Overview

overview

3

Static

static

1

bfbdfcd783...8.html

windows7-x64

3

bfbdfcd783...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 00:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfbdfcd783a5a652a9742f44e308d3c3_JaffaCakes118.html

  • Size

    186KB

  • MD5

    bfbdfcd783a5a652a9742f44e308d3c3

  • SHA1

    8f5b5cc113b1bfac78636abb07f1bc4a46a68d49

  • SHA256

    6eff7df60600aea58bd32453c5980bf1a9ef624a40b7237313e0138361d25749

  • SHA512

    607b3e998b8d4a32753d53ce37e3de0e39ad785021a9d5e6ac1c7c627b8adf0d4bba15dff95c44a142298f732a44ceeb4518445a10a69f9b87157751aee816ed

  • SSDEEP

    1536:tDxg3xgry0+Q6SpAEm/s0syLZFcw76u3/QSlkANJNkqnAQdhSBqocp2mJeVUDDkn:tEW04w76uvPO2JNkqAKUwkY3E

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bfbdfcd783a5a652a9742f44e308d3c3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    260e4dad3af77279db7d4cc56ce7f10c

    SHA1

    4477c4e3cc8d2804d728559dc74a7a18bcfca13b

    SHA256

    5e58dc7cf1d439790f10a257a28d261a4a371f3db07b6ae0e18c744bc6d2a717

    SHA512

    9755344aaf71658457baa319b5344c76b84d6133f60d1fdc499e88ad87358782d7b0203557b723d6124e54beabcb504880766cc3c5d3c5effff1a59f77ad1350

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7faa4a544679ae62b93e67fdade30014

    SHA1

    1ac83f127f253e9e351f5219f512dfca54675fe7

    SHA256

    b4c803acf14e3ecde40ca0e4acc2f34bc707fe2523390adae61352433f921597

    SHA512

    b10dad1a3684fb1f1ce7abf49105e5fbc15207018fcc46e54eb975df4d9f37954bc720fccf9c7611f7008b111d8cbe2743008bf0ee1f953dfe0c1ce694b6983b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed659e6fdfbafe9fe75310e59e342d17

    SHA1

    29231b5a6fdec48ed68bafdc92a36e103f20d8a9

    SHA256

    ee74f154e845b7731d25fe025b8e62fb660b27e15e90f70df9eaf5b8182b1748

    SHA512

    73e1b49c91166f38724087c1e682c79edb61c49ededfe8f02ac1a37d9f42f31ac16b1ffae92d4c3c37ef93ee4371861c675209d5a0011f319dcb615aa42714b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c32c760c41d0d0ff1edee5bf294a766

    SHA1

    d8d9a335b2acb4697fad9514a73ed0ab774b0c0f

    SHA256

    28f5ebaefa3befe36b02078f2e5675e878ef82632bc2ed7681b47bd574191e82

    SHA512

    94de7ffeeb74fc5cc822fb89aec1e7bfe0878fe5ab3114493a04876bf4088b6e3124328b7a703b9dd4bfc128c5b8e75425c3e8729f88e625120cf904c7846504

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfd92f3b7aa523d215972850b1878dc3

    SHA1

    006cf49e318e8d1956d1f0369b5d594b3a36fa98

    SHA256

    c7a3f03cb82043a63f05915b22fc3cbb1f6239df281c6cd0a0edf2a1e9904177

    SHA512

    580360e80f1cf9148574c1566d85693b6ba92030cd55c18585a15b21ed3a2e45850eb082d98b096c914709ca4ad5b2772b33fe9a4e36638966bb24176ef499aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19704853ae79e3ededac986587408cac

    SHA1

    9718e82b0f3754ce4fc6ee626403bf1a5736a347

    SHA256

    fc03e74f7d8d13d91b5744689f1c564f0286db18d084ede74953f203c13e39cb

    SHA512

    32032a926419044822a7d93844eebdb5cab20a6dd504c8bf37b6a2f0b9b41b676ba9709a0de00bbde62d2f450cd990c725d3250d15aa25923415e7eae7556297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e801c9619d066fbdde15fd99f478ce9

    SHA1

    00a66cc5b982b0aab4ea8e5d312c45ec920450d6

    SHA256

    07cd9c9ecc12036d95a829819f0c204090d0bcd494b675708eeebb2c1fa89532

    SHA512

    0741bd8e3d10a2fef8bc4716083a3455a662cb9840a2d2da4907cb975069363f72081b7e8231b84a8f34e65933fe62fef8a894da707afab435ed44abda2a11f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a15324cf11c0e00a38be3488d5480ba4

    SHA1

    7423924ed3c1f7d675e5e3c325fe62a8cda1c58a

    SHA256

    0dc8427f4ebf598a0d8a2fbd66a335984be61a1bfcb3d06b19f2401f3488a23b

    SHA512

    3cabc4dcd582238049bad1ef2dca8b7f3ece8ee9d2a8cd749308e222c55b7d64c62f0537ab63f5c3932fce2f6f1ce233b165890d39c45c95e015be56d6551726

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\cb=gapi[1].js
    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\plusone[1].js
    Filesize

    63KB

    MD5

    65d165a4d38bfc0c83b38d98e488f063

    SHA1

    1c4ed17c5598a07358f88018a4872aa37ae8bc07

    SHA256

    b1320e0dda0858c87971f7baa0d53063ad2a429d232fd06b0067bda8b9eeb0ec

    SHA512

    abf4c755d88193e7e05398b6f934fc561d8e2adbee7d2170af399e145e54a4a8a93988e4af4e28d6240c0bd1bda7035ae97f67a85a471088820baae8d89f3d41

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD6B2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE304.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit