Overview

overview

6

Static

static

1

d545ff87b4...8.html

windows7-x64

6

d545ff87b4...8.html

windows10-2004-x64

5

Analysis

  • max time kernel
    135s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 23:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d545ff87b4a7310f856c10add77d4fc0_JaffaCakes118.html

  • Size

    9KB

  • MD5

    d545ff87b4a7310f856c10add77d4fc0

  • SHA1

    6fa69f38fe4180df0d04b36e2677aad744f270b7

  • SHA256

    0b9af3217dbeb149024f42f707f516d1266ff0e2d3450876a28fb09a142cd5a7

  • SHA512

    05ae80fe89a86806ecbc5c3f0947c82588cf10717b40442dd49b9b45d6db4e67bc8384589deb79fba389db09ae623cc1419f777b37f2cfc2b99f1792b8dd023d

  • SSDEEP

    192:eFPNoFe4/fYVZOR4eLYQAl7clUbT1lOCqT7aH0peTL8TBIhPq:KtGf7R4ctA5ceb23l82ug

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d545ff87b4a7310f856c10add77d4fc0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • Enumerates connected drives
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2896

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          767dba0b798445471821bf5fa15f86ba

          SHA1

          e4d7e1f5be594d942f150da62253820cd5fab347

          SHA256

          ea00ff03e9e784bc9b06db760d5c009252032e971bf2afbb5d46e3d08b720569

          SHA512

          e6cf002902ec7a5b41ac23b2d72d5a442231a4cd26e02892a6921bf9222a69f490a3be5dbea2381fa4df0f59ceb39f8aa7ae9fd382b5ee86e1c80ec726a21d58

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          db7e621de4e38de1cab8861599321a2a

          SHA1

          1892d7175a771de3a3793724e1d01f9c78bfe315

          SHA256

          0430312bb7cd0d10065dfb6a7dfc538751a1b12bf51ee347449bc3f7d01b9643

          SHA512

          181233004343a8cc29c90c18a9d058e521d947b4e7b1698fd09138e6915b0719bf2572ec14536f7b8e9f6d46023683abfe025780e50a3b8ba38fe2529b6cbaa6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2be0232a01756c85e0149465f7351427

          SHA1

          8e486e127e29dc9ce41ef52356717cf6bda8c288

          SHA256

          dcfbbbdd5c3f1e02abc247d4378a31df403789e2ec2dbb0d30147d8db918ace4

          SHA512

          c80faf9da1d4a6e308fdea66505ac9dc07e6c3a2711fe17f0dfbac02c214958c5000080afc301ebbdea5bed6abc254944b5169af4e108d6227d38d5eae8864b5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          95801a46454b1dfedbc3b94813d47c0b

          SHA1

          20b05014696144aa72bf98d6a35a304f62f098d4

          SHA256

          db415b08b3eb36ab86da0fc665a869434a536c20a1368df6558a79914b997a02

          SHA512

          744c3241d0198391069f9298e2f3983804ef3a920a52a98965c74129a1ac2c55a716d54dbe9a978dee16bf7c78f4b23a25a7da2e126f07394f44ebb809984e39

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2af80563de79405e56d10009eb0537f3

          SHA1

          d3e4ab20a5384dde5d710d0201b5bb055bd758f4

          SHA256

          a45f2007a83f7f801510ae3ddc7a5b923b383566d680ab4d8fd66cb4550cf730

          SHA512

          e0d88812e214611d067b9ba5f16ec4740f6c549f5b33852750f780a9bb918d66c69ff7ae889f542563953dc45a0daea9aaca461c592239cde11e4948b34bb36b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2969f8f8b119eb8c48b37cbbec9e3836

          SHA1

          32768619658fce5fe74436b4c30258e1e2ebee16

          SHA256

          23b50478cf739161cf60199881c8ba517dfe150827880b1ae88efaeb82212d6d

          SHA512

          5924e0f5c0171a4cd89551af5c82b1445cbf1922e35d5765601b37634195e099db3f0e6d6c4b8fc0cd5d46f210a9f41df1b203b794b53ce1e9233198f521b35f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b520a397747c75eba383614bc0563822

          SHA1

          92315f991f9b4ea25ac862aeb56a90a8d1cdff2a

          SHA256

          c5da7b1ad5c54553d752f03b70bf09372908849974a17798af585124e47a7bc4

          SHA512

          e15acb3f566becedc74e361a24ec28dc6d7109e81a6522a226e456e1d8f154f6f07c5e1b5cd194cc04d45d4381019b44322464cda11912ad2a40de06569180c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b6c1a86b095b1841dfc2cc139c03e3b4

          SHA1

          595ed727cb3116e2f72bc3587e8ded7b70dd3eb9

          SHA256

          da5d1cbeef7e595a43081ac4cd14e32d370e4da68482a323a2b8a6a23c2bdc3f

          SHA512

          6b51aad03729dc04eaefd7ef9d806d924c72a3c6857ba928793c2be3093ddd185a18f0d87ee4cee023ffcc465e76c6cbf3adb7e3d3bee6d699c030ba0417dc3b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          81bf40d00c24373563358b2f69c4d9e5

          SHA1

          7e2ee6b315f5801977fff46eb00b2a7043a1c5a6

          SHA256

          33f0907fdeb1260e7c0611d133721ecf1009d81e7bce461bf86595cdcbac7f18

          SHA512

          f206d8cf1e9ee7886b1085514554d5ec420618cc5c6ad8ca1242351ac8dde8259dc97cf98b6c49037891747f0043bcb329377d1421985075a42a403825cb9619

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c1bdd1269456530927ab99b8683246ba

          SHA1

          f17d8b2c8483a9ceac1bf2f8358b41d4d6a5c5fd

          SHA256

          058b7b5c20dd10ba67b02aef9cc4d1f783587ad977015e04d74dd49aebd67baa

          SHA512

          87a57db8c74e1d513bd2f3e01876199daafe4330685b0ea67548e67ce3c885066fdbc63b93f921ba7271f1f74bb9b16ce843a3e077748edb2498ccdd170029a5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          152fbad5c3331ef12c7aae99d4782837

          SHA1

          8e9ea0eeb22f4acdae3d36e544dd6bbccc71c181

          SHA256

          5495fe96fd9bf193d85d770252516d11969055969cd6325d8f858454db2c20c8

          SHA512

          2524103659b0705d8c9937c067c281b54c6d0c6b1274d30a572adfec0bb6570b1e0540924015f14fbb645192860e296b01cbc1df4b627b0d1563f39afb48bc60

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2100f62c365a1de2ed9b55dd38d63f69

          SHA1

          4f7741103016b9c7a986c5afa4026b5dfae226bf

          SHA256

          5911fb5e53b70f7a3f4a9e50d876d3f0536f14f7fe8323637d568ad458e83bd3

          SHA512

          d2f11dc15356d1847d9c81194ef783bf16cf0ce37f33f842fb6c2f97f24bf3aac6e9531723a4e864c695b16b0e7e78b08cbd05b83e00f02f6a80f51bb6d0b456

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
          Filesize

          400B

          MD5

          9f44118e4bef01ca6157bf651d18c709

          SHA1

          34fd5f1e1a948373775283570bd8a2fdb93b4eda

          SHA256

          4dffb690a1aaa04ab780e5479b126c2f9ab1d70652f742cef2b90ce1d5910581

          SHA512

          f668092c54e813cbcf58d3bd55a32dc2d5a3a0ab3558b4da885fdec3f400be26ae3e9e102246e93b9e4a1c334fc7c5d2c06fba9a457d9cb7848c2df99e2b7e04

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          f0cf1a9b8990df3fdc6908f6604d54b7

          SHA1

          9f31537a23276f22f4358f2fb2d11caad5f1bf02

          SHA256

          91466f4908db1a65bd53e84914c1fba7662be0bef74c6554025aa7674f1e9d9c

          SHA512

          0fdade1a281e26f115e4e4b05cf61c9d85986df208d9a18019faf032297ed031780de48b9d73a70805fc1a64f2e4068467488c45f04aae4a8eac7579a31fff60

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1AU8TKD3\c.paypal[1].xml
          Filesize

          13B

          MD5

          c1ddea3ef6bbef3e7060a1a9ad89e4c5

          SHA1

          35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

          SHA256

          b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

          SHA512

          6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FHNNOW\fb-all-prod.pp.min[1].js
          Filesize

          56KB

          MD5

          4aab1ec79a8a450412d19edcbfa74bf9

          SHA1

          67f3d6313d14e8c6685bbcda88783cbd3f9b73f6

          SHA256

          eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83

          SHA512

          4949bf5696dbd105c742d2a52f6a6ba9041aac9b20acfd3fe4502b3611540719f7318c1f33f6f78b1f3362f0b37e6bf749383b21a3ec4ba838fcf635d07436e8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB609.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB61B.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit