Overview

overview

3

Static

static

1

bfe60a4407...8.html

windows7-x64

3

bfe60a4407...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 02:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfe60a4407363a1429a45111a32aa884_JaffaCakes118.html

  • Size

    26KB

  • MD5

    bfe60a4407363a1429a45111a32aa884

  • SHA1

    4dd0c0b70b55bad1c36ab76a524babd2eef9f137

  • SHA256

    e56698dc5e6fea59830ba6a99e6fc0f8760576f4082be42b5081023fad4eb8f6

  • SHA512

    e6dfe2deb4fc5cd1434c276a0ae0f479f815af39612d9d414f6f416dacfd6937e95e120739fbf2d9eb2aac30cb3ffb3ec26080e9250978edc0465e838ab6e83e

  • SSDEEP

    192:uqAnLGb5nROhwXnQjxn5Q/bnQieiNnUnQOkEntpBnQTbnhnQ4CJVevo7NtNFo+Ni:n3owUQ/5ygc+sUV

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bfe60a4407363a1429a45111a32aa884_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:600 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b0fa111d41b1ed036a1e536f360112bb

    SHA1

    5d2e62787f679fec9a040977861d5c92e28edb73

    SHA256

    9a405f91a68eab25105f5e76ff41cfffa832fc175f2820ef9730c6d0045b7a9e

    SHA512

    1d22a80d820dab3a67068bbb9f69dc1ee615460420c5fe107af81040b9661069cb7dd9624478a3916ec32408842ebb38cc13c171b21ce974dcfd4e3b743d114d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    68ab231aecd334a5303222a54a52ec5e

    SHA1

    995cafdf70bc2d731b87266b91f6c18d3c24018c

    SHA256

    3ff23877b4b0a6b6a7552951d00dedc6f8e9505ba43296a014b0b9fab45189b3

    SHA512

    b027337d75543a2158c00f2c47903a37bd166f3a420cf683538ef3f94cb889e079f16c9acd2ad2ef9a38d05cf6973935dd7b0609bc77e79a9decd249931cf00d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7c7f3b174da752a45fdc03d859a44ea9

    SHA1

    73797913363050167cd317bf62568b39284c9945

    SHA256

    0504c7528a86d0ca3fd6719c10fdbc0496b199e42da284b39ffed1368b33d334

    SHA512

    c7c5cdcaca952211b2a49f41e3a5208155f11a3075988d7f4ebaa52fbf78ecb8daf1aa96b577b08e6aca01d833b0d07e349f2d5a901b00b1e3609c606f685fbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1bf01584ce5e89781e51d1f1512a4aab

    SHA1

    218e3e880911d59713876023fa40d0db8afd3b86

    SHA256

    93f4e47f8b78a9d0d5da9e916be73f14195479b9f9f7d42e340c57712ce35875

    SHA512

    e71ef08085b917dcd016d6d193d1f7f1136e3153065a4fe2cd31c7740365104eaf794f2ea328b4dd65f1e7097a53bfda7d974a4227c8f82cbc1ae70c14fef3c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a3f18b6313e306e990ff92c9bb048967

    SHA1

    4f009e9c5f84f90864aa3610f52a759bc28bffb6

    SHA256

    c50f0513362707ab5e9aa83c10bc844555fa5262dc3dbd47d4e359a642fbade4

    SHA512

    c777912337c00fd7859d8065f9f602cdb71f8e58bdd79e13729419a62e7c1a26f71bbf5a82c1ee690872220600adb7ff2aaaebf2ba5371678b38b22b018bae65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2d7df5b6796bd265ff69230f66a9b222

    SHA1

    5c25d690dcf4f67cb856844f6c517ea214ec2a0f

    SHA256

    707560726adff53718f08d369c5402c22642f654e1e27994f0b11d5b25e5c208

    SHA512

    68f6ae2f126a68dc30a239375e4a9a70b4e383766a61472763b79b822f7c0caec6caee2c1475cddf20fa9cb3129bb1ceebac45965538b915babb6da001114e60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    94a9664df128426a5df227a0aa2b20f6

    SHA1

    1a324030e3ab61035c9d6b5897f2e9256a889fdb

    SHA256

    d06d8c9ee4c89f69d54869ebe7c710d6a89bfaf8680a1a8234a384b67f453ae2

    SHA512

    f345444098f7ea1a5c2a7fd585e2fa4e303bec1ca4cacac562cf17b52472a904eb5d927aaf552876425aa24774fc48d032665c1dca19070047bb1a34bb57f25e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9f7eeca5f9f7be0214b5eef4fff1cb55

    SHA1

    583483f99a78f08817d8c2fc27ecc699b1d7e189

    SHA256

    9995b5eccdef9921516c230bedec12a8593cec346a8247955296134ee0be39f2

    SHA512

    7f1aeb23e27e4510bf1dbe51231d1ab6c4aeb5e04feedeefe778c7a84d21043cafc2a3d60ef3821a86c57f1ab1d8186013c6323dce2d8fdf3fe8bb83839894b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    91d49c63306747ec8205632f5dc73bb1

    SHA1

    1e852a6e7a6075288489417faa1d745638ef4509

    SHA256

    dc65778f7b5f0869d6901b50d46cc759ffa4561df531867f48e5e99049b2cf01

    SHA512

    2ca9a8d365a5e51355c174f8701c9a904187c7ac5adc7f42162ae5f6687f9b58f632dd4ba53310b42c3883a50b56b15f8de3082b2fc9967fac11480297a65fe7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabACB3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD64.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit