Overview

overview

3

Static

static

1

d2c5847a4b...8.html

windows7-x64

3

d2c5847a4b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 20:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2c5847a4b0befdc87c5db9af98422fa_JaffaCakes118.html

  • Size

    60KB

  • MD5

    d2c5847a4b0befdc87c5db9af98422fa

  • SHA1

    a378cdfc6ef1972567fd006207a025dbccb12c86

  • SHA256

    d7dc4b9a1a7202f4aec80ab64d83ef38f3b1ebb0b8ad596704de20fddd4dded9

  • SHA512

    c005627b73b16a123f1604b2dfc7561531e1d7b09503e317c8bfd08da9d2c4322608f061f626fda27b2f09150c0140b123865b2eb898a59674a068122ca32863

  • SSDEEP

    768:JimgcMwUc9GeCSXuhveP/f/IoTyWhCZkoTnMdtbBnfBgN8/uQcc8QFVG8sP/IjkE:JOiRt3XFTRgec0tbrgamchNnWC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2c5847a4b0befdc87c5db9af98422fa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a439381e1a2111a73d90908a73932ab1

    SHA1

    7cfdb90ec2082da771688e3ad256e7dad7318d30

    SHA256

    a7c9939f2babb7d3da7af31778f6a4563820ac5ed9867ac006dd925ca8f6477d

    SHA512

    ca093bce06a55057caae63109d8bca9c30a5429a1ba1e9852b5547b90297d3d3aa24a34c269b8502cca39039c7e04f181227ff60fadcc8bd0da3932db310229a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb6210e15b3949e23739a7553413cf34

    SHA1

    83008ab594d6f5c3451b485c22bb1135666aa60e

    SHA256

    1a19ca50a9fb81a0b2118d097e6a98f6fd9a164c5e8ce621b076fc0ad1bcd341

    SHA512

    cf95281e637bc96403480fe7b1bf3593c1b4a374f0081c38f92e632470d9fdd863fc59af15a0a474370ea5a1242cd06d72f64068553c2b43ad214bb40b631777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    227ccc2e85c45ca49764d2429682a03a

    SHA1

    5200eb208d7ed5bfa505173e3d893b0a999b1109

    SHA256

    60706238b0285be92a40a1ec7c4df9c52f1c48e301a156f6469f4dee914adf9b

    SHA512

    2bb1d30aa54d104ea0ddbd5df5fd48827cd9bfde68aaa8cba69e12260c834c375a1962c03c361659b5729feaf43cc1c550a626e9198d70d33d2d2b933b2b0d4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    282b577d4da8a4e929ed4fcf6db98f06

    SHA1

    523194d4df4971c4288335eeec1141256c82ec6a

    SHA256

    79b85360a5b85d8e13a1780d2357caa9749bc3342b801702493c85edb4013d82

    SHA512

    92d351f53b9b50d04812f3cfca375d21cc13d83f3ad16e4a19a17c824be33be00dab65d8d03ae0bc220f7cabd0902351163ec0dfd7161101e71853505235f1c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8584ab07703946d1283361c416bed9fc

    SHA1

    aa3262adba33b60a5ac4b681529c1fd5661ac14e

    SHA256

    ad0b05b7dabad303ac6c1e3081e96d9e150adc71f3332a4eb0aec5997e83d564

    SHA512

    709bfd9098649e9393f0356f61cbc8f243efda66e5173ce0996fbb2ed7f48a0586d908903d973c650d11982e8a1de3841acf67aa79d6653de28a199a1e51466b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab34D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6EA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit