1da8d412287b3ed6c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4973067063a7fc84124a5538de90d66a

    SHA1

    ad184428bfd2877ca19eb7546e346abc9eaf2aea

    SHA256

    6a6bbcd076e89f5ff006899ebe5b2f6ffcf1c6e967efcdfd289e554c9e4b1c57

    SHA512

    7dd0cb59dd4df7fbba7f22fcc38e4fe16c0f864fa344aafe5b1a02df4e1b5943865ccd13604d3f5a386b8dd7b45f5c5c50ab3624ba1b3ef1509dfcd7c2f2c3ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6b5e512d8177aa07c399c77e6f02faa

    SHA1

    f1bb467eb468343e24f24354d54dc06c6fe1e58c

    SHA256

    b119926cc31819349ed20468f7f1ec150e2b183ee1eb3c3833411ef009de0215

    SHA512

    f731797a24417fd868f7dd399aee5e52342918fa5e19ed72a1c31323055379e6def98708f240f19c2e591c9cc6463eb6b539e4fe58f92297e2d41dcf07b9928c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b730485f07db250d6897470ac62cac68

    SHA1

    1952cdc0de4a2fe3afc07bb9f384fbff8f2458a7

    SHA256

    abb4c28277d223b9af063bf0c2554dc710843e1d5f467dea012d36964d47c112

    SHA512

    3e6d5d3612a22ce19df93585cf5dbf1e937e7507b2b7d9552da33ed094d231651c71fe5130664d88fd42d1f27f40fb5ee612afb3e429b335bedda941317c32f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96b7cca3c1f233f0068be84ebdc491c9

    SHA1

    1be4e933f4f56fc1b11eabe416ce97a738868359

    SHA256

    a7893abccebf5dec343414438fc47e89b158131bf5a4c130236d353b4f2e253a

    SHA512

    29d62b160800dd8636cc5f809ff1a780dba4606c83dc27dc2e29fbfff7b0c470ad43f507542f51e880790bfbaeb8ae5f4279859ce5491c9f6a230e15a4d8439d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e899b3ea44e5b51b6cdc42adc080f27a

    SHA1

    981a4f28416b347b1242e5e6618e31a3cc95dccb

    SHA256

    b4951b50ba4480c4e23f3016e1432e75caf77191a7237385a09731f3d2e95933

    SHA512

    d9adcc7cb5733c95686b541737b0cf0fa0bef19277f5ac38053da36ebb564a59110eeb1422f7a520e97f4cf563e1083e22ed9a3d65845628a9cb17556bbfc592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6da46f3fe05e4bd514acd1b7a24f22cf

    SHA1

    57e4dc1cf0c5df1e54cf04ff31c2fb61978cd899

    SHA256

    a810ebeeefaa2af64562a87d9026710769fe179857b26c1d7c91cbd2ce530fbf

    SHA512

    c9a6e762b33059f8a3e391277ad9bbe697c0676d75608faae580a0168e2687ec0dff569945bed6585c6c14d15418a111e9878340f2a97d30bfe38ca89987e2f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52f55fa99eed070e9aada4056c8c215e

    SHA1

    6460cc0deb574fdf1bc7c997006b6af6461bd2f4

    SHA256

    7039a68d54aeef59120eb95256c62e1ab2f458ed2d57ac57897927850b6498f4

    SHA512

    00867ca72213a7467d061cb1bb9db7ece36f03b3e2b761e6db68b3bc9c5bc7af3bc5e852adcae250621cd696b57bf876a0fb83aca6c543f35bc10e5d190053da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08373bbbea07d10f4e74f9f79f7673f6

    SHA1

    c878cc47211c331e6896d7297a530773918975c3

    SHA256

    e87ec6dcee2d1aea173961312f6c82f46a7248dd89fa21f0497686be0502c8c8

    SHA512

    1b99430eacb1b4d956ad1934ec53373e75545ed24edcf3a0956b9d904eecc57bfb3ffb31bee3047ee6223cb321c12c9dda6610ed58854200bdd7b73d145af1a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a18d9d25058674ca395f91ab9b052c38

    SHA1

    b3ef96313a4534d39394b2fb341a904330db7ddd

    SHA256

    bdffbc5381e007657a2cdffc90c5a6bbb5a2b3a02c58e044f99875393a6a8379

    SHA512

    b7655df402e68f2e05296935e494ecd79376b692f4e799b07e66ff7ec2ab882ce03476371354e9abe4ecc052357e0787a95533529cf5b1b02f14320627bb60d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b21342b33c197745e9a0b4cd8ddfa9eb

    SHA1

    89af0b111ce8f20de403d578f4bfb6507ee2ae59

    SHA256

    409fa5bc55480f09f2dc265065f4b213d4e797d43fb93a8a36f8179081d542d3

    SHA512

    1dd5c6aed8b9c13753428ea5b25b4ab428e655261702e0be8850846939a5366dca03432daf9102330dd8b159ad63330a33d6712a269a276294f549b8a923f3a9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOGNAB2O\errorPageStrings[2]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWMUP5AI\dnserrordiagoff[1]
    Filesize

    1KB

    MD5

    47f581b112d58eda23ea8b2e08cf0ff0

    SHA1

    6ec1df5eaec1439573aef0fb96dabfc953305e5b

    SHA256

    b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

    SHA512

    187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z7V06J7Q\httpErrorPagesScripts[1]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEA80.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEAB2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit