Overview

overview

3

Static

static

1

b3e41a903e...8.html

windows7-x64

3

b3e41a903e...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b3e41a903e8570ef38829f6335e83e57_JaffaCakes118.html

  • Size

    9KB

  • MD5

    b3e41a903e8570ef38829f6335e83e57

  • SHA1

    3cca7effabff7b2a4171d5e06e69851737c637e6

  • SHA256

    f584a84c7bf0faa992dab4adada7b07772c34d420b26fdd38bac3ef41451cb89

  • SHA512

    14de4cbc2a432a8f324005cd24fbb1cfb83729af8790ef49290a2804cdfb123d32def6be486496b53535ecc96cc5f45ddaf5ce9be5dee949779c905033697d64

  • SSDEEP

    192:6VJ2Pu4CaibskBy0sqIlOc2sr5td/m+GHIfbLFFS+KivRbHYX1n:6HmKnyy+GOL7GN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b3e41a903e8570ef38829f6335e83e57_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1596 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52bf74671b11454f3e91b05d051f94a1

    SHA1

    ff685c511790a1d0cfeb6412c5150f6c44ca041c

    SHA256

    6639e401d6eac468230671760c83bbd140ff30fbbbc86e7f481732437fd51b57

    SHA512

    02d9dddbfe7738f964981e6ba5973f789b1c9955f1daacc7bdd21654970ba0325b2eaaae6f2cb29e96a5adfe4c4fe97141fefde9de639fffa0ff4131761c3fcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9312ce8cbccd74ed5cc066bee6d521c2

    SHA1

    53c4ba7f60800a5af4be58bc8f45602db4380051

    SHA256

    8e27ac7d0ce68f7321803446e83222a6f706cef1fab99ce53af010d33a0d242a

    SHA512

    7a42fe544ed867127d8296cfcbe98611af6d66db00fd1ed66edbf53c680794068ca211e6816b9e49be6b36fb8eba32cdc96d681c6d480b939facdc0f5c03a88b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57e19b24b79cfbdfa04a78646b087d27

    SHA1

    f55f8b56bec7a2f283f04906b5326d98c421094d

    SHA256

    a662fd5fa37c072f268ca2a877391fd36e3aee3d370c4a9a4cdcebdf6d86561f

    SHA512

    e15c6c444a8442fb6248be660e2f2ed7916a2b581f47e1ed64534948f0bbcf425a1fb596c09c2fba247fa03cb27249c26093d48ebad0b9f87dfc23e2026a3c53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67d920de89f577a7d02efb8750cb642d

    SHA1

    0a36be1d8f76987d599db8cf76f9e869549a0bcb

    SHA256

    b031c0394a4e083d0898ab4bf807b6d38ecf5ab990d42cdc1a7a481443d5f768

    SHA512

    d153d46f9bf6fc5066b42fa07f7bd96271e17edcea5d0c2af03c5a59d20366b4d87c733cdfeeec3746c82573825cf7aa2eed916f1a1319eff78444e32db6ac3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b613f8671d5c1f238e9d12b0e9eff60

    SHA1

    c698fe4e8166266b6c2c069863be53783d395006

    SHA256

    8a88d956b88d3922ef8bb826ea473c0d838727e48951358218e615523ac67d9b

    SHA512

    3119e0ed0ed57ef693ac7cb4052ee8a922d12857b773bbd50efa6e62132e2705b2b0f4b0811b7850ff0ae593cb33e692922c1c3e428ba3dcc3c7ea671089a130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e652b995e3e6c96910fb859d15384183

    SHA1

    42f09ef7a95a860aebc2fc65dabb405111d8f387

    SHA256

    2eae913fe8497c3b8b214dd204679657a4f203316c9faf520aace24064639444

    SHA512

    8814c22a5a214a8fb077c05288507be5f045ae856a8c4aba049355617e2853709e37619fd10d44599f5490e35bfb0f7a3f9e1ecd8b7b929d1f18408896fba96b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d9d8963cbfce94554345263bc04bd4c

    SHA1

    016da928fd6bc6c785e9a4b2c2d182813b184cd1

    SHA256

    5aa858d3bede068364579225e695a07d7ecdf86df9c8ff05fc1eb573b24e08cf

    SHA512

    1a5fae8a59124a5fc0902de0d66082be1cd53b28f14be7a1fb612a4e4a0416ede4830a6e936a8fc19523ee9806e1467e8bf4a3745f78242106b79b9e29092ed8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a6542a2b04a07394faab336b1e62dc6

    SHA1

    44e55ad254565f2b655581e9d7ae5ca2cf3da421

    SHA256

    47c0ee6fd815468cc8abcee2d4d1b2da452a490a0732d7572ba7eda0e3473a8c

    SHA512

    e9464430fefd3f22da162710d75fde0c0bbbc528ee248b0fae9f460c9489be1b048f6412bc495294db9b58bea0ea879fbbf4f8a64870e15d7183df3bf2ae73ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0dc123d36bd03f8f348d3262f9753e1

    SHA1

    46b8be77257ea213b4f08c096d35e326e5a6d9cb

    SHA256

    e4c4c617d793e3e7eaf4bbd95fd1a681ca99c204cb1f28c617840fe8b385b284

    SHA512

    2b86ce27065be56907030521175afa7bbe903008d15ffedee3ce8a9e7bbb66a9199ae5bcb365f9529066c589ac72130c22d903ad542ba781851e2f67782fe7f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    484e7d4e7160cd5d37b1f15dfaab630d

    SHA1

    324919c01e3bc1c4d0297830dc9eceadc92c8dad

    SHA256

    76adf8e3c45f6b5268d77ea69fcd5ec115b63d682a6e17df988923c22d2a863b

    SHA512

    c552b4bb8c661f03e46e3744858aad2b68dd83aee471d89bdf806ace3feab9ed5604ed3ba0db16884be45a4194f4cde9b5daada83ad3a8dc0e89c3cf9db08317

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a315f3fa155d6d54d32229ee6b661e9b

    SHA1

    a0bfd14b20773280817c7c34b16b70e382236f34

    SHA256

    f86fa106fa483e2667662223bcffecd968648f8fa6fc8c5926fdcdb333b5f2b0

    SHA512

    13dd7868855b00d5494eace2bfe4f4339fb42751a4c500a81ff83ed973efd001f7adfd177c0e33a3aed8cfebec912abcf95e0ee822e427e17ff95902151195ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fea22eacaea2693711d90a107ed4fb92

    SHA1

    e28ebf9e6ffbd908146c500e1c85afcb4118564b

    SHA256

    c0007e9cf941a4a172c4e465823dc1ce9f019c8261bc6df5410d6c25fba6fe29

    SHA512

    9243d9a0c111bae1edb637a194b7579af49414dea8f996355c8fdaa5cc5bd126bf532b542410eae681c4e526406257a454f5f3ed07caff45f19309baae18b8da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00d3a2c403401e7eca3fa0fd20503ef8

    SHA1

    a44af49fa66b0689faa3d07daac7243b8f49e38f

    SHA256

    7b2c71ebaba99cd9eb44e4da4477c52a410ce9f73b7c9c41329d82b24de19fad

    SHA512

    c638caac3fb075a241dd8cf7d37200e51147efa0d2f4a7c04b9b707750a291acf7711febc43353f6b64813360401e57a161096c07cda7e2607e3416462b7a2f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2fff07adfd12e82c477a7aae4d4699d

    SHA1

    d2722168a3d9cd465cb7748e6441ab85c20c2a5c

    SHA256

    9f91659595ae7df9f759e420b385cf23c8369ebfa9b7b90947524536d2f728e4

    SHA512

    64449688598077efb71edf6acc73f5ea91297b8649a2cad923e7c29cedbe4c8b72ed3198955455d55ecff6d727d968087848971f2dafbc98b03875fde30a7c7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ae05c46fdf46d230e1b824c9b6ee580

    SHA1

    8b674f567b5794fd7b73638c20539a8576b01429

    SHA256

    25c1a8b383e4f88d16e86e1069b7be84d3c652d652efeceaf7c58f50ccdf099c

    SHA512

    444ab1d904b82a4b1f567a22498882e4f442f6950277a76bc0d1fa419cefdf0e9ab9930989d013c3b3e59dc56662f516148002dbb14cb3007083874e1f765338

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24809a970941b835dd61f4a40e36ec67

    SHA1

    fa6bec7dedc41a1fca915c08697f04b9a0696c3c

    SHA256

    903f56b96cbf5b5c9b36b3eadc6fd53f3f7d0930564a12ca413dbee0737ca1ba

    SHA512

    1a0d815cc3bafa5ffad873da334a821e1d4cf3ca69332ca9d2c3da9352fb8b2367066d57c30047e6f2d0b9aaf270580be26e9fa7aac623fe16a25b7a385afd06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD885.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD907.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit