Overview

overview

3

Static

static

1

d4b579d0ea...8.html

windows7-x64

3

d4b579d0ea...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 15:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d4b579d0eabbf4e0c0185bf806f5d1ac_JaffaCakes118.html

  • Size

    4KB

  • MD5

    d4b579d0eabbf4e0c0185bf806f5d1ac

  • SHA1

    b8e74bfdf77538f47b3b47cf168951e034ae1261

  • SHA256

    9afd42976ed81c472e44fa97405a5865a03eb3d408d19c1eac225704a4b8025a

  • SHA512

    eee0986d588607f419665da7595eb12632b5bd32f24d39592e41ec1dff8a322fe63065eb478fd04eb6346819ed67dd30cbb55efa7d5d6edf62d6c18fe275c63a

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8otqUXCEd:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4b579d0eabbf4e0c0185bf806f5d1ac_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1088 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1267432339b549554c408b82cb41861b

          SHA1

          64f195e9da792c7867cd3b29096cf41dd1061ec4

          SHA256

          0020875a229e08ccfb458fc05aeebaa034fdea9e198e769cd8f4f77f1059b5d2

          SHA512

          4f010ddfa4ff16186aeeaa48f43bc6f29f141796f88187cacc02fbd8b91bfcecd513c0cf59d3faf780a6b5c01a214077bf427cfc99ef0085bd81d45ceb90ff00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2a12a724372073fb20a2aa47bf0c596a

          SHA1

          cd06e8288d7ab6c9f763911d74436a5908307f59

          SHA256

          58a447c7d526be504448a72e15b28f369e52e10b6e4f90539346f89bae8bf52a

          SHA512

          86d92ebc378647ccf28648d725cf7ca15c02c586968e2685ef342c06a4e70ca754d3832d687e3b370138d34b4a7ea07c7a61ce9743efe8502fcec7359ef1b148

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fa5f5d65387d9d6d77d888ce54066feb

          SHA1

          95b0af4cf881a181e7c339485554eef478779ffa

          SHA256

          c06192ce5099a2831f239825bacca8b58e4514a9c80334e73f82bf1e599a4bd3

          SHA512

          ffca5cd82db8e5b4023dd78f897821161f1c3781f2c7dc75ea31d460617eca9a481b48f433f2279ee130a92520543974883a28e872dc11652c24bcc336306c45

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          743d1e41b43ecec4306a7bcace157e62

          SHA1

          1ed978321d607a4a03cbd9ad493c7115a284f468

          SHA256

          394b61219feaa830ce7a103cefd3ee34c3f5850b2473a4e5b5e3db8ac9422cf5

          SHA512

          cf50d0eba48d8f73a11d26abc32d7fc886815363b0df52d35e893e430693cf76943b2fe0590a26a193b44c62892dd0dff677bb7de7704f9495237f35ec72e124

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2EFD.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3144.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit