Overview

overview

3

Static

static

1

d4657221ca...8.html

windows7-x64

3

d4657221ca...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2024 12:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d4657221cad6d5b4455aed4e97d9755c_JaffaCakes118.html

  • Size

    59KB

  • MD5

    d4657221cad6d5b4455aed4e97d9755c

  • SHA1

    c5c37082fd9ff261312086f0d83e63e944c2df9e

  • SHA256

    f2ca585db6e896d0916f10c1a9afb0ed5c7161117c47a7983342fbdd9ff5a035

  • SHA512

    5e7485ccef66f4d94930be50f6370735b888dd3eff0afbfbedb0e09a6101dd8c40db8db356c8490558a224fc382fae3e0102e5daa69ac8acf5f76e02a7f7314e

  • SSDEEP

    1536:mFWnL0wfhCVe5gf8//AWosECvuIgcxgeg:mFWnL0mr5gf8//AWosECvuIgcA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4657221cad6d5b4455aed4e97d9755c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\887C7770F5AF2C7C1914BBC47FE60D1F
    Filesize

    344B

    MD5

    c771c4f4997d489bf0478b6e12e9c367

    SHA1

    a6959de0f7bdcbef3db3de660927c96684b34ac2

    SHA256

    26271a0e852a637ad8f0b019ea30cb0468fb0ed8eb55ab44b0e64d8e909bdde2

    SHA512

    1e44909a32156e6d62ae328c13fd8fd63dec6a40c212e13ecdb16a8a082574d1b5c844c73d0346e5bf34f8b46cbc20d0397a3e6ba436c050891db3c8e399c75f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    c2a6813e025b348c7d18f90508057e96

    SHA1

    55bb2d30b60643d55ee89c60398075df833ecfe4

    SHA256

    b8a942573b74bf26a8c4d27185fd6eb9d42d41abd1be55720b2b59e64d62b33b

    SHA512

    0a38b457c615a66bf396dc1d6137c23187349bf63e0b08310de668d9039266464da98cfbc64187ee2998ccbef2c0b3067a82ac579755ddbcca7ccb679fa80682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    362463c82e3126f9e96beed4277bd15c

    SHA1

    141c32801f9e20ac1c3e72a37a6bc2853f6300ff

    SHA256

    d76d9e3ef42f64fcc29b55923c3206199d161eb260feed6563dd82ecbecb361a

    SHA512

    b5eb1f62612c479cbc69d78fcbea2a38c09fe322360fe8da21f11f555b2df7cc00ec091a7421cdeaad851d50388672e5b98475fb7c2cbfb08ae8b5bc940cb916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    49e054b9149df24b44ec2a6e009a1c95

    SHA1

    25a4234936b7b277fce2ac812a76a15dafaa6d97

    SHA256

    39808a71bd0d47ada28be9ee08a0ab46015f40d8bbcc4b8c5f827d6a2beafa55

    SHA512

    e25ca4d3e68673cd8c4a6c137b4888fcb8a3d4a923ee6c8d9ff75ce02572985a0c3de3ae6d69770f64bb90105b81d57ab27f8a8c6b48ffc1b804db4939409360

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\887C7770F5AF2C7C1914BBC47FE60D1F
    Filesize

    540B

    MD5

    0cd92e64262f44b6a7bf316d9efe7013

    SHA1

    5a0e79b69a40c0505b16dae14f5f70d07ebcb3b3

    SHA256

    1acb41cd0f5c98c18bd35fd0f23cee0a7c5f8969a875176c8a6da01dfdaaed46

    SHA512

    7aa88870fba5db967e994b339e049c89780d145bf357702aaf11a409d4872cb3dfae11a5436b7b32151c94d461a4449bd0083b102370f48472f56fdf433d9d85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c161f5b4269e1c65c6497e8e4f9146e1

    SHA1

    cfea3ec6eb030bb69567de86ebc87085dad3cb9e

    SHA256

    c1cfd3e0a720fb2b87d1abc576b927e89bbaae969d581a031fa36918d738292e

    SHA512

    03aa3bc1f26562d5a67193225a23af8c30714f5c74d903f0dbf18ec6ffe1451a3685f35d9406b11c0c8aabc2e3106a8629c3f0f94593fff0782e6e422e1b9473

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    707a8e7cb2585c6b11daeb8a4d248b7f

    SHA1

    b80f95fea9a1e8a6b63dcdd5852effa6fab780b8

    SHA256

    828e8806754d218927d8c68a88a2dbd521c5334286c60116e05d72069eccf470

    SHA512

    9bb6bbe83a7845ddda156c4f6e1d945cd31cee761423ae2077913e64e93e383fa3554a7a16d76009e1aa0dd2c24d197d4d658e1cf7bd1f5a7bb3a7e5ab9f6e40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12ecdbbd108dd6060236b50399815e7d

    SHA1

    55e660081d798829166b95c88484f226578c5b48

    SHA256

    9c0cce65168ab439432c74702b967ef9b9d47871ff4182bb0cb0f92595de79bc

    SHA512

    cde64cc9b01f4bd1c32c2cc33e9a027b3707772a324fac10f9ad927f3080d479d65926daaecdf3a4e5055f611bd663f45ce50e21daf5ef0ac5e39112e8f9b139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c51ffccfca49b66a55e357953e642eba

    SHA1

    f078db49912909b0cad8d954738efeb4e474cdfe

    SHA256

    15a54c9d9b35781c4db4443f3ebc833924ad76ed86af6d92acd7b78bca672a29

    SHA512

    13e20e0ebdfaa3b4f09760fa51056d2009351722aa4edd0f9ceaf1d9331ec7d385ce6a50135365e76f07fc59021446e52c8dd426465304905d20935f109a8c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cbf2ffb89356d95029c6e69cdf21ae3

    SHA1

    e36a2dd09e7d78800c1254b8f9b52c40689b55c2

    SHA256

    c835c11f0cca87d6c7be5b2f0c6e94b46770cf9f1939a62d9c1a6d371cdfd0ce

    SHA512

    4b2ce7a4743ceb81f51ce2b951b8437ccd4c4bfcbfb965aee54e30e60c23564637e5c8676d5b187224206b07cd7ffff0e5c394ecd19b077473bb68f1b4452b8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb1a59d09f41a7d5e5a607b5f4be5dcd

    SHA1

    c7541d676795ef8d213828abcb7225bd8fdbb82d

    SHA256

    3044622caee453021b719c1f82024c7d8a225f0cf9f6e7f21ec6642c5389c132

    SHA512

    9444a7033512f113a90eb08955081fd283ee37f98e0cce6a344854ec94ad24c60a88cda2e619b2a2e60d3c930067d6364bd42b1da1994b29f04239207765dfa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfe301fdb3dbf93304f2ccf2dcff67d8

    SHA1

    16c96dd8749f6487c39c18cca464ea2609579e18

    SHA256

    364464d4651be99dcdfd47f009b9ce6d650fcc3490e1861357b61013944ac145

    SHA512

    ef05391a0b33a02d6e307c4f0f4905cce37d0a2f0edf1e781607fba12b80f6660a5b141cd606b4adfcf6cf3f5f2bea0e27422484e9a63cd742b1247f39419229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0667eee10eb931b0239bdb2941e51e92

    SHA1

    6dedad92489aa83e48c9482c78ceea8d0153df6f

    SHA256

    baadbc7308ae06ff5bbd0d79ad6fc2bfcdfef46ad43b1b937c0d216fa9f6b4ba

    SHA512

    3609b0339f965964040bb0e0449fe0a9a7daf62638e97bfd3a6f88901f2f1ca55f3e647b186a8c276ed3a6b1f78c7293dcdecb5a804f97980bbab451e8e27cd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    82392dca05c8c14064a417593c2e4319

    SHA1

    60ddf72d68362504215005277cd80bfc4d6f4711

    SHA256

    b9cccc9d609295ba8f1db63a29245fdd3d43eb72447ed045fc7b11baaa77a99b

    SHA512

    a9b57cbd6747b7fb498ab34b643135e88a44f510ba08b2cc4186d0e21f8052e833cab158148846b19b90d8be1cbceb5bd766808b81fd2f787f0f16dce3da80ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FHNNOW\am[2].htm
    Filesize

    2KB

    MD5

    bf07383583e436fc65775b1f72f6e1a4

    SHA1

    6032a3ad8294a3d1cb2958191bf8b79e33cbb797

    SHA256

    353a661f3f3ebee897025909d30bb83d2bc8c79cd7ba8b48091359c4145a32c8

    SHA512

    5016a498f17e0e88360ffb045dfe882fcfd057a0639fb3a017c1f3ddc19fb03b2859e2368d5bd047dcab240245538d3703ea57c348a321e7e921613f2c723e76

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FHNNOW\feel[1].htm
    Filesize

    178B

    MD5

    bd2695f4b079c71dbddde3436286fb9c

    SHA1

    733c05da132193d6cf1d8e242d12e2525c03bab4

    SHA256

    2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

    SHA512

    5b73af24d095f7593026d3f211da6775d91c2efb5cdb0e0258ccca8edd3f8645cdf80d8338c863794d260f4bca08637233be3548d83e7225518dee2f47560798

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OX8Z8GR5\916c55f9c87ff8fb53dcde73b7ffe116[1].htm
    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEA04.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEA05.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit