Overview

overview

3

Static

static

1

c0e38e083d...8.html

windows7-x64

3

c0e38e083d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0e38e083dedfbd0b8e45279ecdef739_JaffaCakes118.html

  • Size

    43KB

  • MD5

    c0e38e083dedfbd0b8e45279ecdef739

  • SHA1

    958ea19aead24d303f6ef8db03dd92e5a2a3bd4a

  • SHA256

    d99074f60b97fa004a39c9e2721939dd624703a5603af60005011710f9210a04

  • SHA512

    b3b1364a107e4eeff37112d692996ec9d624dd81092d3469ef101130cfd5e71e242b8f3b0afccbd5c6cdcc91c39292fcf7ec093fdf0752069067f4862ab9c7b8

  • SSDEEP

    768:UGcSym6pIpBi2tQPI856gG0TpEv5Z1EUh1NTTt/Nh29rMj5:UBepBNtQPI856CTpEhgU9nt/NsC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0e38e083dedfbd0b8e45279ecdef739_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2156 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    9a0124f0639d5e64b3638f2848d392bb

    SHA1

    20fb645a10ec490aae53aea1b326bf288f095098

    SHA256

    42d8c44771c13321612700125cf44b4289af35b77d1db367a4759f2067fe9949

    SHA512

    a043708a12a3ab50ec2d53c3fa24dda4b7fad1e70a102416617eff0bd90e78a64f6816fd1228935b1be86062f0565d0790f79939eae8284f7730f30feee9055f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed0203d51ef06d957f4fe8412c0c07d8

    SHA1

    a282dd53a3fea3f646d0a982c578c8c0d82270c4

    SHA256

    35e4f6a18d7ed3d2a969dda767906a361962223e8ee3443c8844a2d6028a23e6

    SHA512

    a7cee3fd9ba3339121a3ea4baa7174bbe07ae47b7793d3614dbe63ddd4c36b9b66f8038b06b4c9bd2aaa9a3fabdf54e72586117bf66eba02bd27fff252d28645

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2de77f2d35912217f87aaaae6a2b3dc2

    SHA1

    1a5c1b51fedee926b7c132bf6aead227b281aa6a

    SHA256

    2a15ddcf4e2dea31a3db49f3889d055132ebc71758e9db5b7fef5f6560ed8233

    SHA512

    925b9f1e66a6efd539f9aabad3eb77f88f1575961071ad346016817a9e217225b9b4f098b4b90bbf11bed3d8df988454f244c3b273fa35a2bbd90c1e3d2c7b41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef90f5e72f1eff9b9dd46078045da2ae

    SHA1

    5f833efd282bbdb819d6e15bf0ba0c811d51cc71

    SHA256

    a003a2dfdf472516c49afbaf2a5a4490e1c8880e5757afb6ef35c2ff33413c1e

    SHA512

    eec734eaf45922ca09ba51b9af598f4bbf5d8cdc1671d5fc0a3684bce16e4d55c1a7619f2ff17cf3bd38e3e86cbbe22adcef0d1fb0d6dd2181a67dd4f486e1fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea9f7179fe5bf5de716bfbbb444025bb

    SHA1

    63172fdd29d5c0e0ad1437db12885a108e639b58

    SHA256

    18a2d45b1e31ecb690294d1398d41cf38ca36741cfbcf38a28c923b7afc7453a

    SHA512

    4291697732f2ed7f1c241b451d7fe37d5b9c0dd9ef9fc481a0e4971eea6455902a296b6ffcfaa6a0249758b797758da5e5c446b7612cffa07e55f8e7f1d378a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67bf47bb12fb5144002e7d0ed4a457c8

    SHA1

    5111e8127cebf28ba504064a0ec5b78a04d994b6

    SHA256

    7368321f33841060b8edce0302a63465929dcbcc70c89b0a6b9971c4982b5b55

    SHA512

    786a2fcfcaee2ac0c8acdeedb83ab467e15dcb7589dad348327146ed9bf7de749c31695457d7806651d67cb5e65bf4b4e4bd7f66fa356b4878635613751246ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b218a203e0321613138a83224507a752

    SHA1

    7c6b0c7bbdef32b4b9c674d52b037d92d0a0e87e

    SHA256

    249154dcd8f99433ffb26b75ae1fbd297e3dff1f7126cbb063353099be6b1d02

    SHA512

    6891e35254c27f524230d4a3be4d7fe8f4776d6ae7525d1a6ba678a84b3631f235d026b4fde780f97204e222640cc2f13c5de7d3b8140bf5ef6dfb378dddf33c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6777de6f14c2c92bac3848ffce257a9

    SHA1

    f8e83dc441f9878338deb0a841a096b9aa16bea8

    SHA256

    7845f4c828c5b2d5ad0903fcc8b0ece92b0e8a121c77d965d0f8a14dabc42717

    SHA512

    c1fb261a3b5bea4086abdaa57afbccf1e4a42865b02237585d2a98dcb119d671036b4e5af3cec162f074ca53cd825ddbf929636e53e4318ba7318f4658553c7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a86ffd306fefe62d0b97bf960104cb21

    SHA1

    211fcbbb06f42d806eebb8ad123594436e98eeb1

    SHA256

    24605da7ffa7483db58a6879fddd24ac4bd89fa44a1def4840fbf3b6badbf762

    SHA512

    e78229414d4e4aee2feb01ec45eae4d6f3a347fe32bf44504ca209ac004e531c33e128d76d4da0db8842657f75de5e59fcde938717494c94ac4ee79bd7f4a605

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31b040e07e812b895259f2f9e8db1870

    SHA1

    de9900f0c5191567a9a180e6b88a8e284bd523ba

    SHA256

    a0bfb4df7678019f6edb06c1179fb85998a4a87aa2c15e1ab19c2c2a8bef617d

    SHA512

    57673659396e62701d6fc6f16f5841b43781b1d1fd2fd1dd821ee3bad74b780777864ef35892242e7c19abbe2b8ab7b00e471686bc8fcf82cb7a0e36510b4893

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL24G53\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\platform_gapi.iframes.style.common[1].js
    Filesize

    55KB

    MD5

    aada98a5b22ec7188655c2c17a083c57

    SHA1

    7c3c2fb8744e7412d8097e28f588788d91b9cd9b

    SHA256

    f2f09baa213dd3dd95edb5a30c7764e4a44d9a79c0831f90b1ad8ebedec9dab8

    SHA512

    a780aa3b9e36f61be8240487e75c19a96fe26d54abf9006680a00af9d1d394e81e517f0bbbc13edff3a7190679260ecd56fd5cdd7c2d2f416ab8982c3277b953

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\cb=gapi[1].js
    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9FAA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9FAD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit