Overview

overview

3

Static

static

1

d2688df2c9...8.html

windows7-x64

3

d2688df2c9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 16:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2688df2c90cfa5e599bca6eac3cdb7c_JaffaCakes118.html

  • Size

    9KB

  • MD5

    d2688df2c90cfa5e599bca6eac3cdb7c

  • SHA1

    089015be27b36a80974dae47181d2739aef3e43f

  • SHA256

    5a0fe68255b5c8217271bb3094ce2b381f8d6aaa1422885a462032e9202875a5

  • SHA512

    08610613a2b0c9b784cb406b8c214e43cb0a910a068f1bfa78a0f3ea9c8a6a92bf2084588d30b5607604c91b8e4de86f41a4ee189017ad23d2cde9b75e7b08c9

  • SSDEEP

    192:M123R4/Euq7EKQ213mAsvXsGcG54w3vkiUM5/CD:M16wEucQk07ag9w

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2688df2c90cfa5e599bca6eac3cdb7c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    400a7802656a8d1f67bd79612df1b13e

    SHA1

    c42d14d4feee5d7cde5867583f230dc3d1ca99da

    SHA256

    ad2c0812c2290c62d135bf61d57b1d48e41dd9eaa7b49371b7129c5d226913ad

    SHA512

    5ca412556fe80d7c0b8e136cca2f0a9b61bf23e95eb69db615c644db92d795973fd44248bae77992500b982ba05c305dd9e827f31aa6620b14a5a285734126e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba9cb8a03ee39a736b7b35920c533e55

    SHA1

    11eefb67d6351160f6cb45cc8fdaabfac91f8df7

    SHA256

    bde38c9ae8f7dff5bf7deca38475c565a1737bd9246ea3566c05c2b7de4d476b

    SHA512

    ac742ad18a87f40fe3a689e79f8aa8acce2dc0c9efe65c664a0734d5df083a09c7ea3aa9f01703c31b3ee6e934a4a80452d10992d3edb8f1ea0501dd814b47dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae2ef355819bafc1ef3135d1bc2f9b70

    SHA1

    5ecfbffd7c584f20c088e9a732352da89e562571

    SHA256

    43cc66bf231865d2e448820f5e25f534ef89bc0c912fb3f7f584a8fd6c15eaae

    SHA512

    ca396af2b30dc7dad880b1872a3e4d709414860cca225c5de363c9c5142b21f1a31c027fc8f48f8de48729d1830c017d93987119f7a23fabc712d5efa6a7902c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5be28bec9c256230b1ff1cfa1a797230

    SHA1

    0e89de1c9d9f9ff39f282ecd0623c1565cb34349

    SHA256

    bc3d54674592cae5a604f53359e25d66ddd08f9145da8c0ae7435d8e15445e4f

    SHA512

    ca17fc9347eb6564b62b5a4d80d2745d96de422b4f06d1d1aa6ba2752e069e0784c548e716f9fdf4f516c4f7ae748c39c0237480cd0a0fde791a849c41c9aae6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea17ac713a8df06a75580967f1b1561f

    SHA1

    66616b3e6fd2947ce7f378975dabd9f80edfa884

    SHA256

    3a2fa37bc3139755d2eb6dba62241b2a2e3d8f5eceef3e24549d55e7cd5c3345

    SHA512

    1dd578d0c16453efed61ca881b58335482a67e4e27deab39943ed1a3887df0e06558f993040d3f4ca5c470741d1187a30460af571999412db2212a4cacdfece2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddb278547883a6294785ad1e6b3bc593

    SHA1

    ee208f7e49d602556fc980ed5d84002dd608909e

    SHA256

    0a03f1a51692c62ad8c291919fe346b137450ff8fa98db353aa1bec422c6e607

    SHA512

    62aad149017381c70c4a56922b2ed7b0bfbc647494b0ac20610cd0274c999d3f2c662add40768cc25610d6f47112f4c83aa851fe4e88133b366dc79889643b0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6276367b0d18788511859f0e307f474

    SHA1

    1aed79e8e82f31fe6f6e51fc233fe3007b3c3578

    SHA256

    1b5de97a51af4a9a3eee3a8d27f67ddb7b79269f7eb0cc7fa37c7c5c229a3147

    SHA512

    0c93fe3fd85df9ae9c21d0ec6ae1d491ee7666dcfa9a1f36e4f1161932d20063aa5ce4968e3b93a68328498e9d464654fa7202cb334bf8460d712a97d7c23ec7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce1a75c8da77375bb785c8f07d31eadf

    SHA1

    80d0d136b55da6227294f02532bd229c13adad18

    SHA256

    8ff8887adf290a91cfdd4158808f0781a4b2b6345933da17eec6077f44cb63b2

    SHA512

    da3174a7901ca9e7f504c2bc69f808742998d5fe75ade6700962f94e3e632678faafefb9e98b84c9925ff1c7d78e2096f3d7d8b28e678dd35f359e1acd514d6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3df8b0c199230b0b08f8a7ea32dbb3d

    SHA1

    7bbc8cfe7a48bb353a62eac6ab5f43ae35031709

    SHA256

    ae14ae9fc13f9247c65eccf9e4b1f833a955daedf7b5af368f2c3a5cca92ce5a

    SHA512

    1196d7cade69bb89fcd2007a7329d6025c80e0b714dc3a4b216150682d6543df2a1d50b0b7a4776a7d34570c5e6681464c5061ee8e5e44d74b42e8ade2299e7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c8820f528ca88bd35f7ae16713faf36

    SHA1

    38e34bc5faee0a72b671ae6c2508ad95ec726d7e

    SHA256

    072c7f174bd6f9ea4a0a2397c48e50ff9f0ab31991bb29a17056263cb5d0c9b9

    SHA512

    ed04e803f43579d8e2d4eb6ff6d80b74bb293f8bbd5118c899fc3834a4ca64893f04d4191684d62209e76c4732c92483674c4b80c81639d852cae8d3ead78062

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF98D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9DE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit