Overview

overview

3

Static

static

1

dd797ed230...8.html

windows7-x64

3

dd797ed230...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13-09-2024 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dd797ed230f699a1faf78786467cbc0f_JaffaCakes118.html

  • Size

    23KB

  • MD5

    dd797ed230f699a1faf78786467cbc0f

  • SHA1

    a27bbab4e07bb0b229ad929d9762d9fba288dc85

  • SHA256

    27ee6144d44ead3712c29f89676ac5da640a6254d315a9f5a6e7bd9d16246bdd

  • SHA512

    871235c23080111d9d8a93a48d574ac3476f9851d53976adcfccc3740e76bdf109102763cbdfb20bd6ed204c80c3d6af205f3df5c890f4340e011e3dd8fd1600

  • SSDEEP

    384:0wI6DDdJDVfuzgUGT3r1K53qT/5wY8b5zxZcptTtbO+0zNzRGwc:0w5DDdJDCTGTb0fY8b59ZWpBOXRzRGf

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dd797ed230f699a1faf78786467cbc0f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d11c3cdf3733b05a860dc69a4dfff04d

    SHA1

    cb0abdf79d7a725e87cc5f3e729abad91deda958

    SHA256

    65b43320b6a1480f7b776f1a365a98c4a02ecb5ef30f74bc671c1056fa423107

    SHA512

    2ed315c531939d39fed0eb3946f6090f290c46b8f41ceb7ae96ef3ec8b95797bacd814fb747a21f9e1696441a1d4262580df0316c710ded43572b928bddfc1b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1d451bc414c7159116196eed6ac54aa

    SHA1

    3deb11eb7d2aa11f1bfc4b68602857300c8aaedd

    SHA256

    802a0c7b9f70860d90b617507810ad5038c29c69faf1f33b6471a23a5d27c6d7

    SHA512

    d89b37f6612c6e6cc596faeb35c627589f412a0a3afdb00c9e8755682d695ecc655c2a3de3359e38d823218b21861b762d0b7cc8d3dd919fc635580689760160

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    940a9c756cfbe440c99b7f2aaa494f82

    SHA1

    de6cc70562371b517b92da35f1478320976d8aff

    SHA256

    1394ee220d7cf8d5f7f939bd014fb3c91f7fceba17e46fa3781078bd7902215a

    SHA512

    94413a3b8cce111994e7cf3fe693470395cb77cb6af8e917eb27590967b3ac7ac75432960ab83cbf9dc22caa756b4df146b4c4f509313ab019fe51f9cc50a0f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a06455c310333d59e815328ee5f328d

    SHA1

    de357c8f037cfab23880c16cbb68cf5e6bf3c54a

    SHA256

    4405cd5a5006b3aba49612510312190a2833ac6512841080d54caeb855314604

    SHA512

    61cebfe26eff127a53d85caab5c03481deaa3096fd0744c1ef14599e6699f0e84cad4b48625f5845b59fe1af847aa5743b7daad83d2452b6fb2757dd412e8625

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74d83171212506808dd6fd1caf61e936

    SHA1

    aa2bb674268db5670eff82b275e91554634fb748

    SHA256

    fa0c77a5455066183f84b3de9b9730d1d7b45702e0dbe6856eadf3019b0c55cd

    SHA512

    e7c6d6c3790d3cdfdc5ba92446359356ace9d565a077d9d4214a67b0159a165008983c36e244adcd6049790a87bda6c818370e0ca1bf2359564addceaa6718fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dee821f80cdc3dc793bba016d2c15d4d

    SHA1

    8e78fd660e525e258af6d61de8716a4b74326d19

    SHA256

    3fd04cc6d7f3e3ba46dd4e93060fa80bccac31d7cfcc3c189e438ea023592beb

    SHA512

    84ba47f5862cb34318aeb67d3702fcec1954d60d8fc0175cf98271a9dbd37939b4cccd06d3a6781bcab2ab63b8dd392fdf67b36650b7d34d032a252eb938daca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dd53821207e8949f21fa33bf03df184

    SHA1

    22b6a5be4155e818146e590d93879765a6dff97a

    SHA256

    be0959a662752cc66f6bf0df28281df80bea1b677c06e82e7e46a3769c2d56fe

    SHA512

    9031fc955e7e6407303d90c4ca096c6ac3b44340889aed48be7ea550e335d188bab7ee4c01aa0b7cc664d9847e90c6da87c56078e862f8bd9460b5bdf9e93560

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e6bebb31bf903e96fb41a109948cc46

    SHA1

    672748bde798c12ffc21b01da9995e9b37b50ab8

    SHA256

    51a701ea06d54baa67a2b2e7fb03470850e88d567154d4cf79404004919b423d

    SHA512

    677bbd859d7345a4497f2b84f2fd3727b2804c801db5d3a34956af1285ddca0a47231afa00af83340eb200f15d7d5ab431599e03b930756ab259dfafe5b80538

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1f0d75086acd6154427670aca2dea7f

    SHA1

    0085383442de9cf9ada7a0a3912d966472efcf27

    SHA256

    a40be54f160ee52b3504881df49b54fd69f98f528c9ae9787a95a693fc44dd2c

    SHA512

    25dcfa03250b484117c0c716ebfc41b6bed44cf9166d94e89e24c993eb9467902b9ad11d294eaa67b61bb39279db818935e9910e605333e62fd528c7a0ab00f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ec378dc726646f9dc5514fa54008b85

    SHA1

    11a756edc23a42ddf0236ec97583312faa53f22a

    SHA256

    e9e2bafd9f17f6e24117fbb397967c1e56c65a46b30f4a30171d6b01899c6256

    SHA512

    be0fca9008eb8cd462fc0e42f7d95f860930b972d6345656a26fc4a95eb1fdce4ef5e4bdf0ff51c7a15c3fd83fe4fb13b634f6e6a3ca72cc1f91250657e3a739

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a058d26b488ead62901eb5d49405c83c

    SHA1

    0ddea64e1a6ba9fbbadc2db0a8acd3130ca7c258

    SHA256

    7c79908453b26e0138099c7602afc2e0da6bfa96f0d5517ac7b47c5c79555ba0

    SHA512

    7c3282f1a13b05a6421a1ba09505e2a6adfb4396e3dc48a330c705a49ec5bcf8f3cfe173d25ffb5005da3eb7ccc40ae771bc964aba821f7cf21357d510871485

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d9830cbd3c4457a4e1e2b3b112559dc

    SHA1

    ffc150675e62724fd032b7961674e21cfd351e26

    SHA256

    eeaa3021f92bd0539228124f6101aa69d90e81e49912b9feda9c1509644b96b7

    SHA512

    e9395c29a0354f1ef18b2f9b5b11f833d6595b48b63cf96dc2900a2dde08e56921d2baaa84c3bbd799892235767c904e0bd191953052c76639daeb3f144fe1f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC1BC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC393.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit