Overview

overview

3

Static

static

1

d49763096d...8.html

windows7-x64

3

d49763096d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 14:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d49763096d383584eba0f5d90f60bb62_JaffaCakes118.html

  • Size

    94KB

  • MD5

    d49763096d383584eba0f5d90f60bb62

  • SHA1

    587bc67cf7333140f99ba0aa0d1d5e509f6009cc

  • SHA256

    e6066e70440be19c50d2ebf85e24dcc47b73cdfdd99a162248534c5536c64d16

  • SHA512

    d6d0a2294e80446215b738c5f1ac99f1c9c3ab2b317988e1bef1cca4cea6917d49663671ff378f8575f561d68e558268aff6997f243dba1bce866d8e146d596d

  • SSDEEP

    1536:WMLiNS+v7LZGPgUSA453FLHLf/2BfPM3ZH2XGy9BdkrY8mgHC+qpEyW:WAixyVBdkrY8mgHC+qpEyW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d49763096d383584eba0f5d90f60bb62_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2544

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          eab96025adc22ad530edfb3b60d6c921

          SHA1

          a63915a52bf4f4aa9daa5ff42f4fbf3a82294717

          SHA256

          fbc6b72ae30bb3037c3b9ad70e1b22bccaa30bfcd1ed50890cf191983372267f

          SHA512

          2164ac4655e3116bce76b294b903dbd727405634a2c9eea844c30abdd1e02f003207aaecad82cc001aabf38f7e02aa40671be96068cad2abf318fd31c09c9d7d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          35ecf144ea4178e377081acde58724b3

          SHA1

          8db5092775af96b658137ad142d18f59d0099a96

          SHA256

          3717602f0bbae91da9c9764381408cd8e21a35b6a177acdc9a3c4497b833894b

          SHA512

          542a0e1bc4dffc9fb915ca5ce5a4f8222bdf59d023b2af56fb43b4ea6f9863b52f2a00d11acc3eb1bf160836059fd2c1a7ebd487ee724d9d4dd81bd9104801b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ed83a3aa416ec81550a50ce186803168

          SHA1

          58646e73985c06479b70fdadc26818be8cf9be1a

          SHA256

          d5e311ca156cc9730c54d89668cbf9e55644b8221dbfa7fd8de9f40e5249cbe7

          SHA512

          06331dd342bf7697039fb89d13eca8cc863e70d6e311e73e36767391576dab768bcffa63bc55a1eaf9cd74dc78f0637e191a4c4e8d85b698f082d75bda8d1d7a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          71e57498619dc2c43d66fa06d31240c4

          SHA1

          37162334fa20eb79b73aa99a51cc67d52391fa14

          SHA256

          a09b65e17b281cc88e8c7ebc448880ce7aff6da198bebb408f316b17cd863870

          SHA512

          ba4b9446c9ce930b133c0d501a7d28b3b94ca4a3ddac0eb6a0e98ddba48aa8556b5700b459e50f3f9b4797101f264d6eb3522cbbac17f165db1e4e6e8bfa751c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f9363c460f53dcb096401317024ee780

          SHA1

          2c2b5216099b07cb5b06095c95c59f2358ef8662

          SHA256

          e593579d1efd862624921927b0f9cb263cd1f78d7325c0131f4c180ae8958261

          SHA512

          7174e7253a0817a76b9bb9818011e12fbe3a82f542da4dda8501d0859f21df82a00a6bc923a67839a821d6e0a9ceaac2d4d7d5780f17aa8bd6ce8c01ab42bf38

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          06faddea1830fcf00fac858676113c01

          SHA1

          f15651e75e02b0efdaa0f518a5d5870ec41a617e

          SHA256

          790d2add0e5bf51a868376128668750e0d0c0a1b033e996075323782f2a4b1d6

          SHA512

          3b9cda0aa44c731f10f7739d0948d3b16f79d0532ae5854e26e7e1cba38faa135d5608db17242d942672cd70df60991dd0a8a71cf0c84c1d88995ef8abdd567d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ed0d6b2c5ac317720767c715921af78c

          SHA1

          8f114551ba93880795cd0672cdd85fe1a5931dfd

          SHA256

          ad76d36f1cf92244e1e432ba51d1f0a4559b28b8eccd6e76bc0f87b8d45f6e4c

          SHA512

          fd211743e3191b46bda53ff254e74300679e2f79dace18056aeb0f6048463300062aae23a0289515edeb01e8425ebb89af1d9f5b08820b8b8db646b5d347aeaa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          90dcda579083c0decc70040a848de0c2

          SHA1

          8ee24041c24c6cebcc25d19b18625dcf67c22606

          SHA256

          abbf35eff7a62b13a23e7f231ebfa567ec89215b67c2c8513f801c9f4c50e738

          SHA512

          37430c031a603c2f9fc51d5efaa95db5166bac742636f798ca2672ca694975e2c7725e8cfd2c474d9ebcff8ad2b8be1592ceb4dc49608861cc7d34d46c74d15c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e1cb242c017e1627c94d62a95c623d63

          SHA1

          d3266a1f6c6b90f6a6322a070fc48f8a6ce66f24

          SHA256

          f183e280ee0ba31eaf2f34ab6a080daea3d519c46d017b9485cb1e56b36e9fd6

          SHA512

          bb18194f27dc7252aaf163c1a986dfeed888a623230a1d0c5919873917d62b29e366f1dd578e270ae4f7db189e11a61242df7e82e484319f5e88be9aef51f5c3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f0344abcd38c3b389a1a4d6107d558ac

          SHA1

          8d6e608f3c069f759d6d7a507fd7e0b4600f6e9c

          SHA256

          3602933c93a4445260409e5bc8d6ec82d9d0f0c44fb0de879cc46d538c307766

          SHA512

          6ec115a0289518ca2f0d8b3a12c7cbf3117e9e09c69c3469b9efe254ade8b8830699eb1029fcdb7faa24c0058f38acb2871096be7f38ceac6fcfef206b97ac0b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c34d70d561d374fd225ecffc1476ac1d

          SHA1

          1549eb8218ced5441a67917ca52e45dd7b029545

          SHA256

          e9cf0a5bab794acc0551e6523ee913b67273018806c5209ba509694cb2f78fb6

          SHA512

          00c6ab8df194b11c342ee0cf2a002debb42710718cf16fdb187d22db7973e5083ed4d5e740185a17db8ed271f1ed9949692cc89c6b28f799442787f5812c1bc6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\wpml-language-switcher[1].htm
          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab551.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar88F.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit