Overview

overview

3

Static

static

1

dab36f60b1...8.html

windows7-x64

3

dab36f60b1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 15:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dab36f60b12c79ecd5a4bdce137d3e6f_JaffaCakes118.html

  • Size

    139KB

  • MD5

    dab36f60b12c79ecd5a4bdce137d3e6f

  • SHA1

    9e27727eb050034e050521c33a844bbdd1ab5915

  • SHA256

    ccfdb899aca2a0dd31d65278941fb2af829b1ee40da384ee6d911333564ae244

  • SHA512

    958cfc7ae721e0da14cef3ab51d4e369af248d6d1c66d53e7fd07afce92e8260cdbe94a1a71f7d2f95edc78965c2f2fd7486f6497011738983c857909aa15330

  • SSDEEP

    1536:S87pfAsRSLlzyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusG:S87bCyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dab36f60b12c79ecd5a4bdce137d3e6f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29a12fbc0d3a550406cd67b4efd23635

          SHA1

          b5e412429a09d56bc00aeb646ac4f984f0bb1bf7

          SHA256

          cabcbaa11a9207662a49d741ecf197f10a234e1a4f7cd89cfde3dfddbf371178

          SHA512

          1afff3f95d4627d323b4cc913dd745617d7ec829336dd2f98d97f02041554a960b27d3510b3cfa65484d2f87421cae74066901e90c17fa46669e9abcd1487e9f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          926e4a614431e8bbc5aa836e98d2509f

          SHA1

          710da5906cfb3f91ef9ee1beee3120f31b87e279

          SHA256

          3676afc80df3c147c4b3e286f328b99cb4bed10a50a49e32dbb098cb46ad664e

          SHA512

          c144a02faf76b0e069ee2a4dc04a0ced96198fab502d7344a70566f1d12fd6bef8e097320c4708400c5d4c9cc7a9fa81b53069ecbe4055fd336e1d7bc030156e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          284ab95a2b26f245e58dd271107d7f1e

          SHA1

          f2d4e888d885cdc1a92437b7d961a5a8cf2f5a29

          SHA256

          92e2dbdac6950ce5cb9964e4ed942090f662ab18ea3c90774a9f717fc9b99a04

          SHA512

          7d25da3c563de62491762fdafafe2e137b7efa4d8c44d6e2c93a6e6a78246dc42d94a9b371025c0e3dcd4bd6d401a3f61edbdd6f973069b4ab6bb381a06b400b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7e5a7c0d35eb5b0a39a4cb46ad5d4996

          SHA1

          5f8d96fbe4eb585d98ee690849698e9bd12bf9f7

          SHA256

          639309b067bfdb64156ab021424e209f298a7387a2c84d77365c9ea6c5532c58

          SHA512

          1355e08850dee73d87c2e8c0c316f62c37406a8be8c23b1b5425aeb361e604269f604f0eade29ad4df1f03c131c769f78b6851302ac379dc5532049e0f1a6dbd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          30755cdeddd55ae722667edbfdb28b6b

          SHA1

          f07ed9f3915f40910ac78b12d4658ca4b3d95bd5

          SHA256

          5f8ca04682f9e57ff7df8565d5e84f8c1adbb137b161d3f4d8400f35891a2d4e

          SHA512

          822786f632cefb29c01bf67be3121c15c69a6f4b784f80dda8944b851c1da82fbeacb20e9d0cdbd56baab863447e2628aecb5266ddeb646651ef5e64a1c10b23

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1c026f63321ef70a5d2a32c7fa6b6654

          SHA1

          3913584a310538e428f609b79eeccb8acc2a7bfa

          SHA256

          39daeb75743487958eaa047f76fb2b6309bdca3baf560e9ca62d14eb740c8d94

          SHA512

          44e96d9b0adc59c38a23ae372933b1c94c6c2b4cc8feaed996e465e2262e31f4d94414a381dd7ac918b4094b36ef27b59d7ace28b57c256ae125c4560aa27fa4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ef450dbe33467f8748b597d9fa95c912

          SHA1

          f4cde1f5f4dc8ee49441c0e153c595a043a33284

          SHA256

          820839711af40f4778f46cbbd9a6f5f5f267f941091c25510421d999ab97ab84

          SHA512

          171c68ce24e49ccd4b3dff117d8ac3fa51f9c8e1cb55ec5a08321f96588bb081170b662950fdca36d474bcf37dd6dbaa70e21144cd47dbd63af376f190d04ce8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab7A21.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar7A34.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit