Overview

overview

3

Static

static

1

d45ae054ba...8.html

windows7-x64

3

d45ae054ba...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 12:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d45ae054ba1300b41ee24117dfa33ac4_JaffaCakes118.html

  • Size

    11KB

  • MD5

    d45ae054ba1300b41ee24117dfa33ac4

  • SHA1

    0c45ab32c2793e52b39ed0744da35a2cb79d84d7

  • SHA256

    c2f6b2618af964dc896dd836ef95283389850ea93f96d13e91d7cbbfd195638c

  • SHA512

    7919cff7b72903064ff006298c4c3684bf9f9238009bc14a3c6a8abe7be01b7c7b78037fc9c767b14ec892d305ae42e070320c2f329a620f19815cd929cdde3d

  • SSDEEP

    192:2VYlIsr03zw8k/w1wvqyzB9UngN7YKt01SauBuLbdU8d:sYlIcuzQ/gczB9UngN7YKt0SaguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d45ae054ba1300b41ee24117dfa33ac4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    455b191ef101abaf694dd67664cd7655

    SHA1

    4f0b7351f8908caad36c5a9c2ef0e9dad37808f2

    SHA256

    405b9fed6673a2d17aa7afead5833f2b85ae514935d13ef254bf6c87c74c18cc

    SHA512

    10ab564d27b9040062e6a0da2258731b8310ee862c048d68950ad25e408461660173122c07c9de5771705d1853499e134c2f612822e608478152d3b6cce8310c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd533b98b5978a1e014e0a897a306e54

    SHA1

    37f3e3a60984c6f8180b9560ce681ba661af8c16

    SHA256

    8541e6a582e41a333ec4e471fb556a0577db77389063911ede6a19dfc6bbd4ad

    SHA512

    fc7b0d1fe8066226bc8f9bd791ffd5b0ea9e97fd6ab7c8d1b07c40fced48d070f97772d9a384ab6f985ce01b7a75d7460219cc518e468b0e686f3a8afc3762b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f322ddb69d30bff098495181913dc14

    SHA1

    90f87ef60ebf35f5c3a2ab0f993458c8a08a975f

    SHA256

    24f547a79feb92870fb4370f45bcd652c00687bc027cb8c7fda058bae019a46e

    SHA512

    19c16d29288eebb8b76c7b762ace4a11f7c6ded86a8dbd51bb31ae2c67b917c08df12f52a7810e98cbb96ac02bbcafb213c0863baaf86221edc53ff30a37eacf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    010a6a31025ba409602e8d6c010ff9cc

    SHA1

    9098b23fa80f9587c58abfcc4d646b385508af44

    SHA256

    6a2983db93162144fc8c883334503f179b9b6808c1a05f856799cbcf1f1bd443

    SHA512

    95c694addb8aa6cf54fa6a5bd6448196388ad02298ce2f59f2b3ebd7e7b54a04225cebaa3d40d860b0239e14ec5eb598b396b4d9d0933d19519f7dfc02f605e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbff576ff2d74aa96f769e25d8665e99

    SHA1

    2d3e422958475f668de9017fef9f6f7b4c3f67d8

    SHA256

    6d4b039be7a1b8b26b9aaa0c53031c4f92fb0c3d8cbc9a7ab8ecb88e22ff566a

    SHA512

    b0d259ad04a22c1d9e579ff00b1f30873cc73bf63b438ed530320cb625b11d9c23e2b05db4095cf5670ab87f8f739f114d044e261991a2df1439c1a48354a6c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    487b4b283f34aa0097ac2c88baecb118

    SHA1

    90b947418ae495a9ea0c8ba1a84f0d7a5f4bc17e

    SHA256

    e09b1167a19bc965ade9da0d92b30f36a5b1626a5f14a6da12d36eac6dddbb01

    SHA512

    d43ad86aec14f34dbdb6edb1614bd7b428f53c2b649944a17441a773d75d3622b2d89f02e2f806aed4e2068aeac2f380041abcd5a009be98a599ae02a9c0dca0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    804e1040cbe7dbb9e068871d26003776

    SHA1

    a7643fd7d8f1c15bf2663ef6f401a3f12237d4f1

    SHA256

    1510556736322f2c4469ed96a0a48c5916f7fae114d75b302acc2800e523da45

    SHA512

    ab2e27a330779790373a2bb6ba122da9f91c9bb6a69c8b7a0178b85e876f03ca120f12d5aa202e0fe4866e313efca7fb7ba07110509ad47925a85792ee00320b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    095d8a5af8406bf88757696bb6e50262

    SHA1

    d9953ee530083a535ee604d28a05fa72d155f6cc

    SHA256

    bf2f6e90f09fa1bc3a3bd8d7057818323707fef514bdd4e825305bac024a75d8

    SHA512

    f85942d770c756716b288bf313b008d12d1e0b212adeb22f55a94be15a3f7815f9e89c0f7e49050f94c7ba0fbef881c59d075091b4610a488187cf755033298a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c788fc7888c7285fadf87079a763d4b

    SHA1

    0310ee15700164f0af20c631a270fffcc62d7907

    SHA256

    68d532b51d42a8ac5a82642e0b779cfd620bbe887c4e651883e46684190d1416

    SHA512

    ad3601c03bce97d901105dea9eefd4f38606bb2ad510b434ec43616312106f6031266aca3e472e5bcdda29d55865a9d7b5f571a5b4f6fc9b4fa6d37635d8e143

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE81F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF684.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit