Overview

overview

3

Static

static

1

c76992d50a...8.html

windows7-x64

3

c76992d50a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 18:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c76992d50adfda7d54ec071c14be671e_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c76992d50adfda7d54ec071c14be671e

  • SHA1

    8ecf1d1b22aeaacf3be00b38552ec6cdb4adeac4

  • SHA256

    3cce476cf569ec115f8d35296133dae4bfc14650f4b311fde4732469a7c1b55b

  • SHA512

    104489ce89840a1c4cae0ee1838ab11ae4f6ca22eff07be67432e5550cc82649241c490a1f9e8615c4346fd159458d625afff2a835e3745b62026c6b258e0747

  • SSDEEP

    384:yjliOnNmINGjl/3gxcM7COAQ/Lgz/KukjcuGu+Hupp1uCoqHKaxD9Uo:yjliOnNmINGjl/3gxcM7COlgz/KukjcQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c76992d50adfda7d54ec071c14be671e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cb8cb6acd7f608fbd322f6d5c77db5b9

    SHA1

    92a13a4f2726ac333ce675cc17728f31e5a0aa90

    SHA256

    a8543bd8091ee33b6d9c5a4a0393866d28c1930b84aa0023b45778dc83a8e212

    SHA512

    2fb96d28718d8b7960342c41d590a0b8d9ca47fe136e6d2d99bf46b9b95a3838e5fb5d8c57442960c6068b9c2b4bed638febd8b810c3ea0b9019a90a2d08ed19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e878cadfabb45b77043e4c046509742

    SHA1

    804c2763bd9d896ca50e0829b5a482ff5db1ad52

    SHA256

    fcb452c684a46267e9ed6305ef7e93c96d75756075fe0ef0393cf1d9d48ae77c

    SHA512

    0b4161338d893da6cf3258b36b92ab97896aba4ae83f56822cc179dcc42fc27f5f0eef1d5eee67d68e9a67ddd8700119a96b19ce6af95d9a874774e8ec0d5051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8c2178a6ed5e17066b74a8dc158bdfe5

    SHA1

    e2f10b4899a0afd36a8a48aef5240ff6da2ebf82

    SHA256

    2df056385d8932c64479bb14896e1bc8bd7dcfdfb6a07f694fcf5535ed640851

    SHA512

    ec76cd57fbc259bc0a957b730b619389d80401ebe63e709607a00d1fd2b14158aa9c3523a831d4fafaac0f8585b65fc43d6857275f3932858294ecdfa4ac18ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9831ef8947024def875b94381300579c

    SHA1

    7bf802136f49abf23e5eddd4b69f05da47bf4896

    SHA256

    a5bd1861baa55e7079ec2dd0aa58460bd028043f92ff80e5617a122681d77c21

    SHA512

    3a59042c8dc8a8126b79b683a96be7fff85175976f6199bb4872584b9f8b3da7c4d643224dfcaa4b023eaa16f0078f19a946731723f9e8656b1f024ee8c17cc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4c69e5f43bb941274ab64f1031b82245

    SHA1

    d13ceb8a010d5be00bb6ebe2c8df414154af7ddc

    SHA256

    b599ec4da16b5f6ae07a802ed20d9f33f63a589cf0a7dba1bce828bfd6a0bbfe

    SHA512

    da4d4a9e8e4bf65ebd624455d1cd75045713d96ed086ea9dcf6aeb9c1724a721db2b5789b83c48abb82dc9ac870c241eee9c5b03c6aad369282cdeb860e02867

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4938ea5ff712809fdc020092e213c546

    SHA1

    f8f3c90d085ce700d685777e46fc1f1934441dda

    SHA256

    2967ef1d05dcf6bb3d0b40c4249fbca0f52e79795c5d9ba65bd70bf9d4f0d2dc

    SHA512

    716666a4d89ff4d977c19809340e0ba293e5e5bc02f6efd5eae04440fad553a59bf756738ddf9dc98a76ad67d16f86f14910cf75e5473774c619a97f0173748b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1273b385cd08de35642e466efe644f1f

    SHA1

    558368a5b5439cf52175d81965c21337fa6096bc

    SHA256

    18dfef6c89169d2fbef53768288f9ed71e7abea21fdd03428a7305e9b712828d

    SHA512

    e2a991d5594aeb25283ff345292054067cd2aaba84612398800a2bcc05f9bc3cd0ccf8da834f954dbdecd6ee6846e8d5fb53e2c80f65035c837b03a5d4edfd17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4a86f6f28d608aaed58eadbbe575b64e

    SHA1

    1e125e94f6417151a5e9ab052b2f8a3673d50c18

    SHA256

    23cd00439c293416bee7d004147509a24b2b66023cb7b39fa9a08fb431227942

    SHA512

    0f454489c0ecaad739982f79dfd2ce5b607ddb59da1d8f95abda38ededbbf58018363ae3bef8a54dbd6d25fb53ef32f653231aba142cd1bd30c752c4e69903c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDBEF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDCAE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit