Overview

overview

3

Static

static

1

e0a8de61fb...8.html

windows7-x64

3

e0a8de61fb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 17:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0a8de61fb87493bd7be0db9d9f82e4d_JaffaCakes118.html

  • Size

    214KB

  • MD5

    e0a8de61fb87493bd7be0db9d9f82e4d

  • SHA1

    c80c6f40d9a5a40c8f4ab16d2324194eb5a8ad30

  • SHA256

    15f9bd5c8a1b85b9b7ce5b9b6234bc655242f3b9cb2aab42729ba483e1af6525

  • SHA512

    312adc6fd51b9240df5d7a9d6ca0a5d4dc13785a34372ec3cd63e8dd288cea2cb7e544f31ca8dfc5d18eedb0b9d7f0ed3e0b484453c88e98dbd606b5e13a1a43

  • SSDEEP

    3072:4rhB9CyHxX7Be7iAvtLPbAwuBNKifXTJg:gz9VxLY7iAVLTBQJlg

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0a8de61fb87493bd7be0db9d9f82e4d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c11aa60ad5cceedf4cb2e4a86d23c93

    SHA1

    8b478e6b7bf1cfc3163f5e1c1a70721ad2d9fa76

    SHA256

    c97c48ddc6c774dc189332448661707505b371f894087df08bd3f5da37be518a

    SHA512

    aff475886266637394d6a1160d4cf1a5acea97fc98aac2aac7613fe0e10e2824ce1ac3c7c10c1c8a89846ff3770964941e29d5d61416fcff8b3db24454bf8e0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab69f709842aee9dd4be778eace80386

    SHA1

    207924686df10bb3491a90c0177283d52b7ad195

    SHA256

    b1f856cc83ab6bf6d6d798bbc1f1ec5f7b2a3bae5405b361f2bc3fb18f9833f2

    SHA512

    d90c254abdc49d19531a13ba6189f39de6ab7becf8478aa3d37b670eb95c4e609c5f8145eb7106fb0a0e8a2c6ed7677a15719272c492003f2eeeabb7bc77d764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f045ab67fd1a650ce7e86b34a33af71c

    SHA1

    345b06af67004324214157ace76b7a770c0531ab

    SHA256

    bdcd68522d0d6fd4301a8422598684e3aabb25caf18315b49aa73ad9d4b62f14

    SHA512

    0727b1d4cba7b8901029ae9a1ea63eb24e2c407dee92c131992b5c64060c4eccc8ab06421db788ac42763c44334967cfff8f4c5fa4228ae775a1647aeea399ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac910eefd80ff184b143430f46357377

    SHA1

    3993c4f799893a755cbe91c12c4c370546fb3672

    SHA256

    afafdefca7379d4d2e8c4fc9a74d3fd30938b03d58f0f0428f2ba62fab337447

    SHA512

    3a968b5d943e551e8a116d9fc6f4f09e20365276b0bbc1b5c062b067557c8cee58054f54a1cfb16e704e3c37531310eff0b32d6fce5725b9ed9a8f7fe0377b14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e70e2a97fd4db8a4b1e8ae917faff93

    SHA1

    044b6ddd386086bbcfb56948e7d609b0415964aa

    SHA256

    26c2b679e7b86fcc6ecb7b54ea9b1497b89a520c8aaac94a5148b2447f0db8c3

    SHA512

    0432413fcf9c9bdc6baa431215ac709ab6579a6bc619db9082368890962b440fc2e16d8374a9721955c7e80ce08612c5000a4897af0597d4a4200f99e0bca31e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ac1a252ff4da1f1e0ea2ed38b7cbdbd

    SHA1

    2895ecde48a0bdb94780cbe185e3ceb01971a101

    SHA256

    273f5ba12eb65a37858ba209f419ccb076442c59516da7c2c615305995ac74e1

    SHA512

    eff2ed98d71b1d4f37c4b538aca47770b99aae0ba7ef4665bedc32dcd5f8a86c9761b2c006b97db4ab0f82f128ab6af07fa4a8e76c854faba8e0b9e4fc7388d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab171B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1818.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit