Overview

overview

3

Static

static

1

c833f4e623...8.html

windows7-x64

3

c833f4e623...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 04:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c833f4e6232a16000a02a00b42d1bedc_JaffaCakes118.html

  • Size

    30KB

  • MD5

    c833f4e6232a16000a02a00b42d1bedc

  • SHA1

    55b1eb2e502ade03329a9606684fe62a3408de87

  • SHA256

    61e67e6854d5738908ff2a03de52d2a67b84c697cb29e0c0202d07b38ec66cca

  • SHA512

    4f951abb00cb67ce29bca1473323835b1110294283c6b8e5b111fb1a392b9516b76b17d54cfc188b8666d58f3823a7422b167e548e40bc8fd7fb6d61e68c6cf3

  • SSDEEP

    192:uW3nb5njAZvnQjxn5Q/znQieKNnInQOkEnt11nQTbntnQOXC9AJ9EJkcwqHA7Jvn:rQ/jgfQJua

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c833f4e6232a16000a02a00b42d1bedc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5426224c6ffd63116c1c41b77ddb4d1f

    SHA1

    26722117601252bf79f8c2e4d213b806335a1285

    SHA256

    483190394e7f9e09f2a07c4ce50df4375d7478ffad3a8a81a4d9a78b623f820d

    SHA512

    9aa8b44ca58ffaf64ab21c962da83513f91e1be2af80be7cfb707bb3de6fc8b3aa6f75adf8db23daefbe7fae7f10fa4d9edb5d239b3f1e73ea61ab6719dad5dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85a832e0ebad228308a95ed97cf1ed8c

    SHA1

    cd91e5b6381e0809d5244c8dc1745ab3a4f58fec

    SHA256

    98ab685bcb31524eb6d1297712d871f77c105db6c7f5f4cd99a396618faeef91

    SHA512

    0efe417f105b22b1f2c1e9c5e6113a6cc34d4127ed272cea2371ac5b6284e2bb45ff96febd34a0fc4a2a64ae97644e2c33a9972084db83bedd409de2fd0ae99c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c97d9d48fa9be729d1f81f4340d5a45

    SHA1

    fb5cacc3617c3a257ad9fe9b22c4152be1f0f77c

    SHA256

    cb249ee16f862440e11e57f142b612af3412c3eaeb28430a607d290ed0d4db75

    SHA512

    c0620d009380c91875a34e84732373be63b85bcba3db41f4549214fd8d1f16b3963fd7b368040c1e1822ee763a734604d5a74d03f99888081ff13c83f6bdfe83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baa86e2a592a9218db66f93f19f26ea9

    SHA1

    b5549fc53a8adfb8c1859b5e454afffa00bb4f99

    SHA256

    fbc784a140dd7efe3c12699fbc58a8ed92c99fbfc5bcf10fdd24990899be969d

    SHA512

    5df7d4d4327f08a88d44eb29d366c669f4f125d2415e04089a8b0029ea7d7c73874f7530c72640034863433348e2b6aeb8546bb418560dd135d0b404859e87ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1699a9ca2dfe4e46e9f4cf08ce49866

    SHA1

    b456e914d750555a0f8f2676ffc17de8a3d98fcd

    SHA256

    3729d5cd9e40dc0e6f1c13aa5249c147add02e9ef7e69181a24da9b3bd2e88e9

    SHA512

    fe51bdae1c7c9d548a8823513c4988c46208d7c9a24b9387818f9bd580bd0f30c96ec7eb2c583fd77c5fb6fe8288ba9bfb633372e6dc0238d71588237441fc00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d470edaf5a7a88d914437164e3654a4f

    SHA1

    81643c94f76cfc1c39536c677dcc2ec786b5bd34

    SHA256

    92a5014530746e0b549e9d677b1cc308f3478f6a29af3f5dad0fa921c017d226

    SHA512

    5397bc7f9c83e0ad79206ef2c441abe0cdcd218ebf08eb62497450acb4e2b6c2126036227e2be34db2d7eea7198bca9ad4c3c632d7ff55fd60a78223fb41277c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bee67d1c45ab0745a44b79941cd52ce0

    SHA1

    3b456683292d9fe9a609a2e4448efd808d69aad4

    SHA256

    d35545d2b51a6e50b8ce7cc787de72a93c7b451052048cb1d9a4f92241d8406f

    SHA512

    1c9e251965b3b5d42037e9c58903f187c771bb559535ba48b15b9e3a21ff6f97d42742c4a3acd046f070a33c6e2c8cde60f39975687e0191b926c60e4ad142a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f44b4ba71dda880bed5567605b0f1c68

    SHA1

    93f16895ef8949125b89befa5f8f3a5a99148f17

    SHA256

    e34f575fe1a570bf1afea9e23c70b81d74bdba25de5ea3420a74b0fdae7c1bb9

    SHA512

    29b67175a86e9671977050de165516baf614f5dd09383ae3dd963182e3e60f52734c24b2786fc09472e33d05cfa912c047bd4ec896378cb1bf69979b8c2509ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF3B4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF491.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit