Overview

overview

3

Static

static

1

c125ef40e8...8.html

windows7-x64

3

c125ef40e8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 16:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c125ef40e8de91447d14439cc68618f5_JaffaCakes118.html

  • Size

    41KB

  • MD5

    c125ef40e8de91447d14439cc68618f5

  • SHA1

    d87b8a322e8971158ef1978462ab8c06bb37397d

  • SHA256

    6ac634baa697b9311407d0e71e19d52fe4d1828af15ae6ed8b8049d3aa27ec9c

  • SHA512

    4ddc1630065df56b5f85516751c2a5638c50a4f34cbea8c5c22f683fb004ca2f8427ec5eceb81c36c9deb27587e8141c8989511a89053739dd6c41149c4d4c1a

  • SSDEEP

    192:uWzRtb5n+BynQjxn5Q/UnQiePNn7nQOkEntgKnQTbnRnQpXCUAGEoZQhNqoJyfWY:oQ/rPNQL4lg/m84qk60VZmQqu

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c125ef40e8de91447d14439cc68618f5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2756

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ec5dc09e808ab0851ba35db1d74525c2

          SHA1

          78e56f9e9dc2a993dc4c96c974a1c54eece084e6

          SHA256

          aa8f7d8a6aa87fe2c6e8d74fa742082dbc0902106f7ca87a4732e81c65efd38b

          SHA512

          4946aaba7302490fd4d5dafa145a1f9bfa278d83a9bc069e26554bde52f3d38f3a431d4d5735c91a8aad1a005c0575f457071724583be2ab4bcae218b87a7430

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9bec99fad83f019bbd06c1aead1f7318

          SHA1

          6809b2973d67e01085e7c68570fb2ad80c50c62e

          SHA256

          e6d5cfc987c363a9bb89de8dff10dc8365b34db6d1ea73c5d9ec38d08de38716

          SHA512

          e49129c2b2e7cc1883ccfe206a80cf5cbf46ab7a84025b26324ac7b68e1577c0d84a9e15344c2178e8a28e93610acc1323f359c89f9ce9a3d5d4691beee92997

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2783b151d4f2848fe4620cfc90331174

          SHA1

          0a46c99ddc67ead5a1f7c50aa7b18cb4b467d2ee

          SHA256

          58a3ce524e469996d87be545ee6ca0210f22c9b8ff86bb08c62bcfb8b870ba9c

          SHA512

          108639430364614207bd440ed51a2f10835221d6576c5c853715ee49fa2ba3b2c159c974ff61f1ee09a13ed90716254eeb5aacfeb34719ac7a35be769aea9f33

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          97e5354a4817746adc3fae14761af0c0

          SHA1

          e4076bff6162ee10419119091696b065d2de22b6

          SHA256

          2042eae3f98d26fc490f395812fb25cca7417635df6ef15aa5f7309b5f7d6974

          SHA512

          702fe4a9819042cbbc10f5065debfe81aa1d535e4194200c2a6f02122177b6b39e282e85e2544ee4b64cc7c54165f53a51300ec45e384777abaeb63332ef4329

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e316ca6d25e4845e0424db6f447f39c

          SHA1

          f9c6ab88dad9bb8461a36288c83e60fd5ced6486

          SHA256

          1740c21ddd614e382097df480157a494dd10332b675b47e507ae03ec467c0d87

          SHA512

          edd4273a0dc0ab1a15fad86933291c719aeb433ec64e693c61215cbba5e78f4fe9261b4fb1ffc608da04a96703d085a99843bdf31286048aabcab2486bacace2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          41925fe4b771dd39433b13e177399fa5

          SHA1

          eeca8f72aad15ff902c5cf133e53b1c37509a72e

          SHA256

          b924863bf2d192ddfcfa20f6c1dba67bc3f7369ceac32429b8a0c40995bffb79

          SHA512

          b6c9ccb2d6bb300fdd0c2ab807961ae22b2563ab297802b765e30c6dc4418429a1d7b9643bc0773cff79c0a4636b95016f82f69c9102f291a90e15822ad667b2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2e099c6aea2d3228ed4bba9453aab88c

          SHA1

          0e19d600289b4023a8cb256668fce8a95f1d070e

          SHA256

          420332c34ab7a559fd77dc7158ab1eb82018d98ae9a7608ccdcd14d163095616

          SHA512

          82ee28d9bea0e0b6b38d1fcd126b1b716cf1589448eb73b4bdbf93c91db3a9bee42be7ca1c7f7f5a0b6f6ee45b3f11cd425f59e619674217656ba460c5a4d950

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          49df583a35c23375c0903dee420be58f

          SHA1

          c2002c1ea87782e2fc2ce49607711666eb454514

          SHA256

          8e94f8756a24488e5de00bb24d7d5f877431b6a7b46c8599af24ff750b8b439d

          SHA512

          e9337c98644e3bed7be72d1b6cc91a9b7efbb37f2ea5c8fc452e9a8c7b2c506914344394c741c17ed0a0ebc35ae4d1526d8260b893a6690ff5ac821e8a7b1dd2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cda48d9e08858d4db7478689985827af

          SHA1

          63b4aa508b95e615da3eb85ea08ea3042d118b2d

          SHA256

          1a9a2a68819ce0a2947e286d20ad301ef85d3f89e6255d5d0248cd80cfeeef64

          SHA512

          51ef22f19550b70c2df5c068905d5168ad9dc298383599963fd9b690fc7cf2da5825da8330e8381ddd1ae7142e1ff523917e4efb6cdbeba7b9dd1c889a25d9f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          18806139526dc648d78fc051df953b14

          SHA1

          cb852ee73bb4dc3cc11dda6412f3e9ede79de533

          SHA256

          229c1b202bf8002795b6ea058ec342f7e64369a3de2cea1a53ea69b65542e670

          SHA512

          b5c790cfc1896a5ca86d6b6f66c7e7e78a4019815180b2b5637450f8a19078eefbf502dca3cd4571a2715cc4cd1ebdfa76400ee00b5cb6195f5744f9f1c4122e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC81.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarCF1.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit