Overview

overview

3

Static

static

1

be1dca1b91...8.html

windows7-x64

3

be1dca1b91...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 07:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    be1dca1b9156534f09d0629ae3f92e64_JaffaCakes118.html

  • Size

    2KB

  • MD5

    be1dca1b9156534f09d0629ae3f92e64

  • SHA1

    a27e61cfca996487b90181312eac0a6da581c481

  • SHA256

    6ac418ae6d722aa163903762d7a0a7a01e95914e49ea73bf4e8abf09128b83a6

  • SHA512

    872db9eaa72ee8a82bcc284046e03356ab95f596f944e87b3022af0ce37200a846203162b92b24ced172cb51b04dc9a06d801a4aa19e669e3d9b4114c81c5afa

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\be1dca1b9156534f09d0629ae3f92e64_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
          Filesize

          717B

          MD5

          822467b728b7a66b081c91795373789a

          SHA1

          d8f2f02e1eef62485a9feffd59ce837511749865

          SHA256

          af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

          SHA512

          bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
          Filesize

          192B

          MD5

          340ae681b5959ff7efc839f9c2adc705

          SHA1

          8c05ee10bd5314e3884c53f1bcf51fe6b514c97a

          SHA256

          d92cbd65a8c5ef6af0b6436ac1dde1969a08d16013fdc3cd20c35d5bb4c686ba

          SHA512

          24db1bd7138cda1c5f11a42c4793d749cc3ae698dbcdbbe16dd959724e719dfcc96eb0b8550a20d4a21632fcc95af365f3a41ce32e1c5bae4f6430597d407b42

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          410B

          MD5

          21ef040d181d17f90b6ac4d0d6e87d97

          SHA1

          8a92745b55b4e0f448a4e074f165bcefc3feecdc

          SHA256

          1318b20b95245270f8984a7dd8d81a53d8f07f41b6bcf5412296141393743a90

          SHA512

          eb5cbf1031672280dd99f66d3c3afdcb5c5434de59db788de4600e4a993cbf30becada9d324b0e0f4e0b1a975138dfcfe6c2ef2a3f3fc94584e47b24721f69b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          a1d8b5b05fa0fcca053d4022f5c76e92

          SHA1

          d4b32b0877a97e00d069e8b1144f0f5063b4c6a0

          SHA256

          9c3f108514b1d4c7e600dd58a06e7e453565fa5e818f45aa4b37dac2949d89de

          SHA512

          e0be1273ebdba47c5a26b5f4f6c539b661611cfb10166f1ab9afe613f61af22628f24a715a75b378a15794f7b291f633a2b20038bf70b860932a8419c71aff6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          334d937f37d94990e1d38a1230a3d64c

          SHA1

          ab0027574057d01ee2439c24bfa0a55d4326539e

          SHA256

          4b71a94464106657ea43afbe24d587484d4c70b914c79f91fe60d44317d03924

          SHA512

          38bc7ca8091fe4f3d8dbfff8d365a7edee3b5040d30650e1caef28171e409d068c46064d0db953d057b983db102611a6053252008d9297be5511557bff931060

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          afc6712145ddb9739f765219a730ec7b

          SHA1

          1cf463ffa74d6cdda2ef7b4d41631e6745e33e4a

          SHA256

          663d572de2ca30790b3e8b7245ef3ac8ae0c0d614b3a4fa1985bcd4ae78189c9

          SHA512

          137462e6e81ba7e0d2ffb786c44346e6b774101b2f8d94050025d1eeb8396c9f2783beab93b7b7f6911ffc614a356494b58a3e51d1a736cb9010e790d8432969

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          343e284f9dbaa906282117610c890531

          SHA1

          e0ecfb3a1fed3d95e3ae3d6131054e81f6e5052c

          SHA256

          7505ea75b99652c76dd4ae4fa9bc0606965859955048f13a105c780db5b0dfa7

          SHA512

          948fd581aadb4d1f0b7a2926c3df171e7116afa2d20ab9908c20148f88dd781c8074bc8a65415063eb404e842e326a452fd03c58075b01633a09a20247067e5a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          8b2af0ac17860f7760e33ee420e56065

          SHA1

          883a0bde8e1a1502bf826f415167e30e9e308990

          SHA256

          6b79f19619fc53fc26feefb828585db2a351c6eda5d75ea28e82a4ebb78d521e

          SHA512

          f3e1d48917e9d02b0473a6ce39721253f8d62d5138168207633806cee054dc450ff0f7f2b12101226a15ce9e44d88a0a412d73ec1d71f07b070cf5cb200e97dc

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT8UAXPK\agnostic[1].png
          Filesize

          5KB

          MD5

          8e35b75274a33a695fba6a64c5e7657c

          SHA1

          d9f32ab5b394f813eae4694506471b5833fa9bda

          SHA256

          f79f609a341100f90ac809f0440cd810a6a2377cfc99b50eca6e915b82c09ca4

          SHA512

          0ebb9b14ce6cb96bed5f1421798a4c9b1a897a983678ff9840912883b603fe82f7b4cbe2b20f18a4880dddc07b643bf6e027cb93a55527bf083e7bdf6ef17c19

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1C49.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1C5C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit