Overview

overview

3

Static

static

1

c1aae88727...8.html

windows7-x64

3

c1aae88727...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 21:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1aae887270f38581319d462aa11abe6_JaffaCakes118.html

  • Size

    4KB

  • MD5

    c1aae887270f38581319d462aa11abe6

  • SHA1

    719e4afdb89834d8785c617fa47f3e55fc34f141

  • SHA256

    6b4cdc9cb8c34a15751f2d55d15f97f5bcb294ddfb07129006372198bc8af072

  • SHA512

    adc08472874fc103b860fb81e37ba1de7fce470fafddb15d6287afc84e93494e7547ddc5b863051979a748097eabf5c900d66fabc73981fc96ef18a5e3db3fce

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8oNQX+d:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDi

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1aae887270f38581319d462aa11abe6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3dc073d08815f093b6bc9e7ffe6ed8b8

    SHA1

    cbe90d5dd1de7ed2cb74050b1cef527ae9370f77

    SHA256

    8a90e693d82a7391b7daaeb57271ac7766bf60ef8f03ae6bff53357b7ceb85af

    SHA512

    0e7d557f17d9937b57fd17c7303a6f38c0b7014024585091f2f8dcc7869a1f5162409d176dc3a2f852f36214b8b7e5ba874f8dcf405c9b2279a7b10eaa5e17db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    281dd6234a62675d84c4a0e24c7ab65d

    SHA1

    80d21698d3d10090b63b2dc3f4b65e84b0d1c462

    SHA256

    e79ed3f73f1e281f1942bf9fd40a0afbd2a10c72f41ee4ba8e1ec297e4009860

    SHA512

    1d2295cce9fb7391c403701f1d481e4f7cbb6011a40e4a2c59b0f34d2aed01347508f3feb72ff4d70e566e5842d7a17bd968e22cb206d2738225d9a450924dd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02e60e89935643486b372b832c50ced4

    SHA1

    bc46fca808d90fda8c8a9336a4395472c2596816

    SHA256

    98b1a2bea9def94cfba9f598d396b2339a20841b8853bd6b7b2fb322f10ccda4

    SHA512

    a7b4e47e197b9215501e244e0521bc3f7b631f7b0f49cc9837853d1ee0b8c2cc7d6cb31342d82b45c349f2fd1a8dcde698c3acbed6cba34612b6a38b5fcbea2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    936954c614d7a36e0f9cf49c4f1e6dd7

    SHA1

    99f2bd6270c439ec75be30e12052f519170b89cd

    SHA256

    b6733bc24c0548052fe329efae5fab8082a97ecb41371d5f597cae5747e2d462

    SHA512

    5df8154d37aa1e196970aff9631677f5fa6b7d9a60c5892aea93b280263d3cba207fed8c42da97555fe0fa1d99ed3e7fcda38f0a3736ac8e67d2dc6d2bc64326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    798229762ca15318f89d0928d891fd55

    SHA1

    e5a76a689f46551661f8a82d1a969ea506ad7728

    SHA256

    3990e62055a255846390b28bf7ff97e241a427e0518f13301c976054d936f81f

    SHA512

    0464a418ef4d5521ebd870cd75e0b4266721dcf6a5d24deab9de976e2cf1a7541fd14fc7b93d0657aff020544b61c9ec3ceec6b82b62bb745fd7d02ba2663e8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ee3b0545e46bcdce093dc082c890f92

    SHA1

    ccb630c900d850e80b70d9265c28cae4acd7a7c1

    SHA256

    e480760bf4aeabe2d5120ac2dc4c97332c35d6dabc6606e186777909b52ace85

    SHA512

    fbc647282d80624243bed8b12e6a9215fcdbe438665e2d82d172d88deff566f9c665ce5d45fbd0d6c161b16892da067617da2fc36900d3f0ad4d7266b4577293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC120.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC1CF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit