Overview

overview

3

Static

static

1

dc8094ab8a...8.html

windows7-x64

3

dc8094ab8a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc8094ab8af4d1fb0b2489f66d244ea5_JaffaCakes118.html

  • Size

    18KB

  • MD5

    dc8094ab8af4d1fb0b2489f66d244ea5

  • SHA1

    eabe5d5bd874256339059ddc8aa1f7d9f1b93bfa

  • SHA256

    73766d98f6fecf48a9700e64f34137e9c48a51a6ae5975171601a8f09cf68b7f

  • SHA512

    331c0988ba4e2514ecf182d51c2b285f26d6dff41ce7b43529c2da7bc2468b9fc89bb6c0d4895937a62275a65177e33db4113cd680d1c2e4909c9669b6fad6a6

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIk4+zUnjBhS082qDB8:SIMd0I5nO9H3svS3xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dc8094ab8af4d1fb0b2489f66d244ea5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0398b7e952c5c1906a53f55d96b30cb9

    SHA1

    7edc831930f147c8c37d335634018c3185cdfb21

    SHA256

    188f65f5704e3cb8cc47a5b7716c5ec702714749556a41f14877a1da0320c084

    SHA512

    dfaaa70c812599e607c8e603a0540a73dd2595fe251e39458cd3ef4f0f10273094e701d1e26a2152a3dbfb851ceac0c62e2491e95817bce67e3e20b347f8e5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b58ed7be83666429c051535bd83b347a

    SHA1

    d201bd0ebe3167ea53f9cb822e1c6269e460cfeb

    SHA256

    8f59fda55bd2f67ff6c9203e20622de4a6b9909364f59a15ac90c793be41c91f

    SHA512

    9fc91e5f07aeb7ccfbd99d54388d3a521e55c5eef85b57a6b87d15da9ee1aeba2d7139252e0b9f427c894dfec287ffc6b74506bc6bf6295edb45ba944337758c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e14cd4d871009315862c510511d3999

    SHA1

    6306ca047463d5ee16779620e5410d13ab26aedc

    SHA256

    f2f1f9e1cfacfaf9571ccd91c3142faa46712168ca183e039bdcdf46e8597bc5

    SHA512

    310d7372644d4c0f7168bdf30facf1e565bccbdd21bfeb58d1770df61b6cf870112f6949b0cc286c49869d3ee3b1c47bcbbb60998d242e1b4ce84de17c559b3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e4c0a89813e158b5901df96402b93f8

    SHA1

    d3f0f4156458dc7c6d265d8b2a43ed452d171ddf

    SHA256

    0f3fd3b5f76d569652766439ad839f609b34975f1cbdd7aaf98e0515d889a052

    SHA512

    01df86551c3f1bb1cd619a5abc25d21e44f28c0999cc0358501ca375a978bf91a7a8825b2c84886058b2ba85a4414509099a682edd39699d164e03f8fcd998a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    832a75bc612bedc270732ff842678ba9

    SHA1

    5a759fddacb7abf8f7c262783a37481fd9b3a4ec

    SHA256

    cad19fe80b43388049c82e3e84201c66fef0849b1ad40aed5f63e8c6df046706

    SHA512

    44812e8a27cb62bd44cbab8e7d542562605f2bee5be51d9085eed49547edbbf1135b18a14d3c115f36e724c3a0765a7a37897e2c2190e7a9b246d538a9657f44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e9cb5821312da4d9754e7ab2856d8c6

    SHA1

    a02367d8ed41df383343b560fc5f1425d1147a9c

    SHA256

    aa750131013ae361064f7ac1f4336a82ae24e388c08c60996997793c0d17a2d6

    SHA512

    1b36224db168edaac7bac5c99a8b73d17e4cd0eb13f93c3d3eb3849469685ea771f7283ddc2151211e20e4b72e28695b061dd955abf63bef957755a91d7325e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13de7baca884e698d55df542b0b8702e

    SHA1

    9c9a0f551b49242fd85917412579dbda470a2410

    SHA256

    412e8c1a2be87c4ffe52663ed20ae9ae06d03d174df3587cfdb42eecfd583cbe

    SHA512

    e32958470aafe729c50edf1635d2c779ae752a88af12abcad7c095b0031546a897ae13aee4d92a2da9e9ba505747ed5fdeb5f14f9931ffe3f435f2dc41547dc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fa371d129ad84b971267f60b5033ffb

    SHA1

    a4f64580cb4db355bf71b127ddf6b22b18198502

    SHA256

    661b5826826516b8dd402adbc5f09796d8084e417e7948864227d8aeb76d19a1

    SHA512

    fbf613614cf782c048c1eac04b6649cbaf29d6e6927fc495ae2e937a9e5db0cae7a92947e082e82237140275cd4d9d072232619234a242c9de649198a4c0efb6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF8B1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF990.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit