Overview

overview

3

Static

static

1

d2154fec14...8.html

windows7-x64

3

d2154fec14...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 13:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2154fec14bea42fb9606c2d993afc80_JaffaCakes118.html

  • Size

    135KB

  • MD5

    d2154fec14bea42fb9606c2d993afc80

  • SHA1

    2e146be6e2ca04ad8fcbb35dd137126d5154122c

  • SHA256

    3902bf61bd4953f3368941f1955cbe533b0cbab8db5bd98297063a34d487e8ad

  • SHA512

    1694de9396df977666b25a73583285985de1e3431b06101268e716c6d0df915f823d969709b9b96aae399906d659c3a3581a7083473cdccb586a13fd9bf797c0

  • SSDEEP

    1536:SEuTLByLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dK:SPdyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2154fec14bea42fb9606c2d993afc80_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1668 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bda17fb060a2fd32549f78e791cf3c76

    SHA1

    c02761a763faa54dd818d6b38f10e2f9b198704d

    SHA256

    fbcc9facb1a7e67ae23309a4f40a7dcc43a2db5681db343d5977382dfbcffa04

    SHA512

    7c3ab8dd90e4abc9a10fce5ec61ad77fce7059da3b0cef272ff200c3ad43529606e1360fefff21392ad9c2d239f093bb923b1d8783de767a16aa647ba3347b35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a76c74f6c6b06ed11a6900d99e0bc20f

    SHA1

    46e42084dc024d139d71133903bbf532ae11601b

    SHA256

    9ee03ee7c55c9d1619a883a123b81ebd1105f098381b0605728c9ce7268069f2

    SHA512

    a5ea73dbf7078efb31feb5899daac49990932b8bb1cfe15a88a3ea9c0cc8cbacfa47054f97e8d68600aa1b51a4a64d32fdd10969536108f5099e52873245d843

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be02ff433753f001b097e268bbca419c

    SHA1

    c1cb20bb0f379112338aec6880eee378049f81d7

    SHA256

    298d4f7295da5d0d4ff598671889566b37f1ed0e8b190322d2c0a515433e21e8

    SHA512

    4647d7331604174e77f4a3fe58693b840db1b36d802c9b12d865a883a983b87fe206bca6919145df14ac612dd368329f403f6d852d515f789d37b18d624e856f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56767e8959fa842c22835694a5180c98

    SHA1

    4ca0dc7a9852d2f871076f099cb66b563e095136

    SHA256

    c42a4074770d269733120d9b2e261909b2900b29c141da3d6f7356929e3a4f85

    SHA512

    3e1239fa1ce1b10dde767f7a46f07758143d24c3d092cacc49421be2160f1e38d9265c62f3505a65190f8f9614e1f2b67829811dff4b516afd810aed16dda794

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e52fa3df9a901eaf542cacbf947ba36

    SHA1

    5add72ef9b5eb38d0965ac83b800e5c583d2ee4f

    SHA256

    5aead2b3916acf3329624bf316eef55d4dcf4b3c023ce672e5e0c0f412404808

    SHA512

    4ba0bfc7c5ee63e55d136ff092d37b7a5c6a26bc1405a432a3681510b230d6a5e83c637f4297332b33e7fab4bcd901e8caeddc72f1a1db76d9cc8344e1539126

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b229f75db2143cf57abc1c3a7815bc1

    SHA1

    3c15ef4277a262224fd5efe550a5218a6ffd1740

    SHA256

    dcd7e724b42d47df0d244e7ed6198dea8bc058f1a121fec2c0f5d9c05bf171e0

    SHA512

    dc3108fb066be381c3ba995fe8e11271bed8d9e7e4bebcd7a9a9aec5cb458323467273e090d10da7989329436eebd03c10eedaa0507fbbedd7f91295644e68c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFC99.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFD58.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit