Overview

overview

3

Static

static

1

d0bff13fee...8.html

windows7-x64

3

d0bff13fee...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 00:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0bff13feeb50b49f5e6e5a81a6b4d1d_JaffaCakes118.html

  • Size

    128KB

  • MD5

    d0bff13feeb50b49f5e6e5a81a6b4d1d

  • SHA1

    f7d7b3b3174641ed56d53fe518174695f443f825

  • SHA256

    179cfcd01e452b906527ad79c7ba942f1f5b09dc8c6111f65ca2d5648ee8be5b

  • SHA512

    befd64ac1c0374d03b59a23c0479d8705248f2d17880ade42d040878414e5af2a3b04545721ab4115107e641bffd24ffe4d90b6a7f2622cf32221911349bf0a6

  • SSDEEP

    1536:8Bx7PM4Ny0yPNJdmGvurd8AdCcD33pu40fKdSCV26ARURSTkMVXT6Gjeo34e4Ye6:8lNy06TYpi/cE8CKhVk

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 61 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d0bff13feeb50b49f5e6e5a81a6b4d1d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c31ef83d8f4e22ca4dc2908b93a8a7c1

    SHA1

    16255e30426020a0ce9189370f0f91ba4c6032d4

    SHA256

    bb50c9a4e964ab8cf83a8661a12597576fbcfd5ea8bf48b7958d955a2c79ec1d

    SHA512

    87b111e0286d87a343a053902df2d9ffcfa21ac64ce850ce926419b676d503dae7c245ca45f04487833f53048c971577473fc8714e45a2db928068629f796feb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45c301f9212ce5202be3c7314d058a76

    SHA1

    4f013dae7ca16e20e2627b2f470ce73410c7bb35

    SHA256

    83ffdc89ecd0172c29efc2e2bc7e9ad758d92a1ef077dd627ccd4268e9f29e44

    SHA512

    92cfccaf0973a1553ebd3e3fb044ddc48ccd15b4a6c56bde3b48c8a4ba85fa9002a768adedb8e5ccb6586a0e8e045f4ecc7464a43bcac5343e123d5ab99b97ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3dd790a4ac130ef5836ecaf4be9c4b30

    SHA1

    b6ed44109434680cda19aae378ba041b218d61eb

    SHA256

    e9d2c4a70fd20dcf40d1a02c604faffbde8573ce9cfb521fc401945c01f907e3

    SHA512

    2f01c132711422d98c5ff20e63ce760a9925926bbb4f565b7e2793549053cc7c7cdd0d61d763bf16db625875529995cfddc2f3cf3ff740ba522e898c068c9682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d270d97a46ab52409a5db5e40f60ffcf

    SHA1

    09780e9b4853439481930158771470b5981fecb0

    SHA256

    9903810cc9afebfed2c0dfcfd775533cd8465cb7604c24cfd3b60467dbcebed9

    SHA512

    f8457633fa83534cbfa52b836d565a4ba288010526015c2b6288a10fc653e1c20777de4807fbb963bf792d521f8784881cd1de4831dfb5d71ecef603f247cc99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2c5a35e9e0de03eac476915cbe12011

    SHA1

    6e0b69ea601e2d967afd9dcb55d27a284eb5ec93

    SHA256

    73769e7e4960f1421e0894238461202e79335fccfe42b0d6f8a11de6722b3d55

    SHA512

    33aadfbf90c4c2c09de682e130acef2d71a0b941d8498133f8f6b53e540294731132292ea6c8143f01a905b9f53d7823fb78bfc2b309c310de9746eceac7ba93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94a28e5f2fb87eb6cad32444094e5a1b

    SHA1

    cf7cc2a29dcebcc849a5d408cda3f21b540d0c6d

    SHA256

    9bbb3d70df7426c33715916244672059e8be2d476da8d0402f0da2fe460649c0

    SHA512

    2654d109cc599abf21d5bb5acffdd74c3c1c28016570b45ed098994312a099a7c5612690caf8c434fe32c25a285d0f048e937ce14a0a9e5d118fc03b52b6449a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    421ae478c56d6e9780e7df22b84d6e9a

    SHA1

    64fe00bc3d655febbaec3ac790266aff3d0bb4b8

    SHA256

    3136f922aceb157a94eed4ad466f4ff4dd03f6bc290dfdbb61b8d73cb712ccf4

    SHA512

    d656fd9208c48fd62a776609534e6fa62efad1f693b6209e3672e07f286dd9df40477513bcaa2a4053eebf492d176a24a8d38c9a908dec1e216e3948544f898a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cde2231033e91121c3de6623a31d9f4

    SHA1

    104d1b6e33e4f0d1be65a365cf5e44e6c818ebb4

    SHA256

    98c1a09bc38b3a45e37e562a741f2f666f49ea0338adf0ad71430571a9a55f7f

    SHA512

    2b81b01666df79cd5147a2f78dfbd8a876307f2518211b5e7e2b00f214b61062796e65b483d3600ae655fcefbdb18444eaa16f9537d0bd81a699a35d43786424

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48cb6d6475668ff93d40e51e4c0fc9a0

    SHA1

    adc2bc666bda2bb7f32d9f0759150ee888fc5834

    SHA256

    4ba60c5aba82d778f0f09e5fb43d5c96683a5e5aba863d154671a844c3b7c67a

    SHA512

    49303a448c4965c059154912f8327fdfc72e99e4bcdbb441af9143bcc11e46e5e4fc4ab05ef7c94035c11a8215336aa7fdca5900ba37ae69e8d4cf7a1e2e0046

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    227B

    MD5

    789e2d0cfd0760b16292d6d957099466

    SHA1

    f4c76ab259e68a5e3ab7cb4180130306dadc98b7

    SHA256

    c90dfda4d128b37a0a4a85c53249094504f143a793f5b61c363799019c612a64

    SHA512

    8d5d30fd37cab2dc498882263edd42fb59c2b38dd874f5e71f42ff367d41bf49bffa9e16591eff92bd1ce5d800718acdd6f53b4c2ad3478004f7c12e7cf0dbd1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    635B

    MD5

    aca4491c1ddc3f5f0a38f5c1ca158bd9

    SHA1

    452350a3e5344d029de3572c88ba07ab48a99225

    SHA256

    0ec07069d62c1c4fa8b85a2d92cec447069c249e6bc6fbfa327b6032afde9ede

    SHA512

    f21d78f52eabc781db50ebb57ef47dc90bf82552e27954bb030c9af5c804f8287bc07205771f9fa737b7de7813aeabee1e0c6ce0cbabbccadd84e394c3e3fc29

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    16KB

    MD5

    3313fcea1420afef82e84c01603b859c

    SHA1

    d0b0b150b14b990489272832942ed2aa950b18f2

    SHA256

    fe0859150db02ae7a475d60f31be153a4707280a3cdb154955b4abb6916ed6ac

    SHA512

    834f2c2cd9d369cc9a8b72124428b72b98ecbc32f4cb4de59ab1061ab88dd04cfffee119c1c3fb5a6e3f680fac8fab4f2af3be82f00481411e502677578fc411

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    982B

    MD5

    38a115acbbd5ccd263b3d6eb44eed22b

    SHA1

    08d0dc92530cd9452d526d00cad23fde7386bea4

    SHA256

    8fae53c6f681ac99f751248404f8ec2d992a7909eeb3ba1d4847b954b071095d

    SHA512

    6df2e7f54a45a6035a78eb8e2a8a1c9b0e963634a3af48e25bcb5f85d7f2b49d8c1fcd631f2a674ff7b64c1ed401d0d58cb8fae5c6bd7288c840e2572a5b3c08

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    982B

    MD5

    4bf55032d7d279020cc2ae6101f4f050

    SHA1

    cd2ecce2bf2b474b84e51fca571acf625e135784

    SHA256

    2cbf391317726f331bfd61c23f03aac892d654d55349302b3e191433f2ed098c

    SHA512

    f18f71148140d736365d57f39e668680db460cbccf95337b0fac47e25fef397b73709e4d420a4eed730274074f9488ad17456caae3eb22d8b7f3d8ef1ce16b4c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\J17SG177\www.youtube[1].xml
    Filesize

    807B

    MD5

    624c22e6a31b8263543a8e427ae2678e

    SHA1

    34d6f3a99ba8b597102afff550db992d28facda5

    SHA256

    d813b8e5f211c36f188db3d9efaaf5a1abefbbcf9af8604a0c683f830904bd43

    SHA512

    f834a8ff98abb2d882db66e5120cd143088d45762d22998e9293145a87c6c2040221912e4499b81844e7a82b649a36ee584f5c662e38b7c33bebebc59f0e25d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab394B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar394C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit