Overview

overview

3

Static

static

1

b99dcf79b7...8.html

windows7-x64

3

b99dcf79b7...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    77s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 00:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b99dcf79b7490529fc89ae9181fdd9db_JaffaCakes118.html

  • Size

    9KB

  • MD5

    b99dcf79b7490529fc89ae9181fdd9db

  • SHA1

    27e286a6d169ee1bd91583a0b2daaf560619b5ec

  • SHA256

    d4b76474392333780e5e3f993dcdd81fca191f02047d6bcb5b4b0eb940c6b456

  • SHA512

    813f1a6cfd4aa9ee74eeca233459fb7a8da31a11bf52c07469d3736c4178e768882c2f5a67b52a6942c8932677a91462043ed1e12ed52af37b8c0867400b2267

  • SSDEEP

    96:uzVs+ux7p0LLY1k9o84d12ef7CSTUzGT/krYPp1abkvfzllVHcEZ7ru7f:csz7p0AYS/msBwboLlPHb76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b99dcf79b7490529fc89ae9181fdd9db_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2844

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          77deab5d79c999bb5c7566498d11ee9c

          SHA1

          d2c9dbd52a655193da01427101daef11330f1797

          SHA256

          17ebc49734d052809fa9ca0605074935e96c25706dbf9bce4384e6d2ad87d35d

          SHA512

          76149c59b4ae26e3c2ca06571c4ebd094a7488870c7948313b2bab2508de75c62e349c01e9ea12cdcb5798f1237fe63e741ffc809d9319ad26f8819c10a0e384

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5454c263ec605a6b2ff8c5e5536b3d5f

          SHA1

          a0817c02d1e649d2e5616636db1d007885038176

          SHA256

          2f8cc404afbb17ae75140c4e4f675513db854468da8be931ad77d3daaea981ba

          SHA512

          ab7bd5c783dfaba68ead4813fba214f4bd0b37bfee293efa937d7567ae316f4224f148deeda631e91ac56709364f72f9817145d17b21f3dc35668c575260cd41

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          27702dbe976e20e768ae7338e131b3bf

          SHA1

          2d573752d44632f8f3549bff3b5f895990c771e0

          SHA256

          e6e3d84104b01e5047f3b528e4f0813a04ddade90afe7a29a220034324425274

          SHA512

          6b8f3e4b4a3e109d785544a45359840d3864dfe94feec09125dab6e39e8e59728d6ef9f0da24aef9d03d6428891266b590dd7b7a3199fa94832b59e27c29d95c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17f39501dbc3eea1f2b45718fa53d58f

          SHA1

          439fbc7460deb06b3e91ba37ed78a7071c455226

          SHA256

          03258e99e9d8bcbf16673adc3f6a70eca9b0a84378e26fbfbe98f26120717321

          SHA512

          512b00efebaea313727b3a9d1a074c8666bdb1e8733d346ad59f6566b1c5e80a3b1e81f7eb3ed7977a9b76777844faeb26bb29da6da99cfd18eb9b3175274da5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6986cbe3f2f064417d3af3fd0a563622

          SHA1

          092592ad046be350c8cf51c3bd8ff805dd3c0302

          SHA256

          a408e940ae5e83c691a1b9e12215222dd80b8b139bdc26c315f092df44890650

          SHA512

          10232568ea01faaf96989f768eac7f91861e59ae1d3151cb191356bd35822de879e82e8287cdb65f691fcae2c913454c18520bdecfa452e4d222bddc3cd95b7f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b8b38ed9a740ed11b30ec5960a69c171

          SHA1

          a730de974833f73dee7e956b3c44d55a4a975ab6

          SHA256

          da2034af9eccf914c7f73bd1f57d24d7eeca80d7da4597701f70b3bb0697fdc5

          SHA512

          aa5a70d3bf9d219427b6575dc62f92ec0f686fc95ef615a2297232b963dcd08924b31f225192e60cb92bb701a5c06310c0fcf7b1ab59f3668510ed8347d2cf70

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB829.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB928.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit