Overview

overview

3

Static

static

1

c0614479d0...8.html

windows7-x64

3

c0614479d0...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 08:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0614479d00db5dd42b86eb4c2ac2ef6_JaffaCakes118.html

  • Size

    26KB

  • MD5

    c0614479d00db5dd42b86eb4c2ac2ef6

  • SHA1

    b043d2f67181b069374e3d4b77718748f12761f9

  • SHA256

    0f9ac3f460ed97a39a5c721bef8b8c26f69132f83d7d8fdc73b3674d848ea4e5

  • SHA512

    1b50dc30f5d0fd0ff5eae3be2a2b8b53f5a792459724df66bf8090b06eb8882267d232a7131445abc5b7567ad07e325c723433a795d89c8efe078a967542a4d5

  • SSDEEP

    192:uqlSLT2b5nYSXnQjxn5Q//nQieGNnUnQOkEnth9nQTbnVnQUCJVevo7NtBFo+Nzl:nlYQ/RygcyEEN0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0614479d00db5dd42b86eb4c2ac2ef6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    12273404d3ea4ff25782656ab5df174e

    SHA1

    e1526af9432e06f9c6111ca61c56958e01957817

    SHA256

    9cfee75e342f46e93e8bf54debb35a683b777568a67a04f2a9b392f42c6844bb

    SHA512

    e8b65a29e8f76eac6cb4eb0868743a7890b4212ada572c2d4f515793038d1beca81b3510ee90baf972974d21a531741d10004028a3059a214d424eac9138b3c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bc1eccad0169af0b85094f075501001b

    SHA1

    9cb39c1964473fc9aade815b17bf33d044ef735c

    SHA256

    2b6c501d756ad1f0db673ac16ddb2ddc1cf2a1c9f30eb8abae00c0b4cd285f40

    SHA512

    2278f346b197639841e3905c9ffe7c5579a0bcda140c799b9e0957b8963174f7aa6c191f01d8d9e1f37661ceb3d0cd3a2beedcb7dbeb5771651432fa572c98f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5788e263e7ce153da59f23c03b2176b6

    SHA1

    42064d31a2c8423995935be8cf3eec4ce6feb139

    SHA256

    0fa8aea05644b6e19f858d389b8da93fd4baf8b056a0cd4c003b8d406e386045

    SHA512

    854fe6447a85eb6bde0711876777c8acfbf9c27d0a346b3c89329d0ad1bfc1a372945de86a2ad886c696d8f493e776aebc5ffcae6472c601f929b1d82556e431

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    49a18604cd9c5fffdd92c30e7f2bd1bd

    SHA1

    2cc6574a918e1b1d822b799e7fc3cb927985294a

    SHA256

    174783281d585b3b14fc62e8063d84efdabf8c6d6de1847bc5e1df3d656e9741

    SHA512

    76021554bbb050ec76e0834e9c481445d029b03d098879c04367677d63e185d5f33e8e2b7617d7bcbe8440e300a0513870b39248d2fa889f6330a01ef8a5bfac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f54a23bd5973ecc83238c468e8f6348e

    SHA1

    a96c41e66ad005ea53364a80f850730c77352d69

    SHA256

    65eeaae08529602f6f8c9b9a28f7cf2a1779384c03843501f062621d55f3628e

    SHA512

    7b03c0b22bae7a94478a2654f83ee144baa42b7734257fddcb01de93c63d43c488bf39749aa8fd2d400213c3e351be78f41b8eb2e1c4a071971b3deb6706248b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0efd2868c12313e47fe4b3377fd78fe7

    SHA1

    1497a2db19a1d7dc26960431f6b6c8662af9e0aa

    SHA256

    6e318e66362fb988418d4bfc8312a03995383e4dd2bb44382e9dc5a61fa0a18c

    SHA512

    b01008f3e061a40abc6f9d2e0ec66a19bb61eaf7f80060cd3756d58f21f3c47c861efcb8e3743ea19ba7aa713236b6df20cf5edff2b6168cd1e29c0abf14bed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fc0a499a2da01cb829db2f81022a46c0

    SHA1

    2b4f49066a63405f3b3d03673a02130ee3842734

    SHA256

    895fbd887db296e29c8a68442d31ebe909e4a551f05d23e23de47ea2c4587859

    SHA512

    713e17b2d46cf21cc59c43f92901fe287b9072af369a76620b67d21252986fd79cbd17fcc6cd1e06c49053d1f9bde5ea14d544feb6944d31802b6c94dcb9c2cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf84507dbd1f06317ab1b8e7c79e28cc

    SHA1

    99fe51480873aee3f3f3d63533ecf9ec8da42fc9

    SHA256

    a1d22affb8983be49a297e822f2b88737ca0d4ad3f3df2a220629fd238e141be

    SHA512

    fea99966b7fff02da33be9479c3e35b9fcc6161d1d5b2532d3cddc3794d90e18f0a264f90f9b8416177c29837f5c68557db8d5142935bb7c27cb3370fb274305

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAAD2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarABA0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit