Overview

overview

3

Static

static

1

c1fbf94c71...8.html

windows7-x64

3

c1fbf94c71...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 01:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1fbf94c717da88e061f3a2a6af3510c_JaffaCakes118.html

  • Size

    11KB

  • MD5

    c1fbf94c717da88e061f3a2a6af3510c

  • SHA1

    4502643cda18bb50fc9c8869e57c81508da5f4bd

  • SHA256

    b2ca917103b4ce785fc7672babeaed9b955727dbd652c4084f11a68e5f841dc4

  • SHA512

    1f3b750ab95713e42d2ef1aabee5debe4f28fc153b97a7b8c3009dd23b745da0adfd762756408452275e8f50af5720ca418bd5371603aeb60c7c7ab93710535c

  • SSDEEP

    192:Pax7TRCtH6GepsaVBRdKaw0VNvG6KpWs9lPv9NfVK4Xb5fMANF3dQ1Kr:+XsaVBRdKz0/vIWs97K4XhdQkr

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1fbf94c717da88e061f3a2a6af3510c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    391aa670bf048fc38230f3fe94ee3e2c

    SHA1

    1a1ce1a1c3d350494f3fe777a4212a55794d1875

    SHA256

    746cc519b26f36a0645c6016e072d91daef37dc6cf85cfe39eeaf496b4800293

    SHA512

    8eece02c250bc3412f3eeb0183c4020bbc140e266ecd182fed3046479abe3df3dbfde3ffd2a88ffdd9b4c8674689618142cac869555366a747dd9035a31c7915

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93cc93b483595fd90546128ce30d62cb

    SHA1

    91a2a2a2503454b379e82b7767fb0008c3033ec3

    SHA256

    08277013a8db6bc9fe444ce2e6d7c91e8256994dc5e0eff6d44078858fa0044d

    SHA512

    b8fb33db4364b809fc99b7cdff6b8c3b03853985a149c48dea4f36105231c07fbb3c925245e3d9261ef73212d11fb38f9972022c5a2c4151ab88839c5cffd87d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8c189a9d86e3ad06c691d85e41667e3

    SHA1

    0a615307343cf8e9b1f8caff37e753f1879a3897

    SHA256

    9769c74ebc32d95f9babbf8abcd4e65b3645e4d6da18cfcf9385a3d31f81b0b9

    SHA512

    e27d716aea28e716a120584088e20d12c57c4e244b1dcc7fbe46ccc260b26961afa2f7a1902db1c270f16b305af9e134db69636b0c61b93deae447cee059de98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37976ee83f78e9f740789ec073f2135b

    SHA1

    03c3ba1e5c7d3cff9165ff173e2ddcbe6c22bb04

    SHA256

    34059a201b64e7e9dab4e3cd0797a48a2ebc37ef0b549f3e31be1dde995be8f5

    SHA512

    35e80892c99783ead6f74f1c7546fd2128255c3bd93cff8ee1bfb449a68c8732aaaa156c4b037118bef2304003e9ffe2183b27afd082040c80ce5500dc03c26c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    524dbb12ea2753eaf6c0af0400b91a01

    SHA1

    60a31aca9ad5ab6419462dbd6858e130760ff6a2

    SHA256

    7f8bdc4bffd980e5845cd5fa4070af5e5d4150a2482ecd56ad827dca00c36e17

    SHA512

    779206d6feea9fadd1def82bb70028ebaf9a14ef135c4c0d0e840354fe4bdbe24e29826c67013a6e431f7d201c3bc6d9abcfbac80514daf354395f802eaced4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1afe1302034357413b4c0e040383d434

    SHA1

    cfdfd5a10a34bd013174bd95a8a092fcd6d92c31

    SHA256

    38cf3f181146259d542e15b59da3be0336707f35cb7755e109c1ed24d99d6d81

    SHA512

    83fd491b9cc53d63357889a0ecf3a6d442d80fea343a9301a1b44c279d7adabfb49946e39d368e1088d105625949877bf927fbb7d8a552d8e6b994fe770a1975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    026b8b4dd19cb08e4932b7ed6d3d909d

    SHA1

    c42114c300c2690be824623decaca902b764a0e8

    SHA256

    7feff122ffd8e759568d26fb1f33d1c4e04545f581bd8a12d91900e73dab44d1

    SHA512

    97e598ea0db419faf764a5543f0139eea84681d27eec52530253d5c6fc7077c9e07c8ed53aa96025310ff2e0c60f1a90a62bc0dd66781a0ed88cfca4e4a4a5c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a09a998fc49c6580a1ae5ce29b50219

    SHA1

    550fc6a524213aef68c16a6875c4d8badf4a5572

    SHA256

    937185bc511b785549c6b659b83b137791b4b04890f90e24d1db84037b00dbfa

    SHA512

    e470c6fd3d5803757bbc306630cc141d0dc1c0af7d426f7c8f57733c630f527258c9824d54a3a99b45545fcb967bf7e47c168e210fe77ed3c594c9b7d3bc69c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36cd9de12cba9526dcb966f07e0bf979

    SHA1

    8775128f12a83168d1579b19e38319d82db4c388

    SHA256

    dfe1623414dd77afb5fa8063532a97fe61f7624ddcdd7e6c18026003cac2ecd3

    SHA512

    50515c76378040e3c141a3c7b53b236103897f9953e97061989961d2a0fe51e594bd03fe1f6d20c97e9dafe73e5e3c831cb57592d431a54cc0ed2989faf4a232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8afdcf0ed9d8b059b00274e7cb45cbac

    SHA1

    cd27e2403874aba72564ee502a2d6239491e66fe

    SHA256

    b15be67db47080d233489a72b63ffd6666c41cc839570073903773a582f5e2a9

    SHA512

    35c485712edae1e97b6f9b2ac9a982e3942a14c9733d732007d639b6e0bab6d8de6b80ed021f3cab68b4f5ab4b495df9cd5b44b48d0155b30afff6e57d15fa0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a7fd8cdac0d0438241e6860934ff59a

    SHA1

    b0f3a5325432022e5170a1bc1c698a04fd26334f

    SHA256

    1400c95f6b9e55ebdb7b7317524315a97e04904be8bd65846413e753534688aa

    SHA512

    09d61613339791700c688ef912ae4d673758fb2a73817b333bcd33075cb55279a996dcfd330f94464760a91edd5b975650a641d89e04b5019dbb2e4f134346aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39eccb0fb8cf060f3d8e30085757d6a8

    SHA1

    6c9784e67df3fe394a2500adb1a88b0f834fab0b

    SHA256

    3e0012213716bc490b133ab94752ad174886b459a4c9221f3474101606945206

    SHA512

    351e250c079bc3914d8fe6be117c8a6b901536972cb52879b81ebf12fe62140a05b2484eb8f855eca8e1ae4ee56afb46170d844fc2e3fd82d3050f650ec799df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    32d6bb2ae50e93626b5f535d51e2f9ac

    SHA1

    750ef55e1282430c08d34b0e3f3b2cb47035ab99

    SHA256

    e3fe003238174d32109ad77871248c335d779737a49cfccc0fe11e8806abaab6

    SHA512

    ae7a49f2e8881a1195e3f5e750a7f99f92785baded4c3c86a596f34b835dedec8fc6a4e1a9cb2bf33c175089ae011272eb8a5bc923d333f5c6bbd1bed6498478

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\jquery-3.3.1.min[1].js
    Filesize

    84KB

    MD5

    a09e13ee94d51c524b7e2a728c7d4039

    SHA1

    0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

    SHA256

    160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

    SHA512

    f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\thumbs[1].js
    Filesize

    4KB

    MD5

    225667a3ddb830085ffad6903886faf4

    SHA1

    ade2e062cadea39b35ca51fe2b8b0ac313ba3e35

    SHA256

    640c064acb43056dc87c686fb52417bc6eba8fcead2ef29146b83df6224813cf

    SHA512

    d4a3f56111fe89d8d830b2c9a04ae858e066ebee40262b9348ce7a3ec73f54b259d945ff8b05e47eedf8d088acace012fde3d66a7e575af913a183d878a88c95

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOGNAB2O\exit-3773[1].js
    Filesize

    10KB

    MD5

    11ff66a603b51bf38405b683bf77a5b1

    SHA1

    ef6754dc30ee038e0d3557753c46584d61d78a78

    SHA256

    f1350a46892211749289009923c73a8de4b172d335d1803590a51fdc0a9dccc8

    SHA512

    0617511f82a3ec1301a6c59a6eec2d7a811bddb517016d0b316952fd89d181aebd4a25d28529c926122e5e3c51b643d6691dd1a128bf0b477344042210cd976d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWMUP5AI\exit[1].js
    Filesize

    245B

    MD5

    ed1e052843caa19960b300c2a9bf9e16

    SHA1

    846470dd93c3ca2f9f744c4b8b93f45d3c0cfe65

    SHA256

    ad1ac04759ee4ac7fa392b1b2288ab110c5ab46d799826c398f954b870d217e3

    SHA512

    8195940bb5decd60dcedc780d93690da58ed1c25a8c05034da4169bb266ca655287d92dc0b6346f5692c708a7c20a46d7f24db8858a5510ddc0f86f3e3fbf0e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4626.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4628.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit