Overview

overview

3

Static

static

1

d0d873f3f8...8.html

windows7-x64

3

d0d873f3f8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 01:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0d873f3f8c939c9fb2c338291731f90_JaffaCakes118.html

  • Size

    461KB

  • MD5

    d0d873f3f8c939c9fb2c338291731f90

  • SHA1

    4346ee3964dffeb92dcc38f8deb42303d1b07baa

  • SHA256

    3f8aab4958fdac462538d58340c813aa4b0309653e55aa84b78f06720ed255db

  • SHA512

    cfd68022b6688c96909dad18a544191893e35246daecdd4131535cc5958cd0ab13e22af39f51c8e0c44d89af2570c4b04439d50123bf0bc9cf0ce31931617772

  • SSDEEP

    6144:SpsMYod+X3oI+YosMYod+X3oI+YbsMYod+X3oI+YLsMYod+X3oI+YQ:O5d+X3g5d+X3J5d+X315d+X3+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d0d873f3f8c939c9fb2c338291731f90_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2088

Network

  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
    Response
  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.9kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.9kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.8kB
     9
    12
  • 8.8.8.8:53
    ag8aq.cn
    dns
    IEXPLORE.EXE
    270 B
     107 B
     5
    1

    DNS Request

    ag8aq.cn

    DNS Request

    ag8aq.cn

    DNS Request

    ag8aq.cn

    DNS Request

    ag8aq.cn

    DNS Request

    ag8aq.cn

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b363eca69b1e5e7b8fad16a42dead3d2

    SHA1

    9c5ea5469873a9262f784c0fbd5f5ad13f792f44

    SHA256

    47599b961a4b10d88686b67fe37b5107994502842cffc1ee938ac82763565fd8

    SHA512

    ed23cf86d6e15ed741241f5e322a6c4d8573cbdf8c7269c84a1f33b2d60c55e32f1edffae8c0ca689efe3139916d5b0b9438cfee47bd26fa8c6aee686b2442b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a6176180dbf3c41f66bb7d437e5ed30

    SHA1

    71e185dc8fd6369dff0d8872cd02fed50cc9e734

    SHA256

    16ab735d0ce4d473bc2a54afb83002f018c32227a76d8a3a745c53615ca2b6a4

    SHA512

    0eb9e907cba74e0930652ee9934e860c07efe6c4cee05baf4c8cd195f28474770dc713e2f3dd6625e6a8010e089525ebac6d451394030e839b071651f44f6257

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a105280ba358e48e22255919a9bfbe6e

    SHA1

    60a1f01cc4597eba3966173d0f23f925464f5273

    SHA256

    ac9ddea7a494d5cf7cb57f5804daaa05cf721d7e95df8cc6ae2bfdcac51610ad

    SHA512

    f81be1f822fb71999905c4945fd6c3dc8d2771a841420870e690c8faf68b06da7f3c8a4f912cf4379d7184c0040927eadafa81c9d61a062657cbc28805c2ea48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    599d1657bf4462edf5a4197f5c1f6cd3

    SHA1

    b9bc417fb96470b1f8a2720054755c66da031f04

    SHA256

    430eb64da59c3ee4343185ae038a168bceea46d7a814bbaf4926fa53ce80710b

    SHA512

    d13a9819ef83ceb92f707fc8631286cab4009153f4d9c42249aa29409fb55c28b8c2d53866e390efd76162e129c5bceaf111d772531309e17483df3dc3bbc46e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cff57d0cad891058adff00b3981b0155

    SHA1

    b2580fe4627ae86a2560a1fc8f439c0616be5b04

    SHA256

    c238c1c0d7913895ba6862f5dca7767b1bd66173a32452ffa58ea0428500fff9

    SHA512

    cfeb4d9b3064e3d55495233c13e1baa434a1cd8ad1276c6d6ad5b227c7da8c52a9ff135fe3514b5e9fb2e78f9ff779402632d068ea0325b07fee44fb1d9dff43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fc7baeb29f786f3d30517375c377909

    SHA1

    2af4c08128c31aa6a333e47531c5ea62bd91a24e

    SHA256

    f604b1429db8d8bd6c015f57cd59c6e8ce1702602b70bc8afb53109727f81041

    SHA512

    313711628fd8e7f4e07f7fffd276111e97c3ea1e3d1b491f1b06e94cc5a7dcdcd0380a0e98ecf9e813e8153a5daa4602de028a0835d15ec7e7ff49f085a4b571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e777be501607262aaf00379d7cbff903

    SHA1

    e30f10122bd56605ba360e77e3a938c2d69cd6dc

    SHA256

    556ea7a157db39f59ceff44c2efa14cd4df29a7dd4070f24bbf058eb74a23934

    SHA512

    fb867a81cc2d80c3d886c13dee65a4b3d2cd1c31310f3136a53509f3c60631be178a625cd5473013befa1c583a94df4d21e552258a43ff5c722aad05ae73da58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4f81f6e2a248e28cfc6e17eaa40d146

    SHA1

    f31a1ab1305e3154cbd858f65d2bcf4359fd6522

    SHA256

    f3ebd06165e65e0d903c0224af0cc713f9ada53c0ab4b96e4a397619a1ce0632

    SHA512

    37e052f0bb46f80f7fd85fb1a1c883ed1bc4ad293cc851811d7495155c0e471767e18168cf72746174489eaaee174e6840beeff9c2556694a80050d85a8d0937

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    142fb6a0fab6e92f24d881d2ba34c479

    SHA1

    2e98585ff8ea71f95cb3aa72fa4b99c90bc87ac2

    SHA256

    b40af1c2dfedcfe5b889277f4de37177d67edc8cc651723f2921e278170b4895

    SHA512

    58e9fab6f630902d509a5963dd7c405e4ca2ad5f48b140faca3a084971b00dc27306f4f1a2ac1b474b0326dfdd2a221330c5c3e244e907fa60aa16d87f0f749b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9578f65e22bbe31b0a1250e4e607719f

    SHA1

    98767c86c7c764edcf63c783985d67f4d518790a

    SHA256

    db90206c70ffb3829cbf94f804aa337e17c420871787b03e191c39b109e9aa47

    SHA512

    a615864a534cd98011f9b1e7d874fac22d3f65e0f20209eb76a104943c6925afec1b35bba970a84e6491f1b3a7cf2a09ce484ffd26c9bdb6b1e67ce6fed1453d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fafe55d3d3736c478d796523efffa133

    SHA1

    a586bf3799fa59f7786fa48d82cd7f8ef0628988

    SHA256

    34a8d10c5fa150190a3edf344bbbaea612b4aef6e4c865873d1a337f8a8b983d

    SHA512

    dbc83fe8d946271e0620e1a67d33602a1a9cd1708e338a286d0883520aaf46822ac6c48337b006e6d4392b745233309439e5bdf530e11af8e0437927b76da3c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7132674c43a86fa727e54ed23726ab7

    SHA1

    d5484d86af5f5383127e1e366d1cb00015f9a1d6

    SHA256

    6b92daf1812a3cf552a3ac93088af7dca7f7e0421da23143d81543cf5a4d8a8b

    SHA512

    991b53045d870f0844a580b1ff4fd2b65abacc655ffea58e0a0097ff482bc58e0a0a4a242f86616d22e5f9ba2bf012a98daa6fdb70f6fb797cb04f9c93097624

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7cfcbf5ff606c847fdfddfaf03cdb9b

    SHA1

    ca6500bc4edf40a8592b87d941acaa5c4005e95a

    SHA256

    269061611e4f54289becb70a4eebc38e42851a60f74ca918ab393a5b93075041

    SHA512

    7b0e69560307223c9c43854dcd41d3441ae938a69b89c70a6f699b40960470f25980e80eb0670f7b073407f72cdcd28bcc999fa0222877dac8252354e9b0f436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da27e5f0d7c72f5e03aa13a558544ff5

    SHA1

    47b553d3f502d7cbbc78ce32231d819aa4a359a2

    SHA256

    43f33ae73b1d77b0433eeaf971d7af86353cf87d8eaf83b516a5b3ef3e6cc15d

    SHA512

    b26f2411fbc35c98379f9fdd741297eb678a0a13faed3d5c45e3c1bc9a51af6fb74bfd651174315a31006e9fdbc5597135da41e4ab31634dd620e5c2e417aa29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c4dc1ed16ab7bf23e021c78e99e8126

    SHA1

    358970ad447e656d486d6f8f07c76e8c0fcbcff1

    SHA256

    29871c8e7333cac611ef61d6294be23cdc481fb2ca7f948d8d674c40be88a295

    SHA512

    6230750e2969b0a5feea0d48e0a1d139921de2bc91602411928d189a2c4b966e87c210cf153f420b4ab5e0befe0653ac5697f2e10c7eba334d0b55a9248116d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    951461778fda79cc5b34192259684850

    SHA1

    dba9626d389182c3a7937ce635ee21bf896e0dac

    SHA256

    4fbe8837aa466ec7a63c70a8520c78481383f369a7fd907d78b7f108dc723416

    SHA512

    4f7697f6739cff3729589e8f804488f37f5e605b0367c6b963a5fba1ce41f24cad1862f01e6a86d7d27c3d8a89d15fe49345a0781beabc6a04811b6b5fb956e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41c2dbb4a687d39eeeeecfe6d81f74f7

    SHA1

    db5a8aa9ca668f6697abb7d393e504d130615b17

    SHA256

    ce627fe5d711b54ea5a6061a1c4c3d4e2a51c590bda4fbf59f39a2b88140424b

    SHA512

    5577a35015c4d1ce71835008c1e5f80471b9efc1a0c81b8beaf120dd843d3c640fb1a2208a2eb141f9b7aeb11659b084dc5cd3df1fb692285288947849a6fbb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06ad285e6d06a8f274a327cf8c8c32f4

    SHA1

    f1c582d1b4a78ff2fabf65ff42681ac14025eff8

    SHA256

    b22f77b645521327e4659ed80eb286580946e02e38779679c988946e26b8c531

    SHA512

    09fead9b2ba052799fe631495808118c3d80b36ce2545faa0e4ee4485e999e37619a72b61d83e1d7be65bc12bf25c06e8c929937681d4a1fc3a1dbe810ab6790

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55dce790eff52fea04030941476536ee

    SHA1

    cbddb24362d5ef0c7e7636afec38d98636727ebc

    SHA256

    f91fa865d47f0d74ca2f1de95ac669e07f888daa2e678388a842de332f28bd9d

    SHA512

    0088473581e493adb50738738a8b16dc1167c78ff669509f401b2a76c054577b1bffbc835f2128391658b3f4836a6e740a55421bd58f0d9f1caf298a356b4db7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2129.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar219A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.