Overview

overview

3

Static

static

1

c119d0061c...8.html

windows7-x64

3

c119d0061c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 16:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c119d0061c7cad43bfcd18422697ca45_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c119d0061c7cad43bfcd18422697ca45

  • SHA1

    5334db37daa2a155ce4779e67fac47ac99dfe778

  • SHA256

    67be70f6e3547755bd042d8b8e820c66c0c47f8f5dbe29187c41f92045b8f862

  • SHA512

    287bdb97b2d06da3a0a8976f2d8630c4695f86b5a01da31930e0e421f01f14423ea30da6d15c87d977f6f7c4e6e02d1cffbb6ecab87b76eb4e729437ca5d9e70

  • SSDEEP

    192:uWHwb5nqunQjxn5Q/JnQieUNnGnQOkEntnnnQTbnxnQ+CnQtGwMB0qnYnQ7tnWYT:/Q/Um4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c119d0061c7cad43bfcd18422697ca45_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3f0a7da601b9d9351b35b26f3f53135

    SHA1

    798709e1a48231d0eafb45cd50ef6ece4f7ff25d

    SHA256

    3beccfa5696e4c42fab0e0d23c305e527af6919a80d2c25e41f3bd2a6d0e5a7b

    SHA512

    eebc4dea370a427ed538f451e35f50ac9f493bc8c8ad6dedf417b162b6c3fc7f365d7d83593939f1716bd4d72b25bd69caa3d7c449c4371a53c13df96f61dc56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27dadafa4f0e9390c698cca1e20d8adb

    SHA1

    44726beadbfcb82d9004413a0c80b77255786ef2

    SHA256

    8e44efb87d1e53e0d6a8d79c02060bec32422d5e08747aa1094d0a927f266a89

    SHA512

    1b7bc89a425578591a027d42a231660ad99c5587ee6f9c07beb0b9b38a8333573ea8e6d2413b20936e8be9cf8c4653bd37806d452aab0375cbec8d75afcf3aa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19289c883cb4990a04b16bd16bcdd78d

    SHA1

    fbca92e59566d86879bbcbad44942740f702721b

    SHA256

    4988a0f74b354e6eabb046902a507a8233d687b73e38d557f60625a0e32d594e

    SHA512

    a8de6504a4b891b133311a1a374f02158d61d34984ce89245793191aa6515a6a52daf8ae6b28daf8b1e6944e80540feefe701d334da1cc16a4c694717b5503ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6470e60b74c050707639decb9a7d72c8

    SHA1

    a69abe0cec159ff8d984f2d02ba46bfeacc131d5

    SHA256

    599f62c89d1e45e1a09605cf3916a6be047398bd7d277791f1a3947d3692b0b4

    SHA512

    1483a7475380a3c4fbeddb9835bf1966da3c3c06e20c8e2ef4940ef918e60d56c000bff6c7672e3b8942dd5670b19ecac7f1eada91a0a1b0a769c1e40de727d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    555acbfcdcfb46a3b218e60d41b3d86b

    SHA1

    6459e8f7fb01b01110aeec8f109c269fc12778f9

    SHA256

    5486def858345ef8957307f5c6239aa96238153b9b1dce03b3aa6cc7bef3550d

    SHA512

    e527f4a57874fbc258f327379ba8070591ebeb5d74c630f8e44017926556d581097370b79679da840793f35d05d7d2d1d9d13103adc19bfa47e301ff924cea92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2bf9cf872ee826740b9d1ba5e39972a

    SHA1

    ac889f706724dbee94b5967658f46cb1c92f98f3

    SHA256

    ce6408bc2e4db07fefe0f846506b33bd1969aa7ff627d353d530c6af63a6df3f

    SHA512

    61674fa90ed09c06fb703928ca3594be967caee2a73a114c20b9e6cc617c2d10422c23f8dea7369c04982c791912d50457ac22c84f22f1a4ab5c0e47a4c96010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a60143534993792d22a41dcee7c9817

    SHA1

    4f6b0e3c85b726df9aa760b03be2dd77963f3304

    SHA256

    5757e085fe5e1442ed35ba50ef78ba40bdbaac6331f4633573cf79ca5eb301c9

    SHA512

    402f82f7dcc6e846e04ba446093f7c8ea9a6c37a8a257a5e8c6b1e3cb2da985e58d09dba7e8114330f0f1c5d185ad4d6e79ffd500317bcc4efa97a00cb75ccd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db2bf3e2f873726d6dc81b9ec7f062eb

    SHA1

    6f1c6250cd312cd04ef66756f0403c746a4fe1f8

    SHA256

    f9b0cd6630b0c331847ebd7020cc09fd85b2a5462088fae56305dd16c594db98

    SHA512

    ea8f80bea4a84ecf6086582bb19879b65934e3059c7d9ab80f0196d5b9163ecc4ac1151c20d8950d222ad255c71fcbfda514d448fbf87dfa739644ea33aa7a2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98bba0f6cab69ac8b4eb8a9f7802db7a

    SHA1

    b05d47f3300028ea8cc6d0767cf25deccf27c555

    SHA256

    540987a69279480fe2b63256d10a27dae16d39e4da94e27007d78f5484d4b616

    SHA512

    f21e2f7f7c67ae0bd9bcfe0040513a1c207fe21836cf3925d6902c498e981d761ceb4ad49797041822fd9b9ec52e794c6b707057fb72bede4487028467ab1b8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8039.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar80E8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit