Overview

overview

3

Static

static

1

d0f1d4d75c...8.html

windows7-x64

3

d0f1d4d75c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 03:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0f1d4d75cb98e4829a5354f9aa71702_JaffaCakes118.html

  • Size

    201KB

  • MD5

    d0f1d4d75cb98e4829a5354f9aa71702

  • SHA1

    ba552c9df231e1fcdc65fc4302af844c99e9ad5b

  • SHA256

    897fe33869ca9fc3f92488f39420403aaeb28a271ed524ee84fdb7af5f61a53b

  • SHA512

    be6df931c4e197714e150dbee353dbe21320474530b3ef160283e2ff1cab4e71c35985f72b24f4aa2184c823420e639f141c2a2b8f7e8e131c926ec5c312660f

  • SSDEEP

    1536:kaiiDMziD7tP3JShjUhk4VQOyApgBqWt3C3ETGxzGvM:diCAc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d0f1d4d75cb98e4829a5354f9aa71702_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec4a19bae0980939298f416c2c849c40

    SHA1

    903705c230e9eaf0cf42bf3356f2a8aa174bc190

    SHA256

    fbbacc6ffe60fb45ceac36b4d1e7ffb180f9e8a67f2a4beb1c037c7b32613153

    SHA512

    879cd98f41ba1177c9325d325a909f220afc0113403b05fe4f813055cc5f7e409cca347fe2dda0edb9bca60dc40a73fa526abc2a588acea15a962b391b7590c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69f302cef3f2ff2b90b403df8a32aeea

    SHA1

    6dee2f890bfa247541b7921d3b074d74bd884f5b

    SHA256

    2071455b5bf666fa0683a8a203e08d4035f575e05cc18b0b935bfda9e41c328b

    SHA512

    fbda2940089d4810a439bc9d50fd7bd27576b343c0656331da53c48f9d5c398db44a4cba88ad9ba966b5ac573857cecadcf813c07727b6b37d2f644a9c346fee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60521f3cc27d3e3e948ae899820c7785

    SHA1

    75a2b425ba19a7d0ee2636acd492ad20e3282467

    SHA256

    ea3cd86ffb9f4cfbf9c04693055103ff83d9f1dcace9b2291c7b04481d939463

    SHA512

    4699dffaa6d2d343d64aac16e6f52d17cb200de9d3619affe9c9bcfbf9e3f1af37859c5417c0fae80ad5fc1cd7e9f3239ff87c49731a378677d30777c8f9a30b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db51c810b272802504e0a2406ca04d0

    SHA1

    7bde4c972bf8cb5a8413e5054181f2ca72d62b72

    SHA256

    f2ea2e536da3e7528140409d533bfab643b4eeda6cf62ab0e08d5e12670f5ba2

    SHA512

    bdc78df7816f1f0cfb1ead00203427f2b0ba681bb5540bf335f09bd014982de4bde792f2d36c487ea9b35b3b487669b9adeca5c5b1f1e1e13e8e7e84e01c8688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e676910031d830ef6d79513dc774c5a4

    SHA1

    c6cfd622e3719de99e52ac71c84e0b8dc50b0c63

    SHA256

    69cc3e74369375a4c63ee15f6c26915b52ae9f6cbc24d2aa05dc9e0d5f06aa52

    SHA512

    c013ced71dab21a0d45067574257670924f845fc25cabed0847acec3142b90a67239783aa043c296da277d11db4fe3e34d8da8196d12c9cf8bd29e551874fe2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08d98583252e3638ca8534c3b1eda3f3

    SHA1

    5b81caee841598c483268ec3bf5073299f5b1edf

    SHA256

    ba47baeaa81b998cdd29fb37ec01060c8abd7410dea4919c3bf07fe47f9a5a51

    SHA512

    de073733eabcc65b956c1fd7498845b9926788cdab81aa2e8a5227ef36cd84c3e64a49eb8b4c6a753ef81593024ae9f24df9f0b4f963b970a2d50c8e90519ef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    400bb5e488e58e224242cb030235c3df

    SHA1

    679c1f319010286e0c8d161bbc1cc32eba30d960

    SHA256

    f700b6a5a3c47bf07b76aeff4ee1bc659268ff9720899c7729343fbccdc939ce

    SHA512

    8d749739fa796a099537b4c2aadc1ad51b6dfceb12919c35ad9f0bfdec6a22d0eb64b258b50c05b5e7a9766fcc71d33bc8a86ea4c946b355921626fd801e4064

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    227980ad68f1da34cb02102bca488143

    SHA1

    bf3bd505e8d4868bcaa8fb1d80c9ac529e4232c2

    SHA256

    8455fc02d1a78771cb718c8610f36b6ea55a8f5a4f5c40201821777e53fb8eb5

    SHA512

    5956f2dd962978efb8917688d262175c2f04825107c4faa1548c17f78b86d3f8f91ab22ec88f1fdf7888e14df0d860bd7a7e60d946ffbab51b69f75865d71589

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eddf431cbf90b8fdd6d4c6a76c8efb75

    SHA1

    1c2692730c95c983e90970febaf5a63b2a7c09a8

    SHA256

    dc8ba1f9d5edc3c12638cc4a57254a882d8ea49a07706db9057132c90f70150d

    SHA512

    7bc4489992c1572bd2dc12bf654d664d367ec29bd8cfe31ed6032c948a244df2c617215d6e98b78942f922ff2bfd59111e0d10bf66e922d44d81f66bfc14bb7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAFF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB02.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit