Overview

overview

3

Static

static

1

c883cddc8c...8.html

windows7-x64

3

c883cddc8c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 08:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c883cddc8c6ba6cb83420616d1d1ff54_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c883cddc8c6ba6cb83420616d1d1ff54

  • SHA1

    2db70d32416ced46eef7abae0bbbcab0b554baa3

  • SHA256

    854ba3774a1e330345302ca9d027fcfe3db8342bf1697530aa8b712ecb09e4da

  • SHA512

    6ec2c3d6901a7916ed35b6ce5a704e8fba9574ff405b72d47aa37c4b6aa2054b6bc9f21735d51f44709e5679575562d444a3366e7848fc1a2bae6cccdf3a437f

  • SSDEEP

    192:uWrQb5nd2nQjxn5Q/onQie7Nn2nQOkEntE+nQTbnJnQNCnQtzwMBbqnYnQ7tnoYi:wQ/W19n

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c883cddc8c6ba6cb83420616d1d1ff54_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2952

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          f5c2c777b8162161ba834adc39b3a313

          SHA1

          e91f687d239167e6e167bb02e46b6ee6b5385f09

          SHA256

          96b6acdbcafc7d4348823e45e353d9234faad41978ba22edb6723f0392c72dfe

          SHA512

          ccde6c11b4b1994b8cc66d7bb7a268e06fe08bfe83d4df9c4789cfe258e938f321a60d8803da9018a2aca5b856c67006d330025d2af1a17897441a4b8e31ebd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          221c143d5e0a83fa1cf2d409497d6007

          SHA1

          ce9f4a9fa851a31ba4c5e75dbbf6e0c737079e4c

          SHA256

          f9ae0e503f60f9fff99f5a2281c471f05b14c347eac2b071df80736ec2661eba

          SHA512

          6f0e58fbca0bf20f3ab532204806a2465b03c00123b7def1abf8a54c36ed57b92e501357c3959432b66f1c8a072aaba9e5176af15e42e969569b7dc5bb9fcbfb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          d838f4ee7c0b27a2313b9b02583223f0

          SHA1

          774f7234a354ecd00756ba66fbf0d8117e73537f

          SHA256

          450701ef50d67f999cd094720e53a1713fa9375d07089aa8d8eb262bcb59cd6b

          SHA512

          41792df105a7d0deacb84618f055e1ae246a2d2b2bc1957eea1bcc47885d14a8eaeb4549108b32dd50885746dca8b6435572351c932cbe8fd6c8577843cb424d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          4f6455e8ce757411800de402fe11f9cc

          SHA1

          fd9e74b6e0f5fe703a1aa54e63bd575e7f4bff03

          SHA256

          3a3a71d56771c7a1d5323383c22d2fcea0fae4b8dde6910545a3f7372d51ebce

          SHA512

          627e52e351d8bd135608f3b5b570555705bfa2456fa17901ecaf43bbc53e74d907d13fc5d3dc716e7c73068fdc1c41324873910e3eaeddec7a9a81a856bc5883

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          1fe4e3076b34b703c6f294655c462f6a

          SHA1

          1bc3a29487f94c6398b1712eb39309b1f55208bc

          SHA256

          fe5c16dfad4a7e8b7f8fcf0ae2dc54c9e836208f1f96e9feb7f982d7dde64fab

          SHA512

          ecc86123c935f641b57c3b9b63c65434ee63c42e619278c26faa94663370e91c357a2624d64a3266a35c57aa81e7ff03a0208b85aeca5878b7d249f1d0cd182f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          6e96a4baeb29af09e496a20c7041b56f

          SHA1

          1e9b39986e5359a1fd23bedfdf1d0798424d6a39

          SHA256

          4d4e0459daec29d10e21edb6fc62ae25a1a7be73f5bad53bf7118596f93802b3

          SHA512

          fdd3ec71b18fee3df795d91620ca81b281a797c7ec67c19df999056c6c30d9800d0252f7974509bbeec289b3713d2cabf4dcf59cf063c29341b77c294c2e2d00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          45424329339fb91fd720c267a382a94d

          SHA1

          101d69426d4d4986d87d4208e8a6f4ae11bae073

          SHA256

          88968948d51c6c31edf72b8a315b583c2dcf94ef4ec6fd6ba24a60a5188f83cd

          SHA512

          467ae89883e6a24685f88668934be78060e9cdcbc6b7c0de02d111e111bcdfa879feb599f2883f06a92b2db69680ebb8aadd8cce4a440bca9e6e129ade1d6b19

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabDBD0.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarDC8F.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit