Overview

overview

3

Static

static

1

da9fc7353b...8.html

windows7-x64

3

da9fc7353b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 15:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da9fc7353b19b302d6093571b4ef7f6c_JaffaCakes118.html

  • Size

    55KB

  • MD5

    da9fc7353b19b302d6093571b4ef7f6c

  • SHA1

    d380f5d852b58a99b2cae8cf47903721d760a66e

  • SHA256

    36d868ebeb53b26dd8b83402ab4177a865305a998b57b51fb6afdcdaf42b12f9

  • SHA512

    38b08de79eb3c9869c8ec7842027d08e2ce823fba909818f6058a1de18352faadcfa1e56e0b63405d3504fadd0b4412bdaedab404e00e7d3ff5a5c85962c9818

  • SSDEEP

    1536:pppm2MSmzA4B2glKnPhP2l/PoYDyBOlM42Z/ooKs:4SmzA4B2glKnPwl/PoYDyBOlM42RooKs

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da9fc7353b19b302d6093571b4ef7f6c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e57d84ad7a26016632f196aca7cdb53

    SHA1

    fc244f4cafd518c33f1ff7b613b1566576f27ff6

    SHA256

    2d190774a76e48742d13c34c88e6ab16edfbcecab9de7adbbe035796b3a86939

    SHA512

    3fb797dda5d30ac7cf76a7e4dcb7ddbb757dd1799895fee784cc4b58fd7f61491471937af0cca79433e1e4b4f932436f2a45db9990369a7036121db65494eec8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b96e96b3ca5bc69fc489c51f94c4a83

    SHA1

    c73a30343a6b09dee5a0359765e688b114c57700

    SHA256

    71c81231571f4a2a807d0b25e5ce8a30ffeb0ee85fccf9bfb863f3ce65871df4

    SHA512

    20826ac2d7794d6a613dcca16c1a9c5802059edd32aa04b01a2fe605f4a14024c50f76eee1134b4bd117277a29080b82ce63a4a6e4f7ca21f3bb9354b7bff0b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4126adc88bac97bfda1b4b2e95e30f27

    SHA1

    aab9320d7f863f203af3f5747b7f6d067953c340

    SHA256

    9b1df6cfbe167d6bf13920fbf12f1952ab951282d033d82a566b3de93c12d460

    SHA512

    9d8206daccfe397a0d7d128c0401406b60d5d0ce4208eb5bf54a6523ca1e7427537ae68369febfefbdcf6f6a4cf1822dd70f1aaab48f99c986b3fc61a4642ee0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fb3a675a0584bbadde4f25b241e4ce3

    SHA1

    de73501567213e83ecd9e97d31b15409bc5c69a0

    SHA256

    574dab9c305287ba941ee372a5e65a5aaed90541ac5a7656334dba44912b04cd

    SHA512

    d5281d7baaefe5738e04067fe18d2d46c9c84d48b2e853ee5fc4e019e34632fbab7e2e50ba35128d5342e9e57b52a1eefc6c9e1d6be92ac6e172db2791262af6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a72487719e71ba96ddb436d8039cc01

    SHA1

    bc786d3cfc37d8347c964e99673928445c8c1ec2

    SHA256

    57879f86feef173fb32f16b0900724f961fcf3b2f25343c874d8a1b7299e7936

    SHA512

    2ed970802b5f35dc124bebb53773811981b04717e55a3d8c9b607c01534ad9da6ce9fa966c08349c8148f4cee47f122940d79bd359e70a15dc3c07599f2ec0a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc17afeb447b8d911314c4a8c8ea2013

    SHA1

    8d0d712c507db55ebf4a2ed517ef0ff282c1fc8d

    SHA256

    08cd77735dd08afd95efab33af313b4dd806ae30954a79e851b98cc5829425a7

    SHA512

    49fb1c2bc445a1371f12efbb777407ff0102186aabdc383e2aac747dd6b60bc5456a1df80b98c4aa9eb108ef2da0b127a729cbcaf9e0e0cf4198cfe2190a09c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3e65f30818be336100d77d5d23bfb25

    SHA1

    8eabf16e7ab40f6e5f4310b3ce1b1044fc9cb116

    SHA256

    5d1d081892f30c8fbfd0ffe57c9cb6b02aea6785771c8abf9f366e3e49bf1d55

    SHA512

    a01eca01d80571c7952ac0f6f608438b902308488a21f287062ad8fe861858c341153ea617fc5414ff61410475db4642d6ca8ba1ab93d24e5ff3c964175d6171

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7b626c274388f9b426e19d252d0946d

    SHA1

    b6cb40bcba28a0763609d7357c04dcb88fe436c5

    SHA256

    e088702af5234bf05b28de0620030fd0111540186829bf635a34876377ce7547

    SHA512

    3e2939cebe02fb11d3563ecd24beec916fa24a6e1ac2df6c0cc5ce99a7e2ef106374e6bfcc4d74e92edd9d929ed3b503f0464ca1972e9d6a52fd5f3fa8d07277

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    278609156d608d1061734daf0b8932aa

    SHA1

    ab59420a1a431b3707f0acd910b5457f381cb1c7

    SHA256

    e33e3834cb341f6dc080714e3462b33c57ecb13ab92e1bafa65d26736339bbdd

    SHA512

    2bcc75b90fd888b905f58a707b0e58f3fd88874f4e5830d126f163565282074a476a47ec3ea50035e9c1a47dff933b3bda8ebf7f281aa48eabd63921ddcf7d8f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9A5C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9AED.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit