Overview

overview

3

Static

static

1

d022be0863...8.html

windows7-x64

3

d022be0863...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 17:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d022be08633b0321e7dda6281a82c578_JaffaCakes118.html

  • Size

    45KB

  • MD5

    d022be08633b0321e7dda6281a82c578

  • SHA1

    57c0c17f1ffa806540c0c5cfc86231af008a6c60

  • SHA256

    f058edacdd7910f0ccffc9e51eed68efcc2d1b56c075e6616870e9501995f124

  • SHA512

    6b610a556beb8fc4ff8606a73bdc9a1a15be9c7c39854acedb93d33391a55ec73b24bced4e84bfa0208731183fef931100667db2bf683438a7ed54489d543715

  • SSDEEP

    768:C4JTqI2l6ebZ/AKcdMEbsncfq4CsyTZZfk:C4JWI2l6ebZIKcdMEHfr7yTU

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d022be08633b0321e7dda6281a82c578_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2915d8777a5da00ed80756ae93167526

    SHA1

    3775063363c6de190686a1efecf2f3407bbbc7f3

    SHA256

    80ecaf9b65d7dcd9f67692ed923a31ae85306aa3661f1a90475f985ea7b4f777

    SHA512

    bba9acadd6db2a8039248adaf01c21cd2bbee715a6d8244bab86cfe2f2feb6d5f0cc35c21fddb0ec93941708d59249ba3f6f90fd7e204b21a37696ba5ccf946f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2737573f3a72376b5b09a8e4d6ed27ac

    SHA1

    9b6c169c3ded767cb6574621a56c3f37e4220247

    SHA256

    c72e218e382c5bc238f62978d85b4ed8c1a315a3d78ec22c21ce0389765ffcb4

    SHA512

    6225d10276838e8bb2ab3db8d0c5e3aff4d37604c4712590eb4dbe7dde9dd0f9ab774b6728ea0c46312e5640726b8e510ace8b076b96576dd7c0a21bda20acf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b38f0c035a60281f03f82bdc7d791ca

    SHA1

    cf1237d62e50e90de165a400377b455f21358d3c

    SHA256

    a55e4db890b9c1a61ba0f7dcdd3aef7e301066bf1b1084413fa6246ce9733575

    SHA512

    bfe69a270808c73be266664134238b849f7072cc0d11e2f43249f8d2ce563ab43c6b9da2fd4a18be038cf4b306bdcb1a36d3b35281d502efefbc85e878360f0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    759cb9f5e1d3ba6079594c2642ebeef2

    SHA1

    47c08ecc79c34ea59f53324d0ca6e55e35695e0c

    SHA256

    7ff51b4263bc068611b3e90c03ce41e83dfba7a54ea039a99e4401b49cf1c356

    SHA512

    ebeaac9d030ef5090326db1dfceb8ed9c86f445860056b399f636d642defc8a549f15466aa910d730fb309860d3c4e08b252ff55cde6ff53f214ca8cf437f2e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f84651f8da7e003bfdc48aca4708644a

    SHA1

    b896fba7252c6ca5d174c8a47f9ff3ba50522466

    SHA256

    9ef1ac6aa8ab6ee3cfee8a1239b1ac55e25767c82d6c10503e30f74139095f16

    SHA512

    039163e93d983aebe134ead1d94e6742b2432e3a3bd3ed0d1b876e2b1bac8a82abab6f3bff20ef48e554b9425b69fa7d11bb36b9616617afe5d591d399f40c85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e5f589725b48f70755c0046d5f9190c

    SHA1

    d57ecd62182663faabee114eba7cc0555192f5d8

    SHA256

    965bd34cc995582f94b8b6fdaa452090e767cf9c5ee52fa264b6e0dc7bb39e95

    SHA512

    ae4dea024e0f0d86c46b2696c868ee954856e67ff0ae2c88584ec44f544bc525659a59dc69f90430993c050867fffce3f6d56e3dfa3e00c178c11046841f7586

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54d5c3439ed8c0be25ab0b9e30926bcc

    SHA1

    904605a41a8a41f2b2a93103a0892ffaa4d7a2aa

    SHA256

    4fc078f1a62715502d38024ddc2735fef9a71ffacf67777a7d2981d5542a6aef

    SHA512

    140435f174970799caf61eae79d16a72c22ce1087da17663fb5a324d1b0ee0a3dfa5b01bf7753c1dcdcd7f0d2ec303ec2f47f7e427b3c0947962340c369790d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2637d555a4cd0883e4e806f813af34d1

    SHA1

    289143c3753750b872880880c773f3cb534cfc49

    SHA256

    2761ed3dff27227e26f77673cf0110790931c16eb98c682aca52caa8ec7560b0

    SHA512

    43683d33060d2536575bcfc2212acd2fed9fe23c4f222ba8fa76483d5768f77a6af77c5ab918600176b4f378ed17b6a6205cb05f529c58fe1e48771e6b03e420

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74f666ef21fe782a3b526f7cfe41057c

    SHA1

    26ba77b118ae7b59f466b79f1a94a6b09ce4f7ef

    SHA256

    09b3b9e5a41427da395b81ea1ef534649259348aa14acce93483abcb4a87acf7

    SHA512

    fd98807d4e6a4647e56a73d12e3e362151f7a39ec75c90b7bfc61d6815bf6e8e28859c040f8668babb06b19a9267f5782c35c719421357368b30eff955e9299e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab197C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar19ED.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit