Overview

overview

3

Static

static

1

d272e4a6c2...8.html

windows7-x64

3

d272e4a6c2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 17:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d272e4a6c2e5e32079163cd937c155e1_JaffaCakes118.html

  • Size

    14KB

  • MD5

    d272e4a6c2e5e32079163cd937c155e1

  • SHA1

    4b1a69475b109f88a5387c9451bed841788c07e4

  • SHA256

    c1201edb9f8a33b68c74383ed0427ef11a98675aee3f0653a1152b4f7e849efe

  • SHA512

    e7d3aa395ad18fdf7aa75576e91c07ebc35832d2f589cabc56a37c47facfc2341ccfcf9ca051c64ef15f2a5034f793ccd7f56e33761e174fb7d3928d9ae3c28a

  • SSDEEP

    192:zgKeh65jcW0evaOuEfy5B73GwoTBTQSlY0WiBCKdHTajjpD7Q0E8MWulmP3KTALd:2Ocg1by5N5qjlBDBxHTyra2V

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d272e4a6c2e5e32079163cd937c155e1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dba988960ae5059de8e15652c63bcf1

    SHA1

    74d2afce9bdb7defb029796f11cb663b1faff02d

    SHA256

    65ab5ab7147c3d6bc2a0ea2567abdf27087d11908fe4ef8c16ce6018a1142fb8

    SHA512

    62a4cc9e55b0244be60c50b7aade3a816d43de25525ec45466f7d5a66589d5dbc7b3793aa635b9532c793bb73528c220f922b7a884c7375777b6c77b66d042e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b75ff89901d47ee841e45cb3b10d522

    SHA1

    4765c41ba65119ba1f1318946fe61d3597fca69f

    SHA256

    49dc64f230f423c346adff13d85c9a434d5873719883eaf6dd28cdfb0acded6d

    SHA512

    88d09452e84c9680bfab5815a0d91074614a09633b22b2d9cddb28c89ae2fb882b0424ed6bca2671d4a679a5e70c082adf8e291483e603672e68a8cc8254a091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7341788878436edc8a3ee44ce709ed10

    SHA1

    c2f5d75b901cdf154a44034fda5873fbf11ac120

    SHA256

    6e1398e02792e03004c10bb74e8b292ed9f8310166f104a65b5e461ef46bcec3

    SHA512

    25c6aa035fd86d151a190f923707cf33b20eecdb3e1edfa3a40a9c11188b4d48b46798c56a8b0d92fbe77a5cf9475cb87c41c4b003eced86d6738d099ece6145

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ea085a41d4ee993c299490425f6e7b3

    SHA1

    7bcf0dbbef89e78aeb1a35eea019fb3bc3879d6b

    SHA256

    22515b6f251bd573e16191e656fee1b2f97e99e2a1fb689e355f526a9adcf369

    SHA512

    fa7956f39e6534cf5fcc31e6b811a502aab09dc21ba6169753001c11e4b37eb8f36a4ee1611fc09c05652c343276a787675383211ef3dda4a17869c870755dad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffc54e5c73ecb1ef22c92b2749ce5ef6

    SHA1

    6414ebadda5f446ead4cde48a03c3d87338d53ae

    SHA256

    9a67d55a59b8943ffc0be43728a8742f3d514d9b5719bbd331cd3d43b5ab58a8

    SHA512

    9378c7829e8d1d83ce06d06eed4ab28349b9d687c2edf7f272573aeccc36310a01288b6630942be41043bd24c68eb68ce1632ad4b5c897cad4fdcfcac7e7d960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77b0b9a60368a1750d2567ce3974786a

    SHA1

    caf8dc38ed651158f042dc4316d064670cbf1c69

    SHA256

    24f2e5ff55ec696faa16d1869652e9c5c64a94ac6c108d3f4f849ea4b2f7f398

    SHA512

    495b4ff2c82ec1210e5bf678d4f1f5e2422cc2f18e290cec4594e74bf33b90c8b9c9fe4f50d1bbbdc6425542e513da3fe9656bd2fb52e7a8c4f0307a6fc15893

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b1a56b1cdd2cf0e1876f9da63da1706

    SHA1

    026f3eeeca502c9fd488dcbce14a7285d0c330b9

    SHA256

    4b522555f2a69aa79459c4a2f1ca0c6cbd2685d416bcf547a8fcb706ca08d018

    SHA512

    4e4e54120093cadb4b896f7e01809f07623d49db7fc103dfaccdbad5370c99c10ebd90619d8dc2b27bb162516db132d90c1b4026e91a1f7743cec93989fa0aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bc20f8fe44d9d44a8377039823ce6aa

    SHA1

    aa43824821cd2eff869185166851064dbd8e0e42

    SHA256

    1082e934076a0d8cd70e938a5b5f57ff8cb4ce442b4ab0481a32faf822cc9a17

    SHA512

    4122f8cb36c4195b6309f4d18f41ba8d41a59fa6230d4b551a23a82dda51e54ac61ae9226a9ecb1dee24090e882dd5842508bfaffed331855cfa950f0643260d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8ddaa203ddb1cbfae29fbb4959b229d

    SHA1

    3b3ba6723e624f11f311e7dba167c754450bf1ce

    SHA256

    a2228917b6e5920d136bb620540214337e745e99594ab605366ea749512f505d

    SHA512

    5b1a8f182e0d719affcd619aa9bff42c845c688b8a19360f86454ceb927dd23ad0e549f2519b795ee502688e8418b51acb2fe377979b9c31b7b5ac8380a33f3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8855.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8BF1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit