Overview

overview

3

Static

static

1

e1bf4923a9...8.html

windows7-x64

3

e1bf4923a9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/09/2024, 04:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e1bf4923a928c95f518d8dfd48eb460f_JaffaCakes118.html

  • Size

    36KB

  • MD5

    e1bf4923a928c95f518d8dfd48eb460f

  • SHA1

    6fd6ad4ee05557b8407f56408f4f4b7ad58b6943

  • SHA256

    e0236aae090c32cde1218234e661ac417128efca0111f4d139a9aba5b918276d

  • SHA512

    acc8256de5a7ca318787bbe3a9830e358de95f537a5cb1e032ed7718e6b63ec6824bee34e62d623548539000b9d8b8eeded2ad24f662efc328368ce1763cfbae

  • SSDEEP

    768:Bl0T4i2Sy02f2oTuwLS+lD6/uRgUNIilZL0E/hzE82eYJ5i402XLZuCFbq:Bvn0+R6wLS+lD6/uRrr0cF2hJ5i402XW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e1bf4923a928c95f518d8dfd48eb460f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2000

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8f605737686b51756e103aa8b662a89c

          SHA1

          68914f0257a28a343007f150c8ad5f01e5b727fc

          SHA256

          ad71668314f135d11ca2f05958403656aaa21eb6a82fcbb6f83e8157d224d56b

          SHA512

          fd7be6a8fa45b1c6bfba8c6db74ef78a81c5553a089d6eab43ec341da2cb97e1ab9f9914395164825734c1f688239130481dbad3b930a2eaaf78f7adf0e6ec24

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          06739aa4aa574c3b1a59d30c4ae9bc52

          SHA1

          e83f029d44227309409adcd1e96ec8f267fd1b65

          SHA256

          c5a2e1146df48ebc1aeda622d57ee758fd82672e530dddc3ee56ef80069296bf

          SHA512

          ced1c5ec704ff51c9c691b6c3177bff78dbce9dd1002c76992a07b03cfad78152eea3918fafc96a87d772301e666b6faeff070a4022961a4282c1b0dcfd6ff60

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          78ba4f1ba7012f2a9b8e9a52c888b6a8

          SHA1

          ed9b3d2d42defd8dc76878b8dccd592304f953af

          SHA256

          3254a1bcac0f3dbbf177a27dae5a60b749fc16bd64a379b5cf589fe11d2c3ae4

          SHA512

          dcad988905a58b077e1f0ea34c284b761d888cc4bac40b86a44fda833a54e8c1ca96b877e2d174be64416714d6d62a2292e5241370c87dd9f35f2c1b5b0ebbc8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          acf32cecc2fa176076504a7142fb39b5

          SHA1

          96626ba139a5bca675fd6e40f646aece05f5102a

          SHA256

          c296690e5b1e78540020a8dc1c1db196e03cf731f3bd0db0c8fced0882048644

          SHA512

          93dbab90d971df422094c00b6546bc09aaf79787b4b94eef2217fe852b862e6b0f3baebc60b8791f7925dfc7808eff87b6723e22220448c5f30c4e4b953f5e3a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2fc763f23923a3ef85f9629964353591

          SHA1

          203b19ade2ab7e51c8438c32b2698e1e13483467

          SHA256

          c0331ff04bf0756fddd476aaa7e7b5dad4167f002a91522e65660012ecc01b87

          SHA512

          31cee292b4f2e820b6b3bf88171e39ccc0b3e4685b1e9e965ed1e67b81064a96ce3683af6f591a9701added38ec821a6e81725975cb6842351570dedcc41959c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3bb31e70d5fae18c869213ceec117d08

          SHA1

          94199dec2bced1327d58e22946fc63ecf1f6639e

          SHA256

          0ee99702ac25dae213d71f5ee95ed84437d2e02e9e47d0b91a83d295b9884c80

          SHA512

          31f7601f51c7f9fd825d2ae0fa35f38287c14f7ded4cb196f96f3f3ecc0f16dd4744832ace9a5fcede66c053940ff90cb5586adc0f3c1b0a7eaea3e647b75f4c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cb0ff3c4ff99db26c1ed9e947e468e1b

          SHA1

          fc598df3ac30f4ceeb640722021bced04024494b

          SHA256

          32d2d34b21bbba2031b7ee3cbd5a89f0ae91368c83ca57b299046055cd8b0c2c

          SHA512

          42f3d98d2962032159dec0b55bb5ca43c1a0314129a91fbf46a9022ca2180688b91ca88fde0717f5a7f4c9cc807ed20b4e15266307dd38882262590cb620f05e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0117ebdb4028327d9dbfc439aa0ab955

          SHA1

          d39d41d578ede8bb227fb44d38b3cddc1e6b8416

          SHA256

          b8286077e9bb01b6698c416986ae29cc64491a646e52fd929f111dd5875dff72

          SHA512

          2aa790d26ccbc17653ce0a860e061e55a701f60ee4491d7e8b9c8df1d8f6113d2c8685fd554e71eac3bcb1ed42cdb654f5a9eb68adc8f6491f3a275d5a3f57fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5c0acc77d2767573cb5c0fdf78b5b308

          SHA1

          0cd7434b96bfc0216ad9d07f244e1ea6da369829

          SHA256

          61640aa044534e0ef89866387525be22ceeb3463ca7307deb7f26692eb8b6de5

          SHA512

          4b3006d683e74c78a448f7c9da04d6a4c8707066baee58bb22275de2810a553abcf9ded2c53bcc3ec3cb503bb91d437856756bd7fd139133f6152f7724216eba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0a07bc569cbcb548f7257b21f35b7bea

          SHA1

          d86db9d90828b49c52f18c90077e907c2934ccd7

          SHA256

          7d7cbd1931dfcef2d9305c790f1698c2ce23612cc3a32c3f30c40f9d2761417a

          SHA512

          e2e20aa6bf081dbd160798681b3eade84aab75d6e9341e81cc7a6e0d7de21cb7a7d7fadd7897c352b585a82b93bed2f95bd99dc2d112eb5709401648bb923a58

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE053.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE085.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit