Overview

overview

3

Static

static

1

cfbb9d76ed...8.html

windows7-x64

3

cfbb9d76ed...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cfbb9d76ed5e7747d65b3b60eb110da5_JaffaCakes118.html

  • Size

    71KB

  • MD5

    cfbb9d76ed5e7747d65b3b60eb110da5

  • SHA1

    639b6ba77cf8b746dcd11d3864b69f1f72119214

  • SHA256

    42b909e32b882d7c7d08116f6256e71f94ba70872ff44e720c47b472052a7848

  • SHA512

    2fd352e49cc8f1093381955917914fb4ae3a997c6b3f971c5c2cc513a749e1a31dff07aa91004a913c0f581c10e7e1ecc05c0ffae657bb7d9d00f54c627572cb

  • SSDEEP

    768:UgOriWNcaSoBgGH/NS73OEUMZ/a1TGyQ5Gvp2nGtv4Pm2SLNn2A4C1bo7H4h/vNk:baZ/NAOEU0/10vhnYMh/VGMbI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cfbb9d76ed5e7747d65b3b60eb110da5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    5977193ddae3e0e34663c6d496b93054

    SHA1

    bb77784cfab81c8663255d69bc84e45d07bea2bb

    SHA256

    6a4848dcddf06df423a80f501d8dc4d37028dae352624cc687342126961921ef

    SHA512

    6a95f17349bd5c67a0c86f149e3eb8863686cf58cd20608a15bc9e79c419c3caa47488c52d37ce7a21a6a0e3239eab653e3b48ac1d8dce38bff29524f345febe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA
    Filesize

    471B

    MD5

    0833b6439bb9eaa839a5f7ae01a9494d

    SHA1

    5e88401b1df31dd2c70b00e4c1cfc9f3d3886244

    SHA256

    8237a475d5665559237bbb3e0d705330c0659b30e15f0d63f78d314be8e29eea

    SHA512

    1952c3c3497ae91a6713e3d92e9c256e0d3f8a41290dd8d913600d4b406518558e00c35ee1211b75c16ae0094e02ca198769bdd6d66db2e2abea2e085ff5d0b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    fbf6a26ec44ecac66a4dc54571c604cb

    SHA1

    21addce4cab20e27148a5d8cbc2c76ac14b71977

    SHA256

    7859765fccae6aff900c003f3fd4b8e382e160a6628bc502e2d7c4aad227542b

    SHA512

    828b211be9541508d4cc7b5690cade3d8c8644ae7ac115de57ff9c7704ce7f5f98f94814638bc6bfbad5ead1d90e363c8e34dc9c2beacc847b1d5c566069570f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    a1028bce3ad55dad1a23c0b93bccfcd1

    SHA1

    1a3c9ae8a6f490879cc0f51ee2c3ef9ef134a610

    SHA256

    fca1d945dd5a2107b9b9de6004a0fdfe3d6060baf1540e820eecdbaa140baa54

    SHA512

    f5e95eba65e2d3ac9e65e465c9ea16af97f4c7796e8ed5cdbf9219ebd6a99a3126976330ceee443f227db0b40348d5c6352c891a5ef6723b3802c68b25b481a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    9e3f446e0010230396e9ff789c987f81

    SHA1

    0801715f43b71b668cdb6a73fb348887904b31ab

    SHA256

    e2d05eb54db1676855aa71a71a8024e5af3f1a0978a238b85f9890db36ab68cb

    SHA512

    a410360d5804dba9e7cad9c2606a4d4e17c6ae10428e8afdb7cab0b3d4e7ecb68bc5c7391c9bf655120c9600581b8f3eaa25e3138d31cb612a343aa0e3644d44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecfeb7b8ad7a5ecaf7a375a5f181a022

    SHA1

    46d3a8e9bdab50a0f7c356330f5c9ab40bb8c619

    SHA256

    04ddc6b29fb2b65bfe002fca388092efc980f9b98ad33b7eb8e1f34292f2b596

    SHA512

    f4fb66aea4e3abd426f928c80dba3f6545a20f9104c3de4a5094dc88701a3cfe64200a5eb8a51a62b5dc054c179a882cc738de740a75e469edb3f2da2b97ca6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1b8d40ede83ec991d8e9e9eb7132182

    SHA1

    49c69f114fd44bba443c21668c3a27dcb01a6d85

    SHA256

    b12dccef2ca304f47ec5ae48a15d3024ea279caf63723f3c50377c58ca2012f0

    SHA512

    58ded3c3f145508fe9c85cc5885a009249581a6426bb0947a6fe9aba6c14a8c434bcf45155364be0dbfc35d01dc5fd2c0fda0212dc6ed9f606e3947e1ff9625b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fffca54ae6b9d65bd365cf5d9a3c2a87

    SHA1

    b78472b00e6a7138973dacb04693f19add7871c2

    SHA256

    de2b3d3cc8ffff461f75d13f9220ba135214df3d9fd5e5ec71d91f7845b1638a

    SHA512

    d39db7484d4c580fc756ad1bda152320a84a68220902d844456189f9482bbb95846d9a3f4ede15770bad42c9ced1babc52903cb742d026b87f6988d2d30417e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9e4abe51ef7dc4221b37e98c4f21a94

    SHA1

    dab990da3f2c951c71b178edf82f0c8cb8b862ff

    SHA256

    aec1ce0e2f4c13e3f9a27f10c5eabf052e5ec3946d42fdbe12b506f48c0bea99

    SHA512

    df3b969a3a33dd09897707f5f96484872fc480a8f6f9980003fdaf7ff741092af9a7f1b4a1c104e34f9a7cebdfe6be1dfd277028352d6ae4ec15889e59000c17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e753fd5f425b69a114424e7b6d07b4a

    SHA1

    3b06539f149a018652494d05d38446f0ac90f514

    SHA256

    157c512954d236cb4c5d9ce848e4c63482a4fb8cfd11ca542b273aece9dbe798

    SHA512

    eb5661b913856610a84f4b8b1ad1e18291688b199313fe8236e4e0088f704287a6e43e9f4e690f49a5110b5a6debfdf3751b8e92886efe0fe9a80b5cc067bb5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bca63857e4fa90b045b55749c4c2acf

    SHA1

    570104ba34579b2b523ddd47efadab1851db595f

    SHA256

    351f3c8f200e5b495b65ae5d3ab6a20f1f53f648f4610c486b27cc6cc5ee6f1f

    SHA512

    ba5dae0de1825c1a279c4cb24d5ddd3474d908c1ce85d5fe3eeb24d879cadb3a198885a218f6b84e07784c05f92bd8e902001af21bfbdcb2fe4ef792765dfe05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a59905c4f4f5500ff138e836a4db91eb

    SHA1

    7c24dc7ccaff425a18edf759dbbaac5a86dda8a6

    SHA256

    55c92d1e256c8155f7e063de163f6982d169e291059df99f531ce7c07e2731fc

    SHA512

    6dcd80559991dbe878abf0169b07cf33b232403a6121730fd8f25635cd3af2dd8e127d1579b9ccecf6c14c6f06894d366b2f71612bb8e374953f8ce1ac1cb30f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52f6e3792fafa3f5fad3690f1b3402d4

    SHA1

    75dd4a7c5f7473aecc314300ec56954cd2dc6f07

    SHA256

    299ad3aa9d9f73ad5aae2ed2121a2903180b202bac059be84be1a64c18f4a6a9

    SHA512

    ce439ccbc78c76fe7d2351b7d3441fac0cc9ca53d9ae38b042de0637071a3568e164d82e3e4d122f431720f8e42f9347965e98475848e5ec91aef8cc1ed6d898

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4bf9fbe99457838e0e6dfbe430d0be2

    SHA1

    640848b52dea2637dd650488dc9211f5510814ef

    SHA256

    6a5808a273117947152e35445509fb15a63ecb0c43af49328712ed38debaf6ba

    SHA512

    34dd7ffc034dfc39300035db06af45c5fd6c8993ccd788021dd87e287763c63e20ee980312e14d5347a1d5e1b5fec61c90c12c2603cfce877bb4510ced7592ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c90cc8d209f5e0e75bb5ab6391561815

    SHA1

    8d08de2aa7842ad0d66f3c7930969dd189f7e7d6

    SHA256

    6618c44cda4557759a9f0428473a258f540c4be10673dd7b71d51972218031b9

    SHA512

    41d5e4a38dfcc245898ac8dd9501ff0b0f561f96233c4eeb8f6df1ef97f437f666961498d08ff316c31faa94587a9948e35e3c3fabdfe58a5c6dd93f5c3e674d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e3bc9f823c9dfa2b4f29752d6538769

    SHA1

    327c6b0ad5abb27530a51c044e9790fae90a5167

    SHA256

    61ff7ce0e08c03caa3262518a89b4a6d49076c70e641038bea2b47b7a00667aa

    SHA512

    c3005eb3f53e79667ef9d564b27d00ba26d4c7069097885a6643e7f0f3ef6b6e9af00dcdfb76fa221b1063835bea75999cb2a94512c384d5c02159cfafe2afa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b03492598a06593f46e571caf8e3f7b1

    SHA1

    398c7f168ce6cabbbb2925c293cfc51faca150fb

    SHA256

    8aafcf4722cab47c87bcf747e49f5751de30a171e670155cf4e7654d44060022

    SHA512

    04c8fe48ede6d1ad8bfbfdfa3f70888e19d5bdae8d4e81a13d3536dbb595a3df13a1a5ba8e2658015ff486804b0e1b7ff3f3cd2a240f90fc2d108ad4bc7de76e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\633SXO0D\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\cb=gapi[1].js
    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab12C9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar12CA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit