Overview

overview

3

Static

static

1

d620c20818...8.html

windows7-x64

3

d620c20818...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-09-2024 10:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d620c208184fdc1ecf448a15b8220bf1_JaffaCakes118.html

  • Size

    107KB

  • MD5

    d620c208184fdc1ecf448a15b8220bf1

  • SHA1

    394c8aa812d472e9e8e270c68ab3d0f01538853e

  • SHA256

    fcedab4e4ff8c0f09bba851399513fb54acc27244cc44fde0d2a91a403e51f54

  • SHA512

    d5d9a60a0b9dee7ec9e2e3507581912a97e38cd36980401de24f88de9bf083354a4156b81d88ca8294b7971c2b4058ca1e3afbd482c2a0c427ad31866018597e

  • SSDEEP

    384:Gnv8HKSkvKWDLY4Onv7L6y3xukkATD0CjDFJQSD20LOlRP/EFlGLy29t9s/XxbN:GGXkvnDavHjD0IFJFichFlgDfe/hbN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d620c208184fdc1ecf448a15b8220bf1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2980 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a07452de9afa8a4fbc9f3bc2eecde92

    SHA1

    e76d21ced47fb1dfeb912c0474096b10a3ae29de

    SHA256

    2ce95ee30d473619bdeb63c33ce31eaf4e4e849a43135a4578ba4f4f8c898b4d

    SHA512

    5622b3e6729835361147c0027c03bd779d475c0dd256f4570190551cd6084924141de5df0788785c6701941b4efb7e65b742d63b162642d3dc1913a99021c369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80ce0203825df72a5a8924275c23a706

    SHA1

    e9b954edad34f76ce7da5a29e810f4964df28315

    SHA256

    c68500eee76c2fa8dc11937a95a9b7d56a36e737deb7279d03cfed99455537bc

    SHA512

    345afbb6b5518cf26c714c74884b2a5bda8180f90540f1aa649141aa4d549800aef0b86fe6fafd687e16c9f2e6dd6f13649d2f7b83624696bc877b83e3026a4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5175c2cf8c2ab4caf66bbbdb3e2edfe

    SHA1

    a748ee1e556a0fec6c394b3488e6abce4ba55b5f

    SHA256

    2d3b74c8a14ad41409056354179b1e4fd2355d15016ba94d2ae064bf2f468aaa

    SHA512

    12374243dae1ceadcca5d238e16dcc6f8b459516d783dd185e800c0a0666f1ceeeeab4bc05936392e30a6385780bbb2224c883e4ecac0bcbd683e3f1d293ec97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2da15d53f24ca14181a8bbade9a31b9

    SHA1

    18b75be0234dc3d5f5141fa123b283f53e2ac9d8

    SHA256

    86b489fb94c0a94f848cbab62ed9c0b5b9f11cad01a7a94b2c5f48134aae4603

    SHA512

    7813aef262bcf158c57a4535361fb5ad275753ca5ca3cddd11103882144c364472e208d20c70b69dad0262d6d29554d0dcc8fac6e75f6a97a90f5f6cbdeda0be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bc22d7241a32b82eae282481d3e238f

    SHA1

    a492b10f492e2434773981d32fc4f4ea58103ce5

    SHA256

    318f6ba2e0899a43b1cb74749df00fdd131075b4ccff3a17321ea61d7f3044f8

    SHA512

    44b9eaa92327bf0dda9a07fcf06f7be1298d5603065516e5cc0e81ccf1cd8105b6e7fa1b4d987cc6b7bda8cf8590c8ea40ddcd198f586b151e686cb446f49de6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c32ad03d419fe0c1ce6f7176f025dfe1

    SHA1

    4dc17bc0786c143141a3e040472f8bb6b2a0635e

    SHA256

    6049d51bf689366aeb5521edb5716d7a8be8786116dae54773aa0c4b378d3149

    SHA512

    5dff514f12571dbe62aa6fb6445315942e590ad8812e20a6378b9ec147068a4bac54d92254593298d3850bfc87b4abfa4e15b28f63eaf52f4ae39227ba5f5f01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47132ff1886597dbf83aabb3264196e7

    SHA1

    d75c142a27b4b5a73eadc25c284d0afa919a4bac

    SHA256

    011d9795e7a59be4417d0473792d2e6ab7191a502ce75d7524e1529331158aeb

    SHA512

    ce92a795dc07d2237000841c31664e5aa3cbd2e6ccb664a30a79358969523fda46164fa6a44d8168881195d2ad7e7f2d7368c14e06f66dbac0c1cb12945f600b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09ae649ae55d8a69db04e3f6090e90b8

    SHA1

    d120b8b55d2cf0084a3296fc234bd9de4e130002

    SHA256

    6e7b74dbf82b20949a1d9d282c085e647c6c03a10fdf3a28bf2847d7ec03f337

    SHA512

    ac2ab0d2d0a9e830ce6e64026cc8d82a5328e347b0f356265b9233ba28803db5cb5befeb4a90b405b6366c63fe7afdabadedfba1fa204ad76d87e8d576108432

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8013eb12d74c08914b92a58f363f053a

    SHA1

    85e97010d0b32a4bc86f6d01de219599a6485f4c

    SHA256

    2e4a3262296e4d1598217308bcf695ddf2381c42be7d964f6f3b707f7fcc31b5

    SHA512

    197bcf948ac1eb7deb8567f788f73dbd37dc989992048e3182a1d24d4b05dafcf95ba3169b65113437a895360ac26d7f4ee48031a8856f82a7292ca6f7a3a840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6567d3c590be880af78eb597bb5f73f0

    SHA1

    cd42fdb3c7b00cb9cecfe462ac877bf466a37d2d

    SHA256

    915d10bce94b972f307451d524d1cd2009344c35a0d0724364522ad8c6c48da2

    SHA512

    4e70195d9d60b02574716de73036dc92cd2988985d0aeab93fb361e9fa6d4efe3c2797b3ab5a2c95de7d44697a3e86ee1be517af4fe9576208a7b307370adc23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3632d9a952ae6569df26dd14762f396f

    SHA1

    14ef26038ad54fa97745701b7dba513687644f29

    SHA256

    8cd1009457bc4eaf5c5221bfa1c5a28742db8d158f51e5fc4cdbdc7e1f1075ea

    SHA512

    ef723ba506f18320a989e6f019341700e0c9db7173b27617fb8a7749b57bea33023498280aa84f348595a313ae00d7288b5d39b3aec4004c02a847981830c109

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61d25062a20e08e578ce3339f0247329

    SHA1

    c65044baefb410d3c41ad278eb1997bd4879761a

    SHA256

    b5edadb0a8e69ffefc53439d3cf6de4159d799308aa3956608e6525838bd9537

    SHA512

    e727bc30a5b960f6d1ed656d2cc2ce274c53ae008922f182c152dd44f7e6cd7f09d18098bf2fd7984ba9e3a93bf08c5d2dcbce5045bb5d1bb49b5a919047923d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf6f358451f85a5cd33e1c564176ef9c

    SHA1

    99b26c38e890909ad0666c4d823cfa7d21f09b1b

    SHA256

    d1b6c55a1d10bfbd917cc7633037a6443b8229be6a455c56a3dc64e6fd6d2cbf

    SHA512

    35d70d57e02ed5e8e7f22e56d02570e07e46dc71667d3b863b42e46868a782319817c5c540032f926836d32731f08bfdd701b6353cf2b093342186708f927bc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    305591f7942c9c9a08502d7699d4a9eb

    SHA1

    74468a810c376892e9171572d95adb41e96d0344

    SHA256

    453760cfb012047a719eb4a67ccd380ce64b5d21ea3c48eecfda4b0f7f87a201

    SHA512

    75ad915e46de4259ea64eee42394c2e521eaca0f5c52eb32f655aa34ab5c1aa628a1ee935d7030c7a5342737bc79d678f78e9fd9cb6c604daf5523774e269075

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4ce1843bc1853445ba0e477cfc88ee0

    SHA1

    2574f283b420a38b7fe7d4ac79b941f1057c9ea4

    SHA256

    755a13ce3308d31adb740814f30195f1fac707220f592fd0c7f18f695da6041a

    SHA512

    ff170605a7243eeb3937096c077c55066726699f56480e2d4d62e1b229b6ad8bddc0510872136e8840891699675bb50681c26f3b06dac21d7e33594c31979028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99488ef301d4e71873ee73075c49f32e

    SHA1

    778a61223baeee8abe4324ca3464d477205d85be

    SHA256

    83b57cbae5b235fc648fec1cadd9dccbb4cec287cb8f999a897406b71a590ba3

    SHA512

    211e20101f9ae8bfc14d16bf8874d243e56dddbcad628c93d29080c5074c0730bf817a3cf45a69ac82507390540ee62af53de2c2d5a865adc96f1fd2e5729e2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0f509c6005bbbb7f6aff22800013e24

    SHA1

    badd9569cd8bc58683e23e4a3697540b0c8b9fba

    SHA256

    b33001f8b7894dfe496a3a6e104233c3f066544bf24236affe94633f2c37febe

    SHA512

    8930072a5cc47e5f780d18a05808ba6954e1a2adceb8e01d9753d3dd09e8f8974d2b2037ae1b3427a554d3a4fd902a2f814fbe292420ac88f8204b0e78072b5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a00791192b0ee342c1cb4f0f355f498c

    SHA1

    d22d59ad4b203af7fd714dfd2f315b1af143aae6

    SHA256

    b444d5f723956d1c0b3b5c4e174befd36302e460a07a738b8d7e4a30b9a3c3aa

    SHA512

    4c11f4d51823fd5ce2c56dbb92a7e0945d56cd3c79e92d62e416915c23bbc9cfd04b880dc99b429c272fda74230ce3b2a0fa559e6c59cf171dd58f9a4efa901e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8bb2c37ffbc24aec7c33ebf57f38eec

    SHA1

    b7c8fe40a7ff68ceb9bc56429b22405c0dbb605b

    SHA256

    b694bb7f4c054d290395a64f59fc5ff4cc21073396d9f4094b02593ab5688e9f

    SHA512

    18951122f9feadf3608e08ce2dabcb3be85733c7efd14337523e301c29c5b47bdcdb0dc07f5e8fb64d662f6b35738696ac711abd35519f3ef11bc38a7eb0b806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18fc5f5d860afbd4e08fcee1db3f5f19

    SHA1

    12ac93a41b0b6fd79d55df2e0eeecf4fdb83a910

    SHA256

    6f2194e920f6697f762816e7da35a7b4df6faee91ec81a0e13ddc5b4242ab2c9

    SHA512

    6f18c7ee7e5add22806331d8abefc1aedfe560b269c025c9c43983f80e5efba07a93d1d458785546a968ceaaee96bc047a5b2564887fd487494454c01d3020b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab400E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4020.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit