Overview

overview

3

Static

static

1

d3f7fe7d7b...8.html

windows7-x64

3

d3f7fe7d7b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 08:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3f7fe7d7bed82f9366488ad207e5863_JaffaCakes118.html

  • Size

    472KB

  • MD5

    d3f7fe7d7bed82f9366488ad207e5863

  • SHA1

    f2736ea7e38aead589688ee3422c7e198eee96fc

  • SHA256

    07d0ba5dd5f27a6c480e56617c69c22269c5a5dc2585e8b35dec1e31f73939ff

  • SHA512

    0d271b864d22f3745b7147f9cf067766f9e3b0138cae654504139061fef0d5e8edb6b76c0de23c5e144eaed03756b5ad2be0d8c850fd47f553f0a2cd825f7c20

  • SSDEEP

    3072:LWHYtJ6rHfgaToXdY3muSmfE8Fthm0huyfZDlGCwp3mPyR57Gu87v87XV:LMoaToAq0AyBs8PyRX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3f7fe7d7bed82f9366488ad207e5863_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2888 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    a92fc6e0137198d5a963a636fb9d7f0c

    SHA1

    358793d90e4ad768236af9a1b62145c0ba21fc1b

    SHA256

    bdea8652c42a82d44b2cf2bf867186c8042fd38f8053b8bedbf2721b91b02c1a

    SHA512

    7be7bd1879f31f78130bf5b0c0384b312b1df6e9643df5a42474fd89d8c7403b6b36f3de55c87ccab7b570de51d5b06ba8da760f503e29973698a1989a6c0635

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6a2fdd502b760f48c8df692046431db

    SHA1

    ce00daa4f4c0b811c7c10d623233051e7e58f6cb

    SHA256

    97beeb532235b327d4b3ebf07eef84e184f84c832e6447c52a6be09e8bd28468

    SHA512

    d5352b898cbeff59a4cf1ca11a320be6388cf4e9a9be3b63690ce1637d8faa7d56c550f910172b6699e0379fc3b7c3eae3c077275ac205a4aaf7545c1ccf77cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e668f389d7c5192d30b74d42d6d50537

    SHA1

    b013eb75f0aa5baa1ffa3a027cbe4c26d3bb3a86

    SHA256

    30a0cd9268cfb609223c3f430ac57c0412d49f95f4a90b0ab1450ebfc81c67b2

    SHA512

    3c66eda02512bd4051c9d0b34d1e825fb863dd572ec12a38e658c360b9478347099259914679db40f706aaf71233051cb3ba42b0e649c2f51ac76deec638a34d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9ad7efa7f1acb489cca596a802bff4b

    SHA1

    93af5502d2a15f0f68b4a27b1acca4fc98dc6ff2

    SHA256

    1548e012651b7331ab6a97ff128c213920e6952f0bf68d9e6c2b857b8a7c33f5

    SHA512

    f337ed1ce088c659e2bc8feeffda873936e22a64c775548603d973022d090698531dc50b7db131a4faeafd5fbad95bee545aa149204cdcf5dfffd4d751474eb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f53e13864f74148f42a6840cb5e819e

    SHA1

    69e43d0389f87853e97c77551f9029f506737bab

    SHA256

    cbfbc160b8dd8a9c08951f7a150dfdacd55899e38ff625e15015675fb08d7ece

    SHA512

    8559c6bda3462ecc9a6a9ce14d35908e3e9b8d6f71b28d188e6435c27ef1352ad558737809399d0820aa42cf2eb183f6d7838dfd2d5fc19380ea906a3827d6e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f40fd2c7f1b07c9ad99f2d9cdc089f6b

    SHA1

    eab6acf0dee8d8fc03fe6175ecf32311f29f77a5

    SHA256

    98a0a3db765f54abc22864bc0fbf944347d46ba21a9b4ccfd40abae509a43829

    SHA512

    967f20c74aac089116b57745a19b6004894415d53a3ca8124465007a8ba9236bb4dc8e35802a3a17117d38a1d5ce3cc4bd816c8c40c1c723065e23487ebca447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7c59cd76b103ad63507434c48678b31

    SHA1

    e7d9ae44b0d67805e6dd5bae5358177d2162e85a

    SHA256

    24cea326be5b001da955be29f36f5e09dd0a2ec014a47add7fe20a796018c3ea

    SHA512

    0f9faee2c5bc951fee1f88312c3df88cc99a85497a0601b3a3344c705ca732bfc8a4ce01e2d629c6a0e11f87d74cc4b4066aac699f0447bc8c380a333cdac30a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08f272bd5e033b2d5e46230f16240694

    SHA1

    2b0790e6ffb6e8fd42ef3d7fbe7efe2ed6bb71dc

    SHA256

    e86420b1649c92471eb074ea99a2352a3e0b13a09019395dede63b884ec0fa3c

    SHA512

    2fd8a4e729c635442f449a2a7d4b934a72729f91741810e1556ec2919d162780441677d9908ead4fd1a5583cdf81d0a89be9b22579e0d31ca3193ad1af10d79c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    011735faa7c0628e2f086238fe965f00

    SHA1

    b181189762db8e08307b9af112b430435d83462a

    SHA256

    a7f409346dfddcf4b9b437b04b7e047cbad3d6cfd3012ded0152aa14e9b14505

    SHA512

    9f20d3ad0fef5813ca2da63f6476556a0780f3df716fc8e683831f529b1004fa37690bdb9838d32c14d439af6fa238cc9577fb62fd4715b8ffb24f75be4513cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bfc713e62bd63d3c541a3390ecd1736

    SHA1

    b808d5c19ae6d0f1ff84a0d18c60dc1154daee46

    SHA256

    a3b44b8690a12e92c7a75c289c28bb211443a8d4b61332bb5bb89fd552b8b07d

    SHA512

    2c133bf565430ff4a34cf56753a179d8ebd4a784e5742be6ced9258dead0781175d458a185e3d5e279a4269250321a35c8c8f23fdb913d67b6c9c3750edd1561

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d43e969b09dc30871f5df5a264ddb9f6

    SHA1

    d40cc286183c6326c092bf90f47d4fd66314d83d

    SHA256

    61f9d1bbf6291e2039d4e3874e8640a6b470912de438041020ad703c668cce83

    SHA512

    f32917c09f7722a1f50694790295d90a797a672fb8a35bce01a732aab2cc041bd162061f5084773c403efaa392b3ae0728e65d78f550e1c53b1259ce8873e038

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bca204fda331dc0fcd40234535e222e8

    SHA1

    4390c94b77bc52c38e2f28817366d1c68d50a8c2

    SHA256

    54208d330cfadae73b3cb1d6482773461d311c71c86b4113a81ceb36760ab054

    SHA512

    29dfc7ad4523453daef382a08d640925a3245b60312099f961144d7cae6e6a8b38df20be7f32612f3c5d0fa8a0062b4bae9f7bfe30eb82a02b4fc537719d9d15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1efaaa0c50c73f46415d166d6a69eafa

    SHA1

    95bbd697e51e50a95f55a245124314f2e2586277

    SHA256

    ec0ec93eb6417c44c220caca6f81a8dce6f7a8e881f06ffcb78669dfee5f32a5

    SHA512

    31be024d9a419cf2273200e135eeed25e8c8da76d86bd7ca82d6f6c3bdf85a4bca92cc4e848c81b518c3e7fa76d769a580e7133f902c3f4830526bd21c533644

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56KJ964X\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8H7UVK5L\cb=gapi[2].js
    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8H7UVK5L\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD74.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFDD4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit