Overview

overview

3

Static

static

1

de6d41d005...8.html

windows7-x64

3

de6d41d005...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    131s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de6d41d0056f17808b0d006a6d4eb7c1_JaffaCakes118.html

  • Size

    20KB

  • MD5

    de6d41d0056f17808b0d006a6d4eb7c1

  • SHA1

    4cfa646c22f4409c22b12cb01954e275c9596020

  • SHA256

    08dc18d93befcd516e077ce6d39195500e1c94ddd23bb22a48df365a43759908

  • SHA512

    8c1f8f183d91a3f5cb069af553e19a7b2f6ca94815ad5779d7025944ec62cdc9628a4403d0536a45319c1dbdafd83c0c09b035d60c0225c73d7ee86b1870045f

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI24izUnjBhWI82qDB8:SIMd0I5nvHpsvWbxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de6d41d0056f17808b0d006a6d4eb7c1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db96dec8660f6f089593e5a9055972a6

    SHA1

    ae8e9c26bf473a5f1b580f0208ba8fdad7bc80b7

    SHA256

    fec3232a503e15ac8cb602a9682f2d4b3428f83f319fe0ec6192dc32ef35e6eb

    SHA512

    248fa8920cfdcca392c8df15c509a6fcaea3928ff85818f6d41518384261b646a6ec990f8b9640dc92c4c8edaf1e07cdfe48e7c4da45af3b9d47854fe18e3ae0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    268d6e26750ba9217e32160804bc2e27

    SHA1

    5bbbfbcc7271fa0b90d10b51fea5d674dedeec95

    SHA256

    2ef0129bb10539e7fc76028b479017acbd9fafd6654885480a23d9f3facbc7e1

    SHA512

    b0629bc0bd1641a6bc53f3e624eace6ee47c82946493ca4d89410f8a752a523a359f034ac9bef3b33cd22ba2620f76303fa1c8c0a01ea7bcab4a76587a1eb63d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    685cadf82f376d26be57ea25c44db374

    SHA1

    aed1918ef45b1c3c6ea5a033dc7359d7e65c520b

    SHA256

    e925b3ab2abee716914670490f60a7d6f41fdf2871a2274b6d254fdd303493be

    SHA512

    0d623b0b28cfdc44373f0ec836e699338b43cd5e2487e1b5c836cb8af326ac048acf8eeacdc4015411a07f82c0eb6057afd0ab5eb70d29db9ddc12eb996a36e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a17a405acb02fe0fee5a7239e23d445

    SHA1

    b7ab9c6daf0dd48cb2325f5b0fd9000eeeb77973

    SHA256

    9e715600f2981c1442987dfa71ab16c88a2b77c09ce54eb0f3551a42a81a0448

    SHA512

    bbfe1aa1e2d6007be5c2ddcf6d08fe0d2b010e8ad9362350ae2bd1be841a5347ae64c913ff0ad5daad3243d33cbc0f118aa794c140ddf5fbe78351ba912891a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a552d345b4519e728122f12b06c6930c

    SHA1

    370d7db0ad7afc68ce43dc4deaea8e9a10fd779d

    SHA256

    3e6c58e38e068194bebaae5416d3c751eb4562213ef34c43cbf22ed9e440d822

    SHA512

    324d2099f30c32b4e11b9e7900450f20f500331059539ca1c83878d6b531106d5627ac89c0ef63170b268b96c4256d62f63f9cf3b90141c963a9f5891d7c59fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65461ca19b32d6987e09911178b53ba3

    SHA1

    5ab12aae7da1efb1981150e261c65d652f1cf303

    SHA256

    898cfc74f11ec3b835e2e7b493530278ec60cef97f2002b1ee1f7606ae09f8f5

    SHA512

    18c4f43939572fb6fc1cf4dc1601a5fff5b749d19760d2583510668a0b0ead6029d673b26c469d98d27068d08d6cdcae26b4f4da51657d7bd2fd8523d962333a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0888f037e36be17b49ffec2e3441083a

    SHA1

    160b61f73c413326407e1c83b63827732ecc331c

    SHA256

    4e7dc84d2eeba3e668e8d1e6b62b1044cafdc9e86d991b304cd951c75e6e21a7

    SHA512

    2df2ba237acba8eaecc6ecc1c1c28d65f0abbb493df54139bc4f2d763cf4c2f70fa0914516c2dca21f659f84fc283ed44da23a3dc5460ed1295bcc66a53a5891

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3d5fc7aab4b2de63704d6fa683673ce

    SHA1

    051e6a92eb1ce484185f8dc06b68e2af3e3765c5

    SHA256

    b6f96819a6a30fa14d118e7a8f4fed90891bb0429cc150892642cfbd4ff9c7d2

    SHA512

    48ca522fd4d5de27cc2892a1e4be3418b89608dba437ee4f3abc9dc52a9c7aac24727fd88924e36834ea071567a49184a25bb82dd1eaab8fea2efe1964ccb497

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0072fc87039da2b672b6ce275796ad58

    SHA1

    edbdb215e6067473332465e11131e1ed7fa27861

    SHA256

    5cfabb67d9516ac4a2cf76eaa615a983038262da63caf7157fe9dd9d49c69146

    SHA512

    bea395fbbb8e1d4e8be09ba8134134e07c617a0aaeb51eed9208eec8b7c6dbc4606acb1d3f0b3bb855149d31f9861c90a2ada8eb8dabbfa1bbce954a741ffac9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD04C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD0FA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit