Overview

overview

3

Static

static

1

b4fa1dd178...8.html

windows7-x64

3

b4fa1dd178...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 20:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b4fa1dd1786fbb2d17c374fc8e15dc70_JaffaCakes118.html

  • Size

    11KB

  • MD5

    b4fa1dd1786fbb2d17c374fc8e15dc70

  • SHA1

    c69637b4003c0768b66f5082529de542bedf81ce

  • SHA256

    1d727c61b1f4f5483fe73c513ca389733be0102fbc37f5dcfd400180d0417a50

  • SHA512

    43f39f409f26593429ef1cd65fc492f90557684d422989ba7604b1771b9dfa0a85dca817fd1a27a4a4661a406c6602ace7aed9670f6113726ef48eaac3dc49cf

  • SSDEEP

    192:2ValIsr0r57MtxuT8X/w1wvqVkt13auBuLbdU8d:salIcIQtxf/g83aguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4fa1dd1786fbb2d17c374fc8e15dc70_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2584
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2584 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c6b4a501c68c5a9f133cdb60f93c631

          SHA1

          2ae986f418f436427fedc2f2e8ff0fc15eea9431

          SHA256

          ca0c189bda5fc14147227353355adfd43a0b19627a83763aacf22d3712260a2d

          SHA512

          e9c0c9ed93a6eedfd94f9fc70e693b45fcb4a25140b03aac80d9b3006f5c4ecdebbd28d3dae4c43511747cfdb7164a066edd504fd7e80d8181a7c4e52ff18d47

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10e35ce424716111bebc5f6cf20cc4df

          SHA1

          af932e7d8911c3a20db3e0be120ec43de84e382e

          SHA256

          2eb85101a9610f16f08585f3fd994ea658e1b8db94b44c87db3758daabf4e3b1

          SHA512

          4dbb33c0b6e206ad1c0dc3a2476b71456c12a3368ce5af3f9317a564646ce8238720ca2c244310af7f0e6570c1b2e43ef9afdcbb015eddbe41cf7fdfb1f01dcd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f073ef083fcb51ded04d793f478edc40

          SHA1

          5629f2d792267fb93c47f60f536140baed2d23bd

          SHA256

          c3c1405aaeb33fc6398ca91f4aca7f22b6002e8f8749f4004d7d432216f8cdf7

          SHA512

          cebe78dc6ef642a48ed6932356a8819a83551fccf30062281eb0d331b028a4d2bf597dccaa70d5f294d640857c3483e8943944611d836ecbc87f5b38187c5917

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          11b6cfce7c84de80d528abb787018fe0

          SHA1

          01e2c09414b2fc27c53b740119e57a10bca4cca7

          SHA256

          5a4076582e5c1b600c6f4ba564a96621e0e76408965b9a975d694263b679c5f1

          SHA512

          b07a1b9de6f113ea8296008a623bb0ef63820acca3f2aafbcaba6b2728376856a0c913b47d10cf1da0a5feba0ea7d4aeb2433a2c0bd3881d4059375c13af9ee4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          08c07b4df075a6b50f9aca162fc455fb

          SHA1

          33cb320518cd53453ceb757f72173bb2c73c0dac

          SHA256

          381bc38d0433eb06b6b2c2b3f1ae42ad444b236bdaf2ee3dfee7b873f9034fa3

          SHA512

          656a54dedc3b456607f940abe6bbfcae17b0a5482b55f82b976dbf508e70c9e50f5bd3212fdc4cffbe986a802171d23e8ee033bbf60a45fb7d2dd36f71b1fb4f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          94ec66650fd1202b42d180f98f522c17

          SHA1

          eae6da76573aaf572dab10b90df3a751a8326921

          SHA256

          074ba849edfa7ca002714e3643748ffc6ef2bfc7b71167070e83f20e9df681b1

          SHA512

          f4fe218999ede2c8735e494b1bd6258a87f5e48805e482d5dcf3ce3bdd485d6edc77a11a7cde28536b227a8f09681be0a10afd227224adb3b3932faf2f6853d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29e98bd9b7c4b181c945da1605221716

          SHA1

          eefdaf7eb75feb240608995956de5a8e82f9322e

          SHA256

          c919ededdad6ede806781c723e8afeecab3040528c79db7dd4ce1327cbeedbd9

          SHA512

          671a5b99bf348a5188859a759ae65008935cfe65a15c24a2ebc7551d995bb95bd57abdda3267e0b81b943b50d074f96563f5fd6ea51f5ebbe5dc8c57a8381f4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          20cc360231ba795d73eab840232d3fe7

          SHA1

          0b359d48bc94d12e9aa532430dc420a44394df98

          SHA256

          71e0b9b29ae367e752d9a9886f6f20a3be7aadc0127f63a584ed778480bd956a

          SHA512

          90416a3794b6119011f3de2783f4b2290223aa37460c4db4cb3c97ec3f794fac3cb3ebe29dc95f14ae6a4a13d94bec2dc6130ea68fa52278234644f9c919fd2c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          21bedfa4e9fd9c3b07944ee6bb13ec80

          SHA1

          4dbf2033c07f196fac62057544efa73aa782fd3d

          SHA256

          8c26a3fc6f7612a47d0cfb9f588eefba26f9be40d010cb15f22930b04e1d76a2

          SHA512

          815888fcebbf1be739ddfa89b2dff661a532b320c49164b312789bf8a9ec60ec41db05981eb02ccf10cb5b94a00c9a1f021c83a322c3e6471feb780edc51202e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3bb5aaf65763d2017ac2afa8b2acc4c3

          SHA1

          828814ff84b20dbdfb1d7a5eff9943f99aaa745a

          SHA256

          9044366ceb5152088f8db65b4170db3f65c503c633b11b23bcfb56b5a00375d2

          SHA512

          6614276c55af682331e0bb5fcccdab4c3288fcbb3911a0e61d61e19d0ae8a6673de17795ef42b4aad470672bb32ebb6e1f8a1b6d574fa7a47c374eb87104d5b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e3bd34daa606f39783cc8c43f67a4421

          SHA1

          6c79c1c386a3e669b7fd614be27ab066e712a141

          SHA256

          786a2cf3355313d973cf1ab7f84e0a2a07c5f12f14e05f027936de2ab4173349

          SHA512

          d62336657d48b91378f029506a986f8e77dea92820d0151b16d81cc30712edc6fe872d420d8b31b9ab3e512148f7026294ea48d2152b1169576c2a6cf6272c82

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8DA1.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8E40.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit