Overview

overview

3

Static

static

1

b4af61ec34...8.html

windows7-x64

3

b4af61ec34...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4af61ec34f9611a8cd68f76b6fe385b_JaffaCakes118.html

  • Size

    122KB

  • MD5

    b4af61ec34f9611a8cd68f76b6fe385b

  • SHA1

    e577f5f237076187a72acfa0b627dbbb0a9f85a0

  • SHA256

    50fb21f5dbf0c58608b18bf399b7f2abae54f9c5fe13221234d9c0a9d3cabda6

  • SHA512

    dd210400ca82af346a04e828025a679808ee911b4a234d764b874406d29ddf9aa3b447f8e792c87d102cac8a912079b7b22eaec2792b26634ff896832b91dc89

  • SSDEEP

    1536:WJDMiM0J1jpXvgOcMHDMNKouF1072s6sYN:uM/0JfDHT47kN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4af61ec34f9611a8cd68f76b6fe385b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    133d78fedcfe632ca6c7c14dd6e2d45f

    SHA1

    a5a00aeaf3ff36b49a7c81c8663954196c635756

    SHA256

    ccce42b4601a06f9796f5b3b6b0eec0ba806e833f05c28490f4101cbe5e1a67e

    SHA512

    fa179c371989b21aa680be0a52595fc415a4212c0e523ebb1495394a4f116ffd884414c83b22e247169eb9cdd55f4f33ee96ad46c61f698c3dd530de04e87bf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f0f9535cd1fb26f2be1f636df5d23e41

    SHA1

    5dd73730c0043e2aaa932e540c7c9fa3cf6e7bf2

    SHA256

    74961261048d2e501a3a108341c11273c5f7038aa1a96359bf4d12f0b9080ebb

    SHA512

    b7899b339e3c534095d06423a332e9c7e2aea3012706b6c5c95685242338fb2fd1a62982223adbb730cef44827065ac52adbb2a70407218f0ee68371e21e6adb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cabeef1f87cffcceaf18dba38fe96420

    SHA1

    7fce13b3b65742d3e4cc9b9004bdc0ee3a06e89a

    SHA256

    05c76d782bfd38c4cfeeaacee4599eb231ec1bd7b4df84afc0c4941211463824

    SHA512

    f80552a186010ca87d5c5a8710dcd5e82ce915a5de88043a4fb80c49d7316089eef2cb4c6449c46d7e5738bb04e6fba556e2749032614447cbf377e1f39f88fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0749884f3b4b6282a1adbffe47f02f1f

    SHA1

    4d5a6d43a4b6338754ff08164c72619cab905bb7

    SHA256

    bc7a15505de60a5a51e5f8d7eb0ba50f447428699ac2e87977d177577e203029

    SHA512

    fde95df31a547c7f1aca16378f040b1c3b96646505151cb01943eac119d46becd75dc9ce251ed37019e052f022a9baceda54f3abc4e357ef5f4245b32bf931be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cc10d739bfecc508a6eaccc94b8af814

    SHA1

    54ef3f682bce1b6519b1651970f6f2c23e18a9b2

    SHA256

    7d4c9a32ad3dd3193d2a0d0fdde7917ccf4221a5f983ec33cc1fdbd0ac8e2a06

    SHA512

    9cb18175f1d2c494c153362d87fdfd522ac881b27a43d0eff5f99eb3f9f24cc2bc9f2f29d27b92fee53a5680d799c56e27f1a1cf4d575447cde6b89302c08557

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1c89510d98d489cb4b3b992ee0ba76b9

    SHA1

    b5e9e1230f19bf99512bed4f970af8b8583c3c65

    SHA256

    179dea2768c1ad177b01340009640d430049257e8ccab7be891df15bb1f05aff

    SHA512

    c7b724b3870a661eebbcc3b26cd84a235da08901ab478f7684213f14d4ecd4b09b5eeff26508e890d61b7ac509212bf3ca14436d909c03852a379cb72b4969e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e492c2cdfb1c08db1d6047847c0d72fb

    SHA1

    7334d4a01f2f353f41dfd22bf15e5775de0d0844

    SHA256

    56e51adbc8ffffff1663e2641363719c0c69083f04ea49061579c528d4d44697

    SHA512

    8032d60b9daff7db99384bb0cc871ed1a96e2b2b18ee025ce0e53be1bee203bc400e91127752a9dea10f281be7f045a0846fa3451fe66b5c920196b2c4a16292

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    97423cf9dd74b4285f6f10ee444f3db7

    SHA1

    0f45b47d24d706efc7644edbfc46e8b6e9a3e83b

    SHA256

    51b6da1922eeaf071ad5240849b31a92d60129afa1400cbefe2ae0d00eb9097f

    SHA512

    d4e8459115010ecc7b76e8a9920f1fd7d3106ae7b23fcfef9f6d021b24b38bc7f77fd9ffdb709c2be0c7a06d084f92c0ae7577c0789f5fdbc0caabb3c87f6953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c63be1fd815ac5e7f88c09c1489381e6

    SHA1

    7c420e9eb6f353112c38887efd1de872044f3193

    SHA256

    752933e97dfdd22c5960f78fa087c80d956c606971275dba0df1674d22589e02

    SHA512

    7fac382da018c034babb8f9ac0346548ba17c3ab20bf99645c2753b718626c7f3d02614e8091ef8040e5e6dc22251015ad13f432d461ef2c0f3aeff96637e2ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1fa2945a3f265a85dff7d2f2bccbeb0d

    SHA1

    fd581b5cf43f6c89022e0b97387a820ceef08b26

    SHA256

    3f361fac7ebd2edfb856ad19a34f093550a4acc0c399be8c326e30ddf72585e4

    SHA512

    56637540fb389cf09625dd22f26ae78a2b50e39018d25ceb84cf3c79592b99c9f6b44438922ef9b6d5dbfb6eca896da52dc367eaf4896f9059250b230f43e2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e16368765621fe44b11f71fc5a9c55be

    SHA1

    333bef09651f6fa358a20bc3b3728394536107b9

    SHA256

    ca74e999dd1ce6cdced570f3fc3d586ba1279d7b4adfd2bcca80e89591a3687a

    SHA512

    a8b48ec6a35df9a6efaf48c7c8a1ac765b1de03e7354662fe1ffd3f97f8187617bd8eebb288deb8a06df84f3160562c52168cd4bb053110fb06b7d886142668d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    61af3dbfba718ca3747501cf1edcad52

    SHA1

    013225eb15e353d134b341de5d70efc24c2f4e76

    SHA256

    2fbd64a2aa8c4bfb5a4f8d2f6304c63c7553042dc2994d9b12dee1b4b7d5697e

    SHA512

    e36443abdd02b83dbe0d25e5fa47e20d310d58b7d7cc7f6549fdacba2e123d26452aa87a79783b9aeb7562ed0a241100862257c4dbaea57af1c67875024e191d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a989c70378eb6f6be35df388411cdce4

    SHA1

    c79932023bf9822c1b209578df60af5a56ce1ad1

    SHA256

    9dd789c9fbb3df875ff72090408a404c087e793605f5b3664f0c1bdc2cf1db59

    SHA512

    745ad6602d577c883ca8465613716860dfd7733143ef29e0a5ea78f2d77161371f18f286fc211ea307e59ac36fc7bf52fba1d8f453168026f491b71f9e471921

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF2F8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF31B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit