Overview

overview

3

Static

static

1

da6f8d12e3...8.html

windows7-x64

3

da6f8d12e3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 13:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    da6f8d12e35aff289cc08c5a39229540_JaffaCakes118.html

  • Size

    94KB

  • MD5

    da6f8d12e35aff289cc08c5a39229540

  • SHA1

    caff89b27702bea6dcca5e408f92f2d3d3ee72c4

  • SHA256

    e30ed4b9b8d8fd0e5f44829c2c7693fdeb2148dfad618f6a1e346dc293b80977

  • SHA512

    f7fc236d9c5263c994f3aed9880d74508224faf2b2b4a7f4483272f1ae125f9f5ecd9cbc9eddb6e2a39d5816af5f85391131b0b591bc6806104a1fecd9999dc6

  • SSDEEP

    1536:WMLiNVordfGOL7L9FLMnzCedUbpvyuQaehZ3y5/BdkrY8mgHC+qpEyW:WAicp/BdkrY8mgHC+qpEyW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da6f8d12e35aff289cc08c5a39229540_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2960 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1688

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f543e1eafdd5fec3b2ca3ff83e0bbde0

          SHA1

          20308aec2d93aefa6fad556ee071b9c0df99523d

          SHA256

          ca568d77e1d1155e62dbe12708ffeb4b6ddfd304be82937dae7bb66f5fde5221

          SHA512

          0a31a9eae6ff7750b714736d88e3fa38bd8cc750cfc1445080322185fb1f782310d715591a2c1bbbf9f8625815eda2d30f804cff7f51bb1a1d4e6382a990582e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          aadc989488b4515eb3b3c9662c5aff20

          SHA1

          3ce5909f9e4a253c2816c4b2bade491da6275df0

          SHA256

          457e44bd3e697a9e21026611e1a996aff82d256e8a9ae80bc0c7808abeea32aa

          SHA512

          814ab69774ca80d2c3779c35f52e94f4f652a4db569f6d6ae9f9d30778056a992e1e77a48207c58005f96437641b890c57dc8ccc024f47ae622dda094af09616

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f7258d3ade48f65c543bdea0aefe84e2

          SHA1

          42857bba0c800faf2f7c181d86efe5877688c4f4

          SHA256

          cad538525f5f320bdfc943be665e5cec49493cc5a3ccccfb22b964f0d156bdc5

          SHA512

          683dfda5015fe0f132cd9ced66b9367025328ea9bbc84e3c2ac3f6c3ab518c5c12c8990fea0795538e4e981940e73ba624d5ab0f6144548aed613b3b7d402b32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0b1c5bc05bc0a095466eb6435a12a86b

          SHA1

          c5477d8ccb3e2a3db06316b0d2d1aeba588a35ff

          SHA256

          638459b8fcd2bce74d07611a9f08bacc05d3f14361cae2734bce89281c64e0b5

          SHA512

          d05d2bae774f1fdebc351d30225aae2aed474b7ff54d233631f8a271f22d1e55d7618b76f510c38ad830606ef6bc6cf416f3e23d47c160422c6d855081a4d154

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          90196af64e92a71b0d6a2e1f0ef29dae

          SHA1

          139e06da11cd84ee41f14b25f7ea3e3ac90d3201

          SHA256

          46c7c800de22eabd593e61b35218a18faee2f86ec6c9047bfb14f12767d932e0

          SHA512

          54806e8057207f3d39e4bf88a0496d736c7eaae9a30dccd232a2608d8d5fff22aba65dc2a0e9e6e18f9f6674fe74be15007bd2f04cf8f0a7d858f8fe88bdbe82

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b300e407d771541f1f7cb35af8473e8e

          SHA1

          8202d6b7acd0baab0b4502d29eddf709b32a082a

          SHA256

          bb77acf407ce4fe33261c7f1046fc6bbdef213a1c06e3fc17e8921f7a1a259fd

          SHA512

          cf0d7717f8cc4d0b11fc723d00b6028fc13f2917e0cb3cc0ada57883dd1cece2a329ff5c09ef83d8ec2cf8fd76b526a1125e471f15451dab7b1af4882a8a0a2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1174e42fed5d360521e5159a6c69de51

          SHA1

          ea6415b0cf0f2ecad12fbacf9c1c436d5934473a

          SHA256

          d95d2a02e68ab83bad08b1f526ae9727d885f3feb17093b5eda96b8e757cebb6

          SHA512

          f03edea5cf3615801f5aa39d272a90e2dedc73f2f7c066f16eeb7e68bffe6417e40500c66d6d9e5b076973063ae3d9c2cf5073cc7362bb44974440dbb525986e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          26207d4dbaa45622476df3c466ae2d8e

          SHA1

          df9510fcd958bd39496432e7bbba956b4f29cc2d

          SHA256

          3eb20c61bc959f5accb28760e787c1aa0024c8969d32e573ab84995961f0eb66

          SHA512

          f85ed6ffb9f11985304ac46d58945f8996f48906d6c5a6b3f955b39f5fe2541caf140499dd0e6fc3ba01d0281835367d5de8944dd1b3c8601f66207f4b1a60f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7dc1ee0078e25ea7beda199505ec6670

          SHA1

          8c09b2b1a58143ea4a28983674db5d076272d949

          SHA256

          88b25dfe976baf7e8a7b9c6a71280108f9536f199fa449b003a9fede63a98923

          SHA512

          fdd1425113d282437ad206fa9d29c9ee57b22750f03d89af8bee1cb035d17d460c32f31d568c5027f90a630b807e70c30e43bd50e23a93eef85e45a5df22e522

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQ313RR\jquery[1].htm
          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA066.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA3A4.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit