Overview

overview

3

Static

static

1

dda93c47a2...8.html

windows7-x64

3

dda93c47a2...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dda93c47a2e1db358c5b437a9321eb5a_JaffaCakes118.html

  • Size

    19KB

  • MD5

    dda93c47a2e1db358c5b437a9321eb5a

  • SHA1

    b3c7ac28bb9219c533b556dd5ab13a41272c1993

  • SHA256

    4f8f204d4b1bc2a89c5dbd3f5a65b002c2ae28c3b5874d62205a1bc954fe122f

  • SHA512

    67481b9d439c84eb440eb0348a03fa4a2c3dba3215763d8d2986d5cd030845a9d5b5bcdf3d98154e2c088271ca98c0c288e37553f799948ba33e94b3d9accf3f

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIO4WzUnjBhKs82qDB8:SIMd0I5nvH1svK/xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dda93c47a2e1db358c5b437a9321eb5a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4befeebeaefa9ab5b6b1e2c1cfbe053

    SHA1

    78afa76936d6832a24a3527045179bd3d5303901

    SHA256

    b070c861451d4e1af2f25b1b4413ba53bf15d40f75d1d8ee7afcd49004d02245

    SHA512

    c9b79c38841c7253e42774805f17edcbf286451410c755b3be578f07565b56b33021c796c6dcd37a9b3ac06c74b637409efbc4c6a06019191bfdcfc364e95965

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a1fa8b2cb2fc79ac7600ba4f004abb6

    SHA1

    82d2410239f4a928d74cbaaab16c38ec962e9172

    SHA256

    29d320e6bd9a48215b04b4b01404aa1f6db9b4dece88d43c371e58851e6beb2e

    SHA512

    c85439d57a4f7ec1fc63c41f2874db6f507552e6f305779f2b7827fd3357e7aefe372cd42501b9131a0eea9f3a526513cc972dde4425b6143bd96c820c3e96b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c008d098ac0e3342dac098945ed36cb0

    SHA1

    29a96a8d7d66522ef555059c85293918c90b8d8a

    SHA256

    48164c058e29f94a11f2fd603bc8002e9bfbde9b0608c3d89703e96286f81863

    SHA512

    12a62ec73a42b64e300731457f6bc1437a61b879c1941987c49de5df800652e0a9a62e7e2cb40a95748bf59f7d7b5d73e6a8351cde4307c47a9684c98b7cddfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10adc982021104722eff59cb7fa6d464

    SHA1

    a88513defeeb7df3f9af52b32a507bbc8ef26a7e

    SHA256

    12c38b3f7de8e14904b87f89365a0584f830dfc9b7e65ef25185af338ca1281f

    SHA512

    d2e5b1614c04516f26cbc5f1bd39a74608aad29062b9879c35ad1ee1c108bc64cad872f0ed8d93262bed0a34d31bc423d4dce59045f8c2aa9d10cbd08ef659a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a33f34407e6b3f9ba8962f12b962e3d

    SHA1

    63dab422ff56a6b820701af5797d86710261bce2

    SHA256

    1ec9c3dd4b3f09b2d976ee26e40ab46075f0041cd1ddcd6c258e277fc7371b48

    SHA512

    d58de02829c0d836946eec275b905d828b5dac8baf25e79976484d839f7122f6f3efa7fcf1ea129c769e445a0ad0f392a93f1f46a7dfdd75dead093dde7a7435

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50f819878873fdb1b9dc7706c4164023

    SHA1

    c1fafef51479cc23422bd5108e2790ebec14ab0b

    SHA256

    6bd8c3e805290da160aca4a63f4ab7400f443766631438e111325a10fffe64a4

    SHA512

    039b2e47586a0146519f84aef93e59b2cf7c60c2780648e6f05ca940faa3d2f4aa32d78b5b622b8477ebef16a9160810055338910768c918a1f46703f42599c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38217210e39b6c9ab464d2d7bd625b0f

    SHA1

    507be03931b599ec601e52ef799cd809a27e842a

    SHA256

    63f55522b24e95ad33e963a98cba97448be552e1a8ded7431be52d487865ea28

    SHA512

    2cf147c0fed3426d8c1bb2759542280a1afe239c8f6e1f930b00327f7fb382b00af38531eaf84688175a08fc6c1812a88b3849c263e3a25d848331d134f18cd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65c5e1842f04bd5675a06305f00c7ca0

    SHA1

    c7bf25cd1355974ab7d4f214a1c6738370d08b36

    SHA256

    2a99780c7bdbf66d0616dcd3694e34811887d68c5586426327e2dd8274106ac8

    SHA512

    740a50e3ca6aceaf5371b1772175b8e80ce49a3c8f988ea6c18b7f7ce43ae3613e124d54c45aed589f1d2c7a16e6fced38b47daadfb463433929d50f06612a9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    594d5cadaca91bc908155c53001814cf

    SHA1

    b08610b90254cf0290443907f77d4561d08af680

    SHA256

    91994f5247572064195b1b52002ebca25f3cc519d19b7d7fa59ca95b39697b93

    SHA512

    0bac1f7c6a783fff57bb07061c7609e1307f90e8c44aa56ee53f66c791a8a20bb00efb2e971f1916806cf91cadfb0bc3afbd3267c1265f1b5e7d9cf2d916802d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7FFB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar806B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit