Overview

overview

3

Static

static

1

e08707cf50...8.html

windows7-x64

3

e08707cf50...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e08707cf50672f6d35d9a31030d4a5d4_JaffaCakes118.html

  • Size

    42KB

  • MD5

    e08707cf50672f6d35d9a31030d4a5d4

  • SHA1

    30bb928b93c581937bd7b09f0d27020a98597ddb

  • SHA256

    4fc2fc8f3e7f23e44e8d8d4903aa149cc33f4c1467d5847decbcb35dfb5ec7be

  • SHA512

    ce486061da80921d18940f00d636da734b7e0fcef9241ed14bd249ed20b1d438ad5957be006464439039b65dcaa2b700e57d0aaebbacb3d120e83f71b7eee1c2

  • SSDEEP

    768:rbQULz2I6JkdHcuF1H3M3uBWZM2U6Sc5FK7EiegW6s8UzcVExyq3Ro9fNaj3:MIrMFzG9fy3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e08707cf50672f6d35d9a31030d4a5d4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7f1a8f0cc35ec63a480599dde34ef47

    SHA1

    c7b89c331bbb0964ffca7b401ebca29ddd968e3b

    SHA256

    f348e5290d0c81a5a12fa9670c6490ba74eccda4ca7289ea321d9241cd785317

    SHA512

    d2766561922b550960f655ee7205b575cdd4157e38296c4c228cfaf8b35bc3cf63933eef4292b44b054131e82d5c90e4619fa07f241a850f494b0b134555ddef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1958973f1e3d5876d16070da8bda7ce3

    SHA1

    4b3c398ecc77dfe40319164f404599109d7e83c4

    SHA256

    c946277eceea4e53057f775358c9ac2d5cf35a1734338fd9110fd2ef6891646e

    SHA512

    8083d9e9a79f7c08452c6d4868894681a6837426dafeb2c21fd11852c2c8c8f724cd615bd5ec8c5962c21835f9a910a4d8b85056b143ab5ac18ca83dea8c4cae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9eded5159b322ea32e6dc13c71f1e4c

    SHA1

    7e849b86faac3ddac2150a6dc452c524658c61cb

    SHA256

    558d6f5d414bb115fa8dff94adb997b331aad8562d9a8a60f541ad0d10a67858

    SHA512

    2c64f784261ecd0b7cfde9f294d921d1719820ababa6fb4f24949be713749d72ec0ac6c00a94b44f27d15d225c163d22e27a069584eba7de7d09fc87e7b69bd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9af9b513792fdad26f0219707a28e9f

    SHA1

    62e720dbe07d2661b04579c69753351fb798ace7

    SHA256

    d4d6b162ebffd7d0f22dd4b34f3d28169212aba25c793bbd1c8d9b8ae76ea9f0

    SHA512

    fa02c2dcb50154adbcdc4ced185dd473281f1e0716db0de4e89b555ccdfbec8a0a1f76ce4e3410054079785b08699e2eff20c05af79d0b67de306ebfb3d2648d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68595009b932d87ef8a0be13a960d14c

    SHA1

    be38770bf00b6d13ab4c2c9a60b644bffddda2d9

    SHA256

    d51a4d5f17ae333618568ace99328bf88310601a930b3d27abedd94d4e9733d2

    SHA512

    18a6c47a58bcb7791d863b6b8b3399ab4e673604b9702847d20263c707a71d2bd7933fc6e0f0b38b9d7247b78e2c5dd3f410c1daa0b2e477ca09c851d741b8a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77be98f20b16ec0feebf40ee39ad4375

    SHA1

    f587e3fe023c4385a3a21390f3d602a1b3743585

    SHA256

    b51f44c4fb5a1f77daea5bca5e22536665e5a3b642c0f7cb2a027996e241689c

    SHA512

    cf7b74aef1301aba22607440ee820f40839347be5a1f958bed2a9e8641d5712e2a463887aea238036e2e6dd34f1efef9078c3f1209186a4627b857d4365e92d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7e05c95c4dc2f4c461e047533989db7

    SHA1

    acb6d396209dafd64cf672055ebde273236e1b37

    SHA256

    fbd6266cf6052a18ceb0e387e3ce4e5437610a35fc9d13e9c74a923778cc018f

    SHA512

    1b6eaf2f75afe1993e2965ecec75502d7106047b56a77ab9668b05d99fc48e2288d93001d98da23161c3d20a174367e298fea5f1b163b000be31a04b5a66cf7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    faca19e3fa47d2c26631db09dfc9ded3

    SHA1

    9c3d600409123727cd757515b416b420cea259d6

    SHA256

    8498b8e579475f26bee4e15b6eb46954b348cd105a41d777acb565538f44a304

    SHA512

    fa05d5c6fccd2ccba7516b10cf9da8aae4f0fc8f06778280c200ba6f22616263baec1503805e61e4c7c03ce83530f3c2bce62f1431db3ef0fc123347e89b7999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51d5519c6debb7eb387cd005c9525833

    SHA1

    1eb8ade519c488196edf58614313297bbefc6943

    SHA256

    c31c9d8f1119d0d6b1cfb695f0e58435234d9d0ea8d3a59653e43fa5592d5c6c

    SHA512

    e22def67a216ef4e4072846af56fc0669fcdcc856412640d3a7f2725b8c28416a19109b6bea95c5dce4deb1bbe9463a55dcd9c75721eefb91f26d4ea91262d77

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LNUKNV0\8RDYUNKD.htm
    Filesize

    16KB

    MD5

    07104345071e1efc51bfc2e4481409c3

    SHA1

    cb3e82b0934fa0cfdd9206fd5182a88c2fcaf96a

    SHA256

    848e71012426060f7b4a9ceb587de55063edf8bdf3c03f0672e1c291a34647ef

    SHA512

    674aede4deddd145b4020edd4a27b32db3f37f93d96cda511bf1ec0583dd9e56bb88d2f39876685b9f93b5dc1c9fd814d22021e0dbbb177e12012279c5138b78

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LNUKNV0\K6FO134Y.htm
    Filesize

    167B

    MD5

    0104c301c5e02bd6148b8703d19b3a73

    SHA1

    7436e0b4b1f8c222c38069890b75fa2baf9ca620

    SHA256

    446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

    SHA512

    84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB33A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1A46.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit