Overview

overview

3

Static

static

1

dbd193634a...8.html

windows7-x64

3

dbd193634a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 04:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dbd193634acc4d2d9c85b961165f26ce_JaffaCakes118.html

  • Size

    214KB

  • MD5

    dbd193634acc4d2d9c85b961165f26ce

  • SHA1

    ce3d1769a30c19af0df09a600cb7f22bb8f89a29

  • SHA256

    7cde6e9ea5946c5a3bef362875cc27b36694950c751102c1e2fa5e90521b3563

  • SHA512

    95202bf83ad9ee196d5e0e3bb569b42bc7318a34f504afd5606f806f305951240b93d623eb18a6239c0d92cee6c928dfaa626a80dc6fa21b5daed015b6c9b1d0

  • SSDEEP

    3072:RrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJi:Fz9VxLY7iAVLTBQJli

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dbd193634acc4d2d9c85b961165f26ce_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7c195f92904804fba1940e645e03490b

          SHA1

          24c58a1a05e297fe37220aed11633fcb1d6d9606

          SHA256

          36b309099e7c49f2f59903985a909e9a42e36cc3451292b593acd790c764c453

          SHA512

          e1347a93b81ec2dd999e47a40f0bda05ce7bae1ee2342745e1ca629e9bf1e432f6b5ce6b0b98b250e73a28c14c198f768d0fd11ca8e77a61d84066e80696cf0f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a59060e095c2ffa233ab1cf99e1e9139

          SHA1

          b7133acad23c08f2545ce3d8dc5ffbb2f7aa1b5d

          SHA256

          2e87c04eca3471d9bb0a303761375e5cd0d74ff29994129dd6816553f5c1458e

          SHA512

          5429c3aa2a63c99ff6875c0fe966725c732c44507f5a04e44dfe84d1d23c77b3eaee667299e0092c8e979042f49c4ef66a0a29c338e71c2814173c2fa2945d51

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          091694b818f9657c78cb1dec0af5cd9f

          SHA1

          39fa024c28efc82fe905959598a8fadf61bdd00b

          SHA256

          7d2bc4ac7f86e1a8553f779e7f0084b6fa0d24053671d0e75d1ff57175a11695

          SHA512

          f76a1f4f11b167298c99a85999135765cffc6e4d837fb2bcda8d112f234c743d7ae80fdc556a7c9aedec08826ace65e1c77b07d6b30d1036661c3247b88d388b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          923db036babacba801ac0454fd60fc79

          SHA1

          24dbca7c846a2326bd0fd8f6efb530aad979c475

          SHA256

          de0ff601f6bdc4bf8bf65936ca046af3fd7d5a61de50de4ddc33187c8eb9eb10

          SHA512

          e2acfad8f97dbc33c593f668cd61824b76b889f1db2e2097739c7a70a7cde03ca6a1881b1efecf0f5e3d1f2be3fefe2286e9727750f11fee0f831ea282d4e3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6d14dd89c91acd5603b7ae4aff7221e7

          SHA1

          e8637ed782d50159c8600072957bf889f961a9e8

          SHA256

          982fa26bcff386e08cb667ee21be9f6b8e3a5c0f07e55d972cc5635881652d40

          SHA512

          fb1315d378e682c577ca8aa9b0818c2ae240c226ad6e9de45f8c3a32ef8a93a17b139c3dd4217956635268226124dbbcc7c43253a7a5bf78c804a4987f64bc52

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4a8450f6bf9a90ca138d664b7f8f64c3

          SHA1

          4beb11467cdc4adc083f20a59ed6f44bc3d4cee8

          SHA256

          778f1957cfbf06a88bd69fef0e6773be626153610bbf522abed1c7a1e6030c15

          SHA512

          5b230773be3addf0adebcc586270f0f8a5b94879b0924d7300d2b161053f01fbb276cd24f84de5f59ad6d2c8c651f3892dab26faae53774e721283899c2ac606

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2ce27bfdb0e065baa6dc69015f939a87

          SHA1

          ec3ce867a99beabccc0ec5986292ed3561ff62dc

          SHA256

          923ff3e409cf7619c7b5a6d132d9a4249e58a16e1d8c8ad995e4c6170d1e2a11

          SHA512

          f70b16c9a82a58943af7eacca48c42ec03268007247eb1e59cd1ac8e3f722272767f2c6f2195b41b538f9089dd0f5b3b3d459c06c3764d53bf4e6c0948a89529

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ad645fbb1226438d3e035d67c2c998ad

          SHA1

          d6ca0071ca00423f8601c67275fa409d38eaaca8

          SHA256

          d2a0d56c0ef7df325e804439cb5fd2c48993bd88eb4387800b3fa15a87bda399

          SHA512

          dc62138ead64c30ec26f9ce9249927afd7f3f919198dd0516d6e53f7b4c8fa00f52be9b2ae6d53bfcafaeb92e487c723d0efac1fbf9e6f24dc0cd7286a75ca86

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          029810e0b00402597155778330d0228d

          SHA1

          109f7433cfb2677fa7619cc34814f7c93323e226

          SHA256

          bd0cecc49ec05e20146c610368c106586adbb5a7274ca05f4b866a052af66f17

          SHA512

          20733372da60487233022d54ae510c6ef416d2601c0f89dbed97a24dc2525a868d034cb5de3381742b2d20abc16c86da1568fe7d76c50b69e8c1efe1bca49f10

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          456cbea17d9d97f12ed2162799c92502

          SHA1

          29abe251d61f641ebea6da013eab822b24015cf8

          SHA256

          1627cd87a7adca0a906a973738a0f2774a778c603bc7ae4019f9e62d1f839bef

          SHA512

          a9d2b8c5b6cb7384977404aad156cbc4f832871db0ff60b79d7e6aba349edc58e34f151f2fa4b88067627e54892fda1ebbbda6002a20e996b01f499325b4bc8d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b0cd48d6e66420a33fe9c3dec2ad4524

          SHA1

          f54774cf4220d6ec36eeae0deb83f4ea62f41a8b

          SHA256

          678ece5b55054a685751057fb2001c057ff55b99f027a42d32575f26c95212ee

          SHA512

          d44237095fadfca5d894a19e128cf8de90972b741b7f2127a9bb19b82d3bf5b4d8be84028c1a52842ae9b5f028fa96fd00ae23f25bee8d0bc3424c3a90456439

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA4BA.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA578.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit