Overview

overview

3

Static

static

1

bf08a792cd...8.html

windows7-x64

3

bf08a792cd...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 16:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf08a792cdda45701e9b82cb07f303e4_JaffaCakes118.html

  • Size

    19KB

  • MD5

    bf08a792cdda45701e9b82cb07f303e4

  • SHA1

    0facd6244dd7579e20b101c340b839bd06251faf

  • SHA256

    2e50da0b0e6e56ece0af3919b33b92219f1f99d241c7dedf10110ec7770ab68e

  • SHA512

    7252aac61426023f60df4c3d65b09fc748a1e5451b3894360764ff0d6d4452c40b4b8fea121029c771db2c2abfff6b80ac89e5bbf7e8a21d1ede1c8cb2de2986

  • SSDEEP

    384:zijZKhgES2BVBD8cOQ3RkBfBvGATemLxXucfIk99heVozVc9H3h:zij6S2BgcB3ypvGlmQOIk9SVWqH3h

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bf08a792cdda45701e9b82cb07f303e4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49ac0cbc765e1d3e69a5c1acb59e8a78

    SHA1

    9da9e8656844d302a542ef32e5d1ee7a8453240e

    SHA256

    5e6458f95e4707e54caa081defc47de799bacae796ddc610092626ba0a11b41e

    SHA512

    5442a283b54dae4085809021e8e96a98a1898bdfdd7386d7839a45fcf12535c49ff121cbc7313aa34db37005b62e225053e55140a217b80398851ac1c761f298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff71fd1bb79482d687d52aa80c27d3d3

    SHA1

    e2fe2b4d87d2c210b99dc6b1a922bac5a388763c

    SHA256

    4c35378201bddb3930d61adc681d4f799c0d6ac87fd06c21224317f07747f57d

    SHA512

    65cbfc777e94e467dbbb90e946574f04ec6107f1e8b632fdeb68dd1eb02eb5b686c77d10333adc854bc8e5cd708c9b52480395985c8073d9ab7514a0f07c25a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41bb57b0af441853d514d99562d7ec1c

    SHA1

    e3e37289232f7aafa413ce3158a84c6d8d4f0383

    SHA256

    64aadc460e1f1169143a0255d42111b0e5c1ea8165b471da351ca6bf7d0988fe

    SHA512

    b6fcce6dad95f2d8468211c572c2a14199ba091e5492d62c6b64b9c6abf21a7fc6964453d0c83111fe3ece8a6e77b32de7c76b68ebba2776f08c0670332ebe88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1728ec340b0dcb3e70dd52ec5006542

    SHA1

    fa0a5c2258e1dcdb44536d121fc9c1e41b84a120

    SHA256

    f59f95b61ef7e746e3484e3b4a017f345a94da94459372f527cc535f98982247

    SHA512

    08f9429bc3363012e98e2ad3f49365f3a1bb7f0b99e425381997f0d95505315ff414c2086d4d5a908a7f4fc1b003a519712bd55d75e6ff99a2b1c0e5786a0fb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d6b510561ef6929c83566a3b18ded73

    SHA1

    dd0b50b9e3f0af76ca7720fcd6ee57e29ebb19a4

    SHA256

    ffcf3ef1882f400950bc44ab5d8e9d9463eb73bdcd07b5e89e1af32f389d6e88

    SHA512

    fce07c7fb0dc5969163e6c1a636fa7c4e520f448ae4a34ed87a54a078f7587e2cf18184ccc51a8ebc1898fac03340162ba155b502ef7abc02be282bd2f4fbbd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87b838fd387bb62592813f99506260c9

    SHA1

    afe4d80bffa057980a0420995aec3564e34be052

    SHA256

    a1f568a19527f931b8c74768d89284dde1f291524867e3e4edb2a568f213d673

    SHA512

    d7199ae36bf58672edd60122e05c9d3e8bcbb3dc200661e9e8b5cce934aaa7c4701aa40376d6299ced9a993d0d7e8dbdf442087698569a4cb9735d9bbfefeaed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06fe387ebbed7a2f5bb672ae88b35329

    SHA1

    b31b5406bc124df61721a337192afcf903ba0dc2

    SHA256

    f2e6f9d7d254d5db55066613162a2b29929b68f1bb1b8a64d5368faa1e2e2222

    SHA512

    9c438dfc8133b1cbd9de2d2ca9e8d5d91fec1f957c6fc0a5347befda55791c9ca29a8f16d2a024fbc9fd326e9deb6a2596b25172c27241a2b1efe15ff4356874

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ebb9622166b9ba1e9ae3365d83e407d

    SHA1

    e604dc990e5480898db18074e573721b98c5af9a

    SHA256

    17e131796e6771586d98bf77eba1ffa1b2701f10f1a56646dc9f33125cc9983c

    SHA512

    496467b04d37c04f9334155843ffcd934bd2d646af61fc277361456421e935a0b421a13ed3c8adeb820d19505c3779501f9e846ee413e4a8ec5a6cb69bb87f71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40f64965b8f1c6639431bdc4a6138819

    SHA1

    b49aa34e5dc5e941d8890fe66f28df33334ceace

    SHA256

    585d1b515b64eeff68a9cfff254748772ebd2f56ce3d02f89a19b3cb72d59f33

    SHA512

    3c4753701c7f905a76c354e5bd2c2c43bf4aa64de189fbccac9ba873c954ed5b03624a64a1b57449c4644f26662c83ab00dd00ee52472d6b4f2d114742546c12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3084457365e4307cf19fb708011617e

    SHA1

    91b071ca0bc009637075d344ab9b72f686daa425

    SHA256

    8a6f59b5f14f9b4954e860c19cc9c04470bcaff5b272bbc08b2b90e07630b26b

    SHA512

    e7ec3e030637c2b680c25f34bd4f2ab3b324b1e8274336753489a7dd6b1edd8ef5fd84923ed94fb0a973e8219316c3985d990c1054b5c9e260a030c5c9653919

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6154327716b4b6aa46a176f274d39a4

    SHA1

    6e7790569b605c0f3dac64ed5a5b7680cbbdf2f4

    SHA256

    8ef20bd2793a921704cf8800bc8d4dfe379be391c27d41a2584cf04f51fce47e

    SHA512

    081467c5488d4ac16a694fb906cd3495d40573d23eb46561a302c614a9dba4ed429263d9a972b0c2332f77f9142a95e20b73277575d4d28b4cf596b553b6ef9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4410b67132069cf2474b28ce7add3c6f

    SHA1

    48871575ac03754ac5325f8c555fa784a54788bd

    SHA256

    846a61440cc42a05035a24643a052b247bed14e22e73859cc061e79b1083d732

    SHA512

    9ca183b470fbfcb8bf813af488067dc49337be6c9e64c7e44c05355d368e1b6a08799802308bd7c44140876dc2f7016e0cd5d5bcf0c9585340f0265d2ab33300

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    061744b8ff5197456fbe74a416a9ba0e

    SHA1

    24cfbdace6f31ecb8271d5e184e63c293b28a67b

    SHA256

    5186db3abcfa95545565183185348106191cb2a2eb022e7cfbe878552f037914

    SHA512

    760160ceea78db0737a891d3be96e993e3beb75fc9944898345b2089374bd7b20422e431463ebdc1e9f19d06dd3f6e8e27edf0fb512707bd5207c417812c7638

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab400F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4022.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit