Overview

overview

3

Static

static

1

aea605f01a...8.html

windows7-x64

3

aea605f01a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    102s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 09:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    aea605f01aba66759e15b67812b2850a_JaffaCakes118.html

  • Size

    37KB

  • MD5

    aea605f01aba66759e15b67812b2850a

  • SHA1

    5cdb0cded2e76ec0b393c80a1b1467b6b8793f77

  • SHA256

    9766feed13862b0dae6f9b26f8f65f1ec6401607d19b872f7840e4214cb70ca8

  • SHA512

    408de20616b9266b2d0a6370d2727e658183ed15cc0fb13e0c44ccdb579333569bf5558a9939ebe0727441ee339cc01a563a95671d6aa8a9d4a8b37f8f3ec11f

  • SSDEEP

    768:clftzlz9w3al1b0/fwf5LGX79sPbHUS5E:clFgKn0ngeS5E

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\aea605f01aba66759e15b67812b2850a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2508
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2508 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1180

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          8ba8cc4ea1634b419921df20d0487479

          SHA1

          ac4fd2d65e41a78a7a90b44885030d964ce175e2

          SHA256

          a30145dc98fe34db1a0be88335342ab89455e27415dff44eff7f1caf5ae1d58d

          SHA512

          a62e08eac545ecd29a2c32db8de661e27f5e3fb30a75980012042c3dbb8d8e76f441fe8e18a317830d6e0b76b54949bb3a4abaffe8c1243752b9efa3b74affef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3ec1f9aa7c4c728ff6bd81739513d74d

          SHA1

          6ec7ce4bf13056fcde4f55353c90c2d7035606ac

          SHA256

          2f07fedc8f1bdadd32b6251d5f550a45e4749ef392c0c960f9dab95ea209eaca

          SHA512

          69fea69a14c30ff5d7fdd97f1d14d96685b7da2e5da249013ace28dc54468585c2411e6273b77f677d1526afc3d683702157a715de507c760bf9fea99acc5e30

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dccdfab7dd6b1923e11beeb40f376d7b

          SHA1

          8a31121e80da6c8dcdf55f16fa7a689413278a6a

          SHA256

          cac9d5b1cebf9b5a6e13c0d22ff77650d219b53e828c6e18755220a5c8c8e007

          SHA512

          e4fb85f34820e8a44b03b8ce3d7e833e9a9a4cf55bcbeede2c8a149ad9198e33fa99b50080ce1ea84e04871209b6c565793322920967978351b71851db946d37

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          073f0cd2e4f35549e5eb06f2a20eb080

          SHA1

          7a234939f736f9c957af38ba9d1655972c834289

          SHA256

          3bb0a5303ca838724ba080ddb32430afbdfbd207484e508d9c799bc29f58d8be

          SHA512

          8d2a28f0539091e83d5801f05fbd05573e22c296ed092ddae64a8833534d82eadeb07c35b9208be812134531ac02cf9c412fae0d8736c63f68883956d63916ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7cfe58c6b2428b7b041aea3ca3ce5b48

          SHA1

          15a38bf7c0b9925d19b236f112ed997c11a10bd9

          SHA256

          13f46882c9093d202064f17b49562871d2cc427ad68610fa9c2e9e1671040a94

          SHA512

          80d6326ec941ea1116770c1a50861db5ca6e6d4ba0c67e3cf493220645c07f4f60834e250781b4a5f5e8880174fede118e690fcd5ad3518f44a7ad25e0139be4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c8cfbe5f0014bc1740cacc84114b264d

          SHA1

          844732043a2351c7868c170a022da4c0ad5aa9ce

          SHA256

          2d5e0b238ec39e864916b76a6fb689dda1910b056a3509a2e3da422c1865afa5

          SHA512

          c5f9948227c929dd154586fb0233a9428e242414993ceb9938f9ba7d6bc113c7ee6adfe018824c2fa1711f2ae6571b5b87e150869522a6ffccd3023da5a55427

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          54b1ea83f115ad35301cf3d39318b651

          SHA1

          b813ef069606574cb2b2d3b63761d0a99d8dc918

          SHA256

          b3d4fa3af2df844aa06508ba0ec92767e839df0173d291c0d3520af4909eb1ae

          SHA512

          bcc8ef22887a1bdc507dee3a7d15a3336ee7bb36453503e7bf163a60d4199d5c282f393a072c6a60c8fd48b98b40ac6a44dcacb4640ad00b7da149c2d644c2c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          db9d3a842d9ef64f74a436ff61bdac5d

          SHA1

          5b1f665a026c2ff4e6c97f648a46e02580298f91

          SHA256

          29dd46f346e93083a09b901453d49d334c36c39d459cb93920f5203ebc68d05f

          SHA512

          6c25d9d7965974fbf4f430259db38884c1b4ba106b04245aa83fa8ef533bc181925f59316813b98f45db661a9b513a536cbc066201c7da8d6d6fb1fc092de46b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ec5e55ea8a61cfc9f9a621b25dfcb7a5

          SHA1

          cd2cfd3f5ec2608b8a843ade83b8898eb192eb13

          SHA256

          145ff25e71b4cd7c98c10eb9f2a30296928fa3c5fef6f27d459bccf9ad32ace9

          SHA512

          fe64ee62d70abf43de65ba9cb35929d92f50e5eae8403d5e7661c8721041e61fdff5e0f676c456f7ea9147d1f7b96062eb920d662805ee6006f3d8841b21da55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b09a84191cfed8ebd5214cad35134c5f

          SHA1

          0f100e3e74ac8b652ca891268767dd23893e0a6a

          SHA256

          9b3244f9ab02696c938521d6d54809670e41e9f8034a46aa6b3bb24ee4b4140a

          SHA512

          92048cbd19be7cedc0c57834f991b87fd821898bb68a2fbaa2ad149d6ff27512cccea84c7edc272f0eddfa050a55a099071e87d3e2becb78fd1f45275368d59e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ffd4ef1a3575fed77163869a8dba9f29

          SHA1

          5fb9305a2c31412015c981ab09e0285f48503cd4

          SHA256

          ac970334e541195ab3c53da4170b971625d3c2ee8374f78e06e361f92e7c4c15

          SHA512

          1f99947d875addcdbcdabf6139700bbe8231799e48adfe41b9a8036061de379cde4d81e17d4da52ac3c4c3bd11bf9ae02f95e54897db8d91c03b8002bd531537

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0bac8308d31d7b2c6fee5fba15ed2c5

          SHA1

          8523533b5d1db810bcb027232f8874c28463e5a1

          SHA256

          616d1109a196b4f8669eff3ed0171d71a8d7433ebca852e8a6cf03d2213832c3

          SHA512

          840aaafb4d72ee987347d10cad321226969c346f7651720862ff9a2714ffcf65492c711d4603eda2f8e36e5eff94e277a2b1fbd1cc4a8238494f72c398901791

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f156c518faec480cdc0336023416678

          SHA1

          61bf22da631128edd4f7cc315e8c9c9d0a7bd43b

          SHA256

          a8ad9de492c9dfd585b3aa28eb494a474357577c6e8184a904459d2019180ac9

          SHA512

          a6446a680b26b35ca7b996b63a1c3d3a2c82546c578d5f5c9b6b2907c6bb0abce3082e9b9285667b3be7a58cb1691e90302252790aa8eaba0a14b1c2e6f24740

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c55887bc8c80b4f494ce1263ec98853a

          SHA1

          c4f108333685ac1a726f167601ec6203a973b700

          SHA256

          3c0cab7f3d5ed971f3df6e029d0e4937bdde438b8baf99863bd8b185864df14d

          SHA512

          480bd5451918c89aaa77e079df2850e3bd4eb9cc313b72eeb46867d7273811b4cb931adc9f2a20931a706e6abbd368f827f9136cce1cff493b4178ccd4b9548a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          11b9cd66a838208c14f527074de7cad3

          SHA1

          202854df133694f0a48eae5fbbe10c06287c4b5b

          SHA256

          fdc9db1ea0ee18ae22f1ba4363fce0d4cad47093e063a5364138085ab7d799f4

          SHA512

          760dc2fae79c6dedb82fdefb6877337ee71a9a4a604ccbdc40cd7b0c8169dee75f2699f1a92f12a982ea8f07a9aa31dd1f5595f42de08428f57e4ed94ab4a7e1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6ffc07b971fc5efcf544ea961992e004

          SHA1

          88e8798836155724b85e6e5ed19399604f9d9352

          SHA256

          01e999d9398c98a88a81c6cf7ade5312bdf3290407754b5b633cfb62372ddd3d

          SHA512

          289d557173af700bb5056b15d8045657b9bd66f1b1ad8ac495ea07fca0882db663b489ebedae691cc96e286c2e3b9db0620af5e2d524607f9f12c6632ac057f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8bbe509e83dacecd9b59ff556fe4258b

          SHA1

          8a7c46ea7095fc362e751d7d178ead24bfdc0bed

          SHA256

          aecb451d063e4a3d8c76824ab3e53073c7a8f7e6586af1e28babb198487e9a0b

          SHA512

          13ff0ca4c21764293fd1173602ae9bd138d957dbadbb9f3547bb60b36070a96dde05afeb6884edba95c84688b3a729a0bd611d4e09ffee4279ad4dc9eac12233

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c65aa8bc87c0d62c1ab526577626c7ea

          SHA1

          c0b57ff121f4d4d4246cc9461ee71c71e976f6d8

          SHA256

          038e42b85d527e0f5cc761b62d35debee49fb446c00fed70dd40e8124b721b32

          SHA512

          824f84ece05e65a57aae8c33e118dc4c7be99a7026f191088f322d5ec9bd5780721458528d9c98ac2c4727c5e1dfbfb3c4121f10a0f6c742000d050b7ef67c7d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          8fb150205c1e0fffe9620e837f0e8358

          SHA1

          f3b83c8c8f273604ab1c1890e24987c5338c552e

          SHA256

          3c13345c150642b58ec498c1bac52fe6d6bff73cceffeb6a260341e479275467

          SHA512

          fce59e9638d4876d85d623e3b478098b91259f08b41e5edfec0201b703a8c0b9445401d64789ab0d17151d67850a4d74a2f1c5582fdde26a55521c1c4b82e937

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          08a7978aeeef78fd418d22766d928dfd

          SHA1

          3f1f33870340452baa080183d2971af2fcc498ae

          SHA256

          c67126b80e33844e596587af483ac9a775072c1facd903248696f25ec05e1050

          SHA512

          6eb3a43a795efbc854773aa4d8460e3710e24c86777fc5bd83ed56dab04be87f42a5768715afc642c5ac2e2d29d87285491e1fbeb3d486d468123e93d9618fdd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5J67VDZD\1413334672-postmessagerelay[1].js
          Filesize

          11KB

          MD5

          e9c26c3dabada3d0035cb0cf79c4b00e

          SHA1

          3c93f4f5484a9dd144e88723d5cc00617cf4f1f6

          SHA256

          87e1e9e2f1feb61d8afb29b28779e0d49cae0e7b589e254605334d3028a5c950

          SHA512

          fabbb57b111cc1a3f4f4fb4226919e41d9e3bcc6fbb13684842175db74d64866fc2da2f24ac664d3595a3063d7273b6da6898d71ef0acc18699fb793b96e9f96

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5J67VDZD\rpc_shindig_random[1].js
          Filesize

          14KB

          MD5

          45a63d2d3cfdd75f83979bb6a46a0194

          SHA1

          d8e35a59be139958da4c891b1ef53c2316462583

          SHA256

          f7067f1d01d9c60618becbe4df3d61778244108459226e2e8a818cfbc2c18ae6

          SHA512

          cea9c9eb8ff0c43048ff371f135148438fc1a2614bf8bbc3518cf430c37778edba3452ce92b4236679cd1a4123af0ca320f530b1c20cedd0883b545209c048cc

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLOK2QLQ\context[1].js
          Filesize

          367KB

          MD5

          bd9b0bef2e8c38e0cdc260af44df98b8

          SHA1

          1e85e93b4c5475f8653e9a08f7a15a1422d012c0

          SHA256

          8b0fcc9f7cd839d57a24031a5e59709c79505e8c0973721efd2a257cf4cc42c6

          SHA512

          1b3eaf9272ca0ee26b06ae294324a8fc34e3aad1064db9c26c8f8a4776032060ff21ce6b5be1fc3ae8d2230c2bd18051c4a258a5c197993868563ecd791ee4f3

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8I3CVQY\cb=gapi[3].js
          Filesize

          67KB

          MD5

          b4b711f3e747704ffe02b49791ce8cac

          SHA1

          ac7ce4cbd3c8ee66e3c8d9d209c1352c160c3b89

          SHA256

          f65bf40e2f0ce993b54772f703f72d53f0fa925457346fa8ec2031879ffa91d1

          SHA512

          b738deba57337a9147927f7dd35eab7c999dea6d2ff11f57fdc2e5b6f64326028a54778886548ba128a3f03ee333cc9e43de5162d8b578b85c290626577042db

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3BCA.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3C79.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit