Overview

overview

3

Static

static

1

c226aa62e6...8.html

windows7-x64

3

c226aa62e6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 03:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c226aa62e6f78cab75db9441c347f448_JaffaCakes118.html

  • Size

    139KB

  • MD5

    c226aa62e6f78cab75db9441c347f448

  • SHA1

    d056ae35c0acf0f9d26e9d3eb27d85791bb03f21

  • SHA256

    b1f299225a2c989d48142d8059eeb6c30b75fd575832d676ea93d50808d6933e

  • SHA512

    9bf6754f536ae288e05acd93261b8e22b5fc61d61c866ebfc9dbe1ffc5e8c62600f66c99a433a339505dfe854ae3c4f2b3f2ec22699899dbf31f642b5a0d106a

  • SSDEEP

    1536:0NeON9RNtLi3xe+z9XClBY3pxc9wnrSMIxExeO8UQ8A4M0FYkPp2hDVlC3cCcFVt:0NL/kXFnrkC3cC+iS3YMg6C3tWUgo12

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c226aa62e6f78cab75db9441c347f448_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    356c681e0f4f739779008d31b2519ceb

    SHA1

    07f7fbf9794ac3c2bc254b101e64c55816c56205

    SHA256

    4a3f556d705a4a5c663790342b902e33bde2fc5bac4d71d32038d0f52dc73de7

    SHA512

    49f6d4dd9a8834e76768d00d13b0b44255380a47e5bcf9192a8304f70eaf1b508aed114b2e7a763a02a2680a59d915ac80f534735e437f81da3248faeca92f8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc02766c6383bb43861f81e84f60a40f

    SHA1

    1038f16bfb25d29ce01dcfcc4bd0da6bab17149f

    SHA256

    f0089201e7703fe1f41f713fa37b9243df9a4e90b10b1560098883461d182658

    SHA512

    df3cbf8a46789faaa8fcd36c6a30c95b5a4536f3886c77a1957e9231f96a29d9a73e166a08c581204f293b399892afc39e67d1f5b6e4672d039b4130ad67f501

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b358ff1a04df08fbc1c0783f10d759f

    SHA1

    cda1afafb1cb9aae49cba3f65332f1cc3a619bcc

    SHA256

    9888b8f24679ef80e20f7edd5f9ce2c5bb85bbfa9ba87f1d5a989d00f8243137

    SHA512

    2c512d95e8684b065e6eb3794a437b361fc4d62c50b168a5329e7227a121fee404d009e3ea8c69f42492affaf1406e312021fdc96a5436367902a9f6d8b72ca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b0ec249e955687f5c4fbd522e97e4be

    SHA1

    6b64e1027f02b8e56ea6c2af88035a09f4e8457d

    SHA256

    33feddc43d88f827061522822bde784aa6134b3ff576894d066f1ed9eeb74893

    SHA512

    1ae0b78c7fe88c2c6c4cbef437b5c136d6db1f92a21f659d59e3e9c17debae62a283859e75c5eeca1363ce8d1f7acdc251777ccf823cfd422f951178c2bf4f6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    558630f6a9e35f6e45a914eccd795e21

    SHA1

    7fcb3bff0d57131b3a74d832eb13366c9056fcd3

    SHA256

    ef57cddb37977c49a3ea3f9fe128fa43c6ff25fcbcc2d721260d2bdb1331fb00

    SHA512

    c35e74ad5ab22da0f750141debf1580763d8bf6b4d9ce6d7a5b112f41000ab88f95c848eadc5dd757991ca9171bbd25e8ff2c622a6d3dfb446b75898e52abc31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9625d4df7ccee54151631d8c5b6707f1

    SHA1

    5fb978ff05e8261e7a769a57ddc833dc59689ce7

    SHA256

    c5c1a5d070528a2403b672610fc399d5a2286a2bd5a7c948452e799baa1a0194

    SHA512

    872351a1538788e7cb6237c7b1534c9e42cc6d04c8e2b0bfe03e4c17366e37c5e1c002da0acdde7092c73391e8401795abac6b6044b6babd76542d709db2e2a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36706ece447a6df2bb61afe92babc59e

    SHA1

    4efccdbff0b376ec20289936d004962ddcc48ab4

    SHA256

    1fdea8c34d40edc25fdfa9fda8d6c6ca361720ce51cd8ca3cc294fd65bcb54ec

    SHA512

    0b60480ac607e97e9a8faaf161450bf4fe8fe8c0630e81a40221b16f0e8ddfb9f719c8ce542ee4ee09d5ae41568237c5be6408be8474871c6e1f44dbbb3b80fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7748af2c28233d39c01c75b32aa4ba2

    SHA1

    73ba7478acc199dbde2783675f4f2abebe7c16ed

    SHA256

    b645498a175d6780274f56c26e3dac1fc9d05c42f15bf2d9b215cd442acd96a0

    SHA512

    6b504b9ff69114a7f2ad8efa2e39c06dfb504fa999418dd0e190de0dfc827e2bc488f48585e3bae0d2e3b3e115e41a7b321cc269248502ba9621a1d9f3e52bec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    910c6f312e2ab7d8286d5da29dccf1e1

    SHA1

    0e85a737a3f56dda13e34d75a5ee23667174e2a1

    SHA256

    b67583c83f89c11f8d910d32a64b7732edb9f36afce140be51b487fda89a3f54

    SHA512

    7ce93297cbefd4d2d7097c60071309b8b3468b72efd0125b29e8f157b542c6db676d8389e457c68171ac0502efcfc048e606f580a811d14d8f664ab4d247284f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72e40293142a26efbffa3e3742319951

    SHA1

    4a195432498c2738654afcd413d55be8d86f9384

    SHA256

    12276caccf8b275b106babf7e57f5590f626b4a8114d40d6a0694f07060f96ce

    SHA512

    56ab7d087e15e94d84efa4003275ba9a7ff9469f7cfb29ecda1959b52eb9c0d21bf2348efbc65da8c6daa64afe39b3b97c8527d184630297b9fc319e00f127ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    135783a316f8eaa796336e2d14a078a6

    SHA1

    2acc24ca3f154a0bc27291096929295597fd593c

    SHA256

    88e23477d2753c8c02de9bdcb4ec30a59d5455b751492fa51cfc6e10e2d19285

    SHA512

    58eec1e838cd055d1e777873d08aa790444128faeb8478421da9738d8dab86c6c7d3f43c32f321aaca68aca32bcaa834f52e207dbd068a2f25eb8a514cad938e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29528e661d3b72e870fe7f7ede845fa6

    SHA1

    7117f066204f8464d70f2d6cafb9eba2fbbfe762

    SHA256

    5de03f9ab6314f0428071873d388266077e3506f753162d9ad84dcd18186f40f

    SHA512

    6bbbf9b539916fd02c94ab04d5187a3719bedb71d09c9769bfab292fdc7b82f1e4502f94da9693232b3a148fa5385dd7a15381d1c692067c3573a024d5476938

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97b274df7359814ded286064fd080b45

    SHA1

    af08956cf31fa0a780b67648a5c597c22150c9d8

    SHA256

    03143d3f470f2071ce3c8a4cde8c16004c40bc8a4ba6c7a355cd8b8cf4c93c36

    SHA512

    53a37724067996067ba0c99521454aa0407ca246885e9bb7a61b19f2733d8b50fa9a369f9e5ecc3451e342dadeb3e265c0a3214305eef802cf148fe4248d6d1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a2c488110cbfedc16e3b2b456491a42

    SHA1

    76c264eff1d54e58cad22fcc0835aaf39e1f7599

    SHA256

    74a80702e73ae565c5636b89ad6d9f5b36fd4abae60115c1dc16995f11ac964a

    SHA512

    4aed60d8cecb6de04994750236dfb1c8674b7529914ed36d1febf891d83d3c7cdd4af330658c637964386b23cf4ff3d25d56e8ae5fb7ac1f5725b0aca1c780fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL24G53\cb=gapi[2].js
    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\plusone[1].js
    Filesize

    55KB

    MD5

    950e589a42fd435b2b6daacbdbbf877c

    SHA1

    78dc5743d4b541018adafe3a2b49b6be5f1c7944

    SHA256

    c5e3093bd5e8a58f04846013ead66d36ca25457a0475c9c72d8cde60e598fc0e

    SHA512

    cf2aa139ee4c2f79ad5dbca6239e4d5179a21f54cf2c3672c45915b3282bda5f5fa702c241d3b5c02805cdf1b48427d34e86b627904055a46ff6ef11be2b2104

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8E5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC518.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit