Overview

overview

3

Static

static

1

dee4328d6f...8.html

windows7-x64

3

dee4328d6f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 20:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dee4328d6fff77117b2f08074308b20e_JaffaCakes118.html

  • Size

    35KB

  • MD5

    dee4328d6fff77117b2f08074308b20e

  • SHA1

    20031a59f4ec1d678aacfdb7b3d3eee174be14c3

  • SHA256

    168a624f94a110f84c2c8c7580eb7319bcc864b4f7d5274af09eb26340f68bba

  • SHA512

    af6730ce066843445ae96b131751d70808b901c00cf95914b331624567466ba8329653711619fd5167a7de167947b8b95b4cfe1592dc2c6533c203eb7266483c

  • SSDEEP

    384:5MxhtVeBssdbWWfUjCNvxvRc98RWhehVa668:+xZeesJvc6vR88Me/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dee4328d6fff77117b2f08074308b20e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d5dfcd17ba14a2d7b4bf81a62cea9bd8

          SHA1

          e02f21462835bc2a24fea171fced293dd07ad069

          SHA256

          6ba4a2bb29adff0f7a9bfecc68cdd6d8778090dab7d12de7eeb6cee2f93a839d

          SHA512

          11e5ca45cbb679599033952562e8f87670e605d79f0a72acc20621cc130eb07ad6a7991890a0a01599e0324bd46af0fb177ef7b36cc2b4a367a50a0dbca1486b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1aa333db24a282fa7eeec567d6b4a479

          SHA1

          e7e396092284f4b5d474bcf55252af4baf1e7f9a

          SHA256

          14dc04c51844802286366d5f83de91d1fdd649d29d824911c2982fc3875bff5a

          SHA512

          ca080f87c60de4c56a09650f07826428c2502acd7e45a65575a2e1fb5511ecf48bb65cfe4c597f2f81a7d2c13fd34f3aaec66947a3dad86180540f243aacbb72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fe8ccc7faf06b0ad579857f1091b11b5

          SHA1

          c9429bbcc44321484c94ef3af2f3438d1ae4d3c8

          SHA256

          633e93cd94864be7a9245ea2863dc6aba186025e6255ffc806effc2582a00bdc

          SHA512

          4f10482d53a558515d1d60bc21c7211f467bebbfd6057ba03ce31fa5abef565fe77d0d7bb6c59140e1e42f2c3603b5afe46a41c3fc0fb09cb676e5cdc28c1279

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8de90386b136184bf3430e38a03a0572

          SHA1

          01ff0980540b78c3dcaaa491358ebb61f03fce6f

          SHA256

          a6ddb705f4a0eefe9d4b15b1f295b9a6c5468bdfd941d0ffc8b46fdcb57d7df3

          SHA512

          30297f851836339439c31f0d69aa7a84310d88aa7c825536a7110c4315cb3541af869fbfa9e496c27ba2e1b9bf59efcf71ee296a06be81c0e62c75641b26a506

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1af24ba7d81c04462db23ad7780fa5ad

          SHA1

          3d1e35158ce26e6771ebc1c1d34c94c3c4986acb

          SHA256

          b1bf03d00d40c9ee64e32903a3ca9874ba4c365b553db6e587a51a9f62d2c260

          SHA512

          93756b5eb8a995bf1206d948936d07f44d624b2e6f1fb9659b39d5b8e41463b5ac68807e393a920c3724283bcb61cdf308eb9d2d617edf5050709a865b0ae7ef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2b58efdc582d22bfad6277baf0fbcb2f

          SHA1

          8fc4eea758a226937d8d30ad0a123f8e16038c05

          SHA256

          2c73bb7c998530f8de10ae382cc84c635c9bb8acbb1e52a3a33940c077aa2847

          SHA512

          f15ff7dd07b4a8d4406ab2ae6fc448d8386e8c325b0230acb8b664a80521336cad8221ee72404e3d75cf46f0e6cef8ff977891e24111a4f4a62cd0c35b703ed1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2aef8c2d4f58efd2fd66f79a1c8be9f5

          SHA1

          cdff8f4212a341b50ebbd1cf27fb31b401f12033

          SHA256

          29458a301efc289380e3cd01af26fdcccf05bdb606baf6bb86b7c385d72e3feb

          SHA512

          5ecb9379cb9c8f18947ffb90e6f20d72df2cb30c62c3b4c131c9bd9a71a6a814884a13dfc2845147e5c31575299fe6de19a678f0bdb55bde535d8687e04589db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d65371bf9210cb03e1d12c079ae0b282

          SHA1

          0c9d4b40a008d9a4e695d63709192bc492c6048a

          SHA256

          c52a1ddf6e7735196de24c854a64be498f8e2cc9f9281c29d5e1293752b4b00c

          SHA512

          a9209b0d25b8117e8d7c3924fe9302d7995e5eabc595392dbd6fbf3b333773e2d54aeee5d593424df30095e24440ec060bacc93317fd3910a9f5b14af4ad8f58

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8e270a29a3fa05fdc1a89c2111432440

          SHA1

          53a730fb76400d31e058ffcc21d778ad8e868973

          SHA256

          0c6df3622c1fcd61f27e311740b6e886de3e02a11622386012407e387e84cbae

          SHA512

          0b37b872b16359a2a36357875ff91c57f97f32ee3eb19d7b3d83d4d7198a43b0c4913205a5abd387f85728cbbedce8ee4ae4f0b1faf6c4b3ea276e0a7c3f1c6f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ed6cb96c1ef2906e42d94cc17627443

          SHA1

          34892847b037b5c82eb2c17987aae87d05e9e576

          SHA256

          56198413665d85b478ae05b7fd4f4f54fe8354b29ad8b0b8399b6d07b6fc9630

          SHA512

          97ab5aab0915a37c8775a087b2ce8d17fd9b50022d49b6921b3eedcab196c9e18f2e70dea2efeea8af28c36212b563e37585a5d3f50299e88eb15197ef6c9606

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fa9c253004391c488a6b72ac2a19162b

          SHA1

          804538c65ad1dfecf693b3ace16d8d33b778e066

          SHA256

          bffd9aa5ad0ee37e7f1eda37b6d89deedbcd025f7d95c62f319cd86660d653dc

          SHA512

          173d111bf8cbeeacf4360f24db33597578988bbaefe97e98cc51467bfcf6f799335b5b61826ce40a1c5e76038780b1b589844f4e16455b8d5f4c0cc84233182b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e9f8deee32ec7802d78ada821dd1b191

          SHA1

          713882340babe2de403029d51dca1f7f64521b24

          SHA256

          37646b34ad82d687affcba109be4b79ae41a68c2609da0d5a547ec5eef9570ab

          SHA512

          5390167c1e7b6710d60d25deed2184644404e32ed0fff6db223d1e76a8bcc0a116ef2aa0988cbabe23ae14eff7f4506e273fede8d0498b73f1896b9474162962

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8735b08c4303ca878eda78bd0f0bf00e

          SHA1

          4bfc452847cff78267d9a3d6a9bc516ba01ca177

          SHA256

          af855f0e1c5376515867b0676d2df308c4a6d5eb01f0ebdfe7bf6ec7ef4581f4

          SHA512

          622fab6f2cc0c503ee28d2d5ac060af28ef412da566be5a158827b985ddf120db46fd6688ccf0f8548774276b0a02e5ad4af47464d1f124e754c23feb541b9d9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f403b2bc95be7e2ce1ad3895e627a2a9

          SHA1

          d4482b2b8782f766712cd22091ad19cd6a1daed6

          SHA256

          90569b4b54a2fb088e7f178c31085a302f8a197dfacfbc17dff74be37e3f1e4f

          SHA512

          635354cb31af7fa8d354b2955b27ffb31fa2789466abefbbf10f67e3e9de1b6e4ba8aeaee2ff139f457fda8433eec506f59895e86b351decbbf597a897e7000e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab655B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar656D.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit