Overview

overview

3

Static

static

1

d28c9129f1...8.html

windows7-x64

3

d28c9129f1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 18:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d28c9129f1c6d8555abc988042a08d2f_JaffaCakes118.html

  • Size

    119KB

  • MD5

    d28c9129f1c6d8555abc988042a08d2f

  • SHA1

    26b474f36cf5354baadce657307b25cfa974344b

  • SHA256

    c22e24d57676cc6ff76cb6e638232b7cbe06761eb0aa61cb26bc4ff857490d23

  • SHA512

    c2fd90d0a79684862aae89d675dc1029007223a8f1bfebba0c39dbfca81ae51258251f3f27f8ee48997ec086fe47558f86ee31d7849ce5c0d997ba2d96e619a2

  • SSDEEP

    3072:SBk2fUnFPdfT34yfkMY+BES09JXAnyrZalI+YQ:SBk2fUnFPdfTlsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d28c9129f1c6d8555abc988042a08d2f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ce68b9794803aa165348715451ba084c

          SHA1

          69af138bcdfc598770d46f41770bdeaba0c6ab16

          SHA256

          bd290ecdc82cbe21afa157644cff18b57679b8c52edebe0ea30ebd427d81e963

          SHA512

          8ed43d7850ca5ad7d0596977c5326205852567147b62d2e3473f879e0af9078cf4536e982d9af002879de2fa56119dfa6c906841b9b3850260f300333abf6d08

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e134b60417c4295fdde119d206c73227

          SHA1

          4dc8d5f072efe1b3dc54eefdb923d40ce9714aee

          SHA256

          4b59ca545540feeefd90fb27161cbec55fb8949d3029d9648b8f8ae25c93231d

          SHA512

          3e3037bc64d51ded04c614de894437c653893764b705bcdf48e0c81fbec8471640f749d4722c9ccef3ed816e759dddb356a0f9de6e7a114c9854b0212b3534f9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4f999c2f0d36552dc4dc0b5eb8c165d8

          SHA1

          acb8a983d0fb41e6c380805596c9d8e8b02556fb

          SHA256

          0342c571c402d927589e2b511c020c658246b742f759611fc732f085fd83836c

          SHA512

          ba073e07f3a09d5b2f6e5d94bcf219ba92914dcb6bef63819f4c917d302b178c597e58ea03eb7bf2c56a8fe6ddce8c7eb0da1b1b4ea1a1a1eb0887b15798d008

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7ec12cfa4f20ba55f2a60e68ad9c7ba2

          SHA1

          8ae69eb51413500444b8c3aafdeffda7f6a145f5

          SHA256

          5571e540a0bae97ec7f5e3759b31780cd537a309e115d921794ef1d624de00e9

          SHA512

          f8801c7053f1542e6645fb53c803a9de4c2a6204801d3b2e05676aa97c585a51ef11de20a92b28fd0636a71c23c5ef18e3cfe6ff2ef490672240c9453dd82c2d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          77dd9a86d91db05b380ae1e953fbe5f1

          SHA1

          2b6ce805f639b81835678d6fcb1188dbf338064f

          SHA256

          0748efb669f5935190b0e75db45b2aa364131ee19e47e48598de48d6b39b24e3

          SHA512

          24e12f7f90a6e2a5b2b378259c91c2dbf9c72f7b5df462e755c5dc0327ac117e81ab73454a20547ef7c8d51821ce7a81cec2759e163e7a206f605c0e843c5051

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aa7f7f4e59d3670a0a9e0125152eefd9

          SHA1

          73d2663bbe7a4b83ca2ecda1f95da9ab17538124

          SHA256

          272864c5693b20cc4be2d5a6b8af8e5f57db24509be39b7988670d56cdaf7171

          SHA512

          318505bfae0580b8e717eeaafe5a3671b13db0ea1cc1351c3d16297eda2b0b770299319dd9466943fa1d2109ad55e73d618af8de3e760383d260657b0fb15680

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          371bb5abcce3293aad2d4713538a7cf1

          SHA1

          d54a7e024509d4e5dbbea8e5e339502388949c3d

          SHA256

          13a52e2c85a71a24bc0a30edb79d743202d6b0ef6db125e6c01f5321e00ccbcd

          SHA512

          9c4d9c37133d3cb7b0ef291c090bb1c3d3a6eaa9685fcc6e970e46003bfe563224a80a056892581a8141427d4223ffc05abf3c4ec1be230c9dec277bd6c7ef3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          108d2308906ad71186c1acce2e34937e

          SHA1

          065ce3bc862f6e7d32c3f7be9e4f3c7bd3cd6c5a

          SHA256

          7f249eb69286e41f38c8dd6b926323ec6efcd9f2e978c6b68a4508e92a48ed85

          SHA512

          e717ab0ce16392392a76dbdcff15f9d6e86ade74e54b348a4e43d61696672d6cdb2cdc7bb7529d1bde677f76841411476011bae66442bd9967c620a75ce8fae5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          64941d5fb543fa3e64024020f3b77ad4

          SHA1

          1d2b9a3e94f0a3d5dec5c553290bab79d140c49f

          SHA256

          8e76347ca6cb59f67ec0cf81a2b3e74fb023215e6bef32d3d5d5187eb67aaa2d

          SHA512

          dae1b16177f76ca274db58b8e2c9d1540eef558e6a7031a4f6e19250c751c7f4eff014227b6fd852d606203ebe07571f43f659c69d517aec03247bf061848ea3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3cac4caf8386facb977a310d5830af62

          SHA1

          23565afc07f6da57fe7317b80108e03e682b0255

          SHA256

          d9f6139b1b2dbf68441e290fe4ce525c66241a0dfc1d477b86917da3b757d8f3

          SHA512

          e510839c19b435ce54278ba30c95e94cc68349ec108df65591b30e6485b87218d1b5f989de74b27b4be23e98a16ddbb264b2689ba91c3a449e9b9d06f4102358

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          57ced246caea56207bc371c7c795274f

          SHA1

          40b54eb480b15257bb5d86ee9087ef818725878a

          SHA256

          b774333d3cd8673393710b51aac9ca6817af02edf057c968337884a2d8569a9e

          SHA512

          1f210f986f22ec283f967ceee56aa9d909f5bed172b0e7f5daeb65d921e245f461e58d851f36e0b401465aca9081fcb119ef6d634a2d6a15de6eb0ae9354770a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabFC3B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarFCEB.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit