Overview

overview

3

Static

static

1

befdad4e8d...8.html

windows7-x64

3

befdad4e8d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 16:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    befdad4e8dd6003d1c7806a469c6402b_JaffaCakes118.html

  • Size

    24KB

  • MD5

    befdad4e8dd6003d1c7806a469c6402b

  • SHA1

    01462bfba24d671aaac191194a79930a0fffcdfa

  • SHA256

    2a26a58f42e9113bf5374afc6ef050ccddb31ada036dc8708ecd552674b75b55

  • SHA512

    62e58eba60c086b50a3efa381031cba00d17dee45f88cb0b26292f2b7be9d9b47e6d998efa9241505f048c8035f61b5c7a89138e1ba9b424e3e3df47f8fa0853

  • SSDEEP

    384:C0oLqP/+/OCBY50xQWs72d65Is2PHYQd2Bxn1LnOnvnjninZnJeOdiladiJhb/zu:ZOdkGeSQk+B

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\befdad4e8dd6003d1c7806a469c6402b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    3570fe92aee1854302c6d7b502ddae99

    SHA1

    1cccef1ef8f577777aa5346e74685abcfefae2e1

    SHA256

    f2ff3a224fc536c126fa92277e2c4e9d0055d659c488998ad74615e3525b3185

    SHA512

    960dba90a6a06a21ee2ef638d7354c371bf209ac954aac20ea0daaa3adc97dd750b3d36e0e88eeb558f600b8f43c09bc529c77776b2eb3f7907d5d939f38755e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3108f188e6056e155e6562429d86ae54

    SHA1

    af72d11fd8e6b248027ca790591ae23d66fab817

    SHA256

    8a8c8657722b50d045a200f563b6570d2fb609a0336ca316669e922d0b2b2d65

    SHA512

    b942a442974d960c3d398f9e213d5ec8c021425c039aad293b42ea5275fcf4709c627dd549a8e13e90d3054188376511cac38691d5606871a825b63ced741349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52cc6a77033002f875043d9288b6dd62

    SHA1

    303f2fb7d4801c6c528fae8e36d1070d52ea91f6

    SHA256

    56639756b7ededa7c7ee33772bbbd2540e64bea44a7a935f98ab5513bcd477e7

    SHA512

    561a4b2a5691f2ff7ffa408236d9c5cb39ccdb9b37ecacd78c0e5a3a107845733a8498e6fbed30650a7600bbbde4abc6fdd3e3a635203cd485c1289ab8e328c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5de4d4772e6f0ac24b3a14a56b59f5c

    SHA1

    38b7246c5aa5ac4408fe6bc96234ed3f73ed5846

    SHA256

    755c13c48e1068a70fafa145927ac8ee42890f81232dbe4c3dd5d0376c880737

    SHA512

    c1f11d9287070bbe8fa45978765ff3ebaaa1b38586f658207495b6e48c6f9b8a6ff70b670d9832b89953747fea6dab813d4899c7fd551b08931a206491e76ea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    628d4be65a9c4331eff53459357dd052

    SHA1

    9634f84fb39b321a8a405802142a47aa0524a340

    SHA256

    20ccc35bbde46022962b624927749cae1ff1f57a08520b6f255ce9c28c2fa1da

    SHA512

    c77b7ff272cfef0e031648f32e31a61d207e3a2f01cb5187945f9ba4ef723d852f417686bc1fd722a0dcb25b524931db2f1fafed79f863251240f90791f4b1c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1ba668da96c5b57a4e99e3bc487ddaf

    SHA1

    222632d8d70eaee084376a4a34a8cd78361e13d8

    SHA256

    0a92df95f4841242271849a3ad12d2664d7f4407bd030d0d4aa8c6ed86dea601

    SHA512

    e78ddc0aa0bb99a0ed8cc26a5a37e21a40b7b3e70a67f48ddb9c076c68fa7d187fadea436e735749f6bbb8dc7b169b04745c2f4919e91f6603931f976279cf54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a7ae1039b92fb6939a562282f7d358b

    SHA1

    f753f1aa02e43cc459e6253a8f4e00606ca2343a

    SHA256

    1b93dbbe8eebccfbd358d9be6c1c69e372a2de7cd6212f53f1b38684655bf565

    SHA512

    002b5a6175d0d52c0c4c3d26cdff98bb7d0d3bf94070c29db22cb5f2990d0c104b7252e38d92fa6e6029658ac82109811afe5d5c87277d96e50ea4fb9fdab571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ece1245ec5b4c808e22d514c4fd612f

    SHA1

    e40e9178e8701fa369b7d3831aca5d2fecf02dcd

    SHA256

    ac84ba4ac6e86f7a898090b397a81d907584d4492125b707e08f36882e8c1c17

    SHA512

    efb34ad826b93fafbfd44d68d2909d3673332d97a1721478ca0b636737c92cc964c0c091ead1d3f43a59da9699f1f6041ab8747aa4c403952900ad86f70bd9ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14a7482144871697bd896d68775632f0

    SHA1

    7ee852e4b6e000a628a5cd1153cadc1aa4003ab1

    SHA256

    d9c996fdd585ba056c95b94b9bc02dba2fea1285aca5c1dee79d45dbf0589a7c

    SHA512

    9d8aa7a9822dcd9f4af757bbd897a79ed1de05895114b75ba8bfcbecf0612182de12b341431113f8695b113ed59577f3600b8cdd9a7443642abc791c27cce1b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2aca260f1e118bfda959de4566aa7e48

    SHA1

    23bc4fdb561ad590c3ce65a072b395fd78914e69

    SHA256

    63956625f537f716ceed41471096edbedc9c38f624cac345fa41349359706e0d

    SHA512

    b6fb9799cc0a89cde1b24bd03fcb0636e3df8aa9b6cffef256e73ef108f6590bca74244c2d17eac3a1e6c7473c8ae9c04a7fc541df2339f08dbd2784dbe74303

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    ac4ca049746a802df7e1b99e1d7801d5

    SHA1

    1ceacdff6fcc7541bc374051d8dc7311fe9256a1

    SHA256

    73884b3607ae41bdf770df90aab2149cecf414b96735cacd9a96f373635ba06d

    SHA512

    f030a46ed6300eb8e3a5d6451c54afb1bdf27cbdedd69323661a7bf7f2f4e83e81e70b3da93aaba414b20c71783ec8a6acbf1913aea85367730a1778ecd19e31

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7486.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7487.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit