Overview

overview

3

Static

static

1

c75533bbc3...8.html

windows7-x64

3

c75533bbc3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 17:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c75533bbc310586d81208dfb2531394e_JaffaCakes118.html

  • Size

    19KB

  • MD5

    c75533bbc310586d81208dfb2531394e

  • SHA1

    81dcb81cd6f364a1abbdce94a131bfc6013397e5

  • SHA256

    59e174ef1d8dc62a95ec0d2a65aada05770bd590c06e2cd9b3b29fbcd487f468

  • SHA512

    2029c63e236859a40b5f364a6aa24cbf530e6767d65795f64226f7ab9d44fbe63904fc22df933616824187fde47b04aa272588223ee5214072910e3b2bb7a820

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI+44zUnjBhc282qDB8:SIMd0I5nvHbsvc1xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c75533bbc310586d81208dfb2531394e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1856 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21933695b3335ede872c1136214cad87

    SHA1

    8c94c8ecaa989b398f520ad03137b2db54b03817

    SHA256

    973e98139e0abc95668349dca93d9dcc57e0ecdcaa92e37db43c6a283ad5256f

    SHA512

    d9a9e59eb9d24237149a9d5211e9739c0290536edf39dcd8c50606f5ffdb564d33d78b293edae1f1e4cf1082f1804d44e8540b0e80a10609fb0057e8e3d8d47f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    415d7be3fe93198b220df823741f50ba

    SHA1

    9b13f08a11b9603adfb69406fa4325a9f525e8ee

    SHA256

    d91293fd6168bd3ded2aa4a5ae1a0d1704c888bdccf588a760fb9629ae0d0880

    SHA512

    8d90ad08a5a9f29bee2e2c936da92d180e8f2452fdb81db18481ac752100b4fad4b47bb0d080858bc3602de5782863c76fc150a9d70c1228018c3994b9fffd9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94f5298bc18848055b23462503131796

    SHA1

    444a44df001e50e71bfc3a5a690ab5ed48fb3996

    SHA256

    8b0d0a916ddb558ff0bdbad68b27b9aee9f785c23c5473e50f09206687d9a68e

    SHA512

    186515cb4f10b79ce3fbb44a5a26ee4aa6e58b11102c6fed4ed8ce82cb6569d2a050d8b5f0157c0339776366fa16a5464d8bf1eb74569e97e95101a8e304ff3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d7bc735a3c18f77bb89963d4c180426

    SHA1

    c9e0555bf10d27b380009cebb75a2b3c77e87fe3

    SHA256

    36acc87f9a0a488c48573f9693f572f830f41d68114e8a2efeb60a6d7231d9c3

    SHA512

    0ca77a465d335a5d9553e0aafbfbb74f6d75ff51e00c0c18c188deed14f7d840a6237060a665446c6d25f2bff36eae847a07219a6acd7bb51821eb4e94d6a335

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f454ebbd2171e024f39f47f0f58b150d

    SHA1

    1a7da2ad12f2e714b6bdd55c736bd51ec5328309

    SHA256

    180516fb0c5c6a23665364ccfd87fbb0bccdfbe96af1eef51606aecc86717418

    SHA512

    e8da9398ad49490186ac4eb7395162d4aa6c3e5682ade0a95a8e098c8f3de016c3fb294bc0b78faacb100380ef72ff736bee7bd9871e88982fdf4347e0ea3ccb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC66D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC67F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit