Overview

overview

3

Static

static

1

d4e57955df...8.html

windows7-x64

3

d4e57955df...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 17:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d4e57955dfcf416f218bb491354de42c_JaffaCakes118.html

  • Size

    27KB

  • MD5

    d4e57955dfcf416f218bb491354de42c

  • SHA1

    b6cf0cadbebce107e7b8c85e12559b70e9fe5b0e

  • SHA256

    934ff50a17ac9ebb9a3204dae35deca1dc3260c6dbb3cd082460abb630a43d57

  • SHA512

    ae5a24145842a552dca0d167b2d2a62b06841030f4f097164e2aed62860c466a1e72fa89fb54a589fb8bd08e0e8093bc8d297330f7c419cb7babd7049f0e866c

  • SSDEEP

    192:uw74b5n5BsnQjxn5Q/UnQie3NnrnQOkEntIynQTbnZnQ9e//m60nhXQl7MBXqnYr:QQ/Deh4hGS5qa

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4e57955dfcf416f218bb491354de42c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2796 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c046593cb0c2b399a3968f3a604d74d5

          SHA1

          3a69e54803dc252a4eabe1cad4ea41518d07ccf9

          SHA256

          998eeee49d4bcafd4f5e4ef1b31c143b9674d42bf35dcafcb7064a1cf8076db5

          SHA512

          00d2dd0850fb0f1666a7d73c3d4173f505d8c6e509e7e9a60ea94d5b2e1b21549fb0fcda3021a9ad7d91401dfccac8a053e86ab569c6f468917321865ae77d32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c4f9881c3c727ea13faba3e7f8d1ebae

          SHA1

          35ce2005c0544fe573ad63cf264e33b634b0278f

          SHA256

          207cb761a865cb6fd475ae7d35c368a1949bbdacb85e2564dc7a3972976a968a

          SHA512

          57ce986bb56145b50cc6fbf1efef0dac3d152f0fe5a97ca9f8813809de407eccebb009f76c5e467a6448a0a9c1241d8376c012ec1639325acbb22a3de274450a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e2839c36fd5ef1bdf74d92c759be7d0

          SHA1

          f59d6dfa6316892cf5dbe88b291dfec1bc22de96

          SHA256

          e10c5236346d2769e7e69f5254f95d4f3f8c6562c87abd2e2510a62e407b98fd

          SHA512

          5be575be374b69fa4be4c6867d265e59a07a5b62a2d9b209851023b25be2d0554794eb560727a4746466d6175e1e547f22f34c267691b11a417d86b18bdafdc3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d4506f00369bc9a4369b9d03a78cbdaa

          SHA1

          b557932ac78fea832bba15e9d4085e453461fc4a

          SHA256

          56996db371a9a4f950b3a913f2c52787dc32fce81215664b718107b4fdfa93a8

          SHA512

          afb9a2c2ad3a795f90d44441c6159421e2313a8d47a54568d085f1df446841c2ecb51a07ebbf74ca28f1739f5063651cdea7c762539f649b868e85ccd0d7e62a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          42d550407409c707d82e8407bfd4619c

          SHA1

          0f515073707918ad5472093bdec67f81649f06e7

          SHA256

          67e95061fc94dfc3da3f9a307b87381314e3bc329a22bba255a9c8391fd5914f

          SHA512

          6d8a06d14c3469d1561a4a87ac050e14e4fb3fc26e41878a407a6e856c6cc9439c2964d8f48d2425bc01cacd7a70f5d7c23a4e85ee7cd8f6afc3ee6f66293ca1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8d9b012f2e58a4468d4bf50a4da03de4

          SHA1

          cf5de456f4017c9725aff41d07f61272f4edb762

          SHA256

          96ac5ccceaf1586a8af9b165aa03493c47354111d81debe05334640f5713e5cb

          SHA512

          c80b754b65ecea471a049c1a37e7c105e0f67a1f012852cf1323b6e0a69955b69dee2ad7fc96a3ea43fd690ea86b78484852fcb3b5ebf75a208e8c1b9625f14a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          62b93e3af170f565b4d855979f962c88

          SHA1

          2842d85c795288d32f69861ce7f6fd8da66cb545

          SHA256

          e51208b088e5c000eb04733aad1798ee00639799a5fa48ea9ac06a785f77e597

          SHA512

          ee4685b20ef254419737f37711ae454658c3ba596e2e90f1b34366cbd8f227f1d4cccca6313f829da22e88babc3905b96b99e52242d2c73c39ac9815afd0e53c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          276c3d112dd0f6a7c32ce06f2f4f0cf8

          SHA1

          fc7266509dae7df82b75f2030e3281ccd35db2c8

          SHA256

          c16c9a7fffbbc50af22bbdf45a64e1a32e5566cee291e179096579ab37114c7f

          SHA512

          2cb3f40f3c8c8b730b24e30cecd6f2ff332326b23d700ab6f5499042372493b9a75a88cff905c75e2b9b0fb023a91f7a26e8a806493d76d6a757a91d7b10b942

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3bc72d71fde87a79f7f6bc8a7b95d269

          SHA1

          c1e7518dbc77705f67db53729531ff0f7055dd26

          SHA256

          937d18c60dd9bb7e300f838d2944d8da5e63c5a339ef4792424c5225c3bbdc3d

          SHA512

          67307116af6ba4f694e90fd270f523d5886c8771defd497292636c73e731007d6c7c52dbd4801804f548475f2be0df418c92cddf334c6274c52b1fbe2f44d01b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          334deaa4743558321760170184031662

          SHA1

          323998aeaf82625708b034153f443efd297e9963

          SHA256

          fd101de52bae2203f3fea65044179544d70cbc5925d3acd689a0463144c5c18b

          SHA512

          e951e5df65ae61f76528ab9a4a3d0aea8fb6199e6c846348e004c3ac9e7706714064707e12905cd3368e17e2cdb211c1409c9b5101c09f5fc9dd6f962e9f38e6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ce870fd73b104084f6f749f9f3749854

          SHA1

          e3ce196635a14a1eef2857e754cb14b6518e5cc6

          SHA256

          3cf0826a1f8aa06c947eb877e1dd852edf8b54022f878ee04a861f143997774b

          SHA512

          ce96ba68184c5a3469e2c6ed7dacc6295de538e966ab14997a9702a1f61267dbcb5fe60318e5296d869ed296ed2f63cb6558c8f8a7a4510be9796c3215786475

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          011038bb72b0fac5d1585c8aba5011ae

          SHA1

          e4fe3bb79de0f6729bbc66d868580c74f3e6e53d

          SHA256

          5cbb15de7263ad828cab677890456562a95f963f408ebfb3eb38961a69921d97

          SHA512

          40e932c158046c2029b77f5c1924a6834a22acdc94f7c7bdd7d5d350fef2c4daeb90593d8deebaf6e7a86ad99971acb78a558fa956e7a962297dc013006c160a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabFF58.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarFFB9.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit