Overview

overview

3

Static

static

1

d3b78da09b...8.html

windows7-x64

3

d3b78da09b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2024 06:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3b78da09bd954d6ab882d97d4376381_JaffaCakes118.html

  • Size

    27KB

  • MD5

    d3b78da09bd954d6ab882d97d4376381

  • SHA1

    5111c123d41fa5993bf94157aafe1cccd288ff92

  • SHA256

    ec4333c7ffc7457719cfe2a7e2abf2a516e4da29a613094a7086bf0e11cc9910

  • SHA512

    88f8d23397a9915b5779085b54116e091f24970c17c0bdebd443fb17781b62e620c0f73956a4173b4ff8cb0cfa4aa55bb362b62631a769a293f122e63fb01a6b

  • SSDEEP

    192:uwjIb5nnX/anQjxn5Q/GnQieFNninQOkEntSknQTbnVnQ9etJm6u/vBQl7MBlqnv:mLQ/Y4DKvoS8uMb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3b78da09bd954d6ab882d97d4376381_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    165bb20fd42592264fa967fd38c1de19

    SHA1

    ac848bdf2ca7b5587b4e3464a31d6bf9ecf10724

    SHA256

    35136957c601746bc33464eddd2eafceae2c9f20ed6417361389ab709d2d93e5

    SHA512

    61bf901673c10e8cdbbb610f7fec808f79bf74126a6257fff9a50a13b6d631b79e00291b22d63a138014505a229915f50585f296f15af93f505abe66442414be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b25851ab704b0174b5f281ae4a31f52e

    SHA1

    52fa07f72d6aa121f87fc83da682eb7399b03a2e

    SHA256

    c32110b17f96e55f663285c248bf21a47bf1bcdb1edfc2ab4724b1e873a71a53

    SHA512

    010a54c8409e2ba4e64392e44a0571f1cc9259a584b2a5e90b44161b31962f95c4d9a05ea1fe4df61c61cd1532a6f5de4977af276c3570343409dba6e9d905e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    339d2838717f5acc31a652f08e797851

    SHA1

    881cf3feacf993720a40f5baff21a6c282a7d5c8

    SHA256

    fd577681849e41ed90d72002ff37f23f6d8a161146aa2611d47c5d15df8eec9f

    SHA512

    58fd6a6a4af95425d12fcfe30f55ad719f264dcbbea13a0b463300fe2684ccd470da8be4caad1e76275a2e760277f05d1fe574e8718691643ec68d864388ab27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    305cd79270e8206b01b7844e58d8a6ea

    SHA1

    304926f6868983d22cec68bae21810ffd50c2cbd

    SHA256

    7e301b12cb5559609d6b338534b16d4d117aa9ea7a6f79c441892ad84aa290db

    SHA512

    c957ca17fc720ab8efca2e90ab2a618a024ef4d0899e4c2d110868dd57d93a2bde941fc23602ef4134b76691eb3ba810df7544a8463196ff12979f9b003106f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c24c80ce14422958e6e32ef39d46cab0

    SHA1

    3e303bacf56187f37b58b7ffbf80c23595ade50d

    SHA256

    fb57bdc37c3336d36e05823bef61347c73c59ceb42bc8e582f6e3fba1f7f09ac

    SHA512

    3ed12123481d5ef30edb5b800be97b3fc9aa7ca42024d7a96bcd507310399e921665f7d20fd7bab8db9d46703734e8964132fd10b46dd3858655d75fd56c62c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad4645b511ed0b307be99ef9bdc25d2d

    SHA1

    d8e4f47606f093894b230aff2f13c6d4192aee57

    SHA256

    e36736cf05094c2afb52395468d22c197f2a1c1832d3427e5fabab061b3aa136

    SHA512

    bc024a18a3d8144fb7f08b52e9e85066b48a88de73a6dcff8d903a63448415a4c726c938fdf909bf4ad497b4332d861bc6a469d5996d2b06f820d0254fa6aac4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c756fed4fd3bddecf3cb87a83e72e6c

    SHA1

    e2abf1ee0c97fe3e100d2b339c9694ed3e839808

    SHA256

    bbadb56ef68e1d6548d667ac786f66bc24abd953832f0f78d744e8017e695dc1

    SHA512

    eac625f156a4633ea26842663d77ecc71aa0c12f585ff89f8712925b8ac829a3e357d1737ee87fdd9b66c3c7c7eb82371ea42f13833ff06ae3706bc5adf54a22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cf44234d0e8d4cad1d04fd3ab04caf2

    SHA1

    ed5793f1b3704976aa6e5c3146e4b6e0c43aae93

    SHA256

    fcaddceb98d3c416991d5030746b51c27624656ab9522819f4a300b67dea98ab

    SHA512

    7e50f82897f3db36b80450f94389fce53e5ab492083100180a1743bd3d0ddfaf7f39b7f45a0bc04073ffe327523d2777b94e584d3a7d87c9d4bdc8cf3100578e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30a8772464081441ad508a1863e1f3f1

    SHA1

    d257b11874aea99e5df927cc65e0f1dab40293f4

    SHA256

    3c2b1d73779fd011f29d077ac1ba13c8692ac1b186b65afb0da1b3db3efefbbe

    SHA512

    fbf0565045f7ef55bb894e17cb7d8c708e4066363a76a0210f3548be109ecfdb022365761ba0a516e33515e9bbfb8692ae52907c7cca0008f1b978feeafb4213

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f07cee6a22c435b2eedd5a9bce6a2c90

    SHA1

    995c64febe6f6c73d6aba471ef614eaa12ca95d8

    SHA256

    8cab9fed16633f8091e65bbac5d2595aba2ad75bb81406a1b6897c8df5cd08c1

    SHA512

    3f6a127de7d155bdf8c2ca6d8437304db840769df0a663b87ba5e6e73a691e29816b85b7aabf295daac1e6402cb310ca99a056ff5146c5aac4bea36fba58b620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26bfca3351463e0ae09dbe95398bd4e2

    SHA1

    02ca9bfdbdf05bf5b4c729cfdc2b7bef3b1f8d2d

    SHA256

    c23b55dbdc15b4d34bc2c53452a3b60e163a59c25a80ae90d9a4f82d9ea59520

    SHA512

    4bee9bb695962e9102a10fa4aacafc8cf64cdca76e1b1b35575a1e18fa4c897b214d364467cbb5092a633980accc1ff4d51fb6904ecc8d3b2dd7e773d0a104d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e779de1058fb593f08a827fc9d225a6c

    SHA1

    2cc64768af8d4e3879a13ff0fef05c2e622be535

    SHA256

    d1f087a0a39dd2ef7cb1aabcaeaa6cb0b83553d0c01c474fab6e5b6893bd5d16

    SHA512

    f57829566632e91a5aa2bc0f5a58c12ab95e4ae0e50ffa7e4fd7c502c700b9933cb04bd6aad7cf6ed0b7815d82c57849e57a90c4a79f74132858d862ccb0ff9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02cd0f3d39edea29e78aeabfd7a53ed6

    SHA1

    afb58ef8a4cb51349859d38b40a88419c393b5df

    SHA256

    ed2afaea6c478d9302810a1448c742f29f793ebad1e0a45ca24c0456dc81026c

    SHA512

    7131d62d2ecbb3fbb94dce56ee18276a0a53283ec2595cbd2b42c9ea358a0a0768fe2f2cf25b90a752c75e1a476589435277abf383dd26bac22aa08e8874c33d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    206d363b27024f139af3646568ccbba1

    SHA1

    e4239958e4af27b585fee9971130cb86548d4f42

    SHA256

    536169964ed483ab8aaf91570fe7a8dd98d2cf1640cf789808e151a937426feb

    SHA512

    23c7d3a89c2b268cf12244194dea078225556a3c3bcd68cb58339f88558112ba89794c362e03cd7cfde9b8e74dc6b20e9e2991950550bac13720617f136788a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d1df33bf5691ee19ebabe4283badda5

    SHA1

    d840d122a7b78f56cb49a1fe45a7e300c67a4320

    SHA256

    63513fc59f6a0b149c9a0c652a2cff11988a6fd1ac25ce74caf80de3c6123dd2

    SHA512

    95d9e86f63358e8fa99078ca4465f759e6aa4df55a4ea18734b02bc6bfbd33698d7a35353a2754c0092b1aa81af9ee72d80306e7acf4d0d91830f8c2e8d6bada

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2582604de1fd76e5cee460dbe402a84f

    SHA1

    1f6a494058073f25cead7a1ef7445a30b0d2c2fe

    SHA256

    27fb4d9ebf0ae5d5363ab84c7624b9f6c4352df6a91d75bf275ccf6362849065

    SHA512

    a13698692f5dcc6a9ede30c154982db06a2b5f6f8a357993864e20cd0aec492510b175632fd593deacfe1870931596c560e89ae286624652088c5809f8b7be24

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDA3B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDABB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit