Overview

overview

3

Static

static

1

e0a2cca816...8.html

windows7-x64

3

e0a2cca816...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0a2cca8168563903c378ee9b15be979_JaffaCakes118.html

  • Size

    21KB

  • MD5

    e0a2cca8168563903c378ee9b15be979

  • SHA1

    ac17abedc74c4d74a6ee00d85a9c17f3fb170248

  • SHA256

    322e075835944c8e3008c0148d3f0c1e11237f68a8a3a621cca27c4c87862db4

  • SHA512

    ff47e3f1690266b5dbf8a151cd31a8bd7af1046878322655a6f4d1e8c0814b7202da917d506d2eb98b854be701ebe5d4dfd0cb617e1f79ec334b9cf8e7aa9d10

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIv4BzUnjBhrd82qDB8:SIMd0I5nO9HtsvrGxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0a2cca8168563903c378ee9b15be979_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2476

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6b7dc7f2f6a0595067594428bc4f1b0

    SHA1

    9b0159f5b78e0bdcf1345296261ce7d7123aec82

    SHA256

    a78e080ebfe9fccd9427fbb6a882c9bb026d907e2a7289b4349703e2b7a968a6

    SHA512

    9f2ddce72f75d7d6fb405b25049898631bfd9c6ae50395398f6c19f2af44b6a228928efb46d343af85d004230da240dcbac836219dcb5742fcf2e53527c9eeaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed9c3fde76aba9e4b4d56365ab0209ba

    SHA1

    4a34b7c215184f3b90fef2daef56c80d23034c56

    SHA256

    62ef5c6665730f258378fd7f9ad0a35c8ca2da7f82d655ec780db614eabe2458

    SHA512

    7f0142c545308a1e1683bf1d88f3a7b038374714531e749f35c1316e5e433dc763c0926d19ce37bde534f25baa99c9b76b2bfe39bbcd143c2be166c981c87dbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec899a33034be119e32277744bf64375

    SHA1

    6798e3a9e55f162fb15f5cd0eb13ce816fe0c503

    SHA256

    c2ed6e7250362f5e1cfa92c77963b2e0dfc48fbe251cbecdeedc11c90dd76d83

    SHA512

    591eb30427d51922c91d1b884ec712044358441ae4e356816078bbdc3079c309c8d0277a8b7aa1344b346a752632919d0ff5136f765073718ed14f35c565895d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd488e9c1483d929c7619da72d60cb28

    SHA1

    dd515ab05142d799421d754fb4d047c8b1ce5d17

    SHA256

    e705f23422f9d09e61fceeb8d9703341601bd00f702f5f34fb7fa1b3ca115691

    SHA512

    c5f38b34f546a694cd140eb7eb4f23a2986e13632b1f90ffd90a932e5fd03872942b3d11be10c303936ced44be4b22811b72b053971b0c1669948c3dea2569c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5af5aac7ad45367a48f548c3c623485

    SHA1

    54cdc6753d2da79318d4e6b9043038223543ad13

    SHA256

    259727bf43a4af4bb23f40d1ff783863aad956f05b8f2ec22da76d8ac94aa9b7

    SHA512

    d0e3e0f4bc1cfa183b75ff2ece45d98338d5d83fe7580c84245a874ef536d8aad770accdeebe23bf70af3d063eb08fdcf4b29e46de63c4727bbf4ac26f35fbac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc13f621a05cf18b69387fc3cb935ea8

    SHA1

    93e439669e967e4c258c2c586249ab876cb116a2

    SHA256

    a53c74b30b3a135d94a8b85f595720355c62a0c3a2b1a72c27642bdbbc5dc814

    SHA512

    bcf20daf95c5904dfd08fd9d6d20739f49f86fa4ae1d3654db45a1a6411c6a1e3f0dcd831e118f12f5836e1d5a10110de3070ba87b2092ece31a5f35a9d851a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0ccf8364945a11feb2eeed0566f058e

    SHA1

    b88f36f83c7a3c4306fd6658f0d5e52a1e73c2c2

    SHA256

    8cf9c32fb7cb355b6a38ef3460ecec5d155b36ee4df0968aba72bf81f4106271

    SHA512

    f2344c8fefc44bd256ce915f3ec679698bf301276dbfaa2d71a61cbd768fc6f96182611c82964f685413c2b274ae34a419fd6d777c429c717219db38e0b264d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    338075cdf443d711e4f5d2f5e36ac96c

    SHA1

    17412c8cb829c7636401dfe7619f5962eddc34f7

    SHA256

    5515f4133fb265467b5474068f7a2dc545b7ee97a0333fdceb2312b556c86684

    SHA512

    94fd313481e2686e18b873c5b22f5c3808ae6fa5abf2fd88ef4e40eddf6a2bacc2ebb58613022a4ecce052550cc3d41513ba3d15992ce86b8dbd9f13beceab08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da149361c3b2e0418f0f72a57422e23d

    SHA1

    9527d451a57abe7a7c35767dab7b9310e86b6cb4

    SHA256

    c60da87a4aaf41653d99ac13ba23af6012f4229aeeef199a33f46e9c9f0e0690

    SHA512

    fdbd6e506f1312d4740cebf54a428099471cc19a1b5761a79a0a18c6d7b06df10eb55a124e3b0796317ed91681e6ab462fc074dc15888d20b0d214dde6a6f4a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8AB5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8B63.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit