Overview

overview

3

Static

static

1

ba978ebc65...8.html

windows7-x64

3

ba978ebc65...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ba978ebc6509728dfef08ad50cc28ca1_JaffaCakes118.html

  • Size

    53KB

  • MD5

    ba978ebc6509728dfef08ad50cc28ca1

  • SHA1

    125f5a507c1a6733a46b38f41012dfc9519b13f7

  • SHA256

    46632b0f709f548a0e26a4f596b49815a0c8c1ac3d5681d074cf0a794e5a7699

  • SHA512

    d964b2bd0aa755134c0b9d549cd23acaf4a93a53a9244b26c16cd3831c7eb8a34ab9e02711304db308c24c1c3aa903f0540198546327a9fd4e68c0a6924d8c22

  • SSDEEP

    1536:CkgUiIakTqGivi+PyU9runlYm63Nj+q5VyvR0w2AzTICbb0of/t9M/dNwIUTDmD+:CkgUiIakTqGivi+PyU9runlYm63Nj+qI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ba978ebc6509728dfef08ad50cc28ca1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4822162864998a0ec99420f2f865bdce

    SHA1

    16691577c94c92a27630e208eddf188e2eb66e9f

    SHA256

    85002f36f741ba1fd2a5d98c751d720a458be2d734b6841ea3448233b6c84ae3

    SHA512

    4ee6de81b9e746cf482de1e381435f19e3c38c007b26831ead9098e9df689a2482009c4225a9eb529ce5166d2c96d757ecf126e14eb1dca43edb051d9fd69b2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    804810a23dc4df2d29bc1f0036a05a5e

    SHA1

    ac2499482988e64e39b1018e9fc6021a1c9c7cea

    SHA256

    05c762e16eaefbd9b14093aa59063b6ce6fe25855e9de357ac9c092e462124f8

    SHA512

    55176c4f02d58a308ddb22c3720826917d77fbae5cb5a2a94544face87043e1e8b7a58d7f6ee92a751b49c63ea8478c4c0ec60e69946c2edc0b9fdd0d20bc209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3af8249f3a5ac42afe9e0b1cd803c02c

    SHA1

    563e1e396d464ea222b4dcf473a7281bb3a44133

    SHA256

    ac5a2b556ad7feb6cbd36beaf8d0e3f6c6ed1c24ab0df6209f18901c3092ce58

    SHA512

    53f117818924ecc6b709cd551f8cf32337dcabf55c30f6279bf296527b356605bc80b35e334c6d5d853f1acc622719a79899228e88c7c5deba1e2705384d835c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2e6f9d540066e3d128cca0f1fddbb65

    SHA1

    181642b99cdd708818b7359c3463e51983f7ce05

    SHA256

    b30540716038f8f868f263b307dd77cd3ef09ff96e7424df7229950a1fe27c6c

    SHA512

    121c022bfe36f2c77213e307a8d1061b3fd812bba791e6e6764d3cd1d80ee1418ffb4ebf83a9de7f2f956c405c6e3c5b71c1f8cd3817aa871d0f8b5132aac00c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b28da6705756416c1470b3514b7804b

    SHA1

    fff9f4a1886ee000ed239d225329cdd6953135ec

    SHA256

    b7ede42df86bc9e19e49a417d180c133d98ff057249c1cdb708382750bd4bb96

    SHA512

    f8bdb5e92a548cd4d38905fa6234df90cde3223f9f9a766e0af888f4d85be188710a189dcbb0175853322543e49efc12653b017631ede4a800fc58349b644010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6371d8d9c95f0411e048f99b0f832f5c

    SHA1

    ff845dc16e4e969e52f70631464f2a8f9437c13e

    SHA256

    fc90e9bb1f87a066d929e27cee3feb423d486b06e47419af47139872d0a8f85b

    SHA512

    f574506f73450051cab6855554ad48e0784ef807dcb03da6f0b2378823d2b894238e84663762724a58f613f0353473d2027f47b067c5ab05ae1d5284339ed12b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ca7f9fd812acdb44adbed5305b04281

    SHA1

    ed57e1709b92a616ba79dd2a427df80c76ad2c8b

    SHA256

    c0a3955ed23d6b1c2b1f90f06e1a7fd904b009c8c8bba20ae96b4d68019beafd

    SHA512

    4abcb3caf4809d550b5e6d2b267a14827daea5e55b22735daf80926550bda84be376c6bfcb501c4d3a7e324c7c758049d4e8d4083efa1c4e59a14ad9627aa0ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    247e5d1f692201802a7d2e55ef369bae

    SHA1

    325ea8745f31776a3ef1b0b7e9b47ea4ee2e0686

    SHA256

    d0b3aa2c769deb2a4e2555a8ba2dba9383fd0f6458750bbdfd2eb5662c099ec6

    SHA512

    c54b8ed942c230d1fd72523eee797fe8eb0d39aecd2f86ad82945a9daca2a4e492004ec735107ac4ce43326b54b4ab0d796bc77562bfaa728d8342df70c5adbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64d52dbbcf6f1093f26c3aa0ccb9ba43

    SHA1

    4ca7d90b9c9ced3e042ee61d2c66a608bd8b2433

    SHA256

    b3c572bf752aad01e2c0690fac32e634e94b7ff0bf9a36e99427d9b36dc01b0c

    SHA512

    2b9ee6c8ac330d164798fdc303e3c565fde44be566a94bcf1acb91979dc8d9f590192dbe1fbc663163cb4ca53f3d13427aca7e3a8b7c4937d9054d2bfccd3f97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89cc3959bf1506480b9a04cfe91d1286

    SHA1

    825e743a01e81ba352a13d982bc975b99850f5ca

    SHA256

    e6d01aba91be63a3ecbfce04506f87b05fba3a1dad734d9dedec6cdf986c264a

    SHA512

    99bb44515b8c7af32b30a31cd3b64da31d67158b3cd11cfc0d90237edbfc980d71e41b838e4dd7631075a85da7718935329cfc9616a8c5a729bc3ff7df201f4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c4eb57e25a902e120e73e045109cb13

    SHA1

    d95b16a23f10feb76302f14af6d3e9caba8ae297

    SHA256

    904134689434eb300e5de101e9d8bf568516608e6fd46f8f80bfddd277ab3306

    SHA512

    b32c29c251188bd0d6c5c52201def11d5ece0fa8cc622ad9b509f1b305cedf1054fd35b98f7261869d0ac8cf8aeca05f260192576b2978cb28861af3346a394a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab948cec9e4885915d6df07b513f8e9f

    SHA1

    e316a98e7d76afcd3c066adbd147cf645bfa50cd

    SHA256

    47631df07a18aadfea002368682d122de1333ea6e1cda4ad7bd9602d238cc16e

    SHA512

    048b3f2fa2ad77ec356bdf5ef9bbb8c2ef579b9fbdb851fffaf56e84c6472393ca55e61b43f7d85953594dc67c94c62eb4dc9824fbdce2c6b41b1c17a637ebe2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b366adbf3bc1075858a9679859148a8

    SHA1

    310c123a92087972d26a219df18c60220d016569

    SHA256

    d95a55751bc0af6a074c5d49d5583a384ccbfd69ab2c2a6037bc28b6f8f38e50

    SHA512

    3c8e192eb87c4551dbdd6fe5791500df16179db4326b4fa8570913be1dfb99cca30acab268f9ac235e014383cec93914bb73d2312a708b0a8d8e8fe44a825a3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    427aa094925bdb1487ea8dbae6f4e4ec

    SHA1

    447cd05b009ba0b88ec16a194e9d58c8ea928865

    SHA256

    5dfdfb2c6a6dcf77389bba587314af3bf18418b3e57a898ae19387e2645c0a2b

    SHA512

    200d94b7f8f35917e88b749870257d1f080bc90b07e494354fc5e354ef2547c94b52ffdab0a75dd5f26a76134e497eaedb2c396a913fb26f140b6847c28edbef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db67c89c2b8db79340c935269a7702d2

    SHA1

    50e869e9a97b73cd18c745285926b5f397f747f2

    SHA256

    79a3a6965b6bbedcf86d17a646eb49a8d526d905cde797839f5146b8aae55d99

    SHA512

    1e21b9985697c4f52ab6f7923db3dae1b3c0c48292d16d5a56196c4b66c5077a84d185d6617df35ad5961a108af9f046c1a66b6cfda324d74e069c0ca69e571c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\upshrink[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6184.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6261.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit