Overview

overview

3

Static

static

1

c13fa3582d...8.html

windows7-x64

3

c13fa3582d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 17:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c13fa3582d9fb1a7c47142ad72814b48_JaffaCakes118.html

  • Size

    28KB

  • MD5

    c13fa3582d9fb1a7c47142ad72814b48

  • SHA1

    759af3efe2199389d165b66745b73597ae62c22a

  • SHA256

    5e69f9ee57e8dd0f85bde1a35b7ab20f56a6cfd9399e9be541fc388caa21cc7b

  • SHA512

    1628856366e7fb5d436638ceb2709dfd6edd5912990b0024c271cffc5dec5a7cabc14a552527c937705eeba9dbf196cea20d59c9286f2de653111102c1eb032e

  • SSDEEP

    384:SwlbHtUE/aNQnKBwGqByV1D5UcsA+7TGfmCWyC0n6UDwPCbbKsc45FJZZDG:SwlnniLqBw3i7TGeE6UDnKh45Tq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c13fa3582d9fb1a7c47142ad72814b48_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2576 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f72c056ef8953a1c26629be5a0df4412

          SHA1

          cfe3e358fead51db77da864fafed5cca0da8c796

          SHA256

          ec858be8b806590ddbfcd2db986a67d402bd1a9c921e56d00f7dd5b4fecbcf83

          SHA512

          29c635c5cf14ca823d705551e99f08e4e88b7794ab114112eb521ff7760ffe206e6b20ae0b6f90d40c2be64be18934920084af8e37169d4150ba3582ab7926f9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0bf5124dd661ea81b1f48710f09b2da0

          SHA1

          6b08c6608e32b9cb7e9612e6931ca918d0a3b0fb

          SHA256

          666e2e722b8843084cf05b73846ff79b361add8bcde6e0ab428eda6da1929272

          SHA512

          615682ce5b81ce897c7d2a9437fa27546072ffec600fb10c7da5a4d625a5fc9601822518d199545cad67ca9e6f32b2e033b30a90329b65a32e840d960aca8976

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3617d841cf1889960c154379e8eac82c

          SHA1

          110ea973c60f287b17d93dd44f0f13804e39fd8d

          SHA256

          0990bb6f6f342de8e9fb10d5c49c6f199076920daeef014f2fdb670a662e6fd6

          SHA512

          842d2ebfd2253659d697884300ec52edc00236a98d54a71eb1f73253bea366f4109d8430039d501a432e1d469505c46e26a24d4a3cfcb525b7ff0fcea02e225c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fe8b2f8a4db5a32fd22a957de87c1786

          SHA1

          9709eb8c5ca1fa4241b2d4d8995886c1165726ab

          SHA256

          35b646b3fa5eff778fafc32902e7161d0c3f4bdf64a323d967804e2b44cdbb44

          SHA512

          eef7b753ad431dbb594201a71c7f45f9e5c99aa56f094daf23ecbfe7ae87ca52db92741126c39312c54a3477bf9b9254b0612ff020aa45b0e5f611eb70aabbcf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          38a1a0aead332456caf82491f8fe5482

          SHA1

          02df31f9f93427cc105c973d494d1d5e6a9b3436

          SHA256

          f68c7e6bb313f484f27263746f7c6897ca30a5ddf8e4fbce278141c633c67df9

          SHA512

          be94b3fc9bb7adad2bca1cfb8cd44d20b746d00b468c11be0709d0ef3e5e98d51af9adb1b13b40a6db789f7e630ed956c7869b613038a4b2f9bf7582f26d75c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a594b5b7f5b4033e6c71f91b8f9e79f8

          SHA1

          6d4b1ead5f84e0ab2ee8421598eb02801cd0fe1c

          SHA256

          6ab65b2f817af795562d658a13f1aa554389e9f7d1256ad56f63d4479bab3e5b

          SHA512

          876daae1a9d8e3edd57af77eef2b91b0da2c65afc9c0f5c151b4e12c4933104e7ee5e30487ab29075a2d1be1f27a47a80e092b79f91ca02b1376e6a616fc44c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          35bcce74e123f160146a1c526348b9cd

          SHA1

          f5e6d4b031a60acef9d96e43c47a2f6a44359eaa

          SHA256

          a725675ffc7378cd788dbaae8601f6c3c8d9a4afaf2fcabd30a759bddeea3d8d

          SHA512

          c88cad36b1e6259ea8decbb9edf9715bf7c2fb9796c06e407ed51a39b1929b52eae8c3c813f6eb356113047f3651f74d95dec2dcdb0ebc9e124c575f2a1b4e6e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA8FE.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA95E.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit