Overview

overview

3

Static

static

1

c8a2ffacb4...8.html

windows7-x64

3

c8a2ffacb4...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29-08-2024 10:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8a2ffacb4337c2e840f6b727d4d840f_JaffaCakes118.html

  • Size

    26KB

  • MD5

    c8a2ffacb4337c2e840f6b727d4d840f

  • SHA1

    baaa29f294023b72ce6f9af2db5f0041f204aa44

  • SHA256

    5af5688977cbd2d5db0f9025f2635f96696485e5b26ad2d992772d79aa445087

  • SHA512

    6ffffa07a425d619338677c15c5bda3feac87d286615baa0a2ccb70305d1fef2126534041a99b2a2bff7181f017cd6cc6e321363f97cdbf3d4c89a912f0731d8

  • SSDEEP

    192:DkTUExVEMitnzZ9QC1tX8pesYA2Nu0WahJu5uVtS/R01t0Pipm3F92oNTZicvP3:oT2z42spesYAn0WahJu5uO/RO0x195R

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c8a2ffacb4337c2e840f6b727d4d840f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2152 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2572

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6b526bb02ac4bc79fbaa03e9b88a14d

    SHA1

    c506c8a4bc29d6791dc295d4421e3ea12c60cb53

    SHA256

    2d38a0f8f42f8309d2fba06797636b61a931f57940ddd6435d6fa28d5f9d6c61

    SHA512

    20cace7937e28a6e2e312ed1f9c547f1a833eace01351df6df02a1e4e6e1cff08ddc55557c77aa306becab80714dbc76e4b6d88bd954d185e3c81ce898858cd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b869300e416e30109340c3be06afcb9

    SHA1

    c11a30d6b036b7fedfa6c7392229b6a27b8f990d

    SHA256

    ce07c4bbfea13852c259621898a0bf0bb42f3fc38c696aae4eb749601a833287

    SHA512

    6c2277c24f46bc82f31522e655067132666c879f4b639474d4081d9c32c76e6ac4f0b60a4d15eab6e956951c9973dde9aa87d09345ef4362a66376aa61ba6a7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71fee0ceb0f64b698441183562247c46

    SHA1

    c9fe0655f7aec4158e926f016bdf4ba1dda1c5a6

    SHA256

    6f2843eb74f53efe678c9eb6736cdc13ffa4b5e6a0db124670590a3a150b97e4

    SHA512

    8671138db031233040771e46e03cfca2092713525de78aa146b3dd6b874f880d3116d138eac7996719645ed408a78817b085e61e16ac87f515f44ab837bab7af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAD9E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB6C7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit