Overview

overview

3

Static

static

1

d1dcab2889...8.html

windows7-x64

3

d1dcab2889...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 11:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1dcab28893dec0517c5393223e80eb4_JaffaCakes118.html

  • Size

    77KB

  • MD5

    d1dcab28893dec0517c5393223e80eb4

  • SHA1

    df67653c3ec9a36658eb6b91513c562a7690326d

  • SHA256

    45b7f72b911f98145492619eb1d38d5c3414158c2221d3584d57c50b041f9844

  • SHA512

    812533519e7d5c8335ab115694e16eaf689fd5e226456464e0d9737f3aad9979e85248c73a12e4270ea6ce0340d3231fc71fbe1201427aa2836ddc8f4ba2bb28

  • SSDEEP

    768:Zcd9QZBC7mOdMwvpC5I9nC4SujtKcqCrPd:gQZBCCOdP0IxCqaCrPd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d1dcab28893dec0517c5393223e80eb4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c4510e71e13dd56eb9531c02235e85e

    SHA1

    64b09b1ab9ff687071d338c6e226123639d6218a

    SHA256

    d7c4a06fd7698240f641e87bdaeecba143749a3b6dcbc085bb7f97e133aa48ef

    SHA512

    661a235fc849a19288fa04e336ff8bed77a6e20e7951a7019237b53a58a6943a77bd48650c1c270ba2e03cf0bd88680df8ca7f5e82eee744e75d1f14ae9c51c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03f4cf28f7ef718eed3610f0bb413515

    SHA1

    85c2f660d607aec5913218898c9fea46497c5a84

    SHA256

    cf0815837e9bfd14501822f57580e0021b57bca42ce0b87662024ea13518644c

    SHA512

    73dbdf05e5d1fc2cede4e4c904d789233c3465bb19ef67e1ca94cee5695054630caa3e6544ac7f44f4089ea0b688425efd622dff9e3b6e5dbbcb9fd9d105e474

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aca8953858060305a639f4ceaa19bf53

    SHA1

    c58c05e4168a9008484826f3765a19d0a87550bc

    SHA256

    3751ab9cfde14a58b322f490fdc2b456e3596c8025925c6740cb7ef4d5a8e36c

    SHA512

    193773639973eeb3e02196147169e7af412dc7e09beddde1553cc3077f128f35b02778fb0da2d9b6b680ad1c87283c92591503d366504dc3e1b451dd4f860880

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    931c8b18c682841950718fda263f4310

    SHA1

    f76c6b059afdd259a7a8b72e49b037f4b4e10116

    SHA256

    2957306afc596e9af77207d06cd6db006a946e15d2bde5f4812fa9ea119b2b37

    SHA512

    b0859a3e95e7ba66e3292c652f71bae7deb1b0d4689ee081fc239047207809536dac7c0f484a4365f8fc1cde8c58bcc5e08860efa87934784aae08b3068f7aa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ad948342e64e3f5806eb5d06cf87823

    SHA1

    dfea425891471459a4f59c17f6d2797951741ca6

    SHA256

    7dbc4f1ec15801a4e898ec65704e9a99b7e2c4fa9e6fd70d126e5c2614b03317

    SHA512

    297130a797a814a9120cc2e7919e990830116ebd210ddb28d4c1c06d5c1a4a8c2332c28530d4b382b010c9ba43309aca0475e281ef95491e14b8c0fc469bca4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1bc5ada3a5e150401562b9f664ad986

    SHA1

    f239025e5e64bfd09b628c2f9eb48118de85eb60

    SHA256

    281946dc3b10e09a2fa15b1e35ab7742891786f6d0cd99cfc9d111a5933e0e6d

    SHA512

    0b1353290d97bdcd20ceb2ef9b84b2afbd9941145ad9fdd81ec493b91a28c7620f05a9c05691fdc8382b77c67b310ae8e98759022a2bafc285a460559111e68c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32aa9ecd90cd28e128807af2e7d57b08

    SHA1

    2d2b2800ce9ba335d9c6ab9c4aba28102774d672

    SHA256

    f287c925a177a63d6da8a0d78d1b1f3f7602a112d697e6df038318cdf226f788

    SHA512

    82dd016f3f03ad3354ea863b9782b49b3557e1824dcafa6a20cb7e35097280c15071cede5e50b1a68efece45b06e6cd8b173ee139332917572e4d61c99635188

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a76b958e879396385dd4edb3ee4d81d

    SHA1

    7e2770fb593f0393f933b0c811d0b8486c9c7e8a

    SHA256

    b3974f6fedc8e9402ca8dacebe7f2b51f90ee6f734d6ac43619e0eb9d850851b

    SHA512

    085bc1a0990efbbacbb52d26e056a97a89925ef53233e19b8b5ce21d534378ab6efa35993282fcd61a400b94c7248cc54ec90c317163dbfe4e7c0cf954fcb3e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7374c6a3c301d399565f7242f89b101

    SHA1

    a8fb85290c0b12bf1b1325c2ea2b2e7eefb659f6

    SHA256

    23da94c24625a6f82004d8e8a600b7bb38dc168869c08846fad41aa0f26fd6d3

    SHA512

    1eff804dd5e7ea40c3c2bddf6faca294158a960890bd92916de1a6b4db659d8fbaf6e417b18f741a26a0ae7f0c11b339a771b7050ff45123a53779f3746750de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aef57d334e01fc018278e537856c9e78

    SHA1

    378b25cec952e3a4799f19c607867a4f1a73d3c5

    SHA256

    0e52d4bace7a8e3be460e4525bf5c8bdfec30036344362669db282041c997f7d

    SHA512

    cf44c070a2a37bcd1de277721259848b4312094465b98a166e49b91e58939b1a2ecea838a97ca5d967545ae52d16b18342d5277f9c985fae55e7557e6187b2d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab60C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar94C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit