Overview

overview

3

Static

static

1

dfdae76154...8.html

windows7-x64

3

dfdae76154...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 08:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dfdae76154ffa8963e5394467124f79c_JaffaCakes118.html

  • Size

    23KB

  • MD5

    dfdae76154ffa8963e5394467124f79c

  • SHA1

    29384ad59c4fbf20c9e3fd3bf7a54b6fc1dd8151

  • SHA256

    fad7d2c9232f0f42b335d5c70dbee4dfe1f05114ce43e01fe3682896e8303741

  • SHA512

    bc681b6e922ecde20d1e32d217a7b09c2b4d33b959e2e37b4e2176dd8190a6361d4d7d23af573cff1e54598b7b44e4039b40d99c43a92f82bfa9a79996604d52

  • SSDEEP

    192:uWb8b5nZ6nQjxn5Q/gnQieDNnDnQOkEntMPKnQTbndnQxCnQt7wMBjqnYnQ7tnoD:0Q/pBD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dfdae76154ffa8963e5394467124f79c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90334f11519e145a6075207b109097e6

    SHA1

    b5b7cc75468ef97d887d7d6efd2ff07374002b50

    SHA256

    e3c1aa843f3842f2d7112cd1f15cd3f0f33b8a4ce776f397dbc3a00bc8bd5443

    SHA512

    52bff3fa1592fafa73551fda213c1a8e03dc2bc763dcd06f4d8dadcf3f2997809f026638863fdb27ddc6c4e6ec03b7838553aed90c21c9d2f5a37df53a845830

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad209ed758c913bb751922ba5f455f60

    SHA1

    b60e63e21446326897dee08c0799f8296e5aaf66

    SHA256

    4df625317d8e2c09bda1d1a6f468a2bac971dd54efdae22317bef21524f66a4e

    SHA512

    478ea6eb8c23741f24dc9e825e68b5bad4aa8d67d49629041d88f637f230f7b50b2902ce3e637bd4a2ed1f902e3fc095b92cf51ee99d28b271ef565d57e93a90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb4694171ab8d788c04ecda5c95928c5

    SHA1

    24b1bf22f0a72983059ca6075b3cfd8a0bfcce49

    SHA256

    e60a62e69e84881bc5fa982379c2dce8274a87bc90e7b3315af457aa81cec506

    SHA512

    fc725341ea0f46b1e6409df291945e7a634144763a2c952c9a33bb49a04d3fcdcbd9e20463be9619236c5060337dd60308ccbae580605b3b2f363169be9c8411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    476cad9165dd763b2818a102d1cfa541

    SHA1

    4da8d8988d57ed92dd3a3cfeec1427384ddc3fe8

    SHA256

    8a493a6487f2fcb40784e67b4e8a7e400dbfcf930e23c32e243e6400b5f7c780

    SHA512

    dd894f226788731adea1f401e90e13b52a89574f6bbb7121c6b0aba9e68d2e4b732ccffd561672171764d590a535a084539bc480d0e1ce9901ed48120fbb8335

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec62cb12a310aae7a5de4e2949e25630

    SHA1

    3d6baa241e57072b89ddd7536cb52c417f87a304

    SHA256

    72b128c82d75e9c2f0164dd94bb12a714eb75bfd76318d19ce4828ff49db0804

    SHA512

    ee89e99105ec1a185759118f9d3d0936aafdaac305ea860d9a84e907165bb3ef961b87c3b357daaa8b3fe29f39e3eebb7f29e0672216732631d5aef75c874104

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45209825aeacd5448327ff57af29f78d

    SHA1

    fd40bfb9d4c50e5346aa7be6592dde60b7a8ebf0

    SHA256

    eaa9e5ad7fd7437764a5b6384fccda05ce36383ee4b712787c0bb257f74a878b

    SHA512

    ebfbb3712b45292981c4ae41170c1f985bbc20bc19bbf8bc11516244c1720f6480a60e384c31da72e56137b56d0ef9eb297de1d880cd374268c031e826528768

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96d25178b174476e6a35a9e748b1d2ff

    SHA1

    a4b6f54629de04ac5555bd3ce5354d00b7638dbd

    SHA256

    0a57303e66e374edf41f35fa64c721a7a6c99ced8465ad26803b9b334a6568d6

    SHA512

    0a7aa36974c6d2e85572fcaff5da0b0c548210fd30c326a1305a5840112076fe530126a80b303ce3e18046e6a584ea4914ce76b05b391adef0889f9dfc2c6a3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ea1d227de0d112bf3bbeb0353bc601c

    SHA1

    ba60538924d6ebc04534ea18ec09e5d408ab2e15

    SHA256

    4344d78eb92efd7f2e4fb526a6cdfe3cd67dd0aa502d64f4e46882f35440beae

    SHA512

    a7ce9b7db271d605b71a23bfaf5c3d445352be912768cd83fc0cc425c19eed5fe3650d5d26549ecb11303dece8ad8547c85721c818f5bced17a998905a75b0d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41454ff00b0773706dc4f48c030e4822

    SHA1

    62ada7f8639f57e36ee84b496106345c9c681bbf

    SHA256

    485ca608bde80ab2c26d05cd4e3ab5ac23d31f933672075da9cf0f06073de97e

    SHA512

    ebe11f369800581acb8ca7b76012fc230c5b89a384af4b3905d5ba17b0b73b2e50b642ed044857e6b864db59f01f8298bcdc1139499f6170c777681484e246ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c66fa54d2c9c1cce790b5dc19229ed99

    SHA1

    c0ef5e27047432462b486aaa69097d62b8cdce53

    SHA256

    98a03dab57671d0a0a5c9033e3757df8c4747591bea632478694b9673cd5dbec

    SHA512

    c937fdf4db017b0625f90e1587f989301568912ef795177421f81dfd3f7c9a2ee5a11a3181e99ecc98ae5193e91cad972c1657be46fa0b2d79e8587530a4573a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dbcfe19cf3b75d7ea2748e6e32479ee

    SHA1

    aff9cdadf15750ae9f9db195e82d4b66ca5e51b2

    SHA256

    234514cc359a6a038af569b6574dcd5926e8b4024ad28281dd2d307c75e089cd

    SHA512

    db5d7ad56fd4cc2f0cef9179f1ac92c03976c5b02326820638cd2e953c1bbc754387f5bc0693059f5bd3cd7c1207a61900cc3f0eeb579b9a9f0ade4dfa75a584

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01bea05dd304571268a09592d38c9a95

    SHA1

    07ff34a4a027fc1bb74285b18c39c7d59bc411c9

    SHA256

    c30ef40006096002537a5f4e7f784dd3d4db913787fd80dafee600487e31a7fd

    SHA512

    46afb99d640fbadf6d9e6d4ca7464564369a3bbcb2720206dbe86097096c4cf38a8449aae7f11ca8eb0ad90cd1c91f63b9bfe701f2ac1a88482ff0c024a2e787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49cbf480d32233524b43f0943adcb392

    SHA1

    22c6a420cad3cb706fd0f3d12dcdb5109705b111

    SHA256

    37d342fc6845bbe6ad69615434e77caae82724e3b81b806d36832379f7b64a40

    SHA512

    f3db2d3cea4be7a62efd0dc20866c69f3d2da3090af0aab1ed7d24b0d09f494d50dbecc1a0af91ae4d7cccb9ffa6b2d4bd8f7cdfdef3bfd7a3fbc9b1956dfa42

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab989A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9949.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit