Overview

overview

3

Static

static

1

e01b295df1...8.html

windows7-x64

3

e01b295df1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 11:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e01b295df176b93933279a23ffa66e8b_JaffaCakes118.html

  • Size

    18KB

  • MD5

    e01b295df176b93933279a23ffa66e8b

  • SHA1

    b55bddf1ccb5648e0224f12f19ff756909c017ea

  • SHA256

    4dc35eeb15d152547c9b99584960bd9034d3e8ecb564f9bed0c3faf851251aa4

  • SHA512

    ff2cb76214e91a722efff8c88cf8eb2e9fc5ce54eb9ea08539487c45c970b8604f97d06915d3a77a03a4b546faba6ed38a18056e5d881ef27fded33c8d00062b

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIU4YzUnjBh8m82qDB8:SIMd0I5nvHtsv8lxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e01b295df176b93933279a23ffa66e8b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bba1f214f89f024501217dd0baa327d3

    SHA1

    090426820cafd682a240436810abe4f74d297fa1

    SHA256

    71b05d5a8d64516f9eb11e6b9aea21d119c9d85dc9bc071aed6c1b6d0fa797cf

    SHA512

    fa7c1226a827611622fd03414530c27a67cbf49b7bbd38543ce1ab79cf1234bcbc75db66fb7cb3354104980262c8e6febd163266ccc1ac5f22fab958fa29c07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60b219ad45b1d49d326de2cbd4486bb7

    SHA1

    4a20ee0acc1b067c9021e27e4acc0833cf8e1706

    SHA256

    46da37210dbce6a63b0217d138dfa7a711ebd89617b3409e21b50e197d4b3fa2

    SHA512

    9c757c30a3d6cccb2d9c7c5f1556f2729e016f6036d3c4eac361f29a026f10b7f9d6c86902ad26eb1b6302b8f811d4412e95c46f260dc27430c85989777419f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    980eb6bf51fb5558af933fae0a54fac8

    SHA1

    15ae6b89eb000f46f6901d0559740d1c04415a6a

    SHA256

    c9c494acf50a8878cb7ce33ea4db536e38bd3f445963aea6286aa20d47c17881

    SHA512

    b0803a0216d6df65b4609ee92eba2c9c5f37729aa65cf6aa23a33b29e54f6d2765d62ba581fc45add379b1a79adc9f9e2486992352c0a10c5d7bcf7f0839f8c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a72d5ae7a07d36a7981eabcee0778825

    SHA1

    af09e8ccd9c728ddd5332e5578c556654743aa1b

    SHA256

    3b7c54541c66670052a05d181e01c3355bd4a37e0507adf9a6b9ff15ba5d305a

    SHA512

    b48b5d19c3d7fb827726ae81b607494c078e1d7337f62b654bccb43868309bd3bc5db102b1d274d0965b78aa899633b88d18120ccfb2c00798f615866fc531c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55fa2a240b9be0112322b14a1f539579

    SHA1

    a4d9fb99484847052386e423c4d323034453fe78

    SHA256

    4393e6d56382b5552f5b7e5435d8619228886c1df6eafd68dcfa64828124ad59

    SHA512

    72e42d7e6961c76bc62fdffc3eae9d682fcf920cd569f7d5bc59db9ccd6f7a7aa990afbfd74fe26faa423dae95980020b8e93d8a4513ac01880532fe16a491ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5012ee53af81f1665159c1b9abe9c0ec

    SHA1

    c8972fd89165b504560996d402f42b47608c776d

    SHA256

    f363fa0c6838e4b038ae66fb02cf959f77fdd2e8e38f4b760e9b70cf46b766c0

    SHA512

    a39d98def0fe705ff09147f5bfd13673aca55f554ab56f302215541ff6e1c2973524c312fede6768cf74fb7ca8f9fa6b4392cfa590dd4215e565ffb0e6aaf1bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bccfe9c574213733d095dd1f82e433cb

    SHA1

    5667dd179af0619d1bf3fe29e17c96b78219cd88

    SHA256

    9e7d0bdb5c2868181203c7536646d04d9dfe82760f4372a2b9248fd78f6b3af1

    SHA512

    0f3203cbaff3f0f25b4615ab5327a304eb30c3aa39fc151765d0a9f277e3b105b09fb110710d41cba0a5b1fc4eb82adfcde8f6d5403d69c0bf9d1a2a60eed89b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    049f4e2cf6f3ad0912dd01fbf6adeb26

    SHA1

    043149ef9fd52cccc3c9e2c1fd986c48bc3913b2

    SHA256

    15495fcf26640bb520540c4334bbbdfdf30826861cb1b03ac5c4ed59493c7b37

    SHA512

    45ba4831096632f60d97cedb546fc9cbbb9ec8aae195cdd97b86d79759887e8530345d61bd5a96afe7ebab1c99ec591c74bd0b8b5924bdad5c1a0dc80d03d2f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c29ba4014a84d4c0d7f06525de054a08

    SHA1

    8e0af019d6a75c8c688ad931faf71d101c0a6855

    SHA256

    464be7e0f9c779ad16d073e9ce6b72a29ea5c8444ade11460c5a81bd24a5ce72

    SHA512

    c00ef9f307ddb8cdcd1b5cbaf4abcac8e6b89e8fa9d281a5a05aba8e0da53437ed55e5952791b23207dc5598c9f1d880715fdfa5dde6fe3860c3251d739fc42c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    386f281fd7b6b3e3426174ed0fe1a4af

    SHA1

    76dfeba1c2810862fc9c91c6781d175c3caf513a

    SHA256

    5a9eace7197f2a2370b109b7c2516c2307280655afd414dea70d38b21027824e

    SHA512

    b2e05c5928ea01a097a5bb7199e5ce52db95052c6cdf2dd1d3fafeb35f13f16ddfa1ea9d1fe24cdd0ab5e41c23aa692df316046dce3fd29f2ab5935eb73aa690

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f7f0404de11c459ad26ee8e2128f1ff

    SHA1

    198229a46b0a7b7bd1a383505001aed767f7ede2

    SHA256

    00f0b5dd6dddd7ba6a903673bc2c3afc55b8f9581fbaf2b8c08b523bc4182ffd

    SHA512

    51bc353df69194cb845ba827c8cf6d0b871f5b09bf714aa1aacb21fdedce518c8eadc4c4c97f6ca082447f83306acdb7b4ff18522715729489abcb3fe0fe68d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE7F1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE880.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit