Overview

overview

3

Static

static

1

b7cf94f0de...8.html

windows7-x64

3

b7cf94f0de...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 13:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7cf94f0de5d7c79af575dbd09dd5a84_JaffaCakes118.html

  • Size

    6KB

  • MD5

    b7cf94f0de5d7c79af575dbd09dd5a84

  • SHA1

    a452b5460b993bba84b301409c7c95fb4a6cc584

  • SHA256

    1b850ec0a29132e3e336a42e5b416b4db0aa864ef753b617147fc0fad79897e2

  • SHA512

    b7fe42980358b97f072875985a0d5a74f19355a2037f04b4451d1f3a61649588dfb9ab299f96476cce0b89dbeead1f48d87b69e51df3040fff62c769586e10da

  • SSDEEP

    96:uzVs+ux73vLLY1k9o84d12ef7CSTUel/6/NcEZ7ru7f:csz73vAYS/t4Nb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b7cf94f0de5d7c79af575dbd09dd5a84_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0043c9ec200a2aa670e7e34479427d71

    SHA1

    ca508c35c02e2c4a0a80409951333a2f1ed4bf49

    SHA256

    c75a7e01893c5098bab0f6deb2bbbcaacd09ee5738829c5994c639fde53a2300

    SHA512

    0816cf233c174f073e07f6cf15dbc3720beeb515011ca8a643a31ab2f7795d4f21df2f61a6fc132c98c0547ed87cfa294773a4a3cbc3a6562ab8038271e82346

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b567a4f32255cc7434863d1ae0ab4d5a

    SHA1

    b52e6cce467303715064c867562fca4595a4ac0a

    SHA256

    f290640b9f77fa0ed0ddd102e7f52d2df707f00ad3013193a717576d464f9ada

    SHA512

    09463d002a9d2214d532b0144c65fd6ff1468b81a419ecd783658be572ebdf6f8fa587c4708e54bb6d06e2cce0c4756a16d4b7b8f66f93b4db2535928c8e53f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfc43ac8b0ef4ff92a0c8fc18c64cb48

    SHA1

    c73b13d0751127c32d4a387db12644692506880c

    SHA256

    26b62fcf4130652e43f3fc64ee155522ee7f26aa05098921e5a67beca86ade20

    SHA512

    ea5708406f80877bf49d1e5acfbc0cd319d0e251d389a4981b282a48596357747431b1845c6ad104ee1a262a493ebfb37f0d8535f3665b633aa71c2652c30ffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67d8a2f508ecc5b0d61311f153e10083

    SHA1

    b5e245b80d308eadaea1bbd943c60b4235341aee

    SHA256

    5dc1b50ab663980c09967629f206d5b1ddac692c3f2934130ac0ec81eded9d72

    SHA512

    250d02a46dcdc58b4ee9cbb5cee8d28cffd055f4f8e70fa4562ed99c0670be1fb800d5c233010675390860ed5fa34f9d512f22b971868dc1c04294de17297750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b83a71d28272a613bf3f3e04459a819

    SHA1

    fee819e0705fd7d9a37ca084e16e236f6d9f1ca9

    SHA256

    670f5f6465d0198432c278114a473e2816640b05061b3fc2e5a93a7de86cfefc

    SHA512

    365ba20d9847e82898052ab57258d98a3f3226fe2b30b88847a800a03194ddaabf096f51d5308c4e84d55779fbcf16fbfe9446362ce43c7b527b70748f381f31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bc2e2609019f2ad4777f2d55e0f35a

    SHA1

    c30003d36ed56c225fd4b623c9238fee1ff543e9

    SHA256

    51e4410d192e2c0fd576b7be54e137a4adb6d68ade60f09352b377d7e75cc077

    SHA512

    9e86a90416da0800f5fe1c66b77b80d7ac4c4307c7eba193ed8f82773d3ae0df030e3412d9bab0be7cec5c3fa9b372927a4171cc43a4a8845b171b7b69fd3aa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36e3ed2876223a01adb69a6a917abb2c

    SHA1

    6d5cb23e7d963674232d36e89b75aeaa69776fa5

    SHA256

    17ce745de5c75874cee94613cde7c6db4acb04e811546084d676f13adbb03fe8

    SHA512

    00cb544426054423765cac2060500ce22e2a990a85fbb182377289f8071bf455eae7f96336e7262d324dde15d387fb492c8bee2a988b4b06a9d779f523a59655

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6802ed0b09c245717957e5dc5b2524b7

    SHA1

    6bb0effc0d2b91571a80261d030f06c571344ce9

    SHA256

    3ff1c6d71636c07bdfd2cf54af6067bebd11ced3b76d6b5babebe6aee5b95782

    SHA512

    99be5d1980e0ec8761ab7acdf45d145c7ba4435324b8c097ec58d3ad38a0d5ee5d91caa57870cc9bc60d875f54921c18c6365a7877c80a77893ec6fc92050647

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00edf7457c28d9c66133e4843a3123f3

    SHA1

    50e297162c3f587f895490f94100149c6c1e941c

    SHA256

    6b1e8a5e4eb183a341511c698138111f166e17ccf3bfc4c3aa3672a9b58e80da

    SHA512

    29bccb9590fd18a3ce35d0f2562d291c9f3261d72b35e0f8726f9774d24dd485ff584bec72a594c7f27c5786baeab304857fb66790c19761505fb53c89198364

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a468169308468084150bb4d5b3178b1

    SHA1

    b13fa3e672c44cc97e3ed0c0379649d245ae6be3

    SHA256

    8abdc828a18b906b0e9dfd1f28f916b36cf28e4167571c40240ecb2d5a8d4dca

    SHA512

    d66b1c68d1e5de8bd21f4c67b858dc7ce7113fb0b2969534f40a45746425928940c8ba5859dad9f7b4ab91b676bdaab7cd8144cccc6bccae819a3181bb799db5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53201979e8c7bafe0e2c5dc0a44ca23b

    SHA1

    83a9b4c7f83aaba59e5fe8e5d3e0fac0aafd8082

    SHA256

    17f10b4057242c8fa9c13ed103c5be052672271c56e33b0f23980051f22f31a8

    SHA512

    68af75d2596dbbbcf0bd90c9af03ad26d63d6001fdaa8f4a277254e5350cf8112fdd0e6d8e3d62a4ea96f255684ab0223fa5bf11fb5f3c9c4a3b26fa582d7e7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1050ac7f4bfb7adb155a54f622dc22a8

    SHA1

    7c86251799ce09aaec721164e7834251f7ce2c35

    SHA256

    c926127d339778f3b9bf185f43120a14e2ff829074fda5384a3a22605494cadc

    SHA512

    0def62101f3c4ebfd32786c35e089957f1be585c7fa9df4bdd673e02d543759ccc1cc0a9d3bef68a78b009c809f191a6fe3f5d655f4e8fed76a85bd9c9b84fac

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5CB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB7C1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit