Overview

overview

3

Static

static

1

e0ef950e90...8.html

windows7-x64

3

e0ef950e90...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 20:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0ef950e90cf488ac69c09448cbb5614_JaffaCakes118.html

  • Size

    20KB

  • MD5

    e0ef950e90cf488ac69c09448cbb5614

  • SHA1

    3166e8481fe70b24c38b4df86bcd7a3011b91455

  • SHA256

    9ef4c5d1086c15accf0d3f982b980081fbf7e514eb69ff8d4c60026b6e6b5145

  • SHA512

    d59cca07386fcbb818f7844f49fbcc7d4014375da7ba9586e6490a2d5b7f0cc39fe1b9b97e71d75393897d6f4458c3a2f01cd4fdac580a7910b968d595890f13

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIkoEHEmEtTwg2oEHEmEtTwgioEHEmEtTwgmQ:SIMd0I5nO9H9svrWxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0ef950e90cf488ac69c09448cbb5614_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2342ee70ad25f9b6b539f0832b141163

    SHA1

    9a2da61a73083e1df5f569eb8b4c787c5c81e5f5

    SHA256

    974b4f61ddcc218a39d850feb88b45e9309b410923fda518b35ddcb0175af231

    SHA512

    103926c01d8e14fcac9ee14e83701f24476c9c1bfd28947b0d62ef94fb3a852cce17e9cd61e1fc88f637b4213b2dc1f355e4c6698bed754df6925def18cdd775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a37d6d338fc470c2c5be5c8210d3851f

    SHA1

    66081c9344312ba257f9613b99f6368ee7f1aed6

    SHA256

    ad7d9fa53569d393d095f107f6c80ac823882d1f3b657686fec4366f3207175b

    SHA512

    de3f97654beb79095951d30582f4ada1ecc9189cfcd1b42102c2b2f1031911698339b381ddfc872feb4c8ce0032ab269c4d3b0ee83c32e17da68de797bef73cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa3b0a6e6f94ea62ccfee7e850b7aec8

    SHA1

    80bd280c3f69022bf648226cbfc201942c2ddfa5

    SHA256

    03d0a12b09ba4dd482b6f418a4b2155bd262d4b6814eb9c55f53f6d48e3ad2ca

    SHA512

    fbd3e82b5fab43a2f3859010977f5dd19d5897492abc2eb82886b1ca36ee96f9af809e228678f558fe82efd8dc735ffaf9114cec777516ad612e8d8435165e7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74d0fd2e73293242a0e921d35ac306f0

    SHA1

    436c463a8e5579c2cc62599b556023454674e7f1

    SHA256

    2dfb0287baf8be2ab22c874174e82d88ec6bda6f8b07daa8208cc0454fb93f60

    SHA512

    9ad67b46ae5d93ed51b65f3415588e9cfdc361dd7eb06ebaac19a01ff7b960487ae027ea4d15ecea8cae2d6d2b9a9c806603743229330d000bfe5af56d536b72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5be8b7df0736baec5d70173a107a5a7

    SHA1

    2dad44f3c5dd945eed48aea9be56a8216ff61921

    SHA256

    b84b2884183786cbf22e2443aa265869e3eecf2763254b59f27a5d2b541457c8

    SHA512

    da0eb4e688a29ab719ec72c98c509b305ac51e5e12e1e72edc36ae61f10d1dd3dc6e42bf15e94eff6abc605af18a55e378e4cceb8cc2167f7742034888306ca5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d863179babeeccc4161754b482526ca

    SHA1

    ab19a46f2dcceb92ad2b25b43e100af58aa80cf9

    SHA256

    efeb6ad2df4383ee621e74a7bc06f06b65f13dfcbbb5070e983813d55ce29683

    SHA512

    c440c05fb50a810c28df5678195d99697bc7fce02eeaaa0a291be795143261522b652986043adf54a262d88715d156d5b26118519379c77d1b7beb827f8aa0c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    469f93bfbdd80bac100faf83d9fa587b

    SHA1

    3cecb8a95737a54e93c32cf04987fc18e74df4e7

    SHA256

    a86dd4b81be8884687874bfe3dd8d11325d6f4f07f95a3e7fa9cc75170a1dd6e

    SHA512

    eee43d7ae9d920cce3556f923f7bc2a5e0135d1cf059aee209d73cc8a5e86406ab04eef19030afdd08649076df98c237746cc1b27983e79314e5f89a62986df9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    968f993dfcb0a623b9097aef3e2caeaa

    SHA1

    3b2054ffd7b0389b3a59360798082c16ebc853df

    SHA256

    7137c50b38a4feab9186f605e8d92799eb88e5678a74813bea277e102f519612

    SHA512

    73d70130db21885763eb5cfc9bed51b142dc0474e3b6379d765c2e5165629e4615f21eccd0f490d4b8dfb97378593e752da9872a74994431ef3d0b9bcd7c7205

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab80E5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8165.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit