Overview

overview

3

Static

static

1

bd4fb9a91b...8.html

windows7-x64

3

bd4fb9a91b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 21:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd4fb9a91bc21f10cbdfee66b6bb893e_JaffaCakes118.html

  • Size

    23KB

  • MD5

    bd4fb9a91bc21f10cbdfee66b6bb893e

  • SHA1

    a6188435d8a009dd5de0e306c111bd00f8e2b419

  • SHA256

    606068a3c8db0a62d3f268044c123ff5518498b4ec27603680af3e2b7de58dfe

  • SHA512

    3ff2831b570ea7cdfcec528a942f69aaac65f8ce9c4e2492e233e66a5b6874e4ba034131c97dbcd87f37f352d72852c4087d0dec6369a4299bf653ac558dc2c5

  • SSDEEP

    384:sEgZHOBBCimggUC4b70y8dQ/ZJ2GP5/eOLrllEQFQ/NwY5KBXRg:e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bd4fb9a91bc21f10cbdfee66b6bb893e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e72f730de4201f29ac544b5771af77da

    SHA1

    ec0ede79d386524f0e3af90501a448bcd5ac67ff

    SHA256

    986bd3b9bd791f04587404f43fa1e4fc0eb177f8f962861524fb17529e0fd0a4

    SHA512

    b4f836720ab7116ebc1f05a4483139e6d1c0566f1ebc3cce815a7fdcc2481581d81eda55ef0e5c40a201ecd25d10b8fb95bb7de230eaff885e494198bf7ec076

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf11358b95d5000413ea7cbf835f8663

    SHA1

    b6a12ad73a5c96b6f33d9d9e2a4089ab089f9495

    SHA256

    b4b73544194c94b0fa085389b2e4efd4f90281025c93e2ec54a941b653c25b85

    SHA512

    702d1c2ea1f7dc52c4ed9fbeff527c453733f57acdd3acd1fa44004dcc5e8bdb2dfacfeb8b52b7f4b12aad22d313b710fc6fbc730531f30c7c4989b9fa42bfd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2014d8def6774e6fa49be8a917ca2e75

    SHA1

    69758ecdbf001e1dc2e190a417bef88611d6ad43

    SHA256

    464341dad0486f5cbd2832aaeec3ea9ab5ba22d5a5c6238b37e4680021ce29a4

    SHA512

    696fb3282911970aee4b87053664cec64913ee0c19a2510a97820879b833f041f7367e168a911da690d676343cd0de8a2d223524c3b558fafe669e128e639355

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6df000877be2b49cc9a3d6c24e32845

    SHA1

    ea1cc7950d978636e164a3d8a4f4876f4e45289e

    SHA256

    be194fe10c5d041faf33bdf3b21c52a6a989e9e20a4b13121a34e72281486425

    SHA512

    98f5c505f04ed290af6911b1aac50fc2aea44afff6df3365b8678bd258f504fe92bee7560e53731cd3e65ab1070d4a834ea77c87e39f52f801da565bdbda05bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    336cc1104852ba7a556f45c2efaf2e4d

    SHA1

    19896fa35df3172cb3dcf8496c5d430116e6fce8

    SHA256

    24dba3349949f4fd562752aadc422fdd7c5641a293299abbb92c55174c46a1cf

    SHA512

    f19a20511b8659c6f57901cb8eececf486f79f6dbafda7043a6d810765835fe60923120b9552e92042e554c364c01ef446ad54c76dd499639d0ed6982b3966db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba35b5756812b309de8558c618db5687

    SHA1

    c58881a610c18e6a0afecc4fa4e51db734275fc3

    SHA256

    0b9f28e3ebefdacc7669dd5da03ee0221b499ee2195432e92cfe00d9a43c2fcc

    SHA512

    6f6dededdfe1d1e7b04498a12453e99be70c7bbabeeb1363ff48ad1bc62499132be026d1dccf5ae5dfe81125ab484a5bc3f989dce0dca2261cea82803f845abd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd1ec3a0a833acd4415652a90d216143

    SHA1

    8c48c55ecc644ef231aaa5f049667b38eca20e3c

    SHA256

    27fff2456596e80526a366506f4d08f5864998f4ce5e4deead77b4c892c57cbb

    SHA512

    4d387b4f63f4adeaed114672755b0091e6857b5ced4cc4dbc7fcb52393d5c1d46faf7b4d791a0dadc34fd92d0ca377780d37a12a109d38403a022e8a847d1094

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1db0795f2391af404ff665a30cc59b74

    SHA1

    28b014723fa740f8887a49994bbb3282956b2e91

    SHA256

    43fdb2b777cae4d3b362700a287b3085f5e0afd0f35c7898b2dfc3a1c598f7b2

    SHA512

    8866980c67c45a2e2b697e709895d363b630f252a74c7572e5594f0b22b322a5f49444ce7ffd7dbd6efc94bb98b64fb1344dbcb8b2de77e204bf077fa2f48dd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b2a7ec29778931d26ac66c6e442c4aa

    SHA1

    5ae8f1ab6c3ab8b478ac83cb8a21e882eace8791

    SHA256

    849944fa2ddc3a7b48204d18f7665f6654aefa5c3df500421755f680964238f7

    SHA512

    a5639a0dc93babf64eb146a69caa1dae095494ceebb03955e06a7a069d39028b33efa1c38f963b393c4741bbf03404ef09f93b46ad5a505d70ddeec63904f4db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C3F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2D00.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit