Overview

overview

3

Static

static

1

b026448aa5...8.html

windows7-x64

3

b026448aa5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 17:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b026448aa5c28f63abc2531ada662aef_JaffaCakes118.html

  • Size

    28KB

  • MD5

    b026448aa5c28f63abc2531ada662aef

  • SHA1

    c0b835a0f9487f43628014ce699dc8a41529c276

  • SHA256

    60a1614bcecda8c5e151f65792bb38e3aea7aec3607dc1d78772b63f55b2b174

  • SHA512

    36da00bca85a97b01b8c01e8fecf8782be7c724ebeb494ce81e97fb7df296f2b773177fc1ca49e13add7d207984fa7dd566f1e34a9b9900e461b80381064d02c

  • SSDEEP

    192:uwnIb5ndKHInQjxn5Q/FnQie4Nn8nQOkEntLDnQTbnxnQ9eigm635il1x1qU1Epi:ZQ/cLYJilDAUukS0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b026448aa5c28f63abc2531ada662aef_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:264

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9a1a6c4fed46359aee5c59ddd1bbd62b

          SHA1

          c173937c385992996affe5a5c93859b3eda65b39

          SHA256

          71c98692ad2a40e774d12f571c8cbddf1ab927f481ed303dab8c49a7e0e49af6

          SHA512

          64d913605bce14dfba5b5cdb7227fc0bd132910a4cbe86825ffb8fcd3a26a85ab516e9a8cdfdfa7b33e44172ea7b01c7483c839ba203dff1b4bb83e8328175b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b1f53ff8dcc16daf91377f9a2f0c6190

          SHA1

          a736a0a5e17aa5186664c8f2153acf0f75cdea08

          SHA256

          e246cbe71c90c11eef9731815277feac6f53ea0b745fc6392ada6fcae1f22d3e

          SHA512

          19e75b495a21b1d9332bb1f8ccc8b56cc45c68a0edcbf04c238881a51c05db8fe6e2fa82081fb71ebf2ef039015c0c8f03f061bfa776df3ff32496ad3d9356da

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a9cce424caab826347c8d83bded29e48

          SHA1

          d54c433e3ee628d8a02ae29d7a89de1a6835c6ab

          SHA256

          b9123a9e58b9c6f1466461db651b54ff2a0a75950a4f3acd480c0469c2a2f66a

          SHA512

          0e63859002d38321dd387d63db99b3530cc51b75bb22d5e9c786d109e4c8e3402a19639bc0b1aee0a464b9e657a4576d79eb22f0f0dedb7092ce1ed229a7c45c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4d4016cc276365d18c077a04c978a578

          SHA1

          165cbc17b3bf2e7e778bf76e50028968d0e53f7c

          SHA256

          b2196ba8f2b1adde47c2223b2f35a6cc03959fddd2076a49a220ecea33963b01

          SHA512

          a6303257eca4dfd2a5594955ad194ef4fd326b37a8a6e5df2045239c73fb1e2ee8387084d59b1e86008e0c41dc4d310379a7a8391cbc343ee2e44dcab685e1f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b557d92519d2697cbe34200f4f7656a5

          SHA1

          3746f4de25dea0822c4d07f3954ddefbef1c9e7e

          SHA256

          0cfb7bf772549dbc8cdfe1de38f40c9015019815f376e4c945c6410ac14000f5

          SHA512

          8156d8b524dfb4c6594b3c2f1110361f2a62b1e2dde93de9d3e621ad7603d5cf8278e553e40b2bc8fea7df51c9e555a152c8b4d8a60f0d138878a79ff9025bca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          caf38304e38ae1214fc4ecdbd7283949

          SHA1

          17648d6b86d264f2e255195c0437d7845c9b18e9

          SHA256

          bf209a603d4ae437a56948fbf0422b84a090b177e9d01511346ad60ceef96991

          SHA512

          bd7b67ce219feb485ee78b1b4c8066e04a706979c53818f3a490e0972e95539ae90a94a7a26a60687437518132fbec8b884cc56b4461f36e90d8a9d43a95be55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4fb925cadd1f5e4cfa96812c63cebe5e

          SHA1

          ea791cf0e9e8d4eb3d8cc0cde3723d1843bd9fc1

          SHA256

          1c899e26a607fbdbfa961fd521100fb4f1b572105288c22b24bc54a302c6dbbe

          SHA512

          1bcf9ede786758acc0568f597d06a629033b126e9bdffb15c6305e7b98a76fb18467edf2cd73720ab120511edfc74caa9e0687e6fe26cd6c9e4da12a2e20801b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1a72d0f138a33774658dc25e090b4597

          SHA1

          d204e683f9a149b32e9ee61a908223075d160651

          SHA256

          09a74ac953a3ed902a9876a4cb00ae7227b6d98033cbcf06bbe03c76922d6155

          SHA512

          c112d73232f45ff8ba0cd2445563342c574f725a0390ba64050c0b40442b4eb341bbed210383f6c9a06f69736fc0ec10a7408bdb5555958786798c643f1cb050

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7892f29fd256d344ea8275d9ae857702

          SHA1

          bb8afb4504b2c5abe5299b7f7d9f96041d489125

          SHA256

          f441d7648a3a8dcbc7162b2e25d2d8fe7facd0588579be6e562196e8fc997068

          SHA512

          827d11e5f608b06f2cd7ffa68991e4ce117aba45af446d9dbb3ae6ce88256dac29d8ba838ba7698a7df75fab090dc86b41119bbe9b3ec1d76260bb2d4f1aa8e7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabABDB.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAC7A.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit