Overview

overview

3

Static

static

1

c1f873d9ff...8.html

windows7-x64

3

c1f873d9ff...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 01:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1f873d9ff0b24f7706ece3c9b0f8ae6_JaffaCakes118.html

  • Size

    139KB

  • MD5

    c1f873d9ff0b24f7706ece3c9b0f8ae6

  • SHA1

    4f28b383ab1792e33a0b6ebbe4fc59564666d58b

  • SHA256

    83adb3e50d995ade272c2b584b3aafd3debf1900a10b4e17c40334fe50dcc5ed

  • SHA512

    2d5553d9227667648a64cd343264ebdd0a2cdbb8986249387c693a20587076a306f92704243648c3646a8a88da05661fa5a6d0fe5fcda9b9367d011f9aec84e1

  • SSDEEP

    1536:S79qfs18lj1LyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusG:S7us1yLyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1f873d9ff0b24f7706ece3c9b0f8ae6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1152 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cec1f98b4f7aa95f5e17e2236e60217

    SHA1

    a5cdf9881892e9004d157c390d53622c0f08cb66

    SHA256

    53dba3b8c2dbdcd0efb36e90e1a6050cd90afd7e3c78bcf1c2c487651913875d

    SHA512

    389cef43c1db4d61d0e1c6734a3c743ccf72c073498603999a833b38483f851028072b78f697003d890eb8112d6150c7ce57bd2a99d34853a9544ea094e99610

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    584cb2d1f735b8d104dd9d32b7bce6f9

    SHA1

    9ad11f64ec172c657d118b38e507b48681497d01

    SHA256

    70fc1332b40ab0ab8818990d035f7e95ed89b97ff8421a419dbc9d9d1b852e69

    SHA512

    a5d7e777cbe6fac768f362d525fff9aa9f9c2d717fc1a1e2fa6ea8d28beb892465ca390fe43405212238589050f084bb3de7dc6567779fe6fa23a159cc517bbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8036d7e6353b4828c30afa0b094ba96c

    SHA1

    6f8d58360b8cb211bd3e716de2261cab5e331544

    SHA256

    051b9f2d28337f3464d4f23d1b52115f35aea1dcbd981fdbf925a83ecca64332

    SHA512

    630b242d47537fe73fbd7147d1c4737de97b5679fcb9d2e39b4dfae6b90bb8d7b521a0c5e321febb9aaa680b4efd29ee00a6ece66af39103359f565daabcdac1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ded432d4fb6d82b5016da4f62d957f0

    SHA1

    34c7f64dcdc7365df1802a509e1d2d93e4a5aaf0

    SHA256

    76fc80e7b888f2e2440f9f4cac01971f030db7119170956a8f3f6d3ff8782f5a

    SHA512

    d26a3c0124dedc568083b501b0fad36e598909d76d6ea6ee73d28806880845cb933986b06fb8ec89d83066aa09dcaeda35766a434d7dd07e88a9e493d32baa6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4672c317a69ddf62922a20f73355305c

    SHA1

    91049c8b09751fcac02705b44a71ea057df11125

    SHA256

    3794eb3518bc32bc19a389fe2d3fe21df48c1b08aaf4330647f18c848a7effb0

    SHA512

    5b72c970c6a38858b64e6eb588008b3a0edc2782e9d79e79d03fd173f24429cfd8c44536f9918507a4aaff2898c97702dce3aa1eee68169dd8896540ccf62b68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a09f7f2875ac89f8ad57b4fd6d40c6c

    SHA1

    83d284c7254472c637635ecd42dcade802bf4a51

    SHA256

    f89b43ed73fb10a36c8ba55f941d1e3534e1b2c3ba2989f802ad626844918a1e

    SHA512

    045aa7d40ea1e7498b3537ea1ae9ae530ad7a6a2ecbc075de9b4d87b597a1ec9394d381b9c2f32f0ae83ace735836a982f6e32363703bbbc0a1a2c70a5b33b38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    307392454758559c62854c4ce7c2f38b

    SHA1

    3ca998b6566b26ef83dea51c130fad284d1b883d

    SHA256

    ddb9def1d57b4a43d282bd10fd27f05d345cce78e80ccafd5afe9321df3f4562

    SHA512

    6fbe7049781fe2237732b31aef6362585edbc9aa4b5d6491624db7c2be6616654976f7209ce5efef5c42928290098b53a5526271ca55e095318d5434ed98500f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91d75a3cec03f4fcf0c719216e5037fd

    SHA1

    e496ce8e7e37cadcb268097331a7f4ca2e07dcef

    SHA256

    0aa7d4ea400d588a7ba6d6fd7155b95429ccd52429e5074b4c3a15619ca2fccc

    SHA512

    69405a3107d1966e6897d36aa036a43c26c361ef006b896528c77933e16cb4fa4193c1f9cc14f580a5f6def6da3b516be5fed8f8b6281108dfc54c9bd18138f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a6df6334fa483cdc128484c8e787e7b

    SHA1

    edba55f9756612b118bc7c44656567f4752076e8

    SHA256

    50920e92ed630243d6fb8290b85082aff7ee2f0ab424065da5092841ecf533b8

    SHA512

    2d8864e6521f8e3538711c843d9ab607c010c23b116f17d27e0acd9eb8aa43155cc7f7e20651fa2fe09ea6b59c8064bb2dc7ecdb113fc4fcba311d1a99912c47

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD71F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD7A0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit