Overview

overview

3

Static

static

1

df1e566146...8.html

windows7-x64

3

df1e566146...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df1e56614619181e2792b0d5707b0ecf_JaffaCakes118.html

  • Size

    9KB

  • MD5

    df1e56614619181e2792b0d5707b0ecf

  • SHA1

    5af40561a8c3d2c4f13d9a388f19732a099764bd

  • SHA256

    1d371bd49c2fa4ff5b3f6e6675206d0c910b0eb17752e2c3b29f650f4cca67e4

  • SHA512

    40981a7f0ebbae88fb486575060fb2f8dd114599394b193c8f15e8c59601fe93820b9bda3556400cc2f45024f4e08dc2b7fa31536b97ad803b6f39d3077f9da5

  • SSDEEP

    192:pFCXXRNXeXagKXMV+X3XB0lXfBX11h1TR9wgSGmlV62sBUo93uR5N3GlPLTcX5Sa:pFyaYMwn01NlRSgbkSeR5mIGpTyBp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df1e56614619181e2792b0d5707b0ecf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcecc9d90526a0af5f59283568259f61

    SHA1

    3bd02a12c584cacf79a1840c8b3a73107dbdc341

    SHA256

    fec2e6a677c9bd1d5adebcf231ae9e95cc88c02d93da11215def275f02a1aefb

    SHA512

    8181f887060fe52bc09cdbb25342602c8a18cd52a95e21acf7cdd464765db5cea3ab1f9dbd60c1c954f3695b93914b661227dcaa72927005e4acbee0945036ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d53e0eb31fe9ea16de93a9d9baed19c

    SHA1

    6e2a648e134908144b9e2297a214c4819291d54f

    SHA256

    de1c489ff11410502d97b4f2f50c9b50c1ba386a3f0c3956f0d0a825b1658bfa

    SHA512

    8fca220ce9f06c3944e07d0e84be5d7e4d05f6b421eb57a62f8e95583a728804eca15271d1c6e3d882e321f0e349e28694b72f81b37b650e7f167972d13deb47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40cc5b2ab023cc1ae69ad51e9db4a766

    SHA1

    e3df085ed9c76e7b4f97e9d05c0286db13c0fee2

    SHA256

    1d5f3dc5fa40446829785c3949cbef4ae81f5fe9ed550ab70e5664db60350599

    SHA512

    4cea5be19a7a3240f75675598e704d7d95b5b891c1b30b6dff8df4c8f6310cff6a1a092ffa84d2121f0bc66065ac217f0d9a3307ce8ebc8f66541572da6fff7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10312cb0b35de62e7ed49230a8163ae8

    SHA1

    a7e41c1d390c30b9fec8cee9a67957af20f01c6e

    SHA256

    1dcd15b9563a44b2604c40c9addfd6e779872eaf34573ad41400463fd4feea28

    SHA512

    d5098e39f322d5faa8b1fd7e45b142385438a808df9cb489e6c02c5afcec5e119d8df4e77c635c94b8e9c0e57430148a3a4bb84e5589125625066add1c7a7a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ebcb862f5dc416ba474ddacaaa3649e

    SHA1

    42951cded15ef77187a2ab16380b48f82829e9ac

    SHA256

    dbec6df17e1e77243175c7251b7ca899de62621adc6c4da663cda5f77bd0afc5

    SHA512

    47084367cda91e36a37e43fee21adad6aaa1d7ef2a738f98930bce026c3a54349b04dd44d0c5203b512b3b4f4611a98df2c2bd9905f59e7264d618123f3115a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9daf6ee287cc78cf7104fb9828c866a7

    SHA1

    6283bbc615cc1c95f04a959c69a11f5ab7e4a4d4

    SHA256

    1ced2bee7106d62bbbb2a952a0e0f59e8aba4462dcd3f47d6a50fcce4df2c47d

    SHA512

    7896b9b1b944dfaceaf55136a3012e309f378089ddb333c780e454ff309c4ac91638681617a5ef6717e04828aec84e6de6a90f892918c07d1bb7ee0a773e87da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b2b96dfd7031d024f062c5263b3e065

    SHA1

    85019c189bcd5a0c4b249b6e9d5c55fbff4050b7

    SHA256

    a926db63b45caa8d3afacb9690a142c1dd18cf58a40a6cc539b8c9600b823936

    SHA512

    8e460e9e7ed400eb9a6fd0ab87f98c2ef1cce0274f65bbea655c2343745d741ea0f641eafa09e49b25b5754e5218bcc3d8e0727d05e62dce2c34027afe7bcbdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4999b74d6cae2564c75ba6c6ace756bd

    SHA1

    5c39ebd543572c39c087a280a19fb009ce01acf5

    SHA256

    a1f3833100aef15f017a6507086c348c131e0b24ac6320c6e3652faae21c520b

    SHA512

    25f22a494f870d95bfc6080c433be2d07e5f4e23ed6f76dbb169962e75285fa3ccad2e8f29e67aa801b946e9f2ec4623a344b81eb5079891439c1ae2cf51dcb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25557a6eda0844226d09de6b8125f351

    SHA1

    b8a6e4a324ec8e7b2f2a22ff72031ebc7f2101e0

    SHA256

    8cbe584043b96a038c8c5030e3284c245c19b363624753110bcc8b3e4b02c0eb

    SHA512

    c75516b0cf500990ec4b7d74a48062e1da3e9576d9daa894233b67c2bc3454f4e6bd17056edd1f55e60ecd3735982ef405ef05834289cdac96b968f39f04b809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4aff54900d7fc38d72d6fb0424cc60d2

    SHA1

    60e29b4dbd95bdba4a6881abdc43c4e94a26ce91

    SHA256

    8e963206414fe259dbc8262f4cb12a4140cef88905b2a80de6bc71e9895d835b

    SHA512

    85e626e77a3f21d2745ae2675a0340a8a39a72a10052297872e152e85f346ec75bddf60fab7edcf2693158b62adc2a8245a965ef3689324a56be4526761e8224

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a7b3dc68e933bea7ce5d2a780633172

    SHA1

    11c66c2c7c91072a71eb9cd1a96287c90f1e53aa

    SHA256

    01ba2ab1eade7ea7ae84e57304831afdc8683ccd380e2660f3c3154deaaa10a6

    SHA512

    24d6a2ad5ed28a28f5b88ea44f782c0c37cfecc06bb6cf59c099f8ed73e4717bd25be87c35ef38025ca35379f0185cba3f06a68fdb32fbdf0b3be5785b4e1d53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79b911182ce8201ac7c19a14314b639f

    SHA1

    7573ce6dc656a3a9f89bdb7badb731fdd23e6ca3

    SHA256

    ebf91556f515528da45fcdb29ab6ef01ebe90057187937a4d8402683ec8f869a

    SHA512

    4ee559b42f214109eee8e123298f088ffc003dc3bda8bf24f4a8f9d0f50f93996554c351a970e19b8930bb9c43af5476f1e2d9843260c70db14147f503f8a772

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF078.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF128.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms
    Filesize

    3KB

    MD5

    9f8dfe1f14635a77f5bfc0cd7140fa62

    SHA1

    59c60370f038800e1716611cbfd28c90285be42e

    SHA256

    0b8be5702a095a5dab7f4675e20e3ef06907e5ad21e6bbd9e5e245b6410f139e

    SHA512

    6c2c4d607e03691a70ae04d1c4f081c656151815015b8eec5d71a5043d572f4a01c7782c56deac506f9911e0f04764e01b44f8cc126d7a2ddf9fd1c78038c700

    Download Submit