Overview

overview

3

Static

static

1

cf09a29435...8.html

windows7-x64

3

cf09a29435...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 07:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf09a29435dbbe8a1b5f493fd3a38be9_JaffaCakes118.html

  • Size

    16KB

  • MD5

    cf09a29435dbbe8a1b5f493fd3a38be9

  • SHA1

    526686ad6cee47161a5a85f1e6bfd56b03364a9d

  • SHA256

    3df7e856813770c33914c5e9c69e156d992a062703c27cdbdb6741d8ceb8f809

  • SHA512

    244f4865a63c5b6fd5956f0ad5a8e03d128c4c6afa8cc72434ce6473156f9641bcb15267c2604b0a63d08ca745edd1e7d260e940ab7b2826d3c71457b3701e77

  • SSDEEP

    384:6QpyVoRJfIG5Q6dFrt21JVY8htxKtLmKOP:zhRJfIG5Q6dF01M8yI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cf09a29435dbbe8a1b5f493fd3a38be9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a822e82a5ca8f92b24754c4e7d121ded

    SHA1

    885bd499dba17137020e04ad08cc8380d2409dd3

    SHA256

    c21c651909564a5065fc8c3a985ca7d94bc4267356fdb572860c4cd894d3a297

    SHA512

    e33f38b9e37c0b960847c81e19132b53513cc5f9de333d593d99c44850b0a5ab4c14c6f021704f0639af65a652ce20edbd0476f95bb66e76c4560ca0ff26a1ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d297587b3e64e9335c67fa971310b468

    SHA1

    79b30df727c645db26460dcb925f4f4fb83a8f90

    SHA256

    db2077cdcc9acfebf6570f6790f22c82ea66866ce771e1ee90388387054140a4

    SHA512

    4f57083979e43e986bd7e16365a479ad2ff181d202ec261fca1215edb12fb71c48d1efcefd4286a1c5a7dfb6a0a9e60d31968d6dd05790893d8ca00221fe5810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    900bb33e66dedfd410e0222c8ef952ee

    SHA1

    af8c233e3b1bb8fdb07535f20e17bf089429e917

    SHA256

    61b55b0505764bb8cdf127deed2e8bb47173798bf402984ecd4774fa1243d855

    SHA512

    04f71abc77a0db395d93f491eff6c754633b07da4c8857ae000db90176ef30dbdf4b7eb4cbb915c0e7788e038281f5d00b66609f03b7a907b3791dd313684185

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8eb850bc65bfa5aa113a21f091fc2d7c

    SHA1

    db1ba8dc1e29febfa8cec69494bb73f594d083b6

    SHA256

    c4ff579358758a02ed02fc56a09f1d37df9ba0235430c0c19642705c7ffeee37

    SHA512

    dbbca3c95cabeca35941fb0614af887a441bc25db24fe765235c96561dd38516b5632c7ae7d7715ca8147c81844e2bc24ce0f9058ed645c6a6dfee21eb406e2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fe4cefe216f56806453d9fa7b7802d5

    SHA1

    caa4474f0ea1d4636603af7628926bd1e9a7f141

    SHA256

    9799c3a0fe05e6430ec5120aec53ef059c71503c11f50503567bf2fd8e7138d7

    SHA512

    2fad5dedd9e00b8faa2cebb2fcc85cafa82e0b2c23e4e593989691678c70b23ce53d71a2d1ba1fe8369693dc395d1fd74880fb81bb1230c6ecdb0f6b737c138a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8219b10710e9bf3c441c006294eb170

    SHA1

    a4f84b930cb15ddcae02993b025d933af09df0cb

    SHA256

    1412a79be2dc653ef8ad14feebd6985833d5c3dc8553bfa012468058d0c94518

    SHA512

    2bdb2daa3a37ef055ab1becf1a90b3494653f16360b9dd6bc9896575ba4a06edf5eaed739c3bca0189bf1ae5de68bb3c45dd892b8e0be05c1a714c4da2986389

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    467ad3fe03da749719343d92344db1e8

    SHA1

    92e3fa77ab67a2280df53d8741a030d0cc915e5c

    SHA256

    5984e00404963f17ffeaa17256d65f0e637c80a47ee57a13fb5ce17fdf802807

    SHA512

    a3b3094ee50b5a7dfff3d759e60321c5ba1aee5280e02326a81c56de8a777445a354f6d8347d84733282fcb954e507fd7bff65b92e5dbdfb5c67f7b313ce813f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02592f27a736b30e7c02e54d67a79ea5

    SHA1

    4ee6d6e0bb60fca6df0c9483e4945e49b3aae29f

    SHA256

    0933f70381b497380b24117bdb71d5cbd3245f4c340ffb7507466bc235471dbf

    SHA512

    e8203f1712062e6353fe10f7cd5157bcdf7482c33ea94a121b94439d39f3a0b5a4d4c42a5b192dbc35f8d3054aece20e16822d79cbdbca1d7981d1293c13673c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57ae12f8c8b698fb05c684b27a36594d

    SHA1

    007c524662a96d88a021ffaaa14f56e4919403ed

    SHA256

    201d43dc3e002b196772f24d1fa0544a5cb00ca26fc77b1c8d12e539f428fbb2

    SHA512

    8905a21f570e7f0bf0d1b283631b09245c3bdb85ad355ddb5d3fd3a0c73e0f56b0bee0410b7d0ceaf0e5dd0f57bb09f7b7987c38d2d1fb4f1b3cdaf631d90360

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1FD2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2043.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit