Overview

overview

3

Static

static

1

daf62671d6...8.html

windows7-x64

3

daf62671d6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    daf62671d696b75bebe13c4fd7c410e9_JaffaCakes118.html

  • Size

    102KB

  • MD5

    daf62671d696b75bebe13c4fd7c410e9

  • SHA1

    5190d704bd77828ef8711c21c6bbd70242640c1c

  • SHA256

    98449b4b49c7f303a3f0deece0b48d105d4a7b441cb9f586e572e754619cacd8

  • SHA512

    972e72eb197cc5027e078930a333128838d423828a5c2a9dc4fa477236cbc5f7d64e2c7f4a610041fa5d5ee59e357954aa858022ff926effac5c55a69c692918

  • SSDEEP

    3072:SZy9DWXOsDKHzcHydLwDqdXWhlWDf6EZEVrHxccBN15V:SZnN15V

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\daf62671d696b75bebe13c4fd7c410e9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bcdc6275c6e181cc17a07610a2f031c

    SHA1

    aec9246b24bcc0092d13adbd13a73b5fa8171eef

    SHA256

    905ed2b33f36ffaff05db52fd2f7a933eff94b184be98d3ed839e5ea54c153d7

    SHA512

    8686216e496326577ef8bcac53260cf3ce15ebb8b1b03ba5b51d6124db8f4cc7e9c0dea450febd32c1e0459df58df71903b6c354e07e4c5b5f5d218967700b5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f95b1b67475c2e9add903a36666a2b

    SHA1

    86e0add88b900498e487d3b75704cdf384a3a3be

    SHA256

    a6c740fcfd070624705c37762504618f5fa1e0d63b4640a5e672477c0fa24ddb

    SHA512

    962f5744ce48b30c7819d3b5d0f49ec16b4c709839b03303423ea3d31d7f42f429d946c15c253ef7f99b72c31e519d93623f9cfd5e2a3959804fcfb07900e23d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a92218ee69e944a8f1d4b1386925ff61

    SHA1

    e21d1ede7bb50e0112664a39c5fae3deff5dddb8

    SHA256

    c57018b776ca93695fa50e617a84abd17c3c7aedeb2d0cb4abccd5f33b7422af

    SHA512

    91d0f3ab5b7560aece1904ef2ac0ac2a28ec7e532804b7ff8d8dc42a07cedff45754dfe6fb48ee5552f74410848b1dcde85f72f38e8181b2ecaa8e6f73714a24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb352df4c0f6f801213da1820f00bece

    SHA1

    4edef7afe99549a20c75b4341b0d9f844f9458af

    SHA256

    095b509b097d848cccf2ec1c055cf2f63c1baf7f0656ddd2295698a1a61d4e78

    SHA512

    6cf375d392b881793d605912f98eb06ecd78b2e4def7af2945c0ade1bf88b5f19492e2ae539f06e0c0af20691af3ef51b00dc97051eaa7fbe763ef9185b8577f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d93d204b0f80d7ce0d2e47beeec9261

    SHA1

    a17df5c55b61b0d605596cff3211c9c35fc53b4c

    SHA256

    55fcc520f070658d9ae5a8ce0d967be34bf076431c794d1ba17733e9e58e2c4f

    SHA512

    fddcd0a3cb33ad9c7e6673a0fe29967153b9424b53ff637c72fc972dbfb26912131c14359ef63b5f7ac9b404cabf382a8467e3ed1a7a4ee9e2938a108d3ddde6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0038c51f595fac749780037dc6047d5d

    SHA1

    fa73ed02de811cd5db01b80e6f7fa0171af57610

    SHA256

    e7400a1c0e4d81efeb325f78e513358638f290fd1bdd115315b9cf390f39f82e

    SHA512

    1f89253cf776932c2f5c19337125d77f140c2964184ebcb3fb55db6eab44c26cd1503f4e0bd1d0fa2ec01fdc0edcaa9b0e9d38362edd44835a6cb91ddc6b3f99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8958939dd6285972ab0233769951e9f0

    SHA1

    92ad8921f34c27ad7b189368b9fc73479e3cecd1

    SHA256

    a43dfc69d8e171eb371ac4ccb779587bc9a15e178872be04f97927c1c54d9915

    SHA512

    39a16e165fae0cc3c0f0c0245b2316c090c50655db5c76e5beb5673499b8252278ceda7337b88d7954bb41432d3250cb77d0b03c50b81a8c9e09a108857d0afa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1164f2fba8e54a82ea1458493194513c

    SHA1

    0862c24bcdc43ac2efc9253951e64bad0e12e83b

    SHA256

    5c3fdc749e72a7f541b96f5657f711465914f690b92a911689246cb9668934cb

    SHA512

    b36f5bb4bcd773cb2191467a4cc91d81cca2109da44165db8b6d186bb73f0af77050aed82469f6d78ba20ab6d1fbb4bf9e5ee22667cc4370e7d2773d61e7bd6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c9e5ee38679e1d783be5af8932e84fa

    SHA1

    efa56b2ab7383d705349602b07ac39c2f728f918

    SHA256

    cadbcd8c03f3c5afb4026b35943114a86c8107d670cad35741f525f201a31aa3

    SHA512

    fbdcfef2202b04c60d0f0e7ed46945c71b8206b597e7893f071a5cef5980265e8a40779cf8c8804f8a16cd5530cf68cd1cd24d799cf6b6b2a4599a747aaec148

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7467.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7506.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit