Overview

overview

3

Static

static

1

df13e3e272...8.html

windows7-x64

3

df13e3e272...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 23:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df13e3e27263e9a4d38f438aea6f3e1e_JaffaCakes118.html

  • Size

    142KB

  • MD5

    df13e3e27263e9a4d38f438aea6f3e1e

  • SHA1

    69950b0dcc9f7a098cffcbd0479caf4b0b50e151

  • SHA256

    1b464c386b674c080151ddaa7eaa5e986f7ec8e6fa2395fbe2cbf57857886e37

  • SHA512

    c20691373d9523d5aa940cc7ca076ae69c018ac56bf0bc3cd1d8380a4b347c1281e42a76dbefea34fc1a613547554467941b8b28aa0b34ce03edfab5437648c2

  • SSDEEP

    1536:zmZydlEbbA99YZHqRHHEExx66++IIddtt77bbSSSSccllbbFFDD998811qquuHHf:z1dlEbbA99YCV

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df13e3e27263e9a4d38f438aea6f3e1e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1620
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1620 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    500642c08611f89c65978f03e48e7601

    SHA1

    a37346913134749cdab199033a66c99570b61423

    SHA256

    f1459c52227cdfb3241bbfab3e042d39cca99d968550fead6317649e2baed661

    SHA512

    a252bc9e5d915596fed17084ce53358d1d516fea46284c44ca4b399bcd1ecf5e24a87fe58c092513f2bf12860987fd44616927ec4a71c5d7ecbdb4d377918c6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75e01e39522bdfdc56d54f7a223e6bfd

    SHA1

    530b4df0dadf3aa4b58473c33e1ee34325d446a7

    SHA256

    05d3cac973f133b9d8e41d5ed75542a1d834e3c50f0b99ae9df0cc1cbbb3e70d

    SHA512

    e6b01e98be6863dc3789be3f6c334e43333e058c2e420a86783773f763e05a4d4834ebf517b917930962d3d9f0fe0db3d4b0f67fbd393c726bac4a5eb451d207

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ebe778d3d806ed2297fd636eae3cd4b

    SHA1

    9aacaedc5dfa598d16c66eaca89b01fa6d25a444

    SHA256

    1c3479e92c95290d1fdc558e94bf5bb7a9d7dc3c61ddc25d97afe7b578632e08

    SHA512

    3ce1aa300d6728d42ea7e2fde25258f400233c752b3583641af170a6c297f2f72cfe33fb4b00998226b45dfd1c71c0073482955d0e84db19bcb9b4a9d3be34d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d52d9a1d7c91e87cef1d0279b7121c17

    SHA1

    932145323226dfac8631267f3ff70c9c55a4f069

    SHA256

    1a6b4f4bdbcbd94225cb6ae4b448e6aa37fbda99f76eb3e2c874bece57512778

    SHA512

    4ca78adc44eb4aee2b6944839711980029d4ccb264d2e2339741666984c164ab013c68e89033930fcb9a5dc0a83f43b510a18a4047b3e05658486c6639f89176

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecaec6b2a88b19540aaa5fd08d7340a2

    SHA1

    306263f713dad3e5684beef154ab3eea350a0407

    SHA256

    38ea6d2ab875888ef2764edabf76a0f4e2510786861b8c1ba4422b1bd7b1b1ff

    SHA512

    20d4d94534ac5717ecaf420866ba4c7126db31d9ba6eb3e64ac5d17be1ac8e113be2283a3b8d18209eab759b132570b00320eeda46c6fc999e803a34e15dd103

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9b9a415aa7ae8ff3989c7bc296b615f

    SHA1

    c7894c4c20a2d1452cafb492cb5a469c95f48c13

    SHA256

    b1ccf5fee0484630953152188ac26e39801fb88418491f3ebfd3a6a85de22d26

    SHA512

    3af5b4036ef6e57cff2dd21b0459cf6e5a341ba2eda4c380dbd3d9a57fef4ea3a36900538fae710793cccd17bca1e087ae321d289f7061b3d0f5ce05e2f55a01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7f9cf09ecb07392226f56ab12b12781

    SHA1

    89770096c46ba963f9009472349b003ee6ab5678

    SHA256

    988ba5eb77c4390a14b2a30db1a9afa67bfd800f8cb556722f96d4011c312e2a

    SHA512

    d24b48e7600d7ce47e5c9d1a74fd4e0227c89758c19db89be58751768ac2238ff44b68a86f25a943abef3dc242271f5c75ce5daf343ee9b288bc6361c2bb8bd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b04096deedfbc8b015176f2da3dd775b

    SHA1

    16813ac16a05837b1218a0dc52ad58668367f0da

    SHA256

    2558281dc81de9e90449cf63706c7d52fb398387ea6f585c1ee9333dca61db0f

    SHA512

    13baf99db05b32fa8549af98e61ee94ec7dec2fef00cad63bc92565b607acd88aeafe888ae40552c017e754a774aa8a211dc8d407aaf9df14f5fdedc07a9012e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12e5145f07f024fd2d524b957ab2fa6a

    SHA1

    0dc7767609d5abe428f3eabf4b337be31f2a5710

    SHA256

    559124918f1d358db64007eabb42f8983acc8e2f93e08220a7893555e1bdc16a

    SHA512

    47bc78db64528d65f4bdfb4ac07663f9dc550d32d46338d72b4aa4fe9503810da03f5a5d55643df0c9b711abb1d3d36b6a1b78fc702ff264628ed21dd1948b36

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB9EE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBA5F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit