Overview

overview

3

Static

static

1

bfc0d93be4...8.html

windows7-x64

3

bfc0d93be4...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 00:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bfc0d93be432b8f0ea4bf393510b95a5_JaffaCakes118.html

  • Size

    188KB

  • MD5

    bfc0d93be432b8f0ea4bf393510b95a5

  • SHA1

    d6bf2d5df057d86869e40d2964f5749d8a03dc38

  • SHA256

    1bb9004c141c4fc5e3e7db7dddf17a9108b812898aa24bcaab4054e8710916f7

  • SHA512

    f743570fe03d12c91cba84ab466bc1a4f3660c1e10ca3689cbd252f1337052d1466e233c37129ec46d537dc5ed93b16f4abd953355a04feb7d307aa21519dc0c

  • SSDEEP

    3072:SjclceyfkMY+BES09JXAnyrZalI+Y5N86QwUdedbFilfO5YFiM:SjcssMYod+X3oI+Yn86/U9jFiM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bfc0d93be432b8f0ea4bf393510b95a5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          cab5cd25078c6870482e33eeee1b4d94

          SHA1

          f61e87ab548a94a3a27529ca94d3cecf1f2cbf9f

          SHA256

          ec13a74916afa16e6207b6aa5f0ba8aabd02a9e61a3586ef63487e3639c4ec08

          SHA512

          e456997b45eb7cd3bf0477e23b1068848cb721036dcbf0dafd11e08bb498c170094a11bfd3c6cbd6f4c854786edd928b6dd0eed947e0ccf271e06b3a3b94e759

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          bf75e3f6aa4ef261d81b6ecc6fb7321b

          SHA1

          1a126fa0902a7d1c4521903ffd7951b4ddfde8b6

          SHA256

          99a4f27d1adc56d70b9e878faaccf1c136135341b1af33cb015fcd26db1e5dea

          SHA512

          3b5f8d7ed9faa4f55b0dd5b2736725233a8965d38201b250bf2dca9e7c8a12471a2782dcee827aaf5c531eacb974941c3b032b218653c8704bf74e1a316f7c68

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          5c18afa51f436c5c9646e8888508acdb

          SHA1

          51974d5894fe60fe977226edb41616c694bedbb0

          SHA256

          5c0ab7be532a90d053203b29ebf22de54d7c3fcdd5e53878239659bd7acae726

          SHA512

          2eb3c86406989f5dfcecd0d2b4b5836ee8deec48e769e0a44b4eb5b0f7fb4ac0473901de14b82cdbb19303695411b3aaaecafa4790253bdb32210746f1fdb397

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          216f916eda2cad9906669d6bd76e7c3d

          SHA1

          e6ac867bf5d538d93b7a97a4de77bcf13eacb34e

          SHA256

          fd1acdaf3cc0137b34d1b7460a23f3eb8a3352a60043c1c67ee8926dd52b6d5f

          SHA512

          2031270cd2586ecedeac1082191a356d4ce98f42b571b810a28b3b12adb2ea69c5f7c08df4d8e1508c1ef732908bd78598672919b68672e182e7e9a1b304b03b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          e0d3919825172e18f1a9d0de696c9c84

          SHA1

          fbe896915c7750520ef2e0b11f545009ec846357

          SHA256

          e303a2488005f2a782af2ed844ecaa23520bedb98ace24e26c389c90f0c5d1c0

          SHA512

          a35278c00949fc28bab7f7ac72ec05582653c03610d704199377a4b6215b96458b27d47daf945ad183205f38d331ae13cb8eba4a004fc095d6eb15203973f83d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          ab3ec23ce64355b33be7daf2bcbf5e53

          SHA1

          5ecc8d2bc76ed8401ce366186a4f442bef114071

          SHA256

          36b2530fe383fbd15db743cd620ffa67b760506c1c82cd5253699a0e81cdef96

          SHA512

          433d00cae4d60d80e114581321ebebe932df5fc9089b3df44e914d6570d6e8e5bdc0d20d2f0179530422977ee07ac256e38c769d7c1c70166038614b8a0912b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          e318d992ae076463833c68028d577494

          SHA1

          626714ca812149272691994c517afdb42d40461f

          SHA256

          7d9bbc3fd9baaf94bd2919733711d7b20a4b161ce5d0566751e4d44ac9b0170e

          SHA512

          a50c3b681c6533c959df4811f8238b5f135609bed916e3ebbd61e4d643bddd35939533bae30d9d0910ce097ca6553016a75de67c98a69b00870088bf0c8494af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          436b2069a8bf3db98d6296c184af35bc

          SHA1

          956ea6987a4e84a1ebaa25722f458554a293cdd9

          SHA256

          df7b2e1d9ccce7f520193898d62fa9c7fbf5b722c0cd5cceffbc8003261c506a

          SHA512

          47727ec18b763e0c0cc44cc8ecbcc853a4d9190acacc55393cb2d2d220eb8a9c8dd85d0dc949b29684fb6b2b2edf5d4ef1732d1995d0a0588c0367f7a43ed00a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          ed66fb03925be1fdf844f5719b58d74b

          SHA1

          9be2148fc22f9f9b7d77068874459b5e6a715681

          SHA256

          f7eb17ff689f7f42d95258f2fb3aac236d719b10b848f061ac6f261c0906dee2

          SHA512

          ec925d78ea44c618149259ca473979e79b5ad4b57312aabbe92dce2f11416b4bf2ff9c7c3b136d8f3fe28f053617fd4b967b0cb3276378c8a0245fce121465ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab670E.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar73EE.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit