Overview

overview

3

Static

static

1

b378e63acb...8.html

windows7-x64

3

b378e63acb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    83s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 12:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b378e63acba33c68a1930b925fd76ddf_JaffaCakes118.html

  • Size

    12KB

  • MD5

    b378e63acba33c68a1930b925fd76ddf

  • SHA1

    784d1f4c300c62b2d1af1a3cce5e6bce35bf922f

  • SHA256

    d5b44117987feff6cf15821abb91b37d08fe5fbfb27e023e41bdc11fb335560b

  • SHA512

    36228e8202a1bac410f2ab18e4ddaa6774da36771da0c642fe1ea7be58c78c2ec0df6825eeade67f22e25d1070105bde37a5dd722e71182f04a8eed1044873c1

  • SSDEEP

    384:sklIcsVHj+V/gcIBnZvn9IuVC08LOXguLZ:5gdlKExLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b378e63acba33c68a1930b925fd76ddf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10dd8000cef86f47478f98a65bb82d57

          SHA1

          124c6a8f9b620b537a0df529dddeb2d77c36f25e

          SHA256

          0568a7f2f325c11cd758c88907d6af9fb0218d9a349106c2cf4e5e1dfe1091f4

          SHA512

          9661c5367fc01e823dd534bb900cca4ad7c03b554f214eb51d8b2eba0d9138665ec7b36585bd729bd8ef05467d55daf8874d0e0ee34b71f601acd600883de8ec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7217d4779e2f7aa3a5e74da5f042c67e

          SHA1

          e92a25825b7a0e608c92e21db508a8087db95e2c

          SHA256

          85b23225ab81f7adc83f6a03747ac97a2c069daa509a6c6d3671584e96d6eb20

          SHA512

          496b771a1a3f20bc1b30f6b7fbce1e1d7eaaa8c6a155986ba79f2b05a8d663f047f0501dbcc794336f3753da41488f263ae9da791c5612f30448ce43b967a212

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          564eaf2bd7c2e4a38052f149eceb3795

          SHA1

          9b41d0bed4d37388dd11baa74ff287dabcfc69bc

          SHA256

          db1b1e1ced81dbae906fc900c93301f09d6ecc4c490328601499cf0c3fd30f74

          SHA512

          d69a28d2ed7698c042392aa884f9b1a5811e16f29a73ea7b7b652065f8134fd6bb3ba0483c81f3ebba481e9c792af8f1adcde5ca292e82ebf313f82ec1411eaf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17a92f7e5d009ff82d2e2cb8076f7709

          SHA1

          ebb7ef94f249d86a64dfac0979b0d0d104730d3b

          SHA256

          b828684b69334f3259f1d85d58036f5252d5ac3bf18f975a7eed3e8392a98c35

          SHA512

          1e6068a4c5f455cc50a7961c5cf2072968ba4636ff095a557728194517971f10905c5ba51cfe4d7855ebd8341b8d00e2239f7b2fb07228f6421c0f7c31e9af20

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b37feb4c0f149cb91f4859dea0ce9810

          SHA1

          b2b7033e1952ca9ea706d204f4c6ff5b83a3d656

          SHA256

          e2441e55539bdad6ec75c7dbbca73726419991d0803bf6acc6f6ad20534e922f

          SHA512

          0b8b66d311cec8b89321cf004f181b115f373942e92c05512d0ceb9f9f68b0f662ccd6173e7881fe017370555a3aebd2854c55100687c8c18ff19ede3e0d4719

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          13c6cbaf657887be31a7336399c72337

          SHA1

          f777f91e35c74c7d4156c3b0c4dd3ea0b9126ec5

          SHA256

          bba73c149d1fa0354d57ee1bec2a0be9b7b92a03867f5cc46876171c4e3b1d94

          SHA512

          2017690bddc676c6448c0ff489550da3e8bb614a2237a5e5d411b0ebca33572560f7b0e51461b7d25d3d38f21f892d6063872f9d1ed7f77d44366c819c91699a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          90761cb331e52a188e56e77e7476d1f5

          SHA1

          c4f4104cae3b9283939574b284736604b6877fb1

          SHA256

          d6b25b29d0cf3479c09145c79e0032544bd239f40ab083e9b4fc635da6e35d46

          SHA512

          4aebfd7bbd5cd2a0e01edb9e364b57159b865226c8b32a0bc569709f150bcb317ddf372fa24d216812c2258948740002e57ec1dfb5499184beeaffece1b2669b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabF8C2.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarF904.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit