Overview

overview

3

Static

static

1

ab0d4c0676...8.html

windows7-x64

3

ab0d4c0676...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 12:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ab0d4c06762a3643cbd6f99ee276cd78_JaffaCakes118.html

  • Size

    34KB

  • MD5

    ab0d4c06762a3643cbd6f99ee276cd78

  • SHA1

    a49be841a6f7e1725276bdb2a812d83e2f231938

  • SHA256

    d157ff7e2cbe19255c47b566520de250dfc89e5d56203a47f3c086b8bc706ae7

  • SHA512

    09f0731590a81e04a0d2272fa2f869128d8f962338d34c29269823f971bf3ec4ea991e8ccf7c4c046cef80b5893c3c92d903def134985fb97e92ba2669147ec2

  • SSDEEP

    384:xKAH9QlBYaP29JR1O275PtHqLBg9Zkj73V1eokbJpHNGgx2mfGWJiJYoP9H29GGg:5/X9kj73z0JVMgxmH24mMRrHmg

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ab0d4c06762a3643cbd6f99ee276cd78_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1964 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          1ac5760ffea86eac0a4d2c5758e29f48

          SHA1

          9e8d41f9acb8f6cea7074aaaccfcfd1ca49c2084

          SHA256

          36fe9c74c9476392789e9e49f8bead330f3f58e3e79b3bf17a7149cca4f144c1

          SHA512

          b7d789a9c7583653c22dc3672b667245022e0520af89eff8f10e2e8f8698972144a54a5929463cdb4dea1992be496b7f10cea21ce238de72d77ecfb79c9cbd69

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          818a157e4e391728bbb1846ecf841f45

          SHA1

          18a57e9e77686ccd2e43f90484207e1108d790a5

          SHA256

          5bd20d9c0c9ff49adeef7e91718598c56ce129e3b14df04c4d1f0591a44acbc1

          SHA512

          e35fe03c2802cadb9e4cbdaa24bf6e066d5cb4dbd36b562e89b36862258cef352dd4617f1ab156271c29ed7a1b9fcc5019c8e5fbf9f0981293b5a294fae063f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d7da7b24c9814487444c0f5776db85c4

          SHA1

          1c04546e87678553db37320e93012125ba8185e3

          SHA256

          0b2d489d07528106af376c3a81f41fd82c6f08d389d783f399dcd939ba258113

          SHA512

          031eda93b45f486b3244649ff59bb09ffc72e3852cb23c9a9d6d5a8befdebc407a2eb69bc8c05f5b78bb4cd144d594d68d00e619c7fd4ce9cce02221cf34d637

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cdc4036ec9b69fe615ae16c05e6803cb

          SHA1

          15891aac371b4e495dc8171cae65f6fc0b2bcef0

          SHA256

          9d27c504688918c830e21dccfa049e5042bde7cd45a3a10a63db81d402cd8abd

          SHA512

          9d1bc9731825f388495e3a9c12162dfd4d1fa1302705d5b18226e73b18f7fb23cff663380b72c793a75c8f058e20c0357ebf543731ae4ee71ca79e74b912f82e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          69bbdad9bb7063747766cce14c238f89

          SHA1

          e36a815f5c1f8b9b323280dfc691fc50c86da300

          SHA256

          cf80a6b1316fb5ac8ff5f3cad752aac1ae75b4dd3c1bd457273e33aa9ba83e49

          SHA512

          746768821ebdaf658ae41ae42af4a08e2464b09e1375dbc50094f2acef2b6c96908d272ada8ff2f6b0c29adcb31bb0bd4b47ac0c95621a45e300d2f0f575ed34

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fc6a01f4628ba90669c149d5caffd1fa

          SHA1

          f34e300b6270bc7347dae78dfb7c162b1b35e166

          SHA256

          d0caff011a33de78ce0417e63c697fbb9e2109a975642c291e84993e9b64a9bd

          SHA512

          f9a4ca9db7aac1600af1d7706b38898cfa1f5479507e05437547ca6ef3723f89aa2c2e06b0186812221076ab5815308809b4250e79fa1f0c57a14cd4fe47f383

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6381508499baabaa265a9f535c3dc72c

          SHA1

          00bd66fb7765bebf9d5308f8154ef8523c3008a8

          SHA256

          bf1cd3a6e513e956413b285a79b934e37b2f4e2c8aef8c64fec9b79b8d03bf81

          SHA512

          47f0b23aacbe5cc21ba475e97f669b1ee71a6d51e050ab54da01c486fcc793c673ad82b8061800fe02f389157e60bc6f08e6e2b25a1f285f460fce9038068915

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0969662c571faafb7957db2fa85df42f

          SHA1

          1ef4613ebbce87924cd74f59621bc3fb1742b872

          SHA256

          532a331c711c912eeadf309a6d9bdcf8df24a9c67e3821857f97484beada234a

          SHA512

          2da2a94676b092f1fed12b731943b6d1f69221d17d683bc2fd3e29ba14ec9cff9afe2afc6fde9b10e2123d4c9087ff6944421927b3a26b83c299e5f1909e3e23

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e53b4a098215ac5e51958fd5c15a6c23

          SHA1

          12aa6b07c4929867dc5dde994ab29ccf08cddef4

          SHA256

          cad303c76df42f6576d994e026472a2416ed90d135177be7ac183bdb8f344999

          SHA512

          5439612d22e564fe1909227e38aa0fa810c959cc48d4664484bc5b5a09640c0dad1241fe13f58141304cc9126df3825258fa0befca562360b87819266c991301

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          91d6e8692d8bdf6ad0ebde82e3ce9464

          SHA1

          28f5afdeb048ba79d3eed5933e9290f48886a664

          SHA256

          6a3ee64fb042a9dacee90435db00406419860521c20e0de785b49e3968293155

          SHA512

          67bdd83beea53365cb91131c92685e6449a4d8e46a3d1aee8758590dbc24d6081feb2a9a5693c3a3a759ff2f631d5832e53c60479a5cbee0ac2333000b24fb38

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          491f878a38118d8326cd8f87c789f10a

          SHA1

          ef43d07b574a1675e8426c71dc8a62c932a0d85d

          SHA256

          967385115c45d1fd6e7c233e0659eaaa0f129cc7bac5b0728bde7746b358f17c

          SHA512

          a2a488c0cc05c5e2c1f24d559144aae58227cb8910c093fea46852815bc3607defc4bc1c7cb6eedd70c9854696e157b3049b936512995acce45dd734a5102f2b

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\R29G3XW2.htm
          Filesize

          31KB

          MD5

          f26dbf3e6c46372126989614208c3298

          SHA1

          b0153dc04a62915de53f1194605da6fe5c31466a

          SHA256

          5280e51574abc7c8e391124fa4e86265288f292117b8c2dbfad2ca7ce3739ca2

          SHA512

          65c6ce4c15f4b74f540a6fd82c1ffd5047150b8813a5a539378b2ab72f9000674b980b541b8222e0604b0d9280e1dd66f49bf83eecfb4dbd3d76a89f7863ee15

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\style[1].htm
          Filesize

          321B

          MD5

          e8cb0e7dd355834b958dc977b74ceb74

          SHA1

          adb4fb7f9dbdd94839cc464701397d6b6e5cd23c

          SHA256

          d09895f3f9d249019370cbb41bec49106be3beb2bbe9eec63259aaf582c27d74

          SHA512

          a277fdc201493160a73c911d63cb09e2288fe76d0c00161544f426f9b4b7b3865f58bdfac182a0dc28523ff051a3bbbb5b0968ee65d2e590207ff5281aa2afc4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5DCA.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar62AD.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit