Overview

overview

3

Static

static

1

c1e10fe441...8.html

windows7-x64

3

c1e10fe441...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 00:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c1e10fe441a5e4b392a6f57d2a100e62_JaffaCakes118.html

  • Size

    181KB

  • MD5

    c1e10fe441a5e4b392a6f57d2a100e62

  • SHA1

    e7b644db6e235e06b983f1d485549e981163b982

  • SHA256

    94b6a4b891a8a96960f6153895320f881a978e6db54cb9b03f7aad04d4e8712b

  • SHA512

    caa3354619a9f176eeb7a76d437d2d9c63f700068ff46ef13f98f4ba2fc42ec4e60803b527dbc15eba27ef2844eb2b5818e301e2a1f98f5e652e55d32f3ecfc5

  • SSDEEP

    3072:m8dsfTyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:m8dsOsMYod+X3oI+YS1tA8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1e10fe441a5e4b392a6f57d2a100e62_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1496 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9fe7a7fdf81f0236b6f65db332b37b7f

          SHA1

          dc5f1a4137dacd5182bc2107c64bc56c56a92864

          SHA256

          ff8912d2ca209fd9f2f920b322514c4c296e1642bcb5e8f85ae2e1c9fda498ef

          SHA512

          c8d4e687770378454fea27dd29a365d2923525d418308e0c707f30e3f55067ab0c153e01d80077fecc9bb682b8c347d51d137782c484c4e1ddda013b7236145a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          33f5d402eb77c6e62eeb65260b0f4077

          SHA1

          d779797c7487f248e4ba32a5e9eb4b37e9de9acf

          SHA256

          7afd3c24b3ff68b7906239ff8976d4f709cd644a7ff06114bda71812dc58f70e

          SHA512

          3b03a9a4a2cf82c0f1921672d76ce1cb6fba0bb95a49e11a557db5be256473cdc7bee6cde33845d42f6978e5411f7fad60d126d1f3ffeb9b6a92622e35914ba3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3df4b9eeb57335f813126990e1dd2e5c

          SHA1

          22d9ff6f2edd5119b74f1993641c96dfec338568

          SHA256

          745923c24abb7eabf07c2cfb4a8b1aecd31888665ae75cb4b44aebd2fc201b29

          SHA512

          71235c5c8934831003359f7b985f46e70fd6c5b2fb5ffb6803e9b69ec1d56fcbea5d504694b54b96a7f99ccdc01b44ae7d2bcbb1c1226231bc262498313cdf78

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1e58bc1117713836c29ca8e639985466

          SHA1

          c8c86153c3c135d55eeeed5736166c1c49fd4c11

          SHA256

          47393588fe6d0216da840093f41cd3aa7cc46df46b80853aa9a2e7c93dd46d03

          SHA512

          8d51e18ef97b5c60ea90ea49832b85cba88126fcdfaf974329a2c2fb1ea6bf34ac37d3226afc71bcc01e2349456fa4558b7ff8d10bc3981f77f7d2860c4065b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8dca4f0e4728a01fe51bf4d1198d49d4

          SHA1

          a9dcadd608ebe764fcaac18a2c5f7ed6d7c5742e

          SHA256

          773f6f936920aa166ccbc0c5711194b0141f80f3b7f62a9e7f70dc66f44ac663

          SHA512

          d099460ea8104a6e26721133b1c190901cab0f5d4096e938a8335518402a47bdec65734500004d636c0b993cc58dea291e25002f014587e238df3b3a6fcc3898

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          923f02a62348162df41e6c7bd828f1ef

          SHA1

          46c0b804299b01046d5dddc51e683bd55b350284

          SHA256

          6b6c5d3a0b78fe5072cf0ac63130ef3ae76e04fb45ad4a8c64c43e5993b762c8

          SHA512

          535e9ae75fab5e667142be4412ae77617797608f07feb7976575d0d4441b05cc70d5bd971069891e2ecd63d839b19a7bfc67ad9a54eb895f3ad476127d20f1b5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f28c730f15ae193a73fc65d7e90d4517

          SHA1

          00019ba3ba1cd2d1f52a28a3d32b07b0637d816c

          SHA256

          f37200d7795788617d1ec5781ea0fae5e34901b8201ade1f530f0d2c07eff901

          SHA512

          cc4957249218a7b5ae8bb10dde8f8b561f7a6f05ba865ce2de1e2e483dc3cd32261d81c1abf3e292afa55e0c773f4eefb52c59a17b60d3b7ca3ca0938b0ebc68

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          34df05943901700f81cb7148af69a406

          SHA1

          5b13e22b6ffa001cc8afb18d824baab2df888f76

          SHA256

          dfdc2ffcc4244d83745ca2513f4c0706dfc591c01e62f3d5173fe8aa846128be

          SHA512

          8dd78a8110b2366e8746e5e9ac00f5e377c0adf71f19b5ac73df4ee46a9bcea8deacf1461d5518105f8442689f5d5147a0afcb1199086872f43e2c7e421cc9a5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabAE1D.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAEEB.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit