Overview

overview

3

Static

static

1

d5509a2130...8.html

windows7-x64

3

d5509a2130...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 23:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d5509a21306f9c30ee86912c1bd28fe2_JaffaCakes118.html

  • Size

    36KB

  • MD5

    d5509a21306f9c30ee86912c1bd28fe2

  • SHA1

    a3c6bc77c66b2074ac598b32711ba20bf517770d

  • SHA256

    8689f26875188e75ff6316275e213524eba96c1308a1f71cb9e962d894779e72

  • SHA512

    892c99ab5e517c46df5f6e587456185feecd0ca2ea5490c8e71210b6845a976f021e2dc6835af492204a519d3d287e18be42c015bada1a823e747eb6a0183fef

  • SSDEEP

    384:/7fWvJwqUqdbxnT0EipB0U1Bm4zGOFEFOJT37ADK37C3BH9VoiNzqOiyQAGWwn5o:/7WT0EipBDGI3VqxHQbqSNZHob

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d5509a21306f9c30ee86912c1bd28fe2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
          Filesize

          854B

          MD5

          e935bc5762068caf3e24a2683b1b8a88

          SHA1

          82b70eb774c0756837fe8d7acbfeec05ecbf5463

          SHA256

          a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

          SHA512

          bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          3cc509ca4be348bfd22e7c172d7964cd

          SHA1

          db89db55d0ac8cc9e00288edf57b6d231f83e029

          SHA256

          77b18af1247f6fd10404ccc1b7062e30aeeee89cc50340dd53f32a61bfe4a7c5

          SHA512

          49ee8adc11e69b4e3f83606e8d143fc188fc024caf5bde53aaa9dc1c8495726aac6478e28c6ebf1174d83748ed5e1b89d9541402389bab1ca7a74b15533d55cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
          Filesize

          170B

          MD5

          d501a506d4633aa6dff6302fe25c3f1e

          SHA1

          ba11c37d6d51c56c610aa55b2a66549d7ab03876

          SHA256

          0b3e400657fb2f64a74c6eacaacaaa875bcab1d2ccd3652eab96eeade65c4811

          SHA512

          4c8059138582501c661768b8948d6dfc77e29126b7aa51cbe034ba0f262d486a747a0e7694261fde6bb31fe9eeffde8eccc870d4ecf8651ed4578fd04cd68824

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1b33e8e392e8ba31b1c91ac98eb3537e

          SHA1

          4a1eb2aa4c77a9566be666f15983c02a385f6fa5

          SHA256

          9380658265669182a352215941f06dc745a7e06b13c880a976f9434a39b239a9

          SHA512

          1e1486163613db133e869b43989cd1174f6715f9c63751dde0cbc1c9bc2c79296ed418ba1b3973b4bf9143612aeecb0dd1a25201ce5d6163a824d16ce2940f99

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1bafcf32c150c3dd66a3619579a23720

          SHA1

          b4387cebc7e26ca3edb459bc53ac573adf1c7c9e

          SHA256

          e58ea1c68afd89bb4de9d91d2ea2acff42cbacf97625b9423540bec024864191

          SHA512

          2908a49150e1ba1bf0bb1a734851f941f46db380fb2136b4036b3b948581cfc2e01a4b8f4952a89785e8dc787cb9ca5939cb20d985466f6d0742a9256433bf55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          245962d2d47e7a31bf072d80a0a830dd

          SHA1

          38480a21613d2e2814ce0b337e357ef23d5990b7

          SHA256

          8a90753d7900967248c1b0bcfb569d5c13b53b7c4e53957f3f37af6a092b7e0c

          SHA512

          c159573b50c5630baa68d02469b535407860a304b2c03939901bc1bb0a594fee0d0d17d96c6b8908d79c5a66248a10ac687e16d6b8c913771af55b038b7bf99a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9cbc63c7eb045e2f7c01e1683e8d69ae

          SHA1

          cfff323e629a3701e6d9f12f0e96600528176b82

          SHA256

          8b83e628025cfdcf5961b0fac90997076aca0149980430d3b0d48e9090f5a233

          SHA512

          d066a6bc86eee687d15a4ccac15f9530a40c5885f86455fbbd57870d8690bf523037c111978750b9e20a2993ed8c785bda62e84bf0a4e98d9438c0571092e9ae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f13026560764eb076a07bf7173059576

          SHA1

          f6124cd2287fbed9369d22a29f2d8f68b07363e4

          SHA256

          ce3a9a93c1e74192992f9c49891f3674e4f64c3d788029a67b9366fb631884b4

          SHA512

          2eb7233e3133d04df87257ba331bf21c9598e9753ef226bf949e4aba4756c1aae7ef1d7f855e5c49d020f28468a0d2414abfc8fda671bc68b93e724549a7c4dd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1614b8b3d5b49b457af92785f38fa360

          SHA1

          d32aaf112da7bdbcbf99bfed7aae6016b3ae5889

          SHA256

          af3ba085fea118858b232b74feff34ec64dc3e139e40251aa3430ca2e18ecda4

          SHA512

          0a30ea499deb59c252943f2d47368987069bb969574462fdeb8d4967e424d4aa08541ad241ef4b23e7067e78782c826205dd852486290552964604017599a74e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fcabd452cd7365c0e43175f4040f5ef9

          SHA1

          37ba3d5ac60cdabcfdf8347b146bb81a1d0a8357

          SHA256

          c2797453d07243af4cebbd91c82372ec42e104d3863c7bfe0490ee9c5ab355f7

          SHA512

          c14913f294f436e059b71d554e225a56c1f7b27ecace7f16f3764aec0bb4a61e4bdf0b990576a27abc6941933d7c15f7ab9d217662550fde3ef9822f3af17887

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          50f271f0f1996b3e73ed5635e59df5b2

          SHA1

          2b23d809f2286542668467e2e0c3755e8ca6e3a6

          SHA256

          8f0b1c12ba498316a3ffd01110fb3992997ccf4c24d3814b08f7ee85dd0bfd41

          SHA512

          26bdb79e9375bc103664f6ef7f1c4626a6d3b0f11f8ae3a0bdbb5ba250d844c297fe880ccab844d90fed6c631a3d86b11e5eea11f97163c69c5e057b7d4446dd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CNUR30T\plusone[1].js
          Filesize

          63KB

          MD5

          65d165a4d38bfc0c83b38d98e488f063

          SHA1

          1c4ed17c5598a07358f88018a4872aa37ae8bc07

          SHA256

          b1320e0dda0858c87971f7baa0d53063ad2a429d232fd06b0067bda8b9eeb0ec

          SHA512

          abf4c755d88193e7e05398b6f934fc561d8e2adbee7d2170af399e145e54a4a8a93988e4af4e28d6240c0bd1bda7035ae97f67a85a471088820baae8d89f3d41

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB2AE.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB2AF.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit