Overview

overview

3

Static

static

1

c88b8efc94...8.html

windows7-x64

3

c88b8efc94...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 09:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c88b8efc94547e652fd0367a331775b5_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c88b8efc94547e652fd0367a331775b5

  • SHA1

    5259c4474375765674bfdf5813bb24c9075cc7b7

  • SHA256

    9fbd53933548e03206d046855bf2ab6bacba45cac52d114d09627402c50d96e5

  • SHA512

    ef4a9d0bae6becffbf39da0dafdf0f71f6aff4ec245bba6f7fa3b8860d9bb883407379716d92d48ab22408a69c4146b954df1294671fc5d012927b24cd376a43

  • SSDEEP

    192:uwPFb5n7enQjxn5Q/inQiexNn2/AnQOkEnt+MnQTbn88nQgGLnLnQtBqMBRqnYnp:7Q/s/vGSLF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c88b8efc94547e652fd0367a331775b5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43ba40210e69cf7a3dbb92892e95f06c

    SHA1

    0f45863deebf7701132a16a01edb7e4ff3d8e63c

    SHA256

    d80f7736f544c5c0a840c9c07a9ec2abb6b66fbed6d4e6031fc5ce90e0d3c961

    SHA512

    106fb178be7a78e72b5dad968dce29c8f1ba4abf69cbecda9424a8a7ff5599364b2293066e097ee04e710f9b70d1e8cc21d7b8847c08c81b38d8377b8b781ac7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa411dcfe35ec7b3846e0fbaf053b2f0

    SHA1

    b8b3bec674bb766158e6029c78d1dbcb5db9de1a

    SHA256

    22d2b9de310f7cab6e73f2d9138126e525dec3eccf0754a258e63d58238b65d5

    SHA512

    fc7d0695f625b8f7f2ca5c4ffb5cc3b759ab70eed648189a082aff7936063f59a64e4ef7e40a104cbe233149073326cfb6fb383d18b3742a3c4bcad667e4363d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17109a7fa8f3bc2383655b53a6617a3b

    SHA1

    4f4b17e55118f93df1ab67f17164b8fbaa9e0194

    SHA256

    277bc80d5179e9d36d4e1476cfc1f23d49a383f18ace6617ba73af936ff547ac

    SHA512

    2736fc5ad7b4347a43fc9cbf11a1cc3efcc249902e79fe80c9bc984ada77a7a72c388098f34626161902a1c5921a891bb9dc8f0b7c3eb3217c97f7751f740fcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92c0297c16c23148d4978dd38f1c8e6a

    SHA1

    0ba10bf040f34a404a66bf4d0e08bc8c70dc73f9

    SHA256

    0f7d7bf22f2bf82794231e0d1139f739febf79697c789e6332c7e3e236ae353c

    SHA512

    3a49962986ce051f5c21ec5c7f58e49df6c3498e4e822ab09093bd1653b7f8c6f1b36c960a618c99c5828fcf584509653e3850689dca27355db57da4fbe3460f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a460b374955e2f78d3246c794e02ce02

    SHA1

    1efeaba8bb6321deb55d2b7895f6e5b51cf4ee44

    SHA256

    80302bfba1eb826409aefb9e3257d73b846f2ef7e293af6f7c6520036a398170

    SHA512

    6acbce7e7957f6337b2db6df36429b920ca8618d3d50d2d0f5368c089f5fc7af0d77d22a5b165c38f89d15c6f3e0610cff534016881b6224d6f0c646395bdf29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eed9185818c83ad2073224ad61c9d16

    SHA1

    61acbe9dc7f285feedf820b9ce7b117df47607a3

    SHA256

    057a35c2fa7f5669828bdcde1070299648ca61f9ae6f44731940aa0906e5e818

    SHA512

    ebaf7866a754d2eec10e7661e4116c3bdfef3d85f1b4d32ffca9d3ec1cd85f6116a291e193c3a49c2ebec98167197334113e57ef4f463894e989ed47db2e4df8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7339d1287ecd8ae54cfbfe2589cf7732

    SHA1

    da1a34cf0bb9d4947fdb829f1022a2f5db336f0b

    SHA256

    415c6a1336ad5224d9666df1aec0bc0cfffa2852ae0c6a0966081a44ee9ec253

    SHA512

    0fa8d8c3ed6052539ee868bcc149cd26c67bb1a4daaac9ca801f1027af7fda5956a279d21436fed157ce1e17b744bab23a3580d598cab98cc766c210a3375d76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d74ecfc17ef0def52c3156abd68df97

    SHA1

    594173cfe153868c75c5be4d2df68533a7227ea0

    SHA256

    f7a608cf06c52c43cf32e4521a6a12ac6a0d6a5da08015af54de67a536c83847

    SHA512

    4173fa9b909aa93599b13339de20290b411d9a96edd878f021dc6fd2ebd002205f6d67a4a957bfcafa00ce56c6692b1d190c7008eabbb7560470a3d732f9b6bb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7023.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar70C2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit