Overview

overview

3

Static

static

1

d018ef4de0...8.html

windows7-x64

3

d018ef4de0...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 17:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d018ef4de007b2c6ba282d554cfccb0e_JaffaCakes118.html

  • Size

    237KB

  • MD5

    d018ef4de007b2c6ba282d554cfccb0e

  • SHA1

    b084ac704ea82d9a591cbb5af5fd8f161e4096c9

  • SHA256

    61c2da3def96e922da3f751dc96f090f7d394fb1d271685a00039fd0c1960f4d

  • SHA512

    0b372af5915fbfd8b8aefa549d75da82ffb768dad76a07ff99a4bccd54939362bbb049319eb52388936ca0115216068719215276668e79451adca5d11a3478ee

  • SSDEEP

    1536:pbMjw2fMk1D3O9Pj2fcWSHHAOJrVgLo8Kxxtll3p3JcZfWOkCp:sofULAR+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d018ef4de007b2c6ba282d554cfccb0e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b46f9ca52cdc0b362a7b1803332a12a6

          SHA1

          013e3d5a5562202eb80b9db0e2d3f6f4a86829b6

          SHA256

          e126912a34dc1f95c8d31331b9e09802a9171737d75795ae493fa26a8bc9f10a

          SHA512

          238954c7a981c66b06dcb51546ab9c6b957780c611fa699dab28e44a07ea778216895d8d2db30500108b5bc57f9d3296e13c1d658970dc758eea3e4e48eaa0fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c71fefa446723589c4e95e90bd4a0632

          SHA1

          6d17c95981cfe0187766180d5dda5276f1d9f679

          SHA256

          23f9aa16c968d28ebc429be6f3d5796f6805bccd6a7c17861fb83cc44ccddebb

          SHA512

          370b81e226c6626bedcb65f9f34f87478de8643785f5761f08f35ae665e0d6928e612e5909d60b44fc2454b379712077c53e8061487edd7ac3f6e3f27ba14a6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2be605d23963054afa37957d28143b59

          SHA1

          91ccfdddaa61675e80a472b398c6c0ca7661c5fa

          SHA256

          7465021ab1d23fb422e02278349cdb7874ef65841c0301a81c9bd7c2cd77caa1

          SHA512

          082c2b3fef06b9f8ef689099acfa828ede055799be22edd6beeafeb366ac2035574aebfc0cfb9757011be1eadd694197fa3b99a6af40b9a7d6c9abe9fa57537b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          51ce7560e0a99a3c81361405f5b86aad

          SHA1

          7528b428ff57b63dfa10b5142fe10f1cbde49091

          SHA256

          d49c8793ffcae7dd57cc71220bd3e1d69dd8630497af841436cb1dcbf4f9eba0

          SHA512

          92a3a1560452a81359f9941fd41d9e2ca4ec01a2792923def45a0f408d5a5ddd760d5e0ae3ccb48c8fd3d4ed76b5f56c2a171008e775473b2c56b481221a4eef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          266be7893d8f6c3c3cea59a540ace1f4

          SHA1

          3361d522ab6b0da9056b0e876e50066e168df655

          SHA256

          8323c681da0b7998e3d58af1520eb41fd684e0022d2fc2b65700af0d330ff1b1

          SHA512

          2a6a2e4ee321ec288957be8cc12bc10b108bdbc6e9fe16d2bbcd038790c522c22a56d8ce0e3dd5cec0f9d02a7fe98c046b5bb8840b8b854d8205c36403537d0d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a51ff92619d0c968a785a53e7ae52423

          SHA1

          61535f45988882b57c8ab7324df76d061f3aa500

          SHA256

          ecb13bb8bc0b11179057f1e9908dc997a229784d7e5506aa25b621e03eec6245

          SHA512

          389e7da7c99b1f4efc72f494b24da7b413ea9ba28b2d724517e690ffc2d809de4d8cbca11c87bb85802863a2fc48e8929fcc6700fbdac0428a77b9bbeab431bc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2b728df20b405e29e7dcefd267c8e57d

          SHA1

          0165a251b631aaeefbbf020e6aacd59a8335eb30

          SHA256

          44112476e2bf1c0c2e7ba1609c73d527a6df48c23a1eda92439c4112cff6d533

          SHA512

          64ebb5e0eb129397128ed5d6a3c66e2b41c8441fa80f4b821aacb3d16183065eba0751013bec369b65a55f8b73da859e02a69627cf948fdff81ed55c1e7f06b2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          269e7ad085add635b16d8f2bcff71608

          SHA1

          ee093ccce7486a4a8cd09b07741ce0c218e273b1

          SHA256

          17720049eda6ded61772888d6c9ad8c2dabd774025330664a8aa855bbae18ec1

          SHA512

          5af720b39ad9c435a970bf20cd76b25ba9a8ec568396e3e60013e3cbb596db5e1503737fd5affd9b2711cd4ea295ea224610edb0547a09c46c82ff142bbb0aae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          99e6ed8a5d03ad53b510a2cb52741ce2

          SHA1

          96882c17c452ae3a85b585c4c09426ddc18ce5ed

          SHA256

          2f7f46eaa9d6a7df55889612738e67755c07223d4797aa202c86ca21dc47d4eb

          SHA512

          56674b65ac60f3f6062b2d9f681cb82a6a1066ac1596f2f0fa5520f88459192cd1b9741b21a29129e8a6571b8637e1a720cfa318eccafb4bca9a270b1f59c6ed

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab61B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar978.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit