Overview

overview

3

Static

static

1

b49badefdc...8.html

windows7-x64

3

b49badefdc...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 18:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b49badefdceebae572596dfecb524873_JaffaCakes118.html

  • Size

    4KB

  • MD5

    b49badefdceebae572596dfecb524873

  • SHA1

    ee4b38f69a79d0a7b6908f26eda4c4319f693e21

  • SHA256

    6e434511153b159b13f5c19a4e27ca55d9d26abfa4ae3df8deff3a4e8cbf9df9

  • SHA512

    f802d7fdb0b63c5e64f2145cdede553717fea3c16e8c1fecbdc7a55cac8404f5153ce8fa51f3dbb0abda8988974d06a79b3dc9c4faa6790abd0cab6904584e49

  • SSDEEP

    48:Im3vqgHRqt7Q2Wg55aJshXHUewe4xYMY2bp+dptYp++M0YmP4xYMuYp++k0YPCfK:xCgHRqNigWJU2SuAde8CSb0sa81pc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b49badefdceebae572596dfecb524873_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2812
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2812 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc6dbe8fbe5fbc1cc5b970ea8d1d1598

    SHA1

    775f40e6e64cd0dc3ba45c0c9718ff494c080c52

    SHA256

    14b084078875866b5dfcd664649f546deff4d00944ebc868e17ee9b74a7f5ed8

    SHA512

    c0eb3885b9316fe7fb1eddc64c7750f10a0e9fbc9a0fb5b07a76c08311d89bd2e4cc9887f50727614c1283c2bac3fa0fb3d3bc2f7337bebd5d17d2542b54fef1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e56a90d4eccfe7d7353ae607afe51a9

    SHA1

    040b175f17bf27aeb16a0e93737e1e6ceb7534ad

    SHA256

    8644d33a535fa246eb64f08b0afe1b730dad8e60bc6e522ac17379fad62e5567

    SHA512

    ef64698445b6d4d0181fec6cc691a4253656ccef9d5a17c49681c743bfce140159462001fa9f9190544941e692a2ef8eb292a37473bdf2cd5224b58ecbaa9c4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e02c3b8d222de56f63fc7504f9f0250

    SHA1

    919491877904f75793c62979d87d88e9163e0adb

    SHA256

    ba3eac35d7a5ea1b366ee4d5780e7a0b2ff0184309afba2de7d7ca798ebf76bf

    SHA512

    6d13ae0cf8a0203fe55f361448788f9b24f56031e07ad4d6c993cc791d938da7500a905b71040724f0ba1d7d841a52fe718086488b0f6b946cb9b8edd37a1324

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bc6d6d9780548647a6f32c35ff7475d

    SHA1

    eec8b48080b2f91e212ec635819e18f78a598724

    SHA256

    58bd255262e66a6e075a409b2f395f4b22ec7b44f45fe502486a53e3fd231090

    SHA512

    d92d6f66fdad086497b9fc3d189f48084a85dd6a76674714f8a504afe06382543abd721572658125b1c3723492e40adffd06c5f6c55de33a68188ceb7bcafca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    688c339d035d6e25bf8d78b3f2bbcd50

    SHA1

    5b13fcd4812160770863bc92e8ec522e2efd0e3d

    SHA256

    c75b191f839a250b97526b1522d47dbe72af56914dcf634bfd5cdb31d41eb70f

    SHA512

    7b5f7f48742deb16b72e99122d4dd2f127b893921f2e4e9fd505f163a3d4a5dcbb13b5a3f717bda30b5923f24b98792f75a5aebdb38031c4868e99eec470f058

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec61513a89f8326f7be1d2d42f0751a4

    SHA1

    3cc5936aa8d9a8baef119ef78371ae9d7acf332c

    SHA256

    1ed6a222d312e63271812ab0caf0318ad021d9d006b3bfdbcfc8154c2b18a72c

    SHA512

    3c71d2a109553ad349428947a88c26ec8929210f0f79c37a7f2e5012fa7c27de64d6c6103f56f50b5e6d5e4dc844d11114a1488990ddccc1a82c5c3b624f6a44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8c82a06c0b771659146ad89376cda5b

    SHA1

    95bff0328ccf4f8d7dd181f2f4d1903f73597a69

    SHA256

    b7eff18d226be6e8e5e000110e438218acf4bb84ea2827693069226477e73c88

    SHA512

    e9e3368b927c6f1bcfa37f5616e4729782cbe0bafcf47aacceeb65faeb18cb75c1248c54d56998784465d722acdfd83a71e64ca1829e14dd33bb5e76f21485b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e6b4561e78cb1f2c9151dcc4dd42a84

    SHA1

    c59aef7075d21fa4d896267c5160ad92278f2af4

    SHA256

    fc02826ad1f48ba3f9a2226121fc6e40b28e703576fee52437d7e2e03cfcda6a

    SHA512

    ca350961dd1b8efcf7674cec46c821f20a415adc413c4111960b49f3c00bc164fd26335615377e2827fd70fff0f622612162d2d3d9c9c267ee9f84e6dbc26f8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f25c36c05e250d5d0dab3f366ff82dd6

    SHA1

    19b7b7d979a6c3ce800aa694b98722990ce24347

    SHA256

    dad658638297dc7fdbee865cf463eed8496cfee924d1d8be647e287f5fdab483

    SHA512

    1f387d2521a95a41ec7a5614e4385248476234f5a7280d6d92b99222ba730049fd32f5708a2fcdd3cf69e5485492577d18a8566f9742fa79add2de8f781aac88

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9540.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar99F5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit