Overview

overview

3

Static

static

1

d9c2d59cde...8.html

windows7-x64

3

d9c2d59cde...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 06:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d9c2d59cde1a5eef4f31812269e766ec_JaffaCakes118.html

  • Size

    27KB

  • MD5

    d9c2d59cde1a5eef4f31812269e766ec

  • SHA1

    10382eca040187c1adb74144ffc4618dff02f089

  • SHA256

    84c0cf9c51df0f5d4ba6e42633d27eca79e4d1ef225436b61577a3937aa14718

  • SHA512

    8274b6b1f7b88a837c9b746941623deca00cb84ad45ed803da2972eb27301f9eed93cd972ebbfe9673cce09f0467283df3b655b4f5c80abf9f34b98511a69557

  • SSDEEP

    192:uwrAb5nBmnQjxn5Q/EnQie/NnLnQOkEntAinQTbn5nQ9e3Xm60HRfQl7MBfqnYn4:AQ/jGJAReSBaR

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d9c2d59cde1a5eef4f31812269e766ec_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82ea9c00bd5a0a07ab519f03fa3beb03

    SHA1

    2862a6efd043a260bc45714d0521b1f9a4cfea4a

    SHA256

    15603eafac8738f4c5a75d87b6931caa9e7bd946c45bf80dcc34eb523018ef85

    SHA512

    7eada57c94636035f9ae6444f421ca83c10dc07afaabb5ccaae3648a4ea2c1b351b335dea822038756ad0938fcd3f1bef15d24f101cb845029e50bbf59fbba51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    085d8c0cd2d20dad03ca9f1b003c0030

    SHA1

    17723f27a97da9d2ce571aa991f0e4cb22854ff5

    SHA256

    6242a2d8503d2c2edc8acb5f8207056b31e157b26b02b66ba88fd328e9adb3bb

    SHA512

    b67382cd09cf42906edadf75d87acfec74a82dadd59f6964446807c882aec1e7e95c980d6e7feaa78e66989c7e8cdbdab9ca6053038be4a1503e37e4f5215313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07cf52300e37c67acf7290889fa3ae83

    SHA1

    056f5802038021bfae170cc52e208e996dc4f551

    SHA256

    09dca006e7a12f4769c904d338927c337e148d714c3e53b1cbd2116a47657f05

    SHA512

    a908d9b2678f367d3e08b723accb4b198ad404669c4cd43ee1e93581cc469b26f626847bb2a4b0bc59bc31860d200fdc903e832109f0d6a004ed528bc95a0070

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39050eeefd2581120a996a712eda3444

    SHA1

    93b503f70387b72876ac23dc72eaa4576ccbd943

    SHA256

    c034c7bbbb43b251ea71bb504c5bfdc02b1f06d4b5de5a04e44fbb1c6cff9716

    SHA512

    efcfc8a5ee95497abcbd34265fa50004cf2d7f4c3f11b234438ab667317a87755255f0685ab7af775523f440c5c5de6de31409256879936e5d7d815b8c7a0d0b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCED6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD205.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit