Overview

overview

3

Static

static

1

ad157bb45c...8.html

windows7-x64

3

ad157bb45c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad157bb45cbf4d311b29426cd9a3ac45_JaffaCakes118.html

  • Size

    16KB

  • MD5

    ad157bb45cbf4d311b29426cd9a3ac45

  • SHA1

    4eeacf139998c6ccc6eae92ffc522e321298585b

  • SHA256

    c6f2d38f214c9d0b73bf0ca0aedd3b68b26ff91108a6148829b964afb1c874f4

  • SHA512

    a5b761a77ed4ea628f0ac28550369fce40aa005ac6ea147d9dc0be0ddb9ebb426bed4276f516025449f1f8763687ad3050feb51cc98ee0846a2b071999874bd1

  • SSDEEP

    384:SDA9uS7vXRZo0d7P/ZpH/3WP/TwkSZUg9fvk6yDBg1f7IJ+nSedy+dZ2/4Ep2soo:S0uDChpHfu4WLGAWwgs7K45D1BvG9Bw

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ad157bb45cbf4d311b29426cd9a3ac45_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a43493de3ee9c0656df82bd3b257cff2

    SHA1

    f31767e10818285e60a6e2dc7fbeac861c8b9924

    SHA256

    6e3c7ddda8a9d3addab8e16e667505472cb141b9f1d7a19602964e110703fac4

    SHA512

    8c0c66d3fd8e7095eb06e7482cda853d2757590025036616bd599fb6a0c544f163c9800e9b9474d3312681d979a94c63c6bc0858d3655e8ab4306674cfbde318

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    98d11aa00b828ac3534bcee9df3d7bbb

    SHA1

    4dc5d34a2a9b76fd4f2367a1a5b3e527dfdb66eb

    SHA256

    e4c536e8aea09399427ffe8df15a40e5d2a5e5f9977dd3edd220d5efaf0bb9b8

    SHA512

    242025c375412d142630970dbec19f4eb990077c5bbfd674c0d6e3baadbfb642bf9f35f9b0a7be5f9f1cbc6789b0038f84954f66a4a226c9af062b09c2b5f73b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c8eda2bcff81d77d9ed5b26bbac9be52

    SHA1

    3cf0d9cc2592b0eb7c87fb4c82cd564458fbc86a

    SHA256

    adc0f0e9c498c2c4e47f42cb8d9b2b087b7fbafdebb48d09eca679c1e4f7738e

    SHA512

    7a5f245455a09fad335c93a3662319b21854eff367c44da821d3f7be19e7c6b212c04ff5d1be7f3a94ee177c1ea2b48bcdecf6ac3e3c4cbe809991767c472650

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    200141a03cbed98cef45c2f0543ffaa7

    SHA1

    dba99d56682dfb5b0fa440bef03bb3a58f6ff0dd

    SHA256

    7589be6ef0cce22b0ceff701082b88867b193a195817ac71edea933f868e8553

    SHA512

    c1335a0589b0a5f34b0219175280aa125af8a8cab14bdfab17dbbf35e92685add188c7afe4c5942c36f1c676453348b02844a123f160ff5912a70672a17a96e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fdabca3d79dae6c76327352a9ad2a6fa

    SHA1

    d2f8e98320bc17ca135deaf2d9b9adfc49ce4b0b

    SHA256

    0d42628f24aa0c73d2b48df5383eb4a403ee899ed59367e0ca251f1497497920

    SHA512

    5abf00104f1787f475eb3e4e5afbe81c16315923b58f931bc86b3baf9361d50a26ff462fe6beabff0453882f88a519c998ddfbb463bb5a03ba0ec93d7b9f1764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b588549166324d172b6e816c25315329

    SHA1

    c06c47290ea3e36c93c92793627c80400737080b

    SHA256

    3bd5b4a0d716a458e115742945c26c487f96a24c47c0ff25a14e2bb22bba4fb4

    SHA512

    504ed5d7c520e3bfdc2cf59acfa07414668904ca2069b292680dd1c2d0bdb7dcf834156a751a788b566614fad818c95fc6570792a4e2802bba3f11f3419a833f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7de157930cd57f7d0a24758136c8b393

    SHA1

    3d043c0c86784abc5257199b63fc24c3cad4f762

    SHA256

    5f9d00cd667991ab041ecff9a35cb5779b8e04dbeeaa99f46b1c0c370a6189d5

    SHA512

    3c9c7db2d29098e32e2003846626f39c170ca1afd0063eca11aae2ac5984ad879384a9c7f19abcf03ff45bfa82885ad881ff771f3dd8992ee36b0a2731080966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    52ab60fc27fdb6233bd2b1ce9c1d5b2b

    SHA1

    2105f0097ffeb733f9d932685e53dcfa18f30f0e

    SHA256

    5b1ff14b367c71f9cdb12ffcec5a4863a804857aec9e67a2d3d1f264a46481bf

    SHA512

    a4574ce1388d3a5af91a57b2b59f23f8c40ff10ee862c9f295f1fafc69e9443f5ed0e109630fb136f0a960c392cd374b29149905e8b75a3fdd29caf09f29bf96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5092614a92f14fc93370712276accfab

    SHA1

    67d29f9d7962e65f802b49d8c7e8d390b08b6e9f

    SHA256

    cb0cebc64b145ca26965e833c533c31ba2d11654bd97ce7718e05cadc80f3094

    SHA512

    1e447df31c6138c53c63df967246f6997da80b6ac0676ad94ee52d1bca6be4b810c5deba6fbdfed44e1656166efac5ed42c528c53527c6fbcbcf7acc2be1182a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e13fa87e6c42efee0af63245ce16f468

    SHA1

    0bc4ef49016ce6eca44bfc4ac1b6d9eea5750b21

    SHA256

    4ba80c890a54bf593e0deaf592c248c9c062bd3428fb05fb98a86445c4c37aff

    SHA512

    cc2bdac0cfecc3e0817c7cbb031d3822fc686cedd6050d59c50cafdacb369bb9ed53d248b125122d1b589a21e03057c4e19d908ba8cd5ccf3525667b7c245d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    21beb400628060ab695e6f40bba2ba88

    SHA1

    c2bb5ee1e8da5cda28301ca6fa2a2dc843fda7d0

    SHA256

    37fac283a9a99c928ce62bf77dcc4e69d17cc203f520abbbe855b2020ca4ab0b

    SHA512

    6c3819f784e931fed96c81d1cabe74eadddb6f75f2072c4c02e71884ead21546345b821bcf9b130346711cf03e0a702ac6141f5fc6565b542a2873d2755f57d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    11be3178c8f11a2cfdb80d52a4451c85

    SHA1

    7d0dd81f45761266a8342e3b8b14a5978b31ac74

    SHA256

    9b574afd16b8fa3cb2eaaf6fb33d3471c3b2f15d4a8bff54544b11a9e36dfd41

    SHA512

    b97886a7a56ef32cd80c2d679ca89d8effc09c73a51c0217c7dd0938f0fda14bb7edb37c73fe8fd9ae941f1f51a0b4780747b4e379fb6d37770dc937ead7af86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a9fb97d0fdaa7dd563ce328642d1a2ff

    SHA1

    9e9cfda2c5f220bf105328a830d8911114118ec5

    SHA256

    5d223f7271a4472c2bf9dbe19f4b79c1a6385a92083d71abd800e868dac9b284

    SHA512

    0f907b30138b2f28165d55be6c835d9d50b0ff09d231592d573f8f9c4b6a897d2422a5ccf0a26af359dea1e8a8e877a265385ec339c495e141cbc9d14d654690

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE958.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEA55.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit