Overview

overview

3

Static

static

1

ddd24f536d...8.html

windows7-x64

3

ddd24f536d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 06:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ddd24f536d3d56abbee84a15a7fd0500_JaffaCakes118.html

  • Size

    172KB

  • MD5

    ddd24f536d3d56abbee84a15a7fd0500

  • SHA1

    ef7140207eadcffef314ffa5f8be4f249ffe324f

  • SHA256

    6d95e5f001da1581a2d0d5b549684408ca9fa7d3eece05799544a9425e8295d9

  • SHA512

    76bc2a19109172727935837cf3997bf3974d7c603aab6da19e82e3729976cb1828efd242ba7cffd461a86f93c89feb29052f3fd9d50665a3b2e4077b00cd8347

  • SSDEEP

    3072:vBa1yZ7z1WsjruYdHRmBjwDBhDAVG9lE/sMfrmBRitf1/xmUqNbrZSGf:Rc2S8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ddd24f536d3d56abbee84a15a7fd0500_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1800

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          7829302a4591b6ff787f7438e0a30884

          SHA1

          72c3a4d98b29e5fd88ce60c54cf2b84750edbdf1

          SHA256

          58e0923608a6d43da818b8e9544ec4ac543345263144c984e8d925c51e455255

          SHA512

          e6dc54796190eaca8e84cb881343c5340e41f7570c2d70ff7e3c3ffcf98a59e306d1795124c81a65a05f0ac5e00847b227cbfca5205b6db0acf2a1ef5a2d2b08

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0f9bf88170b414d94ac183f91d704162

          SHA1

          5cfae6223e08f864444adf4df77a3b4188a5f15e

          SHA256

          012830b2e7f60cbd71d5c0e97e46b83f4a470e5e074162c6b54219215ecf79fd

          SHA512

          b5e2717748caf7f58c253715774025e3e56ebd62776b0e92a7197e5ff7405a533bceb777ce079efe7573566e6d55acce609200ffc20de81411ce0fa1f2ae0455

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          12ae8355abf29919b308b3793b25dcb1

          SHA1

          af9f84753a9e40177050d5eea6a5b8c0b0873ca8

          SHA256

          f83b48a33ded27f289b0add006b2b3d9c1ffdfe37aa17d7c1cc7fd385e27d167

          SHA512

          ff7e873526fc4a23b506ea9608f6f48bc3c4be51e19d9e9cd578f8489a82616561c1cc6e88a6a79c38bfa4d40566660d7cb1a36ce3f8da553e2b06a5e0da8b72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fcfc76fbce8f32fdd79398e6daa865f6

          SHA1

          1d2156ed26c48e7f214b210081d67b8a5ce09f3c

          SHA256

          8ebfa92ac428ecad3f8158f7891dea808afb9ce6333b6ec44f2413bbc2c04c0a

          SHA512

          7252d52fe181bb03f675ef4911ad2873225d1e58e1b371af4eff172dbeac5a3b505d044716b5ffbb06dbefac31486f697e1fb618b5666629169b6f9e02ec8754

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6a4b287804f97830c919359d6c65dc2b

          SHA1

          8f6a8c2e72877a81905aa0ed274337167f6f6ce1

          SHA256

          abe0e73007a81a5968b955e1a1e19da4bd98ed6f78c585c624e87edb02a81d09

          SHA512

          519b417d9d6c266140ce2cd5f9aa8d442ef5d873091be271d085f97964b90c7b73d6361d72117b0bd43e524b5bd8a12878f8b37381d6d7be88adcd0f8d20881c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ac7595f102c32f18ba9396b94b71868

          SHA1

          32bb950a477c1929cc3b94d2ca11a3b14d733151

          SHA256

          0df81b675d9825578bc3b0d0b4444727c0de02b6bf873909ae59dc80455b6f9e

          SHA512

          b24e9a3cc935ed80e14c546aad636257bb616146a7af50193104fcd943e021e05c3a6d90e3207037e892a8410de7778b03ff1c16c18026b7925d9bd6d2336f29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3091c3865a48119cb1a1fe6d754433d9

          SHA1

          e200808a77b7b16a18210c40c8ac4d10bbf45116

          SHA256

          dc4c801210b0e279f2d4f078bd35ea41d05321824cbf923d1a9feac626bf3c10

          SHA512

          24ba15b278f08c7cb706149a5ae561d0a4ec10eed21b2a846b0a0755902c37bd8f6e21fafb6278f967ae4fd927be53c19010fd0157b7859e428cca1adb77f070

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          afad708732962b15e1ba5efce767c222

          SHA1

          69e50e13167320d52c9db54aa46684685008fa38

          SHA256

          2b11addce1ecf58111375bd1ce8c19ae338657f32be4b27744785722169e3664

          SHA512

          45fd536bef4874f2e5aa49f629a12e46dfb54ff07d85fea5ac1a23b34da5b81250247798138efd90b1cfa7c6792746caf91d8be10ef82edc1497f78ac489b152

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6fa6ce8f15a46d7a72615cc098ed4cfe

          SHA1

          021e211f1ef3da3db09771d8c90d5a83612359ae

          SHA256

          f05944e20ff4033ad78c6d2611b7a996b4fbaa3dc80c4bf2e4754ebda43ea859

          SHA512

          69356d59d23ff38918901ba29ed084294b599ccf8791cfc1f0f7bc31e2631612fcf5b5ef3abc123159c4646b74f052a455151d01fafe77090a0739331d45b204

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1864b767acd7befe860bd531a7ddeaf2

          SHA1

          b3062c32ba1ad98ce9a99684f862ecd53b003163

          SHA256

          ce61fc796a7fc4aea5f96ea4bec9f686fea2e9f91082ff3faf1169448f2d9c99

          SHA512

          a700aa6956707f8042fb39ff7f32a7ea1286fb2f40fb80f8fcfb570290f300f0f735a9b7f147f21ffde3a722a3132af1cb3ca986a73203b3fe62bb6c951ac9d6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1d9f5b2eec4c1784394e338c20fc95e3

          SHA1

          f1ea38c7410749b42c3a5b6a72490f62c67f607e

          SHA256

          9c9406212c15a3dfbf78aec7159681914f0f8438786eabab6ccd3d2962b3b4be

          SHA512

          512edcc2032ffffb2f7fb3c63fa343c5f10af315f81ff55b75f1b721e34c62c8a2e3bbc334e02dfa2dd4e63c202e295939a7c266fdf3d64f14cebc5cc0f1f642

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c6ff81f76a21b41471347e02618d074a

          SHA1

          4821a02532b2f92f08b41a1bd437cb6e0e19ef2b

          SHA256

          79117b896a20dd62b21095058c39a166d9839cf39ded5b8e0b428ce94ea6caae

          SHA512

          71448d6486810d6137baff7c98909b1175fe484a55bb0cdb8724c51159251219ae4575945eb6f609e6ec339f54c08eef678c05e3f07099a538a1c995369dba22

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b8058e2e25a61c6fcc80be95a291efef

          SHA1

          3f87b8890526e50c61f0c0871546c1d11144cb79

          SHA256

          0cb7e422b9a77f9bab7ab5e8fca35f561d23ab0be98afa931473be55fd4beffb

          SHA512

          afac35234ddef8ef097d37fc7b322ae6e1c6deb3890cd4d561c48a8b545d4e2ec0eafd3bf13627171fdb855ec35c246c22f5dabb8b5aaeb2661b5bd318b09e20

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\633SXO0D\cb=gapi[1].js
          Filesize

          67KB

          MD5

          ed72d618fe48f6fc42c19a4b58511e72

          SHA1

          80a2da4af91d56ec81c7b672afaaaa72c83a4414

          SHA256

          5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

          SHA512

          5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\DzT6ENZRO2k[1].js
          Filesize

          1KB

          MD5

          2cf9401c65aded1a96f7b896712a036c

          SHA1

          dc758072e737b8f662f0a553601361008f71e85f

          SHA256

          fccf88d7cee9ee1433b19bded497b7e87d6c85e36024830b8049015cb628df2e

          SHA512

          0e2deec9c7e295605c2c2ee0bac90d4720b44471a75b65105905b9ed6abd46bb6f329de409214225d55fe371f47844244a0bf02fe9847537c8b1bee674733b51

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\rpc_shindig_random[1].js
          Filesize

          14KB

          MD5

          9e5f0b21584389dc1c7b5da4a900879f

          SHA1

          191b84e0f5644398ba99e0aa141a6778c14b83bf

          SHA256

          3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

          SHA512

          c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\MEtExguyptz[1].css
          Filesize

          21KB

          MD5

          51a081ebbb4c46b847752c5da937165d

          SHA1

          4663311ea002ace26924a858301aa39239e1ceda

          SHA256

          5aa98f0bab8d9f2c3ab8d45cde8b3fce6abad282c802af4bc5af5c10e38bf38b

          SHA512

          4a7019e40703e0c60e18a36fcec095799d90fb4987091cf44d64591f6d9308ba634bc2551cf990d07e50411b50d867a1e47b0fdbb8af71fc41387505a20d5c3d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\dXk5exdOVhk[1].js
          Filesize

          430B

          MD5

          b4be83a21f6e0d40b752cdddee19103f

          SHA1

          3b0b9b0b023ea84a328e9b3b0af8635e631efc27

          SHA256

          25901136ab2bc54ec7e5603010b853c78fb36efb401f2045bb399c060b64292b

          SHA512

          1ea3bed440a81b42be9b1678af522c3a2cdda42d4d042d2bf355d43c61c1e6eb767f0333938b08af8d71fd3a354e35369cd2e083ff851bbe9964d5e54100f0cb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\p55HfXW__mM[1].js
          Filesize

          507B

          MD5

          759df6e181340ef0a76a1bab457ebb22

          SHA1

          2afdfa1808428e97f7f8faea0624c8402956b04e

          SHA256

          9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

          SHA512

          2e20c1b3b445dd0b143dc636eac9421454b1615a6ce0be63afa012e7571385f346f456b9ff25545fd90ae11dd08b23f03f36f2242c817855d26578fc9f5c94ba

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\r8Bqhj3gRoh[1].js
          Filesize

          219KB

          MD5

          d6731fccd554ea7602c084c402ffde26

          SHA1

          bc70062ad3c5e88af0f3d0ef7dba74a0c6a05ad4

          SHA256

          7b3fd7d13d706e53ad8e9b26d52b180d83f0b81e775c74057a24f7cd5e71558e

          SHA512

          d67694615f892a6f50451d0fd9dda20e93ddb7e7bc85c7f28b35edf3242e78484c2b577d3223f59142b5a5a0cd3fea5a9f9d5d6639f047b6f786e76d1264b0e4

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\2254111616-postmessagerelay[1].js
          Filesize

          10KB

          MD5

          c264799bac4a96a4cd63eb09f0476a74

          SHA1

          d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

          SHA256

          17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

          SHA512

          6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\FsgTKAP125G[1].js
          Filesize

          95KB

          MD5

          fa4659b9420bc7e38057714b5e0df69a

          SHA1

          99aa6f802629222f08e639110e47ffba190fefa1

          SHA256

          ed9ebebb63ef1bf49ac90b654ce47ea4eaebcce1ae01dd42ea2db7c598efe114

          SHA512

          0d4966f36a52ac6ff0c05a69421ace554c5c08505e85f2cbfb2c43ff687df85e38468b9320dea98c6bf2504b1a138511bed7f945c9bd33675289b3a18f5f0ef2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\Glud--w-qOK[1].js
          Filesize

          34KB

          MD5

          0952dda588932eb8b8b8d3602dc7c3c4

          SHA1

          c5cd78580b6f2ca4401ef40af6a2d473c800d089

          SHA256

          43c3791795edc73fbeb3f175d09638775bb9aecc245a0c584c216aa11eafa7c2

          SHA512

          219f0313ba14297a40a82c9798b0a78821fa54df0c0e31302b6b779a065902f2c7cbf2a039f094ed759efbec3300fb3774e18c2d3d6767dcd3204a6fa6fbebb5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\V2jz_gSOAop[1].js
          Filesize

          421KB

          MD5

          8dd13c2f357f92778254b31a8aab8edd

          SHA1

          28320c7beb1a73dad995b12e8046defb537d3ec0

          SHA256

          d844591299e57ca5751b6a9b03bcce4dfd9aea2e7fb89b324af1a813bdf74a21

          SHA512

          32d93061f4c15031b7356d7d60c1eaff8e33130e36844a9de3cff6c7600820a00bc124aad27e2f8d539ee7093dbee22b8727c748ba4bc192c53f7efed9aad332

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\o1ndYS2og_B[1].js
          Filesize

          6KB

          MD5

          e9afd3c9b16db4bac91630d7066a5e1d

          SHA1

          b4f92d1ebe74ab6801ad7440447b4147a1455806

          SHA256

          ebcadee37045943d04569e67311374057c3b0816ac58c34bacc6f5b324fbb540

          SHA512

          02b60393f4d6d52f22900513de31b9302ebe3998681e06baafce5adb03477bdeba517fb6e9386c4dcb3deb34b4268ec76ec1143ea62a857c3bf9a78b29bd706c

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\pLoSlJD7y1F[1].js
          Filesize

          94KB

          MD5

          b9d9b0a8999a711b99df636ded40f92f

          SHA1

          6c47f480b2521c9445a5892a57587144018fe30c

          SHA256

          232c554b7974d07f6c1777b5b96f984f538e60b3538c848b7bde84363717dbbd

          SHA512

          09ef5d7cbcfae3a67bbbcaa6a93eb7298bc1f7af8e2fdaf21613ad3b081faa80cacefbedb17d47f7e2eeb31991bd912773dbce22089ba4c2b2c0062738d24533

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3027.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar347D.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit