Overview

overview

3

Static

static

1

d44d59efc2...8.html

windows7-x64

3

d44d59efc2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 11:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d44d59efc2811a104673e002dd848e3a_JaffaCakes118.html

  • Size

    213KB

  • MD5

    d44d59efc2811a104673e002dd848e3a

  • SHA1

    cd8eba3571fa70ece1eeee4ba3a8645cb300f071

  • SHA256

    6efda82f0d2a2e4a9152693e67fb7bef186df50fe92e924d615dc8c31d29f727

  • SHA512

    339e5e0d29b8cd4653a5b783d49e35d38c964cca470843a36928a512f35abd06bdf4e00baee4c31c594a769ea5be7c256b12e08d73b5bd0c825114fa5914804f

  • SSDEEP

    3072:SZ1IRGa5nuhLULQyfkMY+BES09JXAnyrZalI+YQ:SvC5uwNsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d44d59efc2811a104673e002dd848e3a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1856

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          81739a0c562ea4400779fad5a04f5723

          SHA1

          de0521ceab997e5bd99a9f043091ceabbbab59a0

          SHA256

          54d45d713d60c6eb4bc266ccdfc7c77bb33af83ade7c2223920fcd0e3b9ed261

          SHA512

          9b6b0c1b7e0f53e10dd81207467818bab1f4016dd643eed6562947c8b492951879a1e3c16c252329900574c08a35c526090ce10e1dc7ad182dc37f0270ee7e22

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a1e7a4769ba3743802aebed0d20cc56e

          SHA1

          8e76bdbffa9c63a7fba2a2850221f2b06e62364b

          SHA256

          9e9aa2c7ba8262c1eeb55e679d91215259f373627fcbcfdbc559c7e15635f6c6

          SHA512

          0fb4b9c72304316b03b8165e892632ce8ec646154a1d2296557c410d282a2a32de797388b4f0dc93af1024ead5c7d2b07bf1cc425771fdca16035e4416681f7f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e9e0d25dd4832f9ce3b5ee35a924c56f

          SHA1

          48b80af05826c3aced1d361b96c71707b7dd3be9

          SHA256

          11832a358d77bb951721fa664de86fbbc87c4bea99f613709d505313c993ff83

          SHA512

          8b92faf697d8d03914890ff2b4b02fac5a974ae81a7b5a80bda2bc3dd48db3b23a825867985f3dfdfcc42d8a490e12a911f11b40f5d319642404d7e21672b952

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b6456381d1d90d37498280141796fe1f

          SHA1

          9633cc47c1cc7ebc5f427f3bc6347b2cd2769efb

          SHA256

          3f851f989c815f4f33e44d815801be8ddb3d844719ff492247067d46cd0825be

          SHA512

          b1b13854cf588c06decc3cd413b12814e1327380753d845bdd5c1364a599a3622b06776476661584453ecd7c2c0174e7ad86506f5719aec2d32ddbc017731a6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          243779196be5f8d18db3dbbcb64166db

          SHA1

          69773bdb86dd9f0c941f3399ce09544f56ab8cb9

          SHA256

          a8e607fc679a5f9f9ccb5869c6058ded65137988999b7a47d2e4b0fc62c26385

          SHA512

          9a56674b94a9859b3dc365797784b32c44a491eed85369184fc6b12997d586a041f0feefa952984aa733495593ec83da757d463deb033712686a4187ad19a559

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          05f8539be20c32a633e2a50a9f5fae69

          SHA1

          4ccc0570d174289648c5316595f2048525e70a35

          SHA256

          c1fc1b8cb4eef3a48863e75d862f8098027ea8e40db9ae42ba6985600cb6db46

          SHA512

          cfd44bf4c1417275bec1a294ad566dd2502d8ddbde24641af0f5e7f1da15fa98d11d82631f62f56894cd0513180fdd73f842966bdbe41eba1f17ed80bd5950f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aa3c58d1472bf335efe4bedf56d48f66

          SHA1

          2f86c3da4a9301113d6ae7954442000859e8d624

          SHA256

          6c1a213fb753451df0d1b75e782a8f8338201348f29248524439db569756b7c5

          SHA512

          159bbd9e1dbe590cbbaa782e343146f30e7cad9d81d489e79ad759a980fa6679a4ef8b3ed3915f16ad2c7731e479785ad8e0d0e82bbecd88a7156b2954e33370

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3a51c5e4019c876f49de9ab1877f4e42

          SHA1

          4241456b8f8c89bf5805d6b6e2c010d212abd4c3

          SHA256

          dd45f3e455ce4460dacf55a0a6705a6575d7c575986b4e84aad9f7f3c7a76107

          SHA512

          579bd9f16b3db849a447e5aef21e195a211c2a446cf61893e3cd341d607da0bab85a3587333862045b20f5b8f8c5692d82b64714c20f3429e1f4c5e06f5bf344

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4ac2757abe3d6dbece412997d9c9f82e

          SHA1

          597f257d54e51bfa6f4af153aa5e9db398dad302

          SHA256

          25ada4947aa2d23bc0ccf8ff33a38510c4d4cff36f5d3ffa9f37d1ef8ed8b14c

          SHA512

          fce92ac1fbac05995a26b64ea62a7dffefb1af493f9247868e7272755eeabea73bdcc2ebbc6b4d1b4179a926808733502fc820e3a36142979dccb94564ccbfcc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          902291739acf96431db5dfac2fcbb60f

          SHA1

          6e8de7e512605ffe10cfc0b3dec9677392efc01d

          SHA256

          5f3d3908dae10b06dd13aef169b9c81fd5e5be1aea878c9618006b81728935e9

          SHA512

          f059d00e862fb3a3ba68589fd02f096ce3264cb73a2564b43aac7001bcb301b56f40fd6013a00cd6a1470b68b83137dd4c1f1ab28fd317a700b3f49dd2ceacf0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8762fd60fb3fe1abb1df58a0f0ddd291

          SHA1

          ecb0309ce6deb94d179c13611fa851f9b2b82f2c

          SHA256

          a90a1b3a9f7db283bfe7e163ef7ee14408ce51290c5444e6a05c033d1575ca76

          SHA512

          d1c1b77f79a9970db3e6d28307f7b10ad66a814b7c151a86a3c75ecef3a5b0ef00f579b3d3fcc893e17a4f9eb89fb9c756876ba8298b83e22fdcf4a3d2358fcf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aa32d8b021c681450f180dcf4bb080d0

          SHA1

          dd2dbed3ae3b393bd360af40feb2c08062b1370f

          SHA256

          24796e0c183e819923a255abb32d6ed4d107e79c40f459f45c4905dec47e4eb5

          SHA512

          4e8f9e6e5f43a3dc17e6a8dc6fe36d995c9c610bfd281a37c5d8e082e6ad2ead5a83fd834c5ba24220f0571aa2ba51ff6a6c978d56bdd759cc0a838488662327

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cf5b6817fe0b0e76822b85c7f30785a2

          SHA1

          8d0c87835e43bd800e4b66cf07b6a9210b1fead9

          SHA256

          62b2b6a4b069987acf9a846e4a552d86415dc2f70bd4c6557d9c7dab268c0c7e

          SHA512

          f26f6341e236d4e548eb305541ce721d0662b5f8116abbc510b92d776123b83af56d97b5909c36ff2ee27bfe6ce9d1874b24ea4624e05593e3abd43dea69b8af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          26e5a1ebcc2381f74231303795f505ad

          SHA1

          a5aef9d774a082041eaa959604743bd788d27da5

          SHA256

          fb2bbb1bc0afa35c2367e5434c3e2ac1b39417d78418f0483832a3624780a1ca

          SHA512

          b88bf31e2336e3a4c5351036dc1fb01ca8300a11124f70205de95a9426e9c8fa002561ae2b69d4a7cd533bb57efa936d78b825f9b486e6d1d49f581e24a634e0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabEAAF.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarEB2F.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit