Overview

overview

3

Static

static

1

de165150db...8.html

windows7-x64

3

de165150db...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    124s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de165150dbef023e365d15bab61010ff_JaffaCakes118.html

  • Size

    37KB

  • MD5

    de165150dbef023e365d15bab61010ff

  • SHA1

    f2fab61cff3f352898eae62541c4af551a09f8a9

  • SHA256

    67d3638d2145dcc97c6a33a2e43cfe5f1802e2f2ee1f6171a5630e58b5ebdd8b

  • SHA512

    d9c84b8ff3240731b3b66ed36b9a25895a13ef34417cc285ff849e2a0d9f4c1c51b9712b9002e256236aebf8a1ca971e4bdc8f159988dbeb90f78d3c9db68305

  • SSDEEP

    768:WF0bR1bDIlb2vbk5cRq//9bm9itKedoGeE01Jy4JLYAX2VCnIP:WF0v3IlSY5cRq9i9itKediCUZG0IP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de165150dbef023e365d15bab61010ff_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66ae95289694c38eaa7ee573a8a63de5

    SHA1

    e450c5d0ac8783b3ae7337def88fb7e6c02606c2

    SHA256

    7599e6ee8202213e967b9fc5be2024d01889fc4bcff42e5ea8027a45ec2f29de

    SHA512

    e9adfd078d80fc8577be9eac64857ff3564128debb557f9560aa5fa26ef831c77ba7c5b99c9366bdba4ea822a7e22d032eb90b5827c7d813ff9eac27e519d821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a10ed32833e046217be529f94851714e

    SHA1

    10ef6eb0a74a707c609fc781f9a90d77a0ac3c8c

    SHA256

    1a409b3e7fd82893657a18651973d62fea945635b74dcb6618bed55830c2c2ff

    SHA512

    830243ea6c4f4a0496e60f47fd7c7a6da5bbec254d2eb44136c57e407dd4f41e65815dde119a21b7f94edbd0be1ba0015ec61f4199172b0e69c5c7e13b7c50fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98571a7f123c42dc6c0c37021217a57b

    SHA1

    2ed3835bf2dc4d753e4c41859fb1119dc00ca2ba

    SHA256

    84e12c1bd21ef1c25ac4cb4d3aa89bf42ab5753a12548af587f84e627137257e

    SHA512

    08363a1c5b9b57e8d6e6cbe006ca27901373a10478c3ba00dbaf76bc3878bc83a300d5d6b8626543adf599185a510c29930ef62642453324998648618862cd85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    779bd4134590ccb11f3941b72850f7fd

    SHA1

    4049d06574b3ded15fade1d1eddc4c66c38c0c43

    SHA256

    d52934cf2a67eba02170c4789b5b46418e56e11b55a530b4ffca7f95168376b9

    SHA512

    dc8177fe7866ad709c0d50e1c3241aea03b21f57a6bdbbf80dcbcfa69831144b74b90abe478bd9d23943d4a608cd08a81c3be3d4d5b6b6d6117cf2b4099fa0b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    728c93c5353edd49790e5d099da2caf1

    SHA1

    6af7584b5913d89b496fcd07ce5925be1269e0b3

    SHA256

    a840b08949c32455e35e3b4cfe36e227b5177c43beaf0869097c37d2eee26a8f

    SHA512

    bb4dda3fc0706f21eb1c1cca9cb994a6a4b6debf9a59beb7a5283f04319b8be8f90bcb3e18967eb9d313874216910c2f4999a468e89be8f77be9512e71317bee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bffbba31458cd1f488193e013a5b85ab

    SHA1

    84277b4756a0739f0eb603ede9978b6f6b1417b1

    SHA256

    f5812c04faac3a841e6e5e2bbf14a759d44866f7ad328d5da455904c41b69ecf

    SHA512

    800da38257359c26ad29d3edcb11529f503b419eaa18d351149ccea6e804570657abfbb089233419320ac46684e0a1a6919563e5b2fe2487bda4f8ba2b78a8d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b052899b78457048152c17aa88641cb0

    SHA1

    3f71f5d7634cbc5d30cf5abf1c1904c3c9b274ac

    SHA256

    c12f34b30922ffff73866690e5781416918e745d49ff9e81d141071dd97b84da

    SHA512

    560e260db7515967aee6143e940e35177c157a5f8c18b97ce1badcc8b493559cee34d2944f7b7e269e4204254a21504c64fd3ed63e829bbf2ad04b1c64e0e791

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f62574b20a35c7a59f4304755620eed

    SHA1

    3ce0357b0b8d5a39dcad5f5dd36763f51f89cd49

    SHA256

    b2d6bce5cf832322dfcc94e5036b090c0abe939b06bf452d87687111c072783d

    SHA512

    a7aef809534860b51d85f661f7a32367faf41ebbe87a042a977145dcfa2fe485c5dc106c8aef29c20d522d886b839c5c4a5143d68a8e5f4d562c8480b9ede0b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae9a861d7e4b1d5114bf08403c29b9a4

    SHA1

    6b7c220a89a067778c38f7e285853ab76d7145fa

    SHA256

    3bac7b21d042f9ff74df993a0320b7fe2736302ebaa7678f8c0983efef715449

    SHA512

    e230cf21748069a431b13a50fb7032f3acb82bbfda1923f8ee7dedbf6de221a3d0eb70e09240f421b4a8737656632332a8f9ea1bbbce4e7c43c6730b5805c0ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f5fa04ea319104b5df9c96831b021fa

    SHA1

    5096ba3431c7026aff9a1d93c1ffac407caf88bf

    SHA256

    71754ed0c0fa065f74103eeab23fe22b58a552f1b973a9fd71550b5abef68e9b

    SHA512

    00d8a87b3d1fb46443300b7540474f6aec7057f02395c36170d2ea8445102519970fa578ff18ffc72bcd7d48560b8cfc9e4a53ac4f4171b2926453adf7fdde4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48290d3c852cd9e99c3133ef838b0514

    SHA1

    f930e891553ae7c5cc7a9fb0548eb69d9f1462ac

    SHA256

    1ba9c43d93a9108075961e9c952e8c9e031cdd870c18c33f7484356bf5638a42

    SHA512

    93666f564bbdb9c50d5aa083a51c2fb82e4358ebfc4522c38d29d5c64bb87b06a2f5bcc028b3a46940756042a48d854dd528cf5b867b9b1011b96837cd495775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce56748ec9241886808334c902bd8d7c

    SHA1

    73b5578568420790365a78a9c3aae354e509df45

    SHA256

    c72bd5051a9931843c10c576945d2cbbc936735f71e3c41c92cb1458f24b014d

    SHA512

    88fdd76328a49895c4650f27af067cf2fdb95b16b4f8c5d855e4a069d43f95b2ad30b9c6a45e8210466ae31462c11658220216c94054b40672e6ed300dc15562

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fae245c961fa11915935bb13329fcc9

    SHA1

    3b3efaff605dce08aa32852bcca3b9a787a186a7

    SHA256

    f6352d1829611a1b02e72f97d684f1987c7c42f70631df2c298f6a4c1a812375

    SHA512

    3cdf819b1ae5d106c3fc7ace71f192bafa696f167dd572bf8e028a1bf7561c13bf0b6483ea5faafdfc23ea59310e36aaaf6ad5b4d7872bf302b5a287918b9161

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    356771855d8577dfa2515996eabe1909

    SHA1

    a01c166d12e559af6b6adc14b38592b57eef0cfa

    SHA256

    cdb795bc125c2ac74815ddf3c599540e103e508a33fe49af73666d2e5e82034e

    SHA512

    34757f8769ff74dc08bd614cad1f1c9737ba21b2807f3c7edbc40e23381fe25019d664416a8aa5845508482e4c478b3e77059325bd954023b59f0337af2b063f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4e8747203350a1bdda2ea879ca3f0e3

    SHA1

    9faa7fb3060b9a267c76d975e16697a442936c94

    SHA256

    e77cd424c4a30f592579c262c1fc6f7e100efe18d770a4238cd3102a98669445

    SHA512

    e814130c7f496dc9ec30cc061ce829f5190b8b6ea9229fceba56407d03da8b08ef87d583c9f77dabe198343dd7aea98aba271c57fea2b47071abbebe7d797887

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    911fe89cf2e89993b7af92f2b4f43d81

    SHA1

    3fadaf6d15f2017d52b742c89e6332efc6d4937e

    SHA256

    9bd0da576bd6aff0ce6d408a3289de24171d59532a70ca8c8a43996cea4ff699

    SHA512

    b748f75ff2e40cefaa7942ad6bc9283ee09982d64b59e9186bb2ec527c885d54540c0b1ca0f7e62c0a80522c787cfd02cc1b03174f7d775ea8ca40a29836a9f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    692c8449dc623bb3806bc1a57f5e747d

    SHA1

    30786ee3ad755241fd38138989e9479de73a03e9

    SHA256

    d90f1bf540851ce1d2a424649311f904e7cd34550a638fa7aad409a61bc2cd06

    SHA512

    0909bc32deff3afde35e9f1069be33c100cc1edebfc016e14de156eae219b8eef431f19d6e5769c2b58a7e4abbaa00a4fdfa3590b7b06ff3f893722518cba28e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff58cc9497eab388d88aa112055baa8e

    SHA1

    6044e6200bfa10ce5ab342345fdb081613ebf56c

    SHA256

    5f2547ec4687535dffbb86c1af755ee0d99f1937f3bee7d3b8c6c28cd7675cf7

    SHA512

    eb8c22e837a4b80113e401dc4c49e2c7309878f905cb82e1b5c69baa4df0e1512e505be746e071322be98cb58a62dbe32541140be8fa178e71ce2e020ec75bea

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01LB6K3J\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXRG2YQS\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\cb=gapi[1].js
    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab408A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar408D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit