Overview

overview

3

Static

static

1

b44e831a1b...8.html

windows7-x64

3

b44e831a1b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 17:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b44e831a1b19b9bd1921833e600b4669_JaffaCakes118.html

  • Size

    13KB

  • MD5

    b44e831a1b19b9bd1921833e600b4669

  • SHA1

    0e0eddf8fe805c2908af9d74f78566fc38c15be2

  • SHA256

    f2c4ea444bc5f9df75668de851fdac41de3ac9da77877583d9f3c8654b5062f2

  • SHA512

    7e1254f03dd6f09f3e8eeb6827bf84257fec9d64877a70a068d897692d5c1933f19d35077bd4813334b1f15b941eaf527fa4597576e3e05060ed272c9f16449e

  • SSDEEP

    384:SIWoltOGEMOwXO6qgEIjerI9E9y9Y96CMEkwY844iHzx4xFw0IIwg8WMM8a0K:S5oltOmeCiwG0A8K

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b44e831a1b19b9bd1921833e600b4669_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2108

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cdd696de87dad29868fa83dca6147f8c

          SHA1

          c2cf0247aa602ca6477c49d7e155c59ad7cc3240

          SHA256

          a81a198f916264174e103e4c04ee7a90f5cb19b0f2e7bc5eb890307b50fd2358

          SHA512

          5f82f1f17b4082935fa704709da251ef3eeb2f85634d4d72116d7e674aefdd42fbeef3b81870ab89af9ddbf6d5208c44a8ff310a01ee68ed29990214eb36fe03

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          20e21b721f9c3bb3cd883ef6585f1957

          SHA1

          a6cd67892e0f70486168f7390afe912958ccf61e

          SHA256

          16ffe7f99312fb90dff0a4472b82af37b259217f109fef1b03a765b7d1d1eef4

          SHA512

          05a4db582d56c3b44ecd3997ccd7bc9194a76259470f0662f1a3ffddb20af33005dbf4dfde3fc83c72ed45c2ce066286df215d73f3f2f374720a31c7fc20b426

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1d1fa8ef39ef4254e72cb56fcc571b17

          SHA1

          68f94920d80a812dac89274ea15885eb27b93cad

          SHA256

          5cc41c7462c7f582aeb81a21850cbb9d6650b6d5cb05d2e22378a6390d556887

          SHA512

          21c37cef0f46a0fc88ef58f50866c298762a81a014d233afd85362175b8d2de168b6ae893146510964513e378a5bac6d6ab6a4ec498f018badde4c58e96dc237

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          70cb680075b764dd3b9a957c07e9345d

          SHA1

          1c4b2d3b57f9772cb85347a2e2b6c237d392c7c8

          SHA256

          7c90227f51eb89445d6ae54c419e7ec3bb89369088bfa47daa400a2f7abd3412

          SHA512

          a49fc1f84a450ec58869e610cb6cf44e5205b91fb3b695638678b51779ebd92a19015ada202337638432170aed78585b3f142676dd2d9e10af9e05c578f98d08

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          495119f33b85e230f51392c043128f87

          SHA1

          33d2bacf53ea3b6a4dcfb1dc9383779bb7da06f3

          SHA256

          4cfe73b7dfadab81e0fed4a21d4ba8bb436386fd46a538e2043d8261bbafaaf4

          SHA512

          efdc1123a6dd37133783b808f4c3668d233737e1f44e292847060f0f065ee3867f03a08e9988d9e50492ce1e1f6a5dfa1fe30ab1a5d2fe3c3bc7657beb163ad0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5b57a720d3c9d3ab579d207e28b0dcd2

          SHA1

          258b6155289f34eafb7439edcae80fdd2b572543

          SHA256

          42c296c9acad78034080e1ed90503b2e530516a47be95d6b51e4e6bcaa00ed15

          SHA512

          b6103b344c90fe60e3c880fabfee923ef68b92976d7e21b655fc62ca6362544656b81defbd4da175f90db935eabe0c4ba2981c360d2b9d3ddee0d33b04f9974b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d569f9ef8d8c14b161e7ae823b283fb7

          SHA1

          384cf9ff123fab95d5f0e1b08119b2d0e056bf23

          SHA256

          6d7f9c1045510c17dadf42de2d54bd7fd98c3f721176786d96b78b7c6d467aee

          SHA512

          c32d48eadc9c865cd21499cceb0ea62f35d6c671da5e75e96f566a4b0cc7ca00ae52b52721fb654d9ca1e4034d67de7db980a550b756dd81e6a23623f700cf1c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ec931359fedae1cc3d06b108af99f7f

          SHA1

          6b00d50cbd1a2ffb3697c42244c12f56ac86ffdf

          SHA256

          642bde15a204c64e8853ea2fe09be3d19758edb8911d4eb6cf501cceecaf2353

          SHA512

          dba8ac4c2d89e51088981aa3866ff2b7edbc4f9ed26b70c08cd30c200e13518973c53baf9d0fd774d68a3702f511bcc38cbe011c4654110a6d1bc3ac130aef12

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          08c6626b7ccf0a16cbd8a7d097f6b3b6

          SHA1

          c8e38db304fd9e448ca7e035b58420c2eb6da994

          SHA256

          96a104914430cf1e582163dcb5dd243127caf2c2fb02b2d78ab6c055a50ae970

          SHA512

          6ab19f5a1762977d0093fcde317a7f33f3d29aef72503969d120f38c151b5c2240581e178a0253cbda0af80813cb480249866710d0a2831a8be507012edb58f2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          191bdb4dde75ea1485a7b07ea4f55f4a

          SHA1

          a2f1a049dbfa42f0c693a8f66bd2f905f22dc156

          SHA256

          2194afdb5bdbb32942874dbcfd45a57e0e3e83e27d397ad06bf44c07eda92654

          SHA512

          8b58bc681795a5b9f2db6bb7d7674d98ea8bb1a4e0096804258322dab162ff5e30aff8c769c335d96fa412e28069fbe481cd38b93e62b91e62a64e80e3ed3846

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          55ecceb3fc6bc7c3e6838705b8700056

          SHA1

          d8307abcd621741c5e411ceb096fbb74360bdeef

          SHA256

          3eb8997df69826bff5237ddf9ba9ebdde79b40ee0ba7cdb5704fb96182419e0b

          SHA512

          835883a9ff35ecaae977499b7f17f8eb9ea59b4fa9fcf829aca2218aff5508da2983895b0f5f67e8c29bd0a67014945e6ab18947b7fe7f95f4c5ee91459df13b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE8AB.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarED04.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit