Overview

overview

3

Static

static

1

a8041d7f57...8.html

windows7-x64

3

a8041d7f57...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 20:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a8041d7f5765daa04d7b6038e02d3976_JaffaCakes118.html

  • Size

    28KB

  • MD5

    a8041d7f5765daa04d7b6038e02d3976

  • SHA1

    9b1e63d78f409fffee6eab0c9250bcd37e5b7cce

  • SHA256

    353554525a97d2f9930c50fd127d28ae8013cf94d30a55239382b039c7eb817d

  • SHA512

    edc820d84997e7167a8bf3de09e1d02ebbf4217fbcc2538bc37d95cd9746ba29ee11f39d038179fa1c774a9d5931007e671cb30a0ceb8376b61247238a667df1

  • SSDEEP

    192:uwPsb5nLohMnQjxn5Q/DnQie6NnQnQOkEntNdnQTbnNnQ9eUim6s5UWpXQl7MBaG:DQ/IdK0UWESnL

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a8041d7f5765daa04d7b6038e02d3976_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29108b1a41b84e5609905fd42fff5744

          SHA1

          7ba5fe445020ed1cd3796abd49dbbb1f47a688f3

          SHA256

          8f6a7d0ff5be7864dd127c34254cb7d89315bbcdb4377b0911954dc64aa57492

          SHA512

          7f604c4a70742b7df02de314971da90f6292fda0a0b4b81e59d19a4844884218d06d1c796044b25d0c17f1c39aba06bcd8202b090ab2bb18758d0dd50149a428

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          276555fdae13e4bc1d82191c3769821f

          SHA1

          443e198ed63b7fb598568c850a02a305f96f5ed2

          SHA256

          aa811990657bcac77e5e74765648ca67d50a814dbec9ffec408a349d3ebc800c

          SHA512

          972f4ad2f1d9622d7ff7d914c0c27bb9497ab7fec9a60ab05a60415381455d38bcac9dee0b7997bb0a8dd277225af905a41d60b3ab06287442393834c55db610

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1ebc1d8d212dc29c62b635508f415cf9

          SHA1

          f6575dce27c3f63e022052f9081f2cc188da3a46

          SHA256

          0b5eb90874b57157a006a0d34b8dc15e86c16651778fd856bab59d5e0e45bed7

          SHA512

          8f93ea13eb2a8493fd1e3dcee423b36fd3ffa8d092542451d2fcce1ab6c58a9ce87ccfa99fd165cb8849bb0f0c4e84eef868896e00f90cc67370b7c7551c6230

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fe77c390b2f213daab9632b60e6173e7

          SHA1

          9f2467ae0307b8a6f54661ea5a779bdf64043c8f

          SHA256

          f073675b37466814b5635744a049329b71fd0282e18ce180394d936a10c9ffaf

          SHA512

          0a505812b6b0aeab584c75d7b7f92204b457430102f21e39a2ea30169bb703d49f9714ffd6fcd7e8f1e97260bc314f8b2d9720bcfc53816bb60a788547e6048a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cf083e5b7e4a692619cd285133711e3b

          SHA1

          64d1b36033675f811c42620ee74f17b942dac217

          SHA256

          16e43e490309e3d3cd32056c1870f9cf45dee2b9f95304b0c423c4e84e45fbfd

          SHA512

          e4335f7f05fd47e08f57e75950593487d3522e4b876e1f47c01cc13f36d9a3d6d4bf6017b7c1de4f1f791e76f7bd0493acde7a8383c442050fbca08927c19299

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1c95ced83a29c51de1d6adbc882eb00a

          SHA1

          b358d7df7369b6f231a0908997bb9114b0fd2fee

          SHA256

          60a37d16e1ed05bf1cd26e4a50266a5bd4222c624b798156f9f78489b4554a27

          SHA512

          78847d22bdd4d3c10d28d6f63cd50a5b22665ca656b5681eb100fc1657c16f7647d6a2de2de505cb7922127a32209630359fadf597e8dd26534a3b6ce7f2e6ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d2d713af082d55fdc31ea8e206784d96

          SHA1

          c2511d9746f512c18b66a336d8c6df2ac723c402

          SHA256

          9ab25527d9d01a1cfaba40d64cdc79f49bb3bc2b779cd4a4b39e0011dc4e4db8

          SHA512

          bfce37c4ec3d1df230d28cc23de262a95c3685346cdb99f3a628ccc631cec572d04a155e7f5af72d9c5c85af7dcd4809fa76daf1a3caf080f8f8b537e8357749

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab480A.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar48E7.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit