Overview

overview

3

Static

static

1

c295d7ea65...8.html

windows7-x64

3

c295d7ea65...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 07:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c295d7ea65b678d01ed1ec2f0e958002_JaffaCakes118.html

  • Size

    53KB

  • MD5

    c295d7ea65b678d01ed1ec2f0e958002

  • SHA1

    e7366f9a8d0eb0eb1f5f5234a8ec4be5129fe8bd

  • SHA256

    c1b4ed86822d234e9220f472a83ea27c21dd4decdc0cd882987e632f46dbe404

  • SHA512

    7af2464328127530955381480ab94a9610e282463d7ffd87f553c4bdeea0a4ef753af3b105f70ee76c057c5b6bf4fc17d8ba5211a0a299a1e76cfb3bb1e15e89

  • SSDEEP

    1536:CkgUiIakTqGivi+PyU3runlYe63Nj+q5VyvR0w2AzTICbbjoz/t9M/dNwIUEDmD4:CkgUiIakTqGivi+PyU3runlYe63Nj+qG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c295d7ea65b678d01ed1ec2f0e958002_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2812
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2812 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e8f8284969ff0548ec9e13f7d424ad37

          SHA1

          c5fc600c41bc8964661d7edd98b6893ffc6c2239

          SHA256

          0a216af6b5d6b42addea711d6dfb4c3e2bd692b46f7e9cee5bbdedd99853c0af

          SHA512

          857d13028132e68394491012cbe1054cd900c7e06eccbddaf8395a3355ee7bc2371a228340a390be5eb292d806a1c85f80197958c2548f9968c9e72bad47681a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          92d650eb65934a6e95109ae6645d20fa

          SHA1

          ef5b56ed14b6bc7fb0ad73f95069f5d89415cc37

          SHA256

          62f144113083543be3c1f99f1c3c5e335b27206df18804b3ad5cff98bac07479

          SHA512

          a8fe46ad65a9c7f9fd81e75491a6864e8619c717a92e4f72d3231485fd7c2c0973f2622b93707416fdd2caff5a4559d441ca9bd24c483fa8da627720fa803833

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          53018ef5b6591ba044f570c4333f0bb2

          SHA1

          f6d067892d93c467e065ae8248a8b7edb9120186

          SHA256

          a1927ae122947db7b710fc587946aeeec1a267699e6dfbdc66cce9dc6c8f10bf

          SHA512

          4fb52caaf2c5e5a2bcd09763aaedc716db64112872e16fb4acce5924fdb73ce25d71e75cad00d30c1f0ec35b59dd1e963213d4a858395927fb9c5f7ebd800f5f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a3b68425c29d5db5777ea4459a7f822a

          SHA1

          4d1fb973861a8dc9392d0bdbade0754f5308660d

          SHA256

          4e204fd9d6dfc018df96db6e0153e4777fea3690caa64775c5290c11fa0216bf

          SHA512

          1d588d51b045ffdbd7e92738a2ef3c77b38e2d03380c14dce90e04068052bf80026a97edd59aaca87b9f8ca47132a9735a066b1224bb40a0902e136726073684

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9eb831c8bb361ab796b25e948b69754c

          SHA1

          503a87e36fbc7769a7f38bb9388f134bc9f6e175

          SHA256

          324efae29c9f63ca68c49a249b510f4507a5fbaebb1df932ba62b5ae849fc3c8

          SHA512

          e19f1a0de8b00bdfca9638791d88849f766d42bf88e228bdb8bfb1d4e5f7e41f983b3fd25a3e4969125c4814f765e2ba09ac3977b3aef1e4eaa3ddbb5080ea37

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          69cb0765761f3864a1ee8cb3fecb3cc8

          SHA1

          ede2b42339cb4ff287fb5cef11070429e4447c29

          SHA256

          69c1bbe10a5f0526ec753e3bd60dcd453963fa316c5ba8a26928b06e4e23440b

          SHA512

          35c0ad9eca33f9480fa2a5cd567532272cecb793a0befe93998d71ffe906d1139f1a474bca31234c5760d9823c08dd7ba31f9f446238701e0c8d48acd7cd8b2f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          81d368ae6fa97051d0145c7558521964

          SHA1

          0b8916e5dd12fb60c677826457cf1d3cbec73e2a

          SHA256

          73d1e820686920e04cbae2f88f5148954798cd207b4c08532dd21f12c636b149

          SHA512

          7fb971a56aca889221e3e7dff8521c5e985a1412104615776a9d70e1687484396274a97665f0982a5eb1c499d1b0ed227d413f12ee9995702d99cd6d337d50f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          347c3c2a346cd2d7594cb7a0f796942e

          SHA1

          77b03004dcb9c7cbaf52c9daf9c187f93c4acd71

          SHA256

          cbf9a76c3fac71bb840afdda6b8f5a7951682ea3e9b8cff6b4fc0c661c07e75d

          SHA512

          9a36bf41fb27b5e5a15505ae5f1c5bd58cf2a94b2c7de7f237404e759e82be8eb0ba70de712d1f5c981938f4234ac358bcbd40ce1c9e215691f57b928f533579

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a269ba5fc51e29492da17e28f258726a

          SHA1

          7b283c051c5c3bd61a7336a071213611e0a48903

          SHA256

          c65db0f94750d7bb4195a753b37ab8710ef491617ac0993c611232bd31461bd5

          SHA512

          8dd4c65d4d0c6d1217d887877881fb638ca1cdb924e30342931cb4f524ef253b36728ad75110d27d9ce4150ec6fb84b26c3654f8a4094625ee0051306c6df038

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WNZH54VQ\script[1].htm
          Filesize

          706B

          MD5

          67f3a5933c17b3ab044826d3927d0ba9

          SHA1

          5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

          SHA256

          97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

          SHA512

          03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabACD6.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAD46.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit