Overview

overview

3

Static

static

1

be7c85f76a...8.html

windows7-x64

3

be7c85f76a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 11:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    be7c85f76a5fc4976a8fa4254e72ed24_JaffaCakes118.html

  • Size

    9KB

  • MD5

    be7c85f76a5fc4976a8fa4254e72ed24

  • SHA1

    c8bd73d7e405190ae43623a669c5ac1fde47300e

  • SHA256

    0d37a7272b37836cfa34690d9e65a52193be1cc95884dbe12729a4a4228f76f9

  • SHA512

    0f4dbf726cfbc2f148c453d33ded1c4d3f7c8f7d4434faac194ee1f37cb4136ef816840d3a37b0227f4edd2d397a4e62918b5da1af66516a16d6c14392da55ee

  • SSDEEP

    192:2Dg12FR4/Euq7EKQ213mAsvTdqQzcG54w3vkiUM5/CD:2Dg1MwEucQkJQxag9w

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\be7c85f76a5fc4976a8fa4254e72ed24_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1364

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e49a40a4d873da6be75303f10b050ad6

          SHA1

          bafe2b9eef739295af28a9cbe78fe7f03211e098

          SHA256

          57424e656ba1bd40226db6d8f9c5fd386cff107b28becb9caad926b06276246e

          SHA512

          adf1da91756ff6cab8bff1854de74b0dd2482b6cba66f631a3fe0f795b9205e4e99ccae4aedcbab9ab2b32e70db97f1575e6f955b626d98b8e99ad5ab80e4036

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8e13c6b1da88a4b894e9c3f08765b8dd

          SHA1

          7638fc61a681c9b7678d03be9d771b11a1ec43ab

          SHA256

          6b7a880a2618827ab58b6d89d6b20678ab1a59fbf0fa3caa32f100ee6398dc95

          SHA512

          ab45c12815f7fd2f5e255f9f1df1e82a9a94e10315babe1ebe6a83e0e4c4ce8afc906fe822f16a17829f8556cd8e7a4fb03a951b70df8a41760a49c77b71cc1d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aaf8d03990dabd5e2916c62a858a4be6

          SHA1

          fccc0c349cbe833b22b102595715f2c5bb347953

          SHA256

          db69bac3fc695e735e9c53fbdec151c468293a0275a12a11fdde17f4c4225008

          SHA512

          5854b5031c467b436bc3f5fe66a77a19e9bebb6dcb7f952df1592c9b4bb0cae1dda2973fc3af9babe0e2431d92891460b651ee439260118875fade97cd306675

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c66a716a7afddeaa6f72cc6370c5056

          SHA1

          12fad3dabbf31251542cb599afd46facf82a74e5

          SHA256

          b494884b6928b228341f98297b0a90c740e9bb55ccc527dbc404de63308cb2e8

          SHA512

          ce22a2c5750cebd3edab12c3435ef71311fa4514acea2e8b2e1b6842f46c921bee65179b1f8732812d39c82b96367e0cb98e4c25f26c5db2a346c56c922befdb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ede2a1e008cbac597057c1c4497c4234

          SHA1

          1b7eb1ac69f776b0648e75f3955041e1b8595f7c

          SHA256

          b3a5ae488a8df44510bbd5559fb20480a4a400a11ef3e236f6711b9bb3941a7b

          SHA512

          8ea24a0537f4ed39ea2801fd85b8e51bc5c424f3c5ca7a6af64166ecea69d4e4e711c91caee1cbbf1d3623dbc572970c91e1a0e4575910e794fad6cd85de52e6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8315a5ac23f08ab0324a71cdd9943cc5

          SHA1

          e79bd21a2f2d12a840b3f95a2058f3c8b8b9616c

          SHA256

          003af352537a074da6378b87440f23ffb2fe17f24f750d9c11d0f93cf08be8ee

          SHA512

          2fbb10fc4dbb0df1ce7e0fe7feb1c8d25d4ceeaf88e23189fa0cf44f22fabea90f5d17edca8877c6c0ddeea454afa432d7657605e053f492cd291ea4756613a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          78b84f1c8993bb9a93a01d3e98e20938

          SHA1

          a45e6c1bea53daff6c0db6f78ad0bc1ea0b1b85a

          SHA256

          5bf9b029a3e9832eb43862738b0f715383d7ee4dd2e9978b3f460b97dd6ef8c3

          SHA512

          ef82f3caf061b75b3673a27d9072b4fd200bc3cd667803d1057f1caf2d89d9f5b139abe94db9017120da24915068fb9b90daa01eb739dea93fc6146475f69502

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d840c76e11f88638a2379766d099e4b6

          SHA1

          45248a715b498cfdf1b8b6bb721e32dc79c8476e

          SHA256

          dd24c5b9a90afc1684d962dea4bb715d07d8b60b92be1b6b41e99566c71e3982

          SHA512

          40423026a906a0fcf5c24d1401ef1a9073a78fb29e7e6efe5de523fd717f9c5bc7e37b879a58f1380282528d8bd4267fe965e2e0bafa884a8e77041d584cc418

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a964c217405e5b7dd72acfaba836722a

          SHA1

          159cb1eb56fc1445dd82151e901d05aa15e86817

          SHA256

          94103866790c11586a3e966a077fa98e9624211d1765918f045cff86f9844193

          SHA512

          537b293d9157764389ba4b9769ce8123c7dd9a9477b0550aae441a8479643186bd7fcd69dcdef77bb99ce7109cec85feb0846a8cd819085b66b206e592322414

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b09bf33a80efb04076519b81790261a9

          SHA1

          45e6e938f3d0e0c6e018fbd4d33fea8e35a032c8

          SHA256

          5847fa563440e4fdc78d77a7f8b677b3885e21b8b89454801af7d7a21e942326

          SHA512

          89dfe7b850dd4a446b0c3c6a6be8205c8f53488b3808e73f8f0c1dc756c98465bf4a72b24f4db4248954bbc28b61db700e55871233c6fc086f3616be09d8ac77

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab1086.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1338.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit