Overview

overview

3

Static

static

1

d67c1713aa...8.html

windows7-x64

3

d67c1713aa...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 14:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d67c1713aaa0493838c231a209053a52_JaffaCakes118.html

  • Size

    460KB

  • MD5

    d67c1713aaa0493838c231a209053a52

  • SHA1

    347326000995bd48c2d30e2082e4ac38f0577991

  • SHA256

    be8af27a22efa93c06762fbb241829738a235de7c4ce3c9f609c79a681342325

  • SHA512

    6dd69a975b57d5f9ef95d7de0a8f570c2f4cd32f041fb4e6d162423cbefe9799232d9db5a97d28f414d290a3f93f58c0ace39aad83b687c68031c9fcc45a8f53

  • SSDEEP

    6144:SpsMYod+X3oI+YHwsMYod+X3oI+YdsMYod+X3oI+YLsMYod+X3oI+YQ:s5d+X3g5d+X3D5d+X315d+X3+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d67c1713aaa0493838c231a209053a52_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1788

Network

  • flag-us
    DNS
    ag8aq.cn
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ag8aq.cn
    IN A
    Response
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.9kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.8kB
     9
    12
  • 8.8.8.8:53
    ag8aq.cn
    dns
    IEXPLORE.EXE
    54 B
     107 B
     1
    1

    DNS Request

    ag8aq.cn

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1fbf9f114a367c65e6f1553675c3f99

    SHA1

    2e67e994f654544e62c91d583e8651c90e95e4ef

    SHA256

    a35496cef0d89f0a0b02a20382e9558f9ebaffb11fad9c91d98182631155b035

    SHA512

    21d8e93bf97ef07cc519b50940dc8ff909303d1edd9233d6237dee761857f3c021bf56f1dee844d7988c7d9e4e9056730708e572bcae3c074c44643b4f2e78c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1257bee826a0e45364fc4a903573807

    SHA1

    4e4168d13a4a7c4c6e4be7ef7e499afde2b4ea85

    SHA256

    a00d84034d9517f4ab6aefa7f5c47c8ef59d092dbf8c555f8037b9710c5c791f

    SHA512

    272977197b6a80bb8abe5d77d34babdc7e9db44272dd0f3b31205724f5c7d6a0da7c2d6551a15132a5de2b5645bf88ab4e648567f6a3e2f35f6f5c25f8d8b3a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca15aae504e0ae59466495150135c731

    SHA1

    73c006df363ed1b74d923b90ddb7722ae388dfab

    SHA256

    09d7faf803f59b3e1ba85584fd6f419452e719c02f44b40901c631d3f84e96e7

    SHA512

    293de80b624088a390bd04a7654aa286af25a594d5fb14c9376d0980e3ebdfe1b51f2ecf3bb6b9a2cd513a66066938cc81593e35e10e4d402e3dc01ca2db5802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a408fe8f16ac2bd5a15da81958948ad6

    SHA1

    4e7e24dcf0587c5adb2bb5919acdd6abc86b615b

    SHA256

    36949b9373a3fd6837e115c87ec200f9f823420b9121732926dfdc7a6b1eb89e

    SHA512

    540345eb17ba72d1ee25cc912489adefdbaab2408c2909c571626b848ef6267b7f99831ebe7034fd616bbad59cf10efc4cf9634d63aebdc93810c2fe83e21f97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af7ea1a0fb18424e1c26c90ffefe76e5

    SHA1

    36bb5478c02802765a6e06e918a8e95493aecd73

    SHA256

    f341c619d7749ead6cc685821b4d1aa8ef233e50957ac2d950061bff526eaf1e

    SHA512

    f99eb0d228424d99ed748e960ba21b9d0ea0ac0d4fac32f1bed4c6fbffe99fbcdc87e6c690030f1d7af361ffb53d70657fdb539986deb019ac2f9668c02fe308

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f66d9b3e494320ca77d7c7305dc344c

    SHA1

    0dccf48c27a19e4606d48b5e4af6e410838d17de

    SHA256

    4e232c1ef54f13458c7a57378e5016280abf1f18a9365aaabbad96a9280ad664

    SHA512

    4f2fdf87bcad7d933843d932e251037aa86f7a28e8d03f1414b1f0fbb7a1736fa4a7c7b58314dfaa6c18715fe699959044d3a5c1614c1d0d19bff6d2baf4fd02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14876a8f29dd5dca3abfcfc94f1f6799

    SHA1

    9e4bb9abff526ac0d2d7833d76b734451319dafd

    SHA256

    1172ad6b5367b2e146d51cbf37a4b8a2535ca371458c1f155a3d657302f30463

    SHA512

    6c57add961abf06a426bee5a56e6f694fd2fafb8100c0cf2233260f0e9838b529511a89bb25900b9dbf0b546fa94edb3ad7d68704c811e6b77692342e15eb870

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9747453e85d07dae373fe971d187e506

    SHA1

    189d0b885a7f4fb527bdfa4020aa87a24d6e93fd

    SHA256

    30c1f89f8dc1a6fa5fc0d5b5ada4e5ce41e86f5a861026b125b8e18497a877a6

    SHA512

    ca343254b1a8633b19c4d3866372699bb36e5139d3197af3f6fc411351e35eaef1c636be40b3f2c85af4c6850741a1252b0384e67fce78aa2277c55937965634

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c776b0ab3352379a1380d6697cc5e83e

    SHA1

    7ab0f449edbd88fb772fb31840b9dbb1bd29dc4a

    SHA256

    b2e8e7eb4a56d6481040c5f14723aa1f0bdf2ddfe6666e3de3426aa7d494bd07

    SHA512

    2dadd66508833efa420b6bf804778f8952f63932e74c489ef4cfdec27a91c3677b6f7577c2e2a7309cedda51a44565b0e6a1e8c96b509e1fae17385fa7bec7ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    201025689714decdab83321d280b4b62

    SHA1

    006a9a80247d811ebba0462d4a1a6442b15c85d8

    SHA256

    14665a77acdef639bf6b20e24a0957312b96839cbea41e9d2dcda0bb184569f4

    SHA512

    9a95273e37c30bc25403de094e4df3e5c8fd31cb6d056e67441dc59e29092444c2702fb355047cd855cdbc79490417f193a71f879c13d2103e556ca69497ed63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    861c8a60064f7d9d29589c256fe49fd7

    SHA1

    62e96c53b9c5d4d13f6277ffc29d19ad8b6fa3d0

    SHA256

    7d4ab0305c31de4c81d8d35b496a6ebd35e81bf7ebd460b22646370243e19647

    SHA512

    1c43a03608a848120c5049c5938e94fdc07d14d50f23a981dbc3392cee5b7b7bd0d22eb8567d40d94c247c716421319e24704003e4ad93bbf01598ddbcb840b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13e0a98094ada3777560104d9df33b57

    SHA1

    a651faf304d4a4a33cc2d6fc0d6dcfd0e322033e

    SHA256

    e732e9160c3e03b70d0ea2c66c7a5cbed1bd3322b818f89a4f75345f404e71c8

    SHA512

    c6dc7ee1294e4b4fe804e08dfb1d4124b16422bd42d3aa772ba4cd700fbb8b94889c0e1b310ba70fee9c19227ed2a8f2f20e5c9254e5ea6df4fed7dc250d8f32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82610ca557a49441aad0c342628af196

    SHA1

    3e2cac207d82f7a410f731c15ca773895817a850

    SHA256

    c0622daf66f7e14609fdd789816e7f3ee02f95bc090ebe2ab53b833d721b4743

    SHA512

    f6a8ffca1c68650a744694e863f0dfd0802d8dcf737d528b4b44fe9b5919d93c2e907bd341030636a453969c59cd7b4de261e7656b4646f990a8a615b3436726

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07a21d1ccdc0ab1ba4c4414753ff742e

    SHA1

    0fa07e458a6374fe9030fd273f404b96936c8c69

    SHA256

    3833c819c7ab9fd257c92bbcd7ea37264a023ead3a04ce57b3d6a70fb7513e8e

    SHA512

    2b20d0fe74077620414df6b93d9842b0f45b4aeffd72ba2fd152927aede08814e4736c32206251ef63603d25a93981ae0356990189b80f14f634d29fe9445fbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1af98ddf68f13e88c7b91c651e153d1a

    SHA1

    c589a50855efd307ec4fe13de0cd718636628a66

    SHA256

    b36580485bdc7f3ec23090d957f4470d7193d12d79453793c35dd700747f2ce1

    SHA512

    80e88b8e239ce8599683d6a4130ae17d33b39d2b571cfbbec97fbc7f27aea78694c016023d87d244b56d2a4f82ca2f6c78e10afaa6900461d330e27abf6be684

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE8AC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEB9D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.