Overview

overview

3

Static

static

1

d3abf763a0...8.html

windows7-x64

3

d3abf763a0...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 05:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3abf763a078e05feff5b9aa402f36eb_JaffaCakes118.html

  • Size

    38KB

  • MD5

    d3abf763a078e05feff5b9aa402f36eb

  • SHA1

    1e00b90f7bf3e1b4eeb7dfb36ac9dd10d4d7dd70

  • SHA256

    4af5d6878b2548ac67820ba42cd59fa1b13ccc90b634a7109c77f040e7d09cc9

  • SHA512

    8d71a963d21eb46475b5a178953c3800c3347a011c3131c410b5ef4c07c0cfe3d69a2aa98c98ef5bf2b8ba897bbfab4008caa3e1ef48ff6b350bb7cd8446dece

  • SSDEEP

    384:8wSpMzSkEw91Mp+ppY4EV0Zgb61lhBRxfLCBDYNBAckCBMxWx+xOx8x/xTxZxMxl:JCXYJZ+XvPCvZCu

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3abf763a078e05feff5b9aa402f36eb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d3b1b9a4773dfc6f4c2c1ef7eaabb3f

    SHA1

    170f5f49c713de10eecbc759b07066a99766c39a

    SHA256

    cc0f829ff5d97d162c3028804dd0e8e4e3be3d3eb0d0c3e40b27c91afd457f6e

    SHA512

    a42c1b09cde5bbb811556e7f9be546ec2dc0460589d039851604abd4aa21079a89698efb7777c684700f78f46e3a68b20fbdd0f06bf3e9848fee532715ad1da8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8b71bd5692af336bd6e6c1b51ed50a7

    SHA1

    04f540fdc3e24ba6d0ca15e44cc1d1f39c3e8932

    SHA256

    d2c2e7f73507d5ad9bfc867074e9ff06478c24e822b542ee6699cc620b9eb3be

    SHA512

    3623c0bf3f4ca3a2088c4d3df9a4d75757ef8805985c82a8f43936f56dee3ab5eeb4ca466084dc9c8cefc627aeb33880adf7a816f980f6c894a6393eed27559e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f06f8c6248ba62f4c1f150ba8710bb4

    SHA1

    edabe809e6a6a85904732a6a23d40b173117930f

    SHA256

    04b6708c78cc01d1d16f5f7651040ca32feb7b1722bd84bb12c8a43ec0f18528

    SHA512

    b5029f8b14d9522d1b75dc9c33faf27716c25214d825b002c5aba07ae43115b6dd9e27f2ce950ffc0bc239a0a6030c1c51ed74a9b920a826e4171cfad862652d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb620f8e1d4d4d02fe165130829ff21d

    SHA1

    ab5caf1a803e5542c70d18a26527870f9bfd05f5

    SHA256

    ed1835b880ab2d88260abf1a33ea184bae13f05fbb4d255cfdc9fe5bfb193206

    SHA512

    064767b166b5b6d77cd0c59478825bcb3e96ab54c115a92a1ae4aef571301e39bc4d83bfeb95f9dc91973200eefef4b2b63c8d2dbcd7695053f29d38b4e63264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c15bda8a09094fef198fe3e5801449d4

    SHA1

    18fea553fb143395705ada4d5bc1d2f45c9c0dfc

    SHA256

    49f4da9d82bb6a43e2cc034e8b8d981bf5d8bc1c787588b5d876e1cb4219118d

    SHA512

    78172d6fc4c89b787639e91cecb662915b1b3a391c4f2b976a3c21b136c6c961c5e3e9a814a71bd51fb71ce36d79e5b71477df21fdcc1a1f8201448c15e743d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dce29ce54a3cbdc7407b362f2c4b00a

    SHA1

    134e01f85cccb581a5b39313612b9a75e7e69256

    SHA256

    eb436dfa86a37b82fb7e927a8bf8c375579d94ef0394617d9a6d42afabc46278

    SHA512

    57977243d535dfe38a0efee88d507f1831522d734b61fefdc00ac5f48c79517314ace503ff2443eeb9e563afa3f320b811cab8774235c8bdd10b6ef58510966e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23db60a5b4a8d1794bad8630e48576c5

    SHA1

    ce7371976e717276feffa25deb6bf1db11bf50e5

    SHA256

    626c9578182bfe1170ba8825562468d93ce18b9b175a7313539483cec70c8652

    SHA512

    2fe71905adec9df5c0da4c20faa052ba60c5733a25f2efe688de8ab55f9bd34437dfdae126c06f700fc7e785fbdbd3abcb6b43542e395d18f595bd46ebf71e83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d1ad2d959510ab5bb017173beab4d6f

    SHA1

    970a5bacbc533b10ef5df53980672cd476ec022a

    SHA256

    1b210dc415d82e5b568264d395b89da381e88cbf0196dbacb1854f6215737fc7

    SHA512

    7402bfd163e993b7e64c59b3644509f295fcef9dbfa030d6c77aa69d1909505a57d66b33949b697ddf98c664499673b676455373851af8cf66fc994764218111

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2e051291a9bfc58fa88a3a558dd5bb3

    SHA1

    1867c48f355dc386e904671192dc0cbedde9a057

    SHA256

    08f7394355cb805b8aa9b1fd71e1ec80af8d09a1612eddfc7310de9433266cd8

    SHA512

    34e8482bf294cf54c0d9a909ddce054a01266d7c76aac1f521968b5910a34334b20a7a6e3f533d95e5a10529729052f8a9ac2a6e8c381654e34c97335667fd31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1a20231dfed8fb3d2a7ffff57cec2b0

    SHA1

    59ae0f14c4d4df6492900cb48f349147f9ea4e09

    SHA256

    b0bb638e0c821b32c412f8457d07d18c336b7a460a2a500a4a80eaf6e5ab0107

    SHA512

    3628defb786664aab15a5c0090d3a25899ee65c32edec8095c5931fbe6d21fefd475c5273a618fced279292a0b083fdb86df6898ba5fd36b5bb3fb6c1d9d5f93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fdd423540d36ec6fede197f1b7c4edf

    SHA1

    d10f35d4c2856a0f6e99d9c67b595d49d9b6e7bc

    SHA256

    1020366eb584fb843146afb1bce0cef5ff5542d0d60c12ab7ee3dadb5b2cf0d6

    SHA512

    87e5f3666513cc3c588afb513c0f6041a7ceaf32491a110d445bb1379e8835392e2e5d2996eba15d383c0fc2504120eb22d0bb65338e79a95489e7d8ddb4eb5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b715c5b71b289f84ced8b5395584ab83

    SHA1

    410327efc5055479c4c4488caff54d7bf6864f33

    SHA256

    aa31a81294d89e8df7aa1c8bd5843d357e74e988eb6aa8420dca0a270a7440d5

    SHA512

    fec1c658552405cc946092b47785ffca8567b52e58e87d22b239737f54cbef0bf2bf3e757a6de614936566018fb51346b3c800b73c4625b91cc802be2d06a7d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aea718a46778201bc6b93a409ad1ea99

    SHA1

    65ac5f30d661ca04a71669ea42f957563ee01a38

    SHA256

    714c5696aa838ff90904528ee9516df84d41a60c6cfe3c44ce047956a368c446

    SHA512

    b34d9903eeb54df3890626c076c417bfb01957f85f081e6fd2cee19ecc85bfb84ad3e961a38c02d72ddb03d9c1ec0433966d23e09a32c6c34260e4686a19fa44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d1cb3ed6afe2b09bc3060df4d132fbc

    SHA1

    f08d14013e4f4cd320dc45af8005955442aa20d5

    SHA256

    d1059e089c84e8a45fee81b841c28d0f2ef11a03c3298d944d4139c1c0ffe169

    SHA512

    d186a1d1511ea09f017a25e9d3cd40f96f5c5bbae1b71829085fe11ebf7669be01dc46a5c44243b8b280a13324bd2a60e3c44348357ea19bc2d32f4457c97069

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    413f9977c52e28a529c23616f5c0f5da

    SHA1

    a368bdb68d2cb9e8208650b4af50f6584a2909d0

    SHA256

    16a497d51555a125257c7b45ad08f6f23c6b3a196ca9825942d98842777a5485

    SHA512

    5344dae26cf54f93ed090f6a5099d040664b64e8345f7d4bb22a948da7f69cfce96d7ad80c1249f6216158fa0a9f8be8f50cd82e49ad832eaea82b878921f028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92a5becc08a9b1dc6df0b5a416d03f03

    SHA1

    3895eb9caeed07c7101a4f16c982924d8e8e9792

    SHA256

    26fb6ec4d69365def7776d3f6c325b1e138b1552a13e99b991d7ffa996db7186

    SHA512

    dee4ef4a78a26c4ae2c26d3bca1ee585e37ca858e8982d07821cab105aa9b365bdd02e9c9b05d9cd3724cd9af07841df67c1118f4ed3ecf86554fda576201d2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c84d20a68765f28c19f964cb44b445f

    SHA1

    c5e9a30a3201ccc109c5e61f21fccdf030cfbd44

    SHA256

    f94eeeb1f797f9158a8bb499e9519b629245458425ec49e8984cc9af8d24bc9f

    SHA512

    aff6ec094490167406f411cf3a38c95c52ea807125aebed0a4d9725d4c6e1a4159d93e3a67ca4ef998323460e862b9d284f8c679ce52ef5d4155c2df314392ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9aeef2198f3657bb2f68252420384ca

    SHA1

    e24e120843ce61d372c23b78178dd3e645660e7b

    SHA256

    a95e43135bdc2041423d7c28e6060eda68d7491fbc7b8f7688ebffb84f17e8ef

    SHA512

    70ce6a10fedfe5874214bb72acd384174991f5be782ff25999cf071e15b33041b53bc160012143e2fba28b85aca0d4f00d4e5428f4caa5165496ebee0d04618b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56KJ964X\dnserrordiagoff[1]
    Filesize

    1KB

    MD5

    47f581b112d58eda23ea8b2e08cf0ff0

    SHA1

    6ec1df5eaec1439573aef0fb96dabfc953305e5b

    SHA256

    b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

    SHA512

    187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQU8S4LJ\errorPageStrings[2]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQU8S4LJ\httpErrorPagesScripts[1]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAB3E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAC1D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit