Overview

overview

3

Static

static

1

bf725a6239...8.html

windows7-x64

3

bf725a6239...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf725a6239ca6f36b1b44c2bfa21539c_JaffaCakes118.html

  • Size

    460KB

  • MD5

    bf725a6239ca6f36b1b44c2bfa21539c

  • SHA1

    c27c8ea8018dacf4ba2ac2ea1c3a31d372b65a0b

  • SHA256

    85d67c8f19678c66f4fc14b4b6c0256dce57b0681069538673e30d24eb2262f9

  • SHA512

    cb3443038ed59da53ba05e5b8126a3123a189eb08e8db0b5799d9a73b13a51345862d9119bdca3fba4d2670f8e069753aed7bbb57404276a478ee99f87ef0e85

  • SSDEEP

    6144:SdsMYod+X3oI+YPrsMYod+X3oI+YFsMYod+X3oI+YLsMYod+X3oI+YQ:S5d+X3d/5d+X3z5d+X315d+X3+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bf725a6239ca6f36b1b44c2bfa21539c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18d6f79f000a3e0b836a471d859d6876

    SHA1

    f11761e586451fa52fe0d902c7d9219a9052b6fe

    SHA256

    8e618030fec84bb9c1b4160c5a4bec0b7600dc6d7db3d4559cf169589cf1e011

    SHA512

    b4b2db789c2724f37ba72ce024a8b12df3f1c85b1cdfea7f7aa1402a469007dab77e29530758d1563330549fce7e82daef1c121204ddffe0eb6174dd46fa8361

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b913a647ca820d22de6d64dc189ea294

    SHA1

    02d65b916a2ca9d59e151a90157c8f200f324879

    SHA256

    08e5a488f57a93db71c64f9276edd8364c70430b3fe68504c8f4628794c3ba73

    SHA512

    2507c3de5cd35e146562ad1eac47f5e78f3aed8519c4754ce67307f8d90920301325bc3e3e631929f909f4434fa0c5c8d6b38be71da79d686773a09037b9d6b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af740dce67b331dfb2b76fd7d641d2d7

    SHA1

    a24f3d25853e58511c4b533a3d1b2b02ea512966

    SHA256

    9da0f355d4e531d775e9e41c0dc1a901d0ffb80c8c23f80aa262dbcfb8375417

    SHA512

    d88693d29e47b68b35d8c9120ebb4ce6a587137cad40b3eb4fb06c5468d8256a1e03785fb23a9bf467a1605b3f1d2b80756480d9b3070f500a95c08dc7062090

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8447132ec502b0a7ce36e50626279cc6

    SHA1

    b846c2d07dc8e5e110f5fe02f4fe23ed052b3964

    SHA256

    6c147896580e19a3f0415b760ed097e60d0f0f3c0a32f479be0e1b1ee72bc348

    SHA512

    c2a0991db375a14802ab5aebd7856d12b49503b186fe3a1981a7a4bfd4e02e2f4a3a53e06d951f7b72efb89fbd53438bc647b57af2ed82528376e5d6680819f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da4bd17f980e28ad1f50609958af9942

    SHA1

    aba7cbc023e4b2d9ed0b06e5fc911e74872a10bb

    SHA256

    0c251c066765bf046ecb449fc070a66270c508e6d3915af7fc62c7bf5619442e

    SHA512

    18aafbcaf0f0b1182d4cb4bf71d7c78bc19d5cf013232cea0b0a3e75a6f7f989c5b1906c1206c44cd0afbf5522d3697f886ba60494328ee4bca971638ca032a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a453328b6de074507b5fcf4422d06a3

    SHA1

    52f7aad6b735df280f10145bbb1d168c5d7c06c7

    SHA256

    fc85d9af4304d19136648b871015a26e6feb8ba43d9fdd1dbf28f5ca9d2be71d

    SHA512

    6158542b2541c576da3408837155f814ddec47261ae4c32cfbc1a9ba541fa1f98590b8051b0ebaafb81ac9ee197df81287946275a2af5424337ff02983db0987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60fd0bd41dcab77702d13410627eafa3

    SHA1

    54230e39b2bdad2ddb27eafca72589df4b3a4a5f

    SHA256

    4ba777ba975d7411507311a7f7c8f9c6789d7cddf1a27d9a9f9bff5a66f60dc7

    SHA512

    31fd0e35fba2eecc576c02b5020f3c3848acc760c2e3368442374a3c72cd30a5cc6caf4d2ff1c3bf5736e140c97b96177f57a914a2852298c9081f429415dd33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1236585c964242015b227b7c5a1a9c87

    SHA1

    61ec3a3d788915e0b2f2eebe5fc7a1b749c11411

    SHA256

    c8adcb525a0760e9965bff25d87c543e5e779ccf659c04a7b8eed3bbf114be86

    SHA512

    3cb3e232ee5297efcbd36d918637d5ad1cd1b70dea9890db811aff17f114e15e2a51d20f0d4dd741652c088735bdbfcc96813319abb42abc8595ae230d2e99c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a62f9309fea1deabb0b5d1a87a87cff7

    SHA1

    8eab9a14a1bc8f1cb1ad062b3a358907dce7b3b7

    SHA256

    5fa809e651f7e496cb69f16c18fbff52edfc050f06fe4713ad636fee94e983b1

    SHA512

    6d3658f1c22a06c2e840a6ff0428a8255e7cc4601bd1bf4df3c7a16f2ab25ae5e80593e11895731b3eb26403d035ba8717f13cf841deee8fc28de969d6289a22

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab260A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar268A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit