Overview

overview

3

Static

static

1

da77859b07...8.html

windows7-x64

3

da77859b07...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 13:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da77859b07d466e0fd05423e1836d26f_JaffaCakes118.html

  • Size

    20KB

  • MD5

    da77859b07d466e0fd05423e1836d26f

  • SHA1

    d634740ce09983ef2e1e7e29cc4268c4c18c10f1

  • SHA256

    c95283a713ea47fea888bd25b1d40f70c27c908664aaedf780076390234ac280

  • SHA512

    4e0ba223b200ec90526f32773d4f9f146981d499045eb41735ac8faf1ed2252fe94ab671f95c6451ae20d6ee292bd55442a1f36cdfc328807ccdb2f03a68ee77

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIr4dzUnjBhHp82qDB8:SIMd0I5nO9HlsvHCxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da77859b07d466e0fd05423e1836d26f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    064f650001fecf1e9def96eea50fe75e

    SHA1

    4f1dacb5eea0f02770860f7e72c0de149d22ca34

    SHA256

    b7d5d90555807a23116a90051ca5614b5e11ec676fb1218f68627cd9e85f96a7

    SHA512

    e02c62d64b7a3df5fed9eddc5ebe818c8cacc102a172fe8d9904d019ef1296ea6d71bdb3d456928ebdb0bcc16e4279399347fb16e625606dd7a0aabbc3f1c442

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    277d15188884c2e702ae68848f82cee7

    SHA1

    9b90643e7bf968ff33460a3282e7c4b2604a6d99

    SHA256

    df6da3633b54778ccc1529231761191fe5986c5ee683d08e7d54f0a6a06a3bbb

    SHA512

    90084de459d3d9a80f266fc15a2a1ed038eab733b5e38c3c97bfdbfec2a6ac5b96a72afebd33d27c54b80467d933206a63578726d6d2d6d9ae9c0ec218ac64f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d5222519cde07fb550eba48c3fddc9f

    SHA1

    311b4842e033f8998974375245af23a00309758c

    SHA256

    0587fb1e21c72d358f385211fd5f235cd525ebfb658a83455490ddbc76c89e84

    SHA512

    4a289cf883d8ae5538df420d687181d9dc60b6b92d536146c65ff5e2cc5afa65d64c3a55c85d577d9201fc4eec146043be4978ba5c328c6e17826d2694860280

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3179ce846a53845c00be83153df99b37

    SHA1

    86777c1c47ea0b2ae273ec064219ae43cc2e2697

    SHA256

    1e103ebc16f6f1f36df9a27a3591fc451c8130b3425378581266808bfca16c46

    SHA512

    f5b6cba74bfafab98669c9bb2f0e3f1b382c3eb63efdbd5b521ddfd03eaff8b998caea6211a31b3c0a37a858e3453cf3a4becd4726e05832a3d89dc72d154697

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fce7beb8fa0bfbcecce7e8b84d96de0

    SHA1

    fc6790f0728c5f047830262a68550e8a939f1308

    SHA256

    a15b85bbda40d0d3e4ac31237c4d1b2d1822285b92550e11eba2ecd20354411d

    SHA512

    e7057cca27476a1b3a11530ba34ea3a8486239db90ac5c1915647b9f386d979cabb5e4ada09060f8bfc24f379e563e2792792c2db1cf3bb28259f2a0476d82ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07878b61781324ff660d1d47baaa29e8

    SHA1

    79cdebedf060de2dc3234c0bc5ba289b9571fdbc

    SHA256

    99569ea4a0da66e60dea8050bb43876a79b8eb9ab0e9e177e32c41dadfd5b7c3

    SHA512

    417b84848a2e83cf9d908c6580d89ad291199eeee9146f74c8c86b5eb455853993f26587f18458b27f5b575fbb3577755beb8adab319e8d3556bce5f708947ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3367ef6a6ac43b5f7b94fdeb3cdd2b3d

    SHA1

    7b163da977f2a3472c114629d2a158847becdd68

    SHA256

    1c8ab395d72338a157bb2192d42ac3cebaa851227333d8f1c63d06150374e17a

    SHA512

    cc73c7da5141162b405607cc675e7162ff4ed1523baa12190f1517e92d53ef5fc7567b65ec0e993289bac122f67fc52ed5af4b205fe8bcfd53ca071125d7a445

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd70e19ae8a00fd2c1096b9fb26a1ec0

    SHA1

    509e4302ebebc8a27e7dd0c2201309fb486fc11c

    SHA256

    43003b167bc04a2b1e12d4c7a9a82a10bfb8d93b46255b51365ab87f2ca463c6

    SHA512

    bc30ece50b451bf356a978a0ba0a823aafb5e9c514d91eb7cea85562e34e44ae2fa2d144f71825a864cd665d74170c357fe5ba6e09d7068d7792eec907ef12e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCA52.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCDEE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit