Overview

overview

3

Static

static

1

d653b6531b...8.html

windows7-x64

3

d653b6531b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    84s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 12:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d653b6531bc7f47b64876f987c8f8a69_JaffaCakes118.html

  • Size

    27KB

  • MD5

    d653b6531bc7f47b64876f987c8f8a69

  • SHA1

    487a4e788b3e601b080199e3464619a601970789

  • SHA256

    3ec14875a44b45bd289979522aa4d7de15538ee66c319c0e0815f3797c7a8b48

  • SHA512

    388c1a341a2ba5d92c27783014cddf3d04fda78e823d2944342717c4af2167c58bffafd95c6a2416db13c82d7b367bb25aff31e31645e16803f94f851b8bf209

  • SSDEEP

    192:uw3Mb5nyenQjxn5Q/BnQie0NnmnQOkEnt7bnQTbns8nQ9eOgm6uhEqQl7MBUqnYM:PQ/abY8ENSOJM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d653b6531bc7f47b64876f987c8f8a69_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39aeb9ed70db4533d454056b1f88f1e7

    SHA1

    23555f4112eceaa3b7dbb996e840d55c33a799f9

    SHA256

    ec94a4de6c78afeec2fd6efcb745e80235b75692c2ccb269825ed79fd956c5ee

    SHA512

    99faca0a930f675526545f47bbf43fc626f3dcf7d60f2670435209bc3a3338d7d514ed1e787b11354799895d2243e090cb4c12a7a7689769854a315140d9ba1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b69f5c6a48b7e98cd76ec6a55500f2f

    SHA1

    2c8cad95d8992bc925d5383e0789737342debab2

    SHA256

    cea7835b197b24fa3e0fe8589d27a67a7f2c9a2ea13a7723fe2ea5ea1af9bc9a

    SHA512

    bdcf755fff6374e2233acc99aead9c812f7c68884e3333cf1b3294a650eadab6e287993c1aa9fa6ea0e4749e9ded5752f560ba7eea50681a0b79398f8b440d3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7424b13c251a1f14b1ba7f90f6a839fa

    SHA1

    075bc116c01311a7bdc95db95ce1f955f545ade2

    SHA256

    4c1f8162484d92319d638a4d94dd4d4a8d33c66d2e374e42c7f03ee473ab557e

    SHA512

    7c581c2a02ffbc7bf0163a45b463acdaac5de411f55e3b276ae1a9b9a378d6493d67529d38ff326ac65eba6a19b22f522503d7397ebce2b0178185dae131f714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b173b0c76b119b6c799fd811f5fb34f6

    SHA1

    6078dadcac6707ef54d218876cebdba07df009d3

    SHA256

    1fc35074b279f99b4e6b761d8e15b09296073110ba63f377310e196fcd160738

    SHA512

    6390609c7deb8530c5f2d96b5d3c0a7dca84b99ec534236965fb0b4c97145881369974411fbb394ae1309408556d3bbe3ea4e8ad75a2e26cd3098aa65745d0b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2c316cf79188ab024b7cf3f73df9c5e

    SHA1

    8c0decd69c6ea593b69e04bd6cfc45845903bdd6

    SHA256

    e1615a3bccdc6239bd9fa0532524fa9627e3a6d27c07997b664f9e40e13add66

    SHA512

    feb96fbb9ac2a9e7946421ec08b4dea58b4b9a3888d415a71d81a680847d1bcbc0423123189e10fb9f658c04cb771740955a215731d96069b993d6d3d5bda405

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a820f9f2509cbdf92efac3e537fe657

    SHA1

    4619a29bdde5bd7276096ec558f4eb0c1e91dfdb

    SHA256

    06f1b779411b58b7d060795723fa825b162e69f7f62795fe2ba710695198e32f

    SHA512

    9d6b24ce920cf8a16414b84b6e75b18682f4adadf10f7c3b8bbf16992e6d297cf35f48b56c8708de535dfd0ed90f323f7a6e6de0a3a5b55470a20e69ea636fe2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17ee64ccf3bd834400369b312e7b8f3f

    SHA1

    73f6104946546938a47b8635a36a86bc5c9e9341

    SHA256

    a5772b44662608b63210c1eb3692cab813320c3c31ca5ff2bf373a7d3b3f42cf

    SHA512

    45da33559f322821bd4ff6ec28f29630cfd869b12ae4909b78857c9f5e5d77f6e5f3dccfacfa8442c2303a492409f59d545f54d2180d6e00d37ec7d98fa886a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f6dbc01ff063c9ca85e618053689bb7

    SHA1

    78a824b7f20ab854ff90d2b1f0a02c474b18d019

    SHA256

    6790624e6a3401c8f7ac2bcfc8310e319477342d8183abf07474de91b31c58ba

    SHA512

    8b2e5b56ea20bcb3485acfbd8ff764810ece51092b018cc9e9f56d1e4252acd28540858e42c3ff7006d1b3b2aaa234896b49d60d8c1d9d3c25713ad5c30561d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ec9a6f8c0550d8d5c9bb01e312e09cf

    SHA1

    df7ab123d4a6fe0ee132e8a9b04aa4a06b065f00

    SHA256

    936eb299ee3df60d6da062c780a36df6f36d666082fc6e966c5b73d3cb4d9b0f

    SHA512

    90a0856ae29382696f92b106897803036189fb4839948626370fcdf85cea01e350bd70f51e3f7cc3c16917382a17378bf012c2a1c4b86bc1bd801c659403e4d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab27A0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2810.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit