Overview

overview

3

Static

static

1

c0893efb63...8.html

windows7-x64

3

c0893efb63...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25-08-2024 10:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0893efb63429b1c0b0ddce14f856332_JaffaCakes118.html

  • Size

    27KB

  • MD5

    c0893efb63429b1c0b0ddce14f856332

  • SHA1

    a2949e856bed5199be3356fa829e7f4d3a0c8ee0

  • SHA256

    ecb2e8dc97407574404afd4a1b7245455165b72ef214897336b46919ac86df92

  • SHA512

    025840c2fc867babf44946ffcac215df2f45ec64aee2a1934359d1dac9b275a5a6c747c11f629187a9e44fca4798d0dac3b44dff091031bfb543bccf55c704a8

  • SSDEEP

    192:uwTCYP9x+LZBb5nYLCYGeRejVF6vz7nQjxn5Q/6FnQieekNnZEXnQOkEntE5Nyn1:iQ/oIf6noSDsU

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0893efb63429b1c0b0ddce14f856332_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f33ce95574cf899f98e901c72b38ef96

    SHA1

    0175532e7084f57bb4c8a0ec126e200acfb611a0

    SHA256

    b23992402c95c24420558d73bb0f04bdd6f89eaebd298cb37e8ee7c8b9ea157b

    SHA512

    b0c95ecdeb4f596ad5b3f1234cd66fc4fd0116dc0922c61275d56cd7c545a13939dc47532174b6a4543e53fb303e7e5a78a1abd873ba8d5718eefeb30fdc407f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    928a830f5e26fe53e40d5d079c7bbde9

    SHA1

    d36c8ae5b9c6d350ecb6bdcdc7af7f8c88b151b5

    SHA256

    42f5f47f98289555ac3b2243d8cbcd5de539650f4601c4f3d9bbb8b8a61e5b2b

    SHA512

    dfdd2e817273b3fe041d05b0c3f8de8ac72e7a17e2a49451cacba09a657289dec18c39a41d0e75d53c66417c54c1a99dfe531935621802694788e07655e747dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0528c1cc03484e582a98880f035afb93

    SHA1

    8a835e45c38eace1cd8c8b9684bb8c61ed7279a9

    SHA256

    c8dd25df43cf78bf46b4f7a8d7ec2141a241b8576da4d3f4afd464efeb84ea83

    SHA512

    722592db9016d1548156f01cc3320621fe3562e69ea30cabd222c5c3dfaba64eb75bffcf1b5400a4f76a7a20b6edfe9fdb1cb0bb7bdfcb0a4e54f217196a598c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cccda4d418ca139d3a0e734527936bd

    SHA1

    6ff98e56a6dab1c0b9ea976dacc144a0936d3a4f

    SHA256

    93ddd52979fa241edc93b25e777df02cb3f9e9fc6171686d4203c03ed6745c39

    SHA512

    2cf8f3caa6434fca6970681547e0e28fac2f4f63ba1149660566f621275cc22e12c817ff3da666f6d7d902a9831f5cb05b60ffa37c662c925f3b8b7e6afd1f6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1351434c4586bff30134d65899892d5b

    SHA1

    c90eebbd20845953bf22e0c064451313328494fb

    SHA256

    5bc334f01fb0a291fab8e2222c0f7c8192350b764a1dc1136c21b6302328f827

    SHA512

    882ac66a787297c73d730a91c207922c1b2d2c1c36ba4d7df19c8835f22fcb2387dce8e841edae8e9c753f81a2f2c1b044fa5423755f36a47f6c5402e5359d6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9f77a6a1ab91743c9881ed66a19dacb

    SHA1

    eedd09ec49ef8e86246c2e2cd2df2db358c5ccd6

    SHA256

    2c63c4a644b0c2be03e3e64c96f2b9b0c4f1da2496ca293c5aebefb50f7a574e

    SHA512

    5e38fe51def454cd68ff26c9221d15ce4c744d30cf8cc2d3ff4d4c016d565fefc8ed873a1300d723b58df180ad83d132f08bdbf090d10ae1dbede5a7db00a616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bd3c41a05892cea9ca9771dd157eedc

    SHA1

    d2e6a5f998ba585a8f51c00f14b87bb5e038a4da

    SHA256

    d793525a716bc29fc2d11cfe645a885a5b7ed16531f73d15a180a712aa6c1b7d

    SHA512

    6cae75c6e9107c45fb100d044a21fbdb26389c5221199a71d6f1858b36128ffbf82a4b0d5411b8a34a98f4ff154ac88ed921019b473bcad9216846c22611b82b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8418ba2763d1d12cced8ddada4f5e2e0

    SHA1

    080448fc1bcdaee3b7e5e34271590750be6e916c

    SHA256

    217a7e1a553d538f09de1a8a595e81d092ffbdcf94df7287f2e113314652cabb

    SHA512

    707bd763303f52a09ddfb957c02c9cd52e6b72cb6f28ccb67ec2aa0fc21487419b804c05d41aff2a5efd64d556ebc7a2ed5d4d351475bfc1fd58df3d7a580f7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9B07.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B89.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit