Overview

overview

3

Static

static

1

da6d0f18a1...8.html

windows7-x64

3

da6d0f18a1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da6d0f18a1addf74516a5d13eabf046a_JaffaCakes118.html

  • Size

    53KB

  • MD5

    da6d0f18a1addf74516a5d13eabf046a

  • SHA1

    d5700909c4d1b65d8299d68bf433cb788bb6327c

  • SHA256

    43a0cb2e7627612bc67ef149380073246febe35db105233ef055050a1a8a0743

  • SHA512

    61d42e436198f228058241a77321984191f593caf86e45e902d9260b175c600dcc0aedad5aa15343b4a0bf31bed98dd8f8d19bb87da6e00ff87eb7a27e66c664

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUorunlY863Nj+q5VyvR0w2AzTICbbGo5/t9M/dNwIUTDmDL:CkgUiIakTqGivi+PyUorunlY863Nj+qB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da6d0f18a1addf74516a5d13eabf046a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2496 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c44eda7f842ff2293f34a667ffe705d5

    SHA1

    d4465b5c0154914a967ef09a8b433422f50a58b2

    SHA256

    74c1becb9e0f5b892179b5e92d1223019ea1d4e2328f313682c2f4d7ce65a8c7

    SHA512

    fcd2790b3f8290d357c537fad0b499c1b65e972404bf3d297d7f7248ad368d99763495d52ca49eb767fb2f3992f1e5b09fd52c4ad718b2970ab178f00d7d9493

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6b4216198f2bd85c303eb988f1961fa

    SHA1

    94477a958446b5d9130ea35d980c179062bfa873

    SHA256

    057299d19a41df00b71dec5785072f150d137f73ee5c9e2506703c486095cfd9

    SHA512

    8950e5a64e4d79b0f5a47a86ecd844c6ad868d3be432bfc2571aadb91cf0b51d66669c7eb300d70d0c5b065cbe857e2a94b9b718c4ed4a7826eb2300a8a3fe03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6963c96f8c0f593765d8dfbd1aca0f80

    SHA1

    1ddc65581751e5896899a16a44eaadffab7c7f45

    SHA256

    af53c44c3f0769852ce0af58049a04010ab114d1095972bf528535f32bdd4a35

    SHA512

    822bdd25dee91eb414aa689451f5d7cec03e3ceeea97e9e01edb4ecb9d792fbb8aaa3c3d20864197a53137d7f077e70431cc115ae495230547d5a78296787ba9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    333c510c241e75d86f887bdfd25147d8

    SHA1

    3c645fe7e17f47e895113ffbc0e9128cbbd61a24

    SHA256

    7e2ff44a6c83180e119b7dde3483649e48e7300f20aec9bd9e08bbdccb853ba5

    SHA512

    38f13fa1bc5b20548ab2b86c5278ed94897eb3a341dad1565f869238db7e2760a657de597d257dd35f61da2e4a47f618f85cc0969db2cfe5f4b37a9a621917a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    678270995efd326957854af78a1698d7

    SHA1

    07f0ca8d0ca3812ee2ac2ff91bf38a6c0ea90167

    SHA256

    f3ab23b1002086b59dc85867e5740c7d577921e7a712f0a6e8d8329c544e70fa

    SHA512

    e1c4c38e76cb6db5c9c8f9f924a04c14dd8af2e3cc206c8ad3f356d8d548e7b1badd99f6275a2ba203aeabbb0efecc7467ebda128ae1b7f814d0918c5d3dbf2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a26566875d36b49fdcf0f0d58d56ee0a

    SHA1

    e00124b8fe81d272796c2bb5c3d62f83a73e650d

    SHA256

    ccb9ffabc2c5b705148658399a4d4d773836e96814033b68fc51bc4df7710806

    SHA512

    7cdb21b079ed1835374df252d1655805cf154a8869ac14444d451dcc29d14e298ab4517148f6564e08d36c61cb115fe207dbe494f5a4a3e08ebc6cbf4e603e7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc26e5312bad65041628c952ff8e506e

    SHA1

    bb55cb23ebc447b3ef23dc108b6d7f73ec40346b

    SHA256

    db4c71d393603b7859597b1e057d3550a3ae87d519eb3c395f6fe76003d81a61

    SHA512

    ac18cbd86f279f05ef5d910a54c319f6cd1bdd9f7ea641e378b2c2d1a42770749a9e1c2d720f34dd055d9397e748c13946afb325a3527d272d6fc2506f756e2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3707eb957b4d3a22ac42d535e5a5d76

    SHA1

    7dd37589e5eb1e2671e6a560ebe590fa4b16d0e3

    SHA256

    b3e1b14ad5f43f42bc7ad4dc7e89eae6018bfaf1b39ea3fc56ba776c4b750c93

    SHA512

    89b867bcb390e4698a67d948ba327de64710e2610d620ac7f9f65fe051b7f9660b37da513141ccd4f1addcc6b9cc89eb06ff8cf088bd4c49c7fb74a2f14fd7c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2db6c35c3f17f5293e42de11e93f38a2

    SHA1

    21f71fe9ba043d7f7156de33d855a971961692f4

    SHA256

    1e856af32b5f297acccbee8a53b620b79d5766c957367e8a7dc0c26bfe3f32f6

    SHA512

    ebb57e4f0580153e23fb8c0b810151b4a2ae22f9fc9d6191278b585ec4a9a8f34434510139f1146d505e2a72c803cde10ca446c69f2ea3c992a044f626ec011f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    695250d13978cb28ae98bbfb622aa9b6

    SHA1

    90869559937c1368f35b9705b5c2800e9a465323

    SHA256

    af4bcbbd9ea11b9b7fabc992e543ec116129b92056876112c2c3a0ed60a4a262

    SHA512

    817962d84798fefd3d7e40ae666ede85e0854f711b424205d90faf82312d73717bb5069b35e655aa69ba8f8b343eb30ade804c9b54ff259e3d52a4871108ee1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdba29a42aaa619b7eea828d97140753

    SHA1

    33d4895d6ef71ae2af41d7703f7eafe67d4cbac1

    SHA256

    bcc3b15f170f2c921e0b61913e31d4121a77fd783463af0ef921f28c44e91a5e

    SHA512

    fc59feb57ca73b080709935fe76973b1d84762d7d4800cbe339b7444d7b7b1a4899cba4e519f7ba03e974eb63fb5a942316a79c6f52a4c1f3941ec5aa2de8503

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\style[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab33B1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar36EE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit