Overview

overview

3

Static

static

1

e09c315903...8.html

windows7-x64

3

e09c315903...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 16:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e09c315903f171b93de733410e50c75b_JaffaCakes118.html

  • Size

    18KB

  • MD5

    e09c315903f171b93de733410e50c75b

  • SHA1

    36520ffe23d87de45fc068e481c897dc376aba3b

  • SHA256

    925ce2e3e7e294c78d6c00c116205bd6586b50d6c40c44fda0051848f228c7bd

  • SHA512

    a73ee4f579cd58981a4b363ff3845e8b060ce059150ed45c268b10771cd217647bd4c187e0e7fbbab946dab80a2773c1134acdd36c439f243364b1bad9bcdd7b

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIV4nzUnjBhRL82qDB8:SIMd0I5nO9HVsvRwxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e09c315903f171b93de733410e50c75b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          09a80c4f0dc4e6f2ded282c4bae71b36

          SHA1

          490987d7fa68a7413b0e26d9989e76e5365b9a91

          SHA256

          9773a943de3a92e1f806d37039ea87414f6199eb9b0db07c41c7597d0cd6ac07

          SHA512

          b95397460ab8a3d0757d1aeec4a5737f3df8dac00642ae846c9d166e053ebce3752f394af3438b964e1bd463e6e8c73e8c1d55e0c5ca3183a0c151f93a73030e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7833bf4864150195c22baadab1b408f2

          SHA1

          fa5911fc4d7a74664f056aad45e7a773e904801f

          SHA256

          53408d38e7ff3cfc36aad1ec866589c8217644c6231f59b4c8daf632a29ccfed

          SHA512

          7b64d91751e49a6d996cd6aee892e67bef15823da7e0ac395fc05cbf2e7bb6c9b83e1de747e2950fc3acfac3273850340b3515bbbd5dd468ebe07590b0e25a85

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bb18d6400bc12fe212792faeb8eafdfe

          SHA1

          1af788c403985303fde20bb91082f9764b2cd039

          SHA256

          cc58a052b9978c7f5247959e2ef0b59eff4bf810eb3279a1bc477d1b35b91111

          SHA512

          8c9fbee59a85a9f11a8da3dca7f2e9905893ef2a545e69cd03ee6a0f994c367196327176b7f589c00340b24f0c200427531902a7c492660c28baca15c5f862fd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3d07205551ef609b494f7d7120efd275

          SHA1

          37e99df0f487c339852ae3fa211b1c430a1c34f5

          SHA256

          e14baa89c80fa84065b406efb305bb87e409176a4516db9862bfad16bed4ea58

          SHA512

          f3a2074f32bfbe1d264401e9679d3d8b290e6a34b8fa223e17067e2c125f54cc8056ba7dde8b1cd2b8804a4c2aaf5dcf061922452d628868e78fbdf2467d22b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cd39c9bf297687944be99ca74a5ac8e6

          SHA1

          1004996fb6641c762b4c70c6ba1c9b01fe54491e

          SHA256

          acd0f7c03efa5c4d84dd7bb32e802eb0934b51d50aad0616f252e03cc7a5f3df

          SHA512

          3724d4173b2645143452aa6feb2c05fb1ac67eb8adb780686e05e3276660beeefc64eefc630b99e1efb3ec0a1db2de26869181cb79603ab9b100aaa9806d9ea8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE9C5.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarEA83.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit