Overview

overview

3

Static

static

1

bca83a810f...8.html

windows7-x64

3

Resubmissions

23/08/2024, 18:12

240823-wtdygaydkf 3

23/08/2024, 18:11

240823-ws2yxa1bqn 3

Analysis

  • max time kernel
    55s
  • max time network
    56s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 18:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bca83a810f272b52d0c53f4010742e39_JaffaCakes118.html

  • Size

    531KB

  • MD5

    bca83a810f272b52d0c53f4010742e39

  • SHA1

    5477368be6523ff3065373c01ac06b05f3486109

  • SHA256

    61a1df93b3075d735e99477e6a11949ac2086b774b94679d7db71806bbb68891

  • SHA512

    70417cc55fae1958139e47f5a4e3b00d801d794fd3bbdbfab01ebe0f714a6c15f2f671733bb2efefecd68e96d464bf0809c4283524073e6559a019f735e27cf6

  • SSDEEP

    3072:S48yfkMY+BES09JXAnyrZalI+YAA4boQwlTDoJrvVZxyjoYyHotsNq8BCpkvTgaq:SKsMYod+X3oI+YYIlX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bca83a810f272b52d0c53f4010742e39_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:1455122 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e32c5ac6bcd54a6f792579f7d1a88bed

    SHA1

    7f365c70397b85d39de07ab5d083ba1694cf0d0f

    SHA256

    7dd1474fcf44c20648c144fcad1f0d3aba0e6be2a0d415451bad33cd9a5db9bf

    SHA512

    600ea181e847679ab8b2c93cb415446c5a769040be98c1d630c7a1e2531ca9ae6d554ac47284ec4c81812b9f208c80eea76269c706ec240ff76edf07373d3ffd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc65116dd8bce8e70e9ce69be909427e

    SHA1

    77b6804f9c8cbd35b224d62856ce781f727c91e0

    SHA256

    79bbdba5ac6ba97a52c33cf9e92db609993670751f5e187196a2836316e496b8

    SHA512

    7d52df8a8b706d81cdba25707324bc9b911eb2c809e0549757b0df45c8f57f0280a8448b5d39f54853caf1f822d6614c3d8db4636d5e338a8183c56f447e219d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f6b4bcf10b3ccd7c8fcfd671a88cc89

    SHA1

    c029037f9866df6592460e26d3e72c1aa998d52d

    SHA256

    82dd01a23676b0c79158a74b91f90ba1cb07cbd803a4dc1e7675b7fe3a174037

    SHA512

    b058e42ed0f5e222f222ad84d73639a0f086b27f0acf93f937df0b970dafca286df5208f23f70f11e952ff1e779b416174fa3a4661f316c2644966983271d83b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dd2874e27e14d3d73910b51b3ea6cc0

    SHA1

    6fc0d3c897c720af4bc4fb801e9bd1766f05ca14

    SHA256

    ff41fc8712b78a34398444eba8bd01bc37c1425d115b563553910dbd62774b7d

    SHA512

    41ee0a6c7bd190430fec1429d7b32e991f37ce17a9440649182233892219b24fea78d0620f7ea240e1b7ef04d9b990a99436154fad488626531332658e711e3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5cc6b6c091ef75033f0534c90692903

    SHA1

    107b2ade41518ebf2c1691440c9df76309c46f5b

    SHA256

    cc69cc48dedb08b337a12501b061a4a79c9d46fd4869a3b0c975a504f5646fcb

    SHA512

    0079ee29c8d9f66676997954a662b0ded611bc344358accede95764ec4cad7edd6c28c58bfc964160c6ee04d0125247a10e3317cb4251728e7545db78d950cb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b2d07f7f4ae783ba9a8fcd10775896f

    SHA1

    82e772cef11580548cf58355637a00cd31810932

    SHA256

    22ff0bfa4dca97ce3cc0d5a2b55f6a42c13c3bca3a3bbb273598079368e31c8d

    SHA512

    64c05ddc526d6377d35e072620381964a870043d3d0cac83955e4905976c7088f4a6ff2299384cb79dde67a26f381c1f9050c7a18860fd0c8e469a8dd0cf464c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efb83908606a08cc818db595cfcc2837

    SHA1

    a2164178d22082d8f8dff3afabee6b64dfc7353c

    SHA256

    c1e70cc72b9d13b17dfc1ea0cab1be63643b2c3364f24b053148824d1e8eb075

    SHA512

    b80eb592339e4bb576679b50db3fb463ae9befba2bb3b15adabd3ba3ef21b7dcafbf98eaa47bfe19fce04eb0dfc75214cf5d27953888102c0fcae945f4c5c22f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04e1fe046922792d13e483bbff99dcfc

    SHA1

    0c8430ece4cf74f1b0caf0e47d7a643d6912dad3

    SHA256

    7df0d1ea90a03c39180e8c0044bf4b8d944016cb566a175116a856b89ced3bef

    SHA512

    b92f9816e2403eec728a68bbe2be79334fa2b75e332d4ff7b04547e394445b3f97100e8b768578b8b41073064e8cd83e7766d8d8ca8004b24d6e0bc2f49452a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb7544c8d69a46bbb47173c3dc06746b

    SHA1

    2a073dc8d871c130d7898926044aaa9c329a1ada

    SHA256

    3342bc49278d9a5c533ac1c01e773a697fee7af65cd847feb0a27148f891f67c

    SHA512

    dcf5e9b6c9d82636f8b31f707ec80e69504c7aad345ee797323cbc57c2dbb6fbc3e8a54e25b92993481b4a6dde36b0d9f4376535b42a8ec3150f1f5106f7b669

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    920904a8f492d1ac2685d4776909a982

    SHA1

    7e3ad5e5c4681f5456d5e1d1cd2ea11f5d98d8c6

    SHA256

    d0372506e631c7c56df369b07ea6371eb90d195bf8ac3de1bf2c0eff8f0a271c

    SHA512

    4964da6ba9b4b2f3ff566cf9db3d2cdfee182a0107c12705e0bc8fc53f2b6937d9bb84e022ea26ee298c50552b1c5ff9ab61df705bc273258a87769212544089

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD1E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD8E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF56AC99F180AE8A31.TMP
    Filesize

    16KB

    MD5

    5404d2bc6c3f70c0c85da1e6091cea29

    SHA1

    638f1f800cece4c3fd897ee97872f6b7808b611c

    SHA256

    8f1596063f07533ed2a7c6d60b123edfa565a4c0667187f74dcfc14b33610c99

    SHA512

    85c3fa92e7b23324b2f45fcf0e9aa444dbd85dd93e2572c079be95aa1d5edbfd6135799073a5477a4cd8f3edf3fab1ce4af6333a258e7925e9ac8616a2635c49

    Download Submit