Overview

overview

3

Static

static

1

be3c6965da...8.html

windows7-x64

3

be3c6965da...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    be3c6965dafd7bd06ab39044f6d16353_JaffaCakes118.html

  • Size

    23KB

  • MD5

    be3c6965dafd7bd06ab39044f6d16353

  • SHA1

    510468d51fe2c0efd18a420f46c11bc5b39dcd30

  • SHA256

    c60ceaec3b8149dc5a57674e25e02cb6b44f3078b58e100baa776eefebf6e8bf

  • SHA512

    154cfd1d2af766704cb07968427e4b7122727848d08bc3decb4c1b035bf39e5f8e0f2be590eabba67edcd4c2af22cdd77459b49be0115591e2b02403ad5038be

  • SSDEEP

    192:uWbIb5nGmnQjxn5Q/JnQiecNnjnQOkEntbXnQTbn5nQaCnQtGwMB8qnYnQ7tnuY1:DQ/DmOl

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\be3c6965dafd7bd06ab39044f6d16353_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ae5e1066550a71003227f7d125886e7

    SHA1

    0d7ead94159ca6029bf7842a137cadbb5e0266b9

    SHA256

    f18e09e8c74e49ad99498df8ef8471f06adaa36def326af50972896af5573755

    SHA512

    18945ae3d8e32e5491a1808aee5467ae7257a582370d148fbc1c4d86038325a9898fc83aadc154ce025aeacf9d4ffd8e553f7f92272dcb5d0846992798b4d90e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e90a24bdbff09293c140a8e0e7e1a795

    SHA1

    dbc34265579fa07344e408f40e686e19afbe54c9

    SHA256

    b7affa22e39a60861ff23854aad1c87021c331fcf40bd1e82136ced0d4c46ea2

    SHA512

    4f65392bf72df061f08ce9b6ba6eecc7d5b27dee30200d5c85b892b2bffbac4bb5524d32e21f85a732c3bb35cba55ea1019a63643aad10576d2844dfb8c2ed74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    053b9d301ae3d2ee11d48a71ef20b56d

    SHA1

    ad9c6efa86043c4fa967764a0d91d9e4459c30b4

    SHA256

    4b0beef44a73a2e81ef6decaa3062dd5ac6256c92c4e6e13058427abee84bb6b

    SHA512

    4490bb2a9a3e0ddf90b0dfc155f27c484fa22374150ced256b98638060ff9973c8927fa3c524c80d143109badc807c91ec2489311327582ce255062ea53ef047

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dda7abc15d856e3093985d81337c8a0

    SHA1

    3201f375ff6699155e7bf593a32632bd764e3741

    SHA256

    77d3af106a40c3b251005208d3c838c2d2ca6075e745be1c323998100d905877

    SHA512

    ee2131fc019abedfb2e1d5af8905396934195516c21ea79122bc5cbc03038593151a8d5d2a1c7e7836fbf4d07f2651281400e1f72d67bcf332f94414408fde3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e565ae9d20358ba063348d7be467602

    SHA1

    dfa27e840aee974655cc0ddda69e6e90a9606713

    SHA256

    00d37bbf3bebcf1dc254b1608910dd2b5ca5a497fbc22893a86d69045a03cb2b

    SHA512

    31fcd73b139285014e9c3afe844d63ed2524f8efba916744dd31ac16f68e1907189f61c417b69025ce8e1fcd6bcb33c54535ba846d852f90baefe0e5332759c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f0f98a2deb5d9f15f59541ca099756f

    SHA1

    720d1d76653b9349f00ef4a533b915a12652a0c2

    SHA256

    5d66ac63ac567fb364810e68266c3af0206edce2fd5f1196dfadb202cb632a8c

    SHA512

    98a730eb0dc0a4ba97fcfa671c0e84f214c9232da5a43f6ba12cbc97486b8db2a4491b32315d05b8cca327dcba2b824847cb53f271b4413feaed3422745ebca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f90959128c5b7604faa2997f4de48b3

    SHA1

    d5b2996ed5053b3e621bfa1d794b547708f391d2

    SHA256

    92f3ab1fb293ee4c4426bd680a32fbc783f56f040b8a8d63f5d67b838fa0150d

    SHA512

    ec02d4aee1f6518edbfd0f4b766c513d26db026c8971deaecffccbcae38723823273f53f8a7e59f07cd2d8ac5f2fa2332c777e5b0093647145f7eb1b47c71601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49da91b30f4336c64396b6abccdc41ea

    SHA1

    940a97783946fb54d582e0fa6dbe2d9bcbd53ea8

    SHA256

    d5b3a840b0b3b1b10ce56c392f903e5d4b8d83c1062a29a2bee006fbc6f3b9cf

    SHA512

    30cb43fb8ea52890773234f5a4fb147bac8e604c06d306e0ab1819da5f87c78e651f46851664182ab1ca9d5cae848537c3ad64dfdafc425dc4e6e0a025d4adf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a09a500060649e9ea96502012e796086

    SHA1

    8bcea688e851e3264a8b9931e65a1da6ca43dbc4

    SHA256

    15a056d77f090f5fb010363ede5da1b381dbb2698b2d26c92ae184a7435998e8

    SHA512

    7e702013b0e31c9080f7acd5db0a42e2a3f5c7444ac96103687a5ea3d592b205c344f05334ad5ede28c163febff0b698eb3f18cff123c2d5483e204878ec4aa7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB2FC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB36C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit