Overview

overview

3

Static

static

1

df3161cf61...8.html

windows7-x64

3

df3161cf61...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 00:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df3161cf61eb67791f6f5225a28d08a9_JaffaCakes118.html

  • Size

    142KB

  • MD5

    df3161cf61eb67791f6f5225a28d08a9

  • SHA1

    d5a7ce3d10a1f8c276983b013a58f8f161c31d03

  • SHA256

    c68b40131d4e0643acd4c53074cac6242212c438fcbb9d7628063b9b267e7a90

  • SHA512

    c9bc6dfa028e22052df6aaecf056ee4889490f7f8095be8d753ee0b4122c1acb5980b8f8dd0a1455a0aad29d608931f69908e1d5bba883bb7a946a17969233d7

  • SSDEEP

    3072:SWaYW3pt2x7dyfkMY+BES09JXAnyrZalI+YQ:SWVWj2x7osMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df3161cf61eb67791f6f5225a28d08a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71b47b5a4a75fccfdc3cbcdadcb5ec84

    SHA1

    02067f8b6147cc4838b738b24d4ae2795054541f

    SHA256

    b6e9da2b7f292c3a7ab3a71298b695557274b7bfab7ecad2a96df00a8858020a

    SHA512

    9453d1a6f771ba94b0f1498a3cbb8235fdbea1586909be873b6eb58667f3630eab2d89dff4ed4b072382fcf7946e531bc03a9da5524f3a16a2620296162ec3dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e61d4685d2b02a09ac29977b6e48d19f

    SHA1

    85325fcf8ccb5911f151bc2a5fa03b17448ea8ca

    SHA256

    929ad0622cfc661125500b4e2f812503a9957c1002cf1088f5b8868084a10f54

    SHA512

    aefe82e079f4649a4cc6e57cf0bf60530b59716e363d2b9f170453b189aad4ebd6de5202ade04d0fd5ba1b0127325b0ed83cf44b585f54e8d86d218d25bc34e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ea67d528415a46bb555855e9bbdfe7c

    SHA1

    6ac1939b7db32b4b8fd83554adff26ef0d1ab314

    SHA256

    178e6cb3ba2458c3427563889ed5ff2c2e3180d88e6d4bf1b3be58b272cccd8f

    SHA512

    3a096d3e3a30fab9d14975755b5a75fcb0e32c2cce0917971e37d6c187f40be8e7681588b88fc1a3ae4e3814c61497c372a6242bc249bcddd89c2d45d7718d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    564871e012c0bad408328b17b5bcff6c

    SHA1

    51889287bc7e926a76c564696a19deb8cc5eb09e

    SHA256

    f2e8db5b93408c05e2ddfda4cbaada0ceebed4fabcafa7723410627c832ada22

    SHA512

    cad55042e032f474b4a22d72f2b5d4636e7b6ae45006cd0984c01a7ad7f199ce7fca4d45b283188014c4309aa8a45927fa1607dab5ca90f5e5db147181607bcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df11e95f881035654b8ab1daf71ddc08

    SHA1

    c18f2c567b23a364583a0d4fa4fe5d12cd6c36ba

    SHA256

    2cae37785b6123d0910add33c75e570bec35aa6f27789029a2bc8a50e1abc587

    SHA512

    37f27e5a2c3afe1350e71d86085402fd05bea6ed01d5f189704e51de1ac988e78f796c3bb6533b21b80fb51f0ebdefd1de1a1acc733fedd1cbd5e9b57966f94f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    507fd72b119ba7b67c29ebcb62024e46

    SHA1

    0518cd97e95c05e92fb8a1dc36747e37ccc49562

    SHA256

    5d14a9626c34f175978c11f3631521f2ac305cbe457b62eb44dbdf09222f512c

    SHA512

    4056a979076a68280d086493740dbe16ce78514348124a532abfc364832e7069cb215861914b25be0a1def1fcdd0586261296202204db61ba5a145cf4ad77111

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8025c2c2d5c4b495cc9259d8fda2467f

    SHA1

    f5dbb6dd673ad8b86d9616c1e5a3f550b85b76bf

    SHA256

    59613c4368ae057583a95735488cc8c95db04a5446e1e0c5ac522f982ce12ad0

    SHA512

    672aea3dbcffb3a2178fddf2a3082507e9538d54f2f63fcafae4bbbdceff18c98a5e66b4ac8247727392c0ea95d3463437dcf04b6c7243d1f45fc55ba1c2aa82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8241e10251bfb43873a6edd90bff7013

    SHA1

    237e76a4f3d3e69f178ff6e1a8f201d1f9c37655

    SHA256

    26a20fba4b3ae89392b9e24d9733fe6b8a99859c481e72f655837a2aa25e8920

    SHA512

    565ca0e8ba94985fd637e5a4e72495fb94db4b604ef5303c5de6037c3897dc1672b136f274f0d188105e9c48d7b23c33251c03ed5049a81e64e8e7b6c00f187b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30d3f0b309fef5e63489f6eda16de353

    SHA1

    0eff308c539233df0c9095b21251388d6aa26993

    SHA256

    5809619729e8cb4036a5bf7bd3aa99d4b64c2e67b3eede5dd5465878e521b3ac

    SHA512

    f8f22b8291af45cad640a7a0b9e10653b98705eaa7413503bf0f454a219e3716dc6dc920c35fe1b7806d98acb9a330d77d1ee0feb336404360e4a5cbfcc6c9bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62727af15ce99ad935d33df9f129477d

    SHA1

    a9ab51661497626d913d2db5ee59b01acdc119dd

    SHA256

    3b39ee2b97431f619350062e0e1bd86c0dab3ddc42f44ba4ae716f987adac6ca

    SHA512

    18384ce227338391de9aa9a9884bbbabba4f42c87cfc480ad9c10262470a5f46a376c082c0eab911cf28d5278e7723346c0911380599ded4caa08c4829ae0ff2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e323668babbb44aa759252d9bae9725

    SHA1

    a6d7c01348d6970a97ea13a90c18407a3f9d431b

    SHA256

    a78e0fbf181aeffd071605a07e2385ea281ea4972a81a04cc511f2ff7b141c06

    SHA512

    342493131498935aff393e1e0670793f08d4c19f5e2ab1517006a00ff14aa1646b23ff7da3ac8cfee4b4eb2bb0983af000aab49401092611f68cfaec513edaab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e28e59a8777da212debda4208642be89

    SHA1

    9da4f1394986181f880df67efe490e684ebd3ced

    SHA256

    ccd768243b3b230a68e1c06df0ea0c2b4c9f93e5d0cd843b5a45fff2143f0aaa

    SHA512

    6b21cee451253563699945c86854ad5d3e3913dda977054cb1d4e8b84a0f1cd50c38af8c0c61bfacaf0b4250c864060058876d07632d4ac29ee034014cd22e69

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9BA5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9C64.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit