Overview

overview

3

Static

static

1

c1b519b526...8.html

windows7-x64

3

c1b519b526...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 22:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1b519b526008f731d870fe069e817f9_JaffaCakes118.html

  • Size

    3KB

  • MD5

    c1b519b526008f731d870fe069e817f9

  • SHA1

    71e4401832cbf96304a26f4a834032055850d471

  • SHA256

    b2beff186ed9e98ca85ae1ad20432d0b0bb53542169fda59c14885f3e1a93097

  • SHA512

    c5a23d12f2f37daea518c9f252fda4d8e81fa9d3b6ee6d9faf9a5290471d7c1a8aedd283baef8b52c13f3b676fbedfca8a02e3fea4560b105acd7059b17c73ac

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1b519b526008f731d870fe069e817f9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2784
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b80153e5ed1834824003efd5f6468edf

    SHA1

    7b19a070634b3fdbcfaa3b5b953b249c21c23d33

    SHA256

    9395c372faff0d531ad8f06d3bf798c5ec3a1055deeb0b6a4345a64175d19fbe

    SHA512

    2df945a416722dee7b40e3c4bf3f9ad391fc0d72b4460d52eb4e691e3db16fbbf0796642a35a531d3087f6916fc6d5d6f25d1101d7257c2ce616cf4b8ba55382

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23cec410cd250e7fbb262e4948fa8dcb

    SHA1

    4715c560066258b29a7dce06c493e7ab6c0dfa6b

    SHA256

    8cb341744fac12f1da48e5a3fa07ed8e531dc78c41d5e68d8654e64bc7329a91

    SHA512

    9ab766456402ad93ef4b1ce05603cf0574f6c72bf1011d419ae348e61b587af62bf33f2503a44d4698923b122d3979e364383bba0bbec48c3ab7aac2e2ebe5e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf42a562cde1e3283d9e8fcfcb72aa7f

    SHA1

    d19216fea055fd050e7d0bf4903bb8cd44b358d6

    SHA256

    715b29d55808ac1db08c7943773b7748e385a307656e16e24c250ad1f952a1f3

    SHA512

    2ca3874e4aa02efd3cca537ce3d058a0c8b692cdb8d0cc3f503efa22a5a5fa557aba6412dfcb2a7d13ad92cf2bae73469c49b4b0680b0aed418a9177e708077c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7aed6f096a5fc64b8679e078e107d573

    SHA1

    0df65fe01ce3cd96e08f70a4543b23778c47addb

    SHA256

    e8bc58a88669abc23ba5ffe4cc265fcfcc3a924f07283c48c03ad02c35b15cf5

    SHA512

    6003b4d2d8f65236daffd835068b65c9e21698afec2c33622f71139e26660a517a1afce9563bcbe8ea8c1c325db13f611cce85180ca9469c47f53f6e6bd0258e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAB8E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarABA1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit