Overview

overview

3

Static

static

1

bef22fcd50...8.html

windows7-x64

3

bef22fcd50...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bef22fcd50da2870a3eec5f845d5f78f_JaffaCakes118.html

  • Size

    1.1MB

  • MD5

    bef22fcd50da2870a3eec5f845d5f78f

  • SHA1

    840e979ae02467e1f76de4578733fed34a9ba440

  • SHA256

    b89d1290b34484b2df76227322694e5ba644fbc4b8f26cdef0796723b3f2fc5a

  • SHA512

    f9fc287e2876721ad32d4c741a437902970e4b6a3766cbbcb196aca39eb05216e937d1e5233690f6ce05e0d61eeee322359efb4984e1903d59dbb951bb89dc40

  • SSDEEP

    12288:AkcldJoRL8aNKlGB66BDRl3LqBZ7xq/1q:qmGlXZtqY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bef22fcd50da2870a3eec5f845d5f78f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    72d32337ff94bcf896cce98d6858a6e5

    SHA1

    77438da925828eadf05b004265680526669253ba

    SHA256

    336e274ddcbab437f1f2b3651da3fbc96c85dc28aa519d7f7ef8ffae38039fe2

    SHA512

    b500eec4b15ff79bf77274159f2da101d824b8b6c67c3160806c4032a599a59017bed8ebf98d68797f895b7846103a40682ccfc5b7be6a2ee669d44ec4594acd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d789f91747668ab996e7c2a8e801cc44

    SHA1

    1560a2c5634d5e0374dd014a7e3fefea73561276

    SHA256

    e1c7380077198c8ed3fa04b00d0d63d9eaf288d721614e632d28721d1a024076

    SHA512

    8cc381979bc890c21ee7d3af65c10732533dda6a93f29140efae40bab3a40a7a6f50b21b72f2b3cf6ca16c6fa436949d1cdd5304c4c1d3e01cc350cf408788fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    498491f11ece1906d9dcadc60ba8e120

    SHA1

    7fb1df4a098e60d140275cdac7675bd30344c3fd

    SHA256

    3adcbde66802c9c9ba2bcf4ef8971d137f14aa616fab829229d954b2eb47b913

    SHA512

    d64c556af643315252011207b7f9c3e7a0acf509d6e9e1dfb49d67239382e0ad60f8fe561a3656695be71f96df4e563e76c24cef73aff5c73d2f21899713b43f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70478cb4dead4093d36d72442669a09c

    SHA1

    d994a43dd772f576f64b13d806ee6f09a66e4611

    SHA256

    af99c982cf12335c5ccc988c1b74f3e74089b767a64b88024f9e246cf4e01745

    SHA512

    d29b22f80e96f9f904c7356dafbcddc846c4bb06e0f4afcd444f5db786c3828157567089dae059f1ac11c7aeff3097745779c6af4c07956b973717bb941ee2b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ef4558e4611dbb4801074007245396c

    SHA1

    fe0a2e5f27d25bcfdb7c7bd5587ecb86bb192a08

    SHA256

    0909db42abda77481a632d27cf35f4a69a51b77de7ecf1f82757c8ac56e28bfc

    SHA512

    148689009e977cb2c89523a2eff8a2a94dc131a86181bc40001eff861b0b0be60ac46b72c6acfdfd9dee69f09c781f698cf991217ea0772daddad9269d4e75e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c11c9b5bedf6ac3e9b78b928cc78129

    SHA1

    7293f98d9936c3cf5be70fac20c908a066d709b4

    SHA256

    8e6c98fd3c60a579297cd0fb8c96908f084961df3a0c9b21b0487c0a4e6a63bc

    SHA512

    44a956871453902e7141d809ffe14e7dee8355461909e4a16794e46fee3f6075868b6c3930115dc95c0caec4db1426d855a618cf4e34300aa9d3245058cb36e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    feff5d4269a781d6b112de4dc4b2ee81

    SHA1

    7d98d08b7a264d6b158e2546dd34296f66c48cbc

    SHA256

    283b53910ed2a2578384614c353d44bd17b973451ccd21d59c93db82f788ecb1

    SHA512

    e8d96f93c64181de658bbea122af62ae63578f35c8274dda5c1c71934deb61a922f611ae885ce457736923cb67cf6b185396b4edd198d263033e3b6ebc68ae0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ace3d4e9bd14971c39246ed3e908bfc

    SHA1

    38a511afd6501441f07f666970f2373d70c9d53c

    SHA256

    2b55494da27cfc62da2bce3407a66c29399592b5808ccac198775fb0df818f23

    SHA512

    b8a1a82872915a610d8102d364e0a29d606bfac5d2ea9965a77b6a89e7f0dfac68a2ee45057b20d2e862fb641e4c7c67686e3a8a89c69891fdcbb65c9d13a1ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3467798c516aff868fcc6ecb417ea0ff

    SHA1

    b3fe87f58ed79e47ff24bf6fc0aff8e4344cd867

    SHA256

    de60f30f743eb3920a2719fe5c426408040c0d5a0f2f01356bf79a93e73db848

    SHA512

    43cc49d8f895b9ea0811e1b26af0088c9aa61a96c412b02a4541429671b5be37fa9af0bf2838bb166b818e827177b3ccdea44b1dcdea33df8e2a915419d4e7ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd7f8f655d9fa170ed31a2e95ee9019b

    SHA1

    a0309015d095f243774555a8217f9e293be0af24

    SHA256

    710c26e14bfb23b58c512759fd3a200b3066772d6995e9a18f71eafcb3ebf0a5

    SHA512

    bff814ef9fbd59147636e2a408bc7b084e71996ac9001a13c79a985253b3c98927d7627a11a962f56bc8f0000eceae94fdf0667f9d35bfb01744a032480a4f9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4935894b02edef91456f73e71ddfc8ee

    SHA1

    bd57f8e6a66c10f66e0f0131bda14f62877775a9

    SHA256

    fce518df14f869d919cd678165e187725b3a12146faa3bf907478e1c0df37ebb

    SHA512

    3e08d5168b380df943e1d6301d310f48f61688edcae8c3f2b864ed7424987b83b2c779ad82ce8e4d0d36543618f1e6c4feb75d7c107ac03fc781b945825d0d83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    065f9c83110d079e5ebbcdd9051c1f8b

    SHA1

    13c28119aac6944a8243bbb2a26b4f65c45a2077

    SHA256

    2eeaf4a90f084290d141e32b10672c6d5221ae28e465bc1ec4bbcf5b80e087ba

    SHA512

    cfddc86f1438c42ec6cf939bdac146a307c64b4031a8b6101e47f28c847cd30fd054d99d90c7f438e973f6f079272a2615458723992b659e4248ea7b2b0ae7eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    dc39f13cc27d92a5151a27b75e3c3d26

    SHA1

    5ef16d60602309f3820a9b55d9383e5de9e66889

    SHA256

    6e12ee654bc6ae0960b8b3c7ba4357a6012b26634f97d39490830923d642be0a

    SHA512

    5e47535a63e9f17efa1e469282b75524e4e89d47f3ec1d643ea79b2146cc212e6c67a3f7562afc06b68e34b925e65d308d64b94cc639c40eae2ae23fd6d2c9ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    eca98d33eb7c1071a2f887d20f5df507

    SHA1

    4928d05e44caf80c21377ddb930c4207666fa0b7

    SHA256

    499d3f854e26e6f73f85ff75b6fa3276b764c291dcba83a08565147cb2941b44

    SHA512

    29aee1458e33db913e37d002fb0591bf360daefeebd8c387785fca5468667aa493e2cb003f724ae5a5ce3f71c3c772330d6ba9cd573b992f13bac467fa7c53ec

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQFHO95Z\bwypqJGPI[1].js
    Filesize

    33KB

    MD5

    54285d7f26ed4bc84ba79113426dcecb

    SHA1

    17dc89efec5df34a280459ffc0e27cb8467045ab

    SHA256

    b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344

    SHA512

    88afabcad8dbb0f49cdea27c64783ec98ece295f139d50029d524950a5b40a7971f033529f7b60e5acdef5f0576bdcf107fa733bf439cc76693b654ebdd9a8df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab982C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar98DB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit