Overview

overview

3

Static

static

1

da6a838def...8.html

windows7-x64

3

da6a838def...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da6a838def6ec9de592e50a2a32a3fd1_JaffaCakes118.html

  • Size

    218KB

  • MD5

    da6a838def6ec9de592e50a2a32a3fd1

  • SHA1

    3872169b2fd5b16182ddb156d148f17d782235d5

  • SHA256

    73df2e3676287192a5cec7d76e59ac3b85ce6f5ca9c3b82098e0b19d334b071f

  • SHA512

    791ebd4096d3e2702e9d0dfdad703930d5884e19a402895a4cb87d083eda78e1f76023d44575b2aa421ad8dcc021b0ad159e597ee0fe8c8c748bb79c6dc74835

  • SSDEEP

    3072:S/lAr5eLfDycUyfkMY+BES09JXAnyrZalI+YQ:S/lArALflZsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da6a838def6ec9de592e50a2a32a3fd1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1188

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b62f57efcb568996137ec16925bcb6ae

    SHA1

    0663626cc65d6f4d0e8ff0fcff55ccfb282a6426

    SHA256

    68da8adb1b7d88ea7f5ef54ccdf2739f5ff60464f0b34c3d5d9cdf3bce5212ba

    SHA512

    8172808748d0d2c3d2ebbc339a07f2321d52b018a87ea8b60a66779a35d0bcf66f73f4119247b0e1186222b731e297b61c2a772c11dac0233226fe0b7bc7ba79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9919925e05ffe482cd3248de7bc402f0

    SHA1

    9c46dcda272b0eacab1f79d4fc4bc226ef157bc4

    SHA256

    37c845b4d1b3d3ef1f0eaff553fd18b45437efef0e3ba9bc89b5282f3c2b8242

    SHA512

    6fa0b705a210570c1ecf7d9df99db19e504aafbe33a10471d7a7f77a1a0e60de04cf57b845e9a5cc4e337dbcd89b04578a917bc27ef00bf30b1ccafec6c34485

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ebd0258e3dc02e2c8be464572fbebd3

    SHA1

    527c24c25795c35862d8b52b686f76f2eb1a731a

    SHA256

    388c5faca6c3fe6c6c2142ae7284d015e61f49608533bdf47245a7b94d32d37e

    SHA512

    a7d92a69c5584c634c60c12057fdbb8a1a4b84f990be9ee38fadc07e4b82fb6e975d4a2e698c4fb6e1571c21c55a39a096b1047eb425964be7c83782a64b89ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70dde9c472801db9e00f69cb549854a3

    SHA1

    8d8fe9de063d1af7c5c85fc5731c53abce5a630e

    SHA256

    f2042fa6dfa94894e9851b088de09e0aeb0c01e4c6a580746e243bba5b635fba

    SHA512

    e73154ac39de2bf678e61ad29e924b84df5c0efbce772467122057952b7e1bc56f2057a0a025931082e8ff956b13eae5bfc9e79c4923f7c1493cd158520f92c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65511d7823da3eec55a73fb63952c1ee

    SHA1

    3fda44cc441011fc0265c67bd702139b5cb9384f

    SHA256

    eef66c97823c056cc834984b6edb6f71782d3e7ff8f4365d37d44610b4a89126

    SHA512

    fa304849db94f8079dc3a1173e180f1e91fc57a4db77b4fa543b1739bdf268fa560550beaf06e3dbaefeaf2af1f02c391e44b19b258d71331474af0873124072

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0183efd9be7927ee4df79abbe16094e0

    SHA1

    0b52c432f3b6e5878faa8c9391f8a13072a82028

    SHA256

    a3cb6b065fcbe90a23e746123187dc9c3f740deb08151706f421a685c572fa5b

    SHA512

    656f4e46df845a8d55cfe8fa7c817079b2c4dee5427fe372c133bfce753443521bba798edef99c2f189512214f10397bb2618fab6f33c728fe37f67a3e92bc19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c5ebcede6b2a4bd55e0fa4a9d12124b

    SHA1

    e00545d9f3e226ba63564951eb52bad3f05e6078

    SHA256

    ad4b1ff547e3b36f0587427ead45e7f690695a06946981875cdec4383dbecc9c

    SHA512

    51ce2350b0f37c32bde577360266cf7d638415cf286d34bd574dfd90a9e539e48af7cdb6786da8a35f000c23dc1c58816d912d8c6bcc7e6287d19cb1e8cbf15e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad65e1c10334bff157f2ee1c6c16e4e3

    SHA1

    f43e93b20ed88b97a3840e70a3f9c5c6fa152c66

    SHA256

    29374246425b59f11276aade6b684383355eac1ec6cf44d808252ee20baf1c8f

    SHA512

    949f9eb6d836f34c4ace36786f21efd43c6f446ffb9a55fdd37256797af5ff92f60c36454b9ca17e6cc42988746ba9df47b56b06e10d1a77b82219b28cd8cecf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d007a4d40b40a51a7535566c2b9d4f57

    SHA1

    534e7727103964aff094fb84bda66661a206a496

    SHA256

    a1ab2d9d13addbba01998b4a3f1a4aba3af8f06e173033b2f55c655e008a6f25

    SHA512

    d0d0eba04bed3e6e408214d6c0cd348c5bae893fcef4f1240f50367128019eb24390285f2ff4089351c57d0de52e1543fd03575cefbaac747ce20b460a54f8df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D36.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F7A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit