Overview

overview

3

Static

static

1

c77f605327...8.html

windows7-x64

3

c77f605327...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    28-08-2024 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c77f605327a9f9d0342391a1e9aa5a9d_JaffaCakes118.html

  • Size

    27KB

  • MD5

    c77f605327a9f9d0342391a1e9aa5a9d

  • SHA1

    e6256fa50241ed9b75df5607a542a253f9fa086b

  • SHA256

    54d837bb0a8207a65d33d072af64d400c651ac623ad9e39561e8822c2b6a783a

  • SHA512

    df640ddcee631b04908f14a0fc2202fd8c0cba91a94d22d3764e92f8707a738470ca5c2504bc984fadeecdc6da7b5fb2bc868b97a20761172aadb48beb350658

  • SSDEEP

    384:SI/oOwqrL2cXkuETURqfzjotrIAAY2Sz0BGLyk3Pk4l2a0Ptk6BUpA24Q:SQBr/XkdTUI3otrIm2K088Pk6BUpA24Q

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c77f605327a9f9d0342391a1e9aa5a9d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    a8ea8f8b8f41547198abe403106b395a

    SHA1

    0d8d80fcd9c7e5baf0fd0fef17d5f8da7b840f47

    SHA256

    c1db6c343ccae8aaa974c31c71b1a94271567189946353282bca2b5e5279e399

    SHA512

    e673c54e58041ea62106090c63b83a0759eee900965f3d0a28ca97730664724b18f497cbb0b222ed37d79e9b284ce943e28f020cc21c5f99cbde03bcb0087f44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b7cd06ed5c0ec995e4abde1d53be9f46

    SHA1

    1676e39c6b3441977d224edc21452fd76b6cbc1b

    SHA256

    22a88b22ce83a589ec6a01448a7f0cd8432fbe179c8e9c60cb53430f86ea4993

    SHA512

    644cc32412f53b435990b0199d8c4148c78c1e71994876429406281d9f8bf8e6d00fdad76703237b4c6e8e4df935a3e9e95cf72e38e1a03e4124a87e1a9586e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    222358d22798a396bb2d970351d2f83e

    SHA1

    5fd246a746606a107642c20994f2b3aa7dcf0929

    SHA256

    142cc0daabb42f568fab27fc8a8a4aa3a3edc1087c92b0e5f6f520f6e0c54626

    SHA512

    772ec910a39a923c678f3ceb3ed6d0053b44a51f48fb2daa33c843a512cc5ff8bbcfe6fa639661588c1cbcddbc0dd096b35dc03beb098f31f1f331d8c9c99eeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ebc25bd2c05725ca0a8c1aba3d48722b

    SHA1

    e6f5b26c0bc6bc80b2e2728affc48ecc55f9b2dd

    SHA256

    3b0d0665db79298e5840b38732b3311368752c3ba6331d571458bd92eddf6f83

    SHA512

    439c13cfb6ed9366a25ae5868a1fb61102be19c3487e97905d034100dfd2eba8ffeaab50c04ee8ea347fde6f781fb98836356edae2ad555ef8e62033409743fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ffbed66f5d334da31e847e323c8e056f

    SHA1

    1c83f0ba782e574ad35c6cbd3c6041d4bba0e78d

    SHA256

    c98ca2c1a3779f1e0de18cc6ba35f01da871d7407ff4c1d2a5ccbda27423b61b

    SHA512

    93e1621c8fa21038432dc60e45c4e717d9f09019f97f0cfdd08b6c0513ef855a1244a833a0b3fb55846416baa89c7455e5c2c18fbf2dbd34f92ea16e937860c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d90f1dd65cb3383048d16831edc1da1c

    SHA1

    f7dc3189a452fbcc9e04570d682079f493a0fae8

    SHA256

    119122722fe96ec4f83231aa90f3cbf0640797967ee766e5119450a9199e42a6

    SHA512

    9ac46ccb86ac80566070ed2faa1d6d8c52fabfbdc6c56efa060c1b1b9bba8e3876cfe0639d9323dbb043c435cfc09f5b6645a00ed6e55e0bad090c4a4ad16764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b8322d54f6ebebbec30fff0e77333d72

    SHA1

    577584dba51fcc5eac395ffa8b30df4fcb4787cd

    SHA256

    d6e9085b41639181605f489239fbed5effda7e411a2d25e9d33ef1c89d48115a

    SHA512

    007d156b3dc766b67f3c81164e5aedef573bc20ad77b0b4d86dd28e6bd488dce237472bda241fe5f631961e1068b15f8d530338863c74f47d099b3145ccb962e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a7028acb015c8ecf852584f0f90fed14

    SHA1

    42449c2eeef803d030901110502a92b90050cd8c

    SHA256

    9809b54fb0ac358db025668f9302d29a51992b45d2fb1eaf901189bb64512e28

    SHA512

    6db63f9685b5dd81fa21d1712f273f854bbea5218aa4fa108260082dce8f030f8616d2ce780b1c8ad651160c80461d69db5ae12db670b69f155e24fea2d74375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8f83931ab609dc75b75c774e29735a94

    SHA1

    60b275385e1a0c5b4b8fb61cccdfd5c9f30923a4

    SHA256

    59bbdd0eb92165be0cce4a13100b888f793b173cf3d230249edab559b17d38d3

    SHA512

    b1d3b3a2d7526e86f0f19c7ebebe73ef489189aab2a258d6b00a3bc1a7024812dee7647cbabcbb326bb4df1f7d541b1b2983377bb3d69649584d3cfaebf22d42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    0f40b6a032987d7540478888c3deee1c

    SHA1

    bef4afa54fd5ceba868c7b2c1f2000ae11dbcb77

    SHA256

    90216c9a8e3ad73613c888426c5f3050d9ee41d07750b2f0e885c4c75c5222c4

    SHA512

    38558bf402ace02dd4ac454092d4a54d65ab9342f498fb6b147eacad73b7a47beb51250a7c2b3ef83052962fc15dc95e347bc3fadcd779fffcfc35d197e818fc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5A2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDC7F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit