Overview

overview

3

Static

static

1

b4a3caad54...8.html

windows7-x64

3

b4a3caad54...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4a3caad545a0ed30f62d71830f16ac4_JaffaCakes118.html

  • Size

    57KB

  • MD5

    b4a3caad545a0ed30f62d71830f16ac4

  • SHA1

    774ad94f31f8af7cf1a859523f463d78a8c72b27

  • SHA256

    c8e0aeeff954123748be82e07f99da782d3939dec2253b56e1103407fa901d81

  • SHA512

    8b16e737c013a6b230a65160ac1f481aa332f7c9088b83eedd74465b08631ae2e715651991e77b37d4479f25265af4b6f4dc79262266239c1535eb2174d5109c

  • SSDEEP

    1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVroDAwpDK2RVy:ijnOPHdsR2vgyHJutDK2RVroDAwpDK2m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4a3caad545a0ed30f62d71830f16ac4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9c0e5ffc76c4f7288901bb25a8eb670b

    SHA1

    b52f3298e3c3f0b986378f3ddb8ea99a0841e347

    SHA256

    7e41cffbe8ea09f8c30c01ce0ee20cb99592b24104a71a9d6780a7e8052f069f

    SHA512

    07027f00099210b1af929021652c607f32176fc4c7452408a203e5a7027c92a2016d511dd0fba58903ff72dca3260ef6116c18d0abb95ee3fde362a227580d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    705aa6af2fc7de3882372e7ce7b4e719

    SHA1

    4d93a77b4abcd8bf5d47cbd723337d4905dde5b8

    SHA256

    10f265030df5450be6a1656bb1e36c4e6152e3b3c422a614402f6d92314b1a55

    SHA512

    a5968cbc46e39243a165ecee40856d3f0dcf2eea803efd3334cd67bba5fde4c9ec047b6a4482ff4cae89840c6113d9cd15654fc7e0e56b067064576ef0e591b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a92fa6a5d931be03de17ef27fd095052

    SHA1

    381a2289025e7514ada9909c4d6a0ae3ae5b8675

    SHA256

    24bcf874fc8d77a986db00cff9f126394ca85976bbc15c31853c7bb6ac005b37

    SHA512

    ec6b5331de2f80e86dff0ac82a35c5cabc9d32c4242bb42e71f8bb5affb85d95d3bc2b09318202ce3b666d2f10e36aec05a8815fb9d7953cdb0f53d929d577d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    458a3f8cd54348c0bcfda64726ebd538

    SHA1

    acabcb40647aea43dd9894d3d8d59329eb24f8e7

    SHA256

    78bdddd3efc8a23e3665c77373e6be23738f2a37bbdd702382a9991e06e9a8da

    SHA512

    40df07200926a98c77da60ea5d565c05ab606cc7dc2f0d15b3f5bcbdd116009d5f13ab94baf0f4ed2d2beb562ffaf06a346161c7177216add956b9ed3a1f0641

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3a4cfd278c7b24daf82c5cfc86b89398

    SHA1

    4ceaee67e21b9e4f91efd088085a24d0f8e32903

    SHA256

    7547a03b2cf4eb26336b5e40998aaf5c470352720aea7e66e031b971a341b82a

    SHA512

    cb8c37b30224ee670e6bd305902d2609a25e6d1654644095c0da8d600b6ef51386383e6eaf68d566069db8a7cad072d913b8806e086a5001c3f88b20b70dc920

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7f27813bb90e88e90fa7e4805c389eda

    SHA1

    85630717862a96ae618b62cd8cf98e7390c64abe

    SHA256

    f2bef745d8bc2eead2372c1da61dbca69140ee8d0003b117eafae3ed7b482b51

    SHA512

    96a2a7c533e1f74f5ed1f7ae18dfeba802661b46ede1d58b2028cd4ca634333b3ed0610d40d3968b3645dc69b87041f56389f7ee0f7e5b5f5ef0bb50d4e4c32c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e5cca38bb8e691e639660c9c37befd76

    SHA1

    511c826c7b7096e4514d0b1275230a57249bb089

    SHA256

    9c8549609f6a489ec95691444964cbb981248420f234c7669f1228a38d31c880

    SHA512

    590ce089cdeb5adaa110fc7713851209a3e8217eecb16abdba866e752b3c181c745668e5c3aaed567c9411993287b2314202eeec2b2db575efbe4eb216070d82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e235defbc6d0601268389fefdc0272e7

    SHA1

    bc16c70b3f14eaff52d891d5afcd814a0b29d038

    SHA256

    ed56b20a8ad0dc8434d46896882b1d4e57033607d230b6e159c269ebc4406579

    SHA512

    de68750f1826ce0912a117c559018446979694f07e0ea1665f9c465f94f7621f75fd4f485374d680ff28c51a1e9e2ab9ee0374874538e3c07fd8a4219aed6593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    83f5be678fab6c3e0240b502c3602faf

    SHA1

    6f07b83b5d9b5c72fb3f21ff8f39234f5cc9de4b

    SHA256

    c176547ebc9307200631bb4e3336112a494158d07a7935ff8ba9c2ce5ce50af2

    SHA512

    d6e1ca98ee065d40f9c968e43a4a503dde8743eac715cebb716517b88a89261365153914f52cabf3314e43f91d28a9f4211a809b845b566f8d70398f423b1a92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4cbb92119eed101528f826caf3e66545

    SHA1

    478a25f8fb49f1256984aaf5ea0bfe321120affd

    SHA256

    48c3a285e7b5c4341a8b6185e297abeed5f443e93ccd9cc0ecbef12918e76443

    SHA512

    ac312d29b50b9fd7197669a30d336833001d35323dadc5366979944a5646432a2ec2677c38f34f6af55d3edeee12ef3dc799a5ca523fd166a5e3503e61eeae0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    03c3d51c1b9257317e21330d736fb7ae

    SHA1

    05d48cfd23124b5f2aecdda9f3ca57eb9149f43c

    SHA256

    fced28b966fd4137066e90ac2e0598983002d24b3d43dbc9e541b9f149e133ee

    SHA512

    d9e99385ff2ecdf305bb956f8241afb317aebddc21512dc3cd110a47fa07f749ceb8f386917e87f3ba72d118b2ff75cd83f3fa88f14df472243b8dd1da5766ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    018ae9990d4560c56786054db97bdcdc

    SHA1

    d19ddfbb8c6cd09a7aeedd677dee65a6cd38969e

    SHA256

    bc87207d94d64fc1451993d0d5b0aee0641872d6183caf5f2066a96205312b68

    SHA512

    c44ae3960c1629f3ad28b6ce19b1a8764ed723a61c95527bbba9b0d4063dc104b62a8187b2e9774bf7f5cbdfa345425c493a6d5bcddc1e1cfef1d3cfdbb9758e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    316724517c94e82d9862eb411cad428d

    SHA1

    45f4b2e37432b61a3c9f191b6f1493578a0700e0

    SHA256

    23ddcd93173ce1eae957a2158e6f02ed25bb4f9e205b3f458959943d50e301d1

    SHA512

    a90a68c8514719744df605407b507eb062cfafdbd0372473b98076e49ecc4c4d52dcc11e11bc106b17ff785ca0a3b2ff1d992901d7707a463b22f6bb237091e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c10c3b311dccbf736e12ebd282da51fe

    SHA1

    67618279fbc12b836a654482071e4f87a4317c67

    SHA256

    dc08e318ee861b2ef7b1288b2be043f92c28e1273c043bf58b2c9d0ec69165ed

    SHA512

    5ce847a58903f0ccdf587b39cd44053502f25750291b0e205381018daeaddc183ac4781727b9e197acb88c1c56eccfde88597e5344228f777a06a0e8e3085e1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    280cd1786e186c6ea98ff576a9ec857b

    SHA1

    941310ae530209a7d95b95861271e646a58ae80b

    SHA256

    97db39c594cabfb9d3770b4537cdf5bddbd8d84780732733be67fbf6aaa9db60

    SHA512

    75169eda2b9bbb646cec7a0444dff1a876ba098bfdac1d5ae1819667046ee3141e2e0cccfe7d67515407852ee40782e5ff6e5f6ff01afef59442462e2402cffc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    be89d4bc166c70168f9caf958bf2f305

    SHA1

    1c43fade0fca523bd11d40df2df6abc1c4c6c013

    SHA256

    084792270b6af3ad4e3c144dfc6345b586a026d9165a4eba2c8f42dff7197dba

    SHA512

    355cb1f71477fed0818977a2a3478b2a8bf479c729761bae53f0396fd15c619517adb2f2764b1b93d586e7f474b6b1086e3026076ce30a39dbce6ba147020435

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LF9I1AK\f[1].txt
    Filesize

    39KB

    MD5

    609869c53d5efe78b304d68315648cda

    SHA1

    a438906b02c78b70f1760d582327c857bd9026f9

    SHA256

    a6d004a54beacbeac3c027f63cbf33bcd53b40ce716645f558e0d50d61056b4e

    SHA512

    4a84ed218c72218d8b20ef92aae86c826081278485aab7f25eb0428da61b2706327cf5708223cd684f97051cc6806e4635edcdac360b91c36df1bad8b5c85f61

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA842.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA96E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit