Overview

overview

3

Static

static

1

c817e6a651...8.html

windows7-x64

3

c817e6a651...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c817e6a65153995d586bdf829d4015fe_JaffaCakes118.html

  • Size

    19KB

  • MD5

    c817e6a65153995d586bdf829d4015fe

  • SHA1

    895d0b2a743b96e9b66b87ba3f627f6f85793718

  • SHA256

    f0d54331b60f4c0a3d49782ddc0920ae004e1380e64e7ccaca05fd680d60bdc4

  • SHA512

    d827cfa0d5ba8a16937e748526310bcdf6da2511ca71b50b99be31c5093a0c7d2e96b2d5d48441ffbf38797f9cfd0307eed081d33956d39bf64cbd815b29519b

  • SSDEEP

    384:ziwKhgESGVBD8c8Q3RFmdZK5ZKxTemLxXucfIk9xheczVc9X:ziJSGgcf37mauYmQOIk9eaqX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c817e6a65153995d586bdf829d4015fe_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2184

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    03ddbfd99c0b81bc141e293eae3b679b

    SHA1

    15ec8aad080bc664810415b36ae6717550d73c3d

    SHA256

    5ba8b4c9adcf2efde81e823d59659df7b7f4b555c80b86be8f445107e1a474fd

    SHA512

    77cb89cb2a89da1ea332e8a194c14ef2d88feef1fea930557fb4c13f4b7633c67c0b22ae84272d1e54823b379a0859fb538dc534871975661b2820c5af5551a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42b10167ed15f62db0eb593082f992be

    SHA1

    b4c029431585df69ab1a3b66d5aa780791d526b7

    SHA256

    b7cf1b52dc2740da803ed52b07d614c9ebb1791dd4712442c734433f62e7001a

    SHA512

    545d10544bc12b9d828238b5a114a67d5b7de1a6e76f8fb8e95f70519b56535ba24a99326db45029859be6345cc20e75985eabe063a2a086759f7bb138456dd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbe34c96d1916b6118dd8152eb3ad4ea

    SHA1

    174f7b1350be0226df98557965c945caaa33ccdf

    SHA256

    c4f9fd3f327ecd6bed556bcd438ba85343c348f87fb90472f15d57930ef55ae9

    SHA512

    06c76a85c9041591910a709d24de50c4612a891225b026215deb1e3a5cbbb06e38d37ec999ed97dbb43e11994046641170a79ea52aa64bb11f3bc507ef06ebc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af3f0fbc62b0816af4da182f4d6087bb

    SHA1

    71fe5dc38e282ca1dfb0f84a6235b9ee52ba88ac

    SHA256

    78b659227784574b9f7427c5893aac858cbd1b64c47898f72a730315d29a2a18

    SHA512

    b8367e86e7907dea10878860c64ee6f4bb89c0d25ff979ae5abe1fe65a997143c2c3da0891e3588991284e3cc38116b17b3c18461077ac89b66e11a864fbe122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    304ad39cfa4fd0fc9ea611274d5b745c

    SHA1

    ed5e54e662b0832a0ba081dacd0d2199d7a1d05b

    SHA256

    b3be04a5942f948e3ec362e2b41f02d1e4a30e1c3adbb835740fd9b8fb9b151e

    SHA512

    5a43aef8c0a0e2085e7879a7d50364885cff456c7080fb04f9c2d559d3b8436bd0435402410cc703811992e83f14c21b1f982a7dd95ed803fa7f35d91eee7e2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2041e7546b217f9d6d386f1965a78dd3

    SHA1

    033f87e90b1d0f50a28cd8d7b57d9c0b75691abb

    SHA256

    84f9155f9fe158b6a708e30d4cb2727fd01eea9c4a620558826c00be15f6ea99

    SHA512

    d74c4464c8bdbc70be7d164e1cb95ce51c9b11a73333883ec58bd490830fb6f3cb8ef660ea04f41137aa8384b26dc3c6c3ae6452d44a6cd3cc3a8ea6b40a2df6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b89de777067f1208a58c134c37efaa7

    SHA1

    c8893c5c659bfa6ed943fe6c222ecea915555af7

    SHA256

    1a38d0c7773fbc5d37f2f58935b5678f440037250a7bd4f75db3b4c07e6ca17f

    SHA512

    939092b7069fa143cb1efce15325e4acabc506bee3ac55523bc916e9f4295d32f4a94d579e196b66ab431c496c1f6f0ed937e1aeb0483ef8140ae4e87f9c4bcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5507746a4ed508bccf6669e9e33f6df

    SHA1

    83253076ea1e85544b9305f71e0e6640e85aec72

    SHA256

    9922de0fdaf667a998d592e687937d2152f4b1816dff7ed152b16827ed031587

    SHA512

    5d8cc5b1f540ebfc89c8faf83c79dd5e631662129da9dfb0de652cced2a148d55b23c0a00ff73205e8d333c35d25e636ddcbd4f2cb4ca642140e324e07499876

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    5b8aaa21321fe16d28971406a6a48a20

    SHA1

    ab4ad94444a2881f65e7f14816f8426c7314e25d

    SHA256

    c174019f9cda1c768fb33fc830fe69b58dcd564ce790b81988cf2dad5ad3e952

    SHA512

    b25a7702ea1673b376c6edee8a03144cdf474a61c9babbea073301d1ac6feedb7bb25f8ab4d1bdf28aa1744deddc2836e5961b5020f1ceb4190ce851da464da3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\MXLGWDBY\www.google[1].xml
    Filesize

    98B

    MD5

    e7177e0bae1e92656affddef298785e5

    SHA1

    95f9506bba8fac25790b94342ba91e3d9f2c33a5

    SHA256

    e13812d99124d1f8952f2ef59ebe28b3a451cb396d62d72901264dc04d78dec3

    SHA512

    6b12be7a7c540b3478aefcdb03e63d7f7ac9bbe0345dadc4ebb482266c8fcfe1de5d8ba6a4a6e5d77be1f6a5711b677d60550123fd74783e380bf7a7ab1556bb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQ7VMQEC\styles__ltr[1].css
    Filesize

    55KB

    MD5

    4adccf70587477c74e2fcd636e4ec895

    SHA1

    af63034901c98e2d93faa7737f9c8f52e302d88b

    SHA256

    0e04cd9eec042868e190cbdabf2f8f0c7172dcc54ab87eb616eca14258307b4d

    SHA512

    d3f071c0a0aa7f2d3b8e584c67d4a1adf1a9a99595cffc204bf43b99f5b19c4b98cec8b31e65a46c01509fc7af8787bd7839299a683d028e388fdc4ded678cb3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WK27LCMU\recaptcha__en[1].js
    Filesize

    536KB

    MD5

    b0878e919a5bca8858b4c1e59929452f

    SHA1

    43d32e52807d59d2195d8ef6e33f909d58611e21

    SHA256

    04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f

    SHA512

    1755dc4aac8f3ffe87864ebcad7247d3828e8b7dc118288544562d8368c308f2cea3a118259347ee005f1461f7dd1051e20a22234c644697f25c1dab64f416cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab281.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar294.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit