Overview

overview

3

Static

static

1

e262a4022d...8.html

windows7-x64

3

e262a4022d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15-09-2024 11:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e262a4022d8f7734a56b7e4f8192abbc_JaffaCakes118.html

  • Size

    18KB

  • MD5

    e262a4022d8f7734a56b7e4f8192abbc

  • SHA1

    6d8cd98c181d64fbd76c233a363d84cd4cc923dd

  • SHA256

    b291f3034a64efe83b6fdf23d514182212baea0dbf64b0c66d17f8aee7dcf127

  • SHA512

    d4104de2f8de9702e877fa8766a834e8126ede75e12e934ebe7debc820e4b7864f1bee5c14888bf5cd272c57faecd3e4a45a91f4726e06a27650ac4c29935406

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIA4uzUnjBhas82qDB8:SIMd0I5nvHDsva/xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e262a4022d8f7734a56b7e4f8192abbc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c02d1f08e9b736bd6d3656384612189b

    SHA1

    ec42f3780adf172a0445809fea210dee6088e0b9

    SHA256

    773ac8dbb71ac15bc309388506f3619f6f4da156f21b5b107ff560ee00f64a7a

    SHA512

    db32a6b66deca8bcb87b3b7b8b0763e6a779ea1ad0e6229909404d5b48e1c441bc0b3d77a7e9f958d857a721657294031e7d28e8e50dacb0727b49648bc8972c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a364ca10aa55c23072698f2b165f39f8

    SHA1

    c3716fb66eb2e84c0665108ea7f02bff2fc1c7af

    SHA256

    93976d004d15c00a55c3a3fd4d0564d3f482653d5ea7bfef726ddc823eab40bf

    SHA512

    9d72eb725683dec261550231d9e8669641ed3234672177ef8aeca3043c7e6f877abe8b1a755ccd54ba87f744ba29c96682ac7f34b085b41295a342d1f2ffe455

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    643bf6abf796b2c2a8714d7fcf05fe39

    SHA1

    8f552a9b34b4f6e8d405e8d4659cb00ce66e3597

    SHA256

    3ee09b01f0555f58b1c2c820aee51aacfcfaf33a215ec88438193989d82c774e

    SHA512

    5ad59545456bda0f7f74e14dcdda071c36e06ff5ca8458209378e7d956cee91315c3bcd7f0513d22348b21ecfa5051f611269d0e5eb5754e494d240aecc57c44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ee14a628d7d4160e761859c3fa8fc6a

    SHA1

    8af1abdebd9305e5d0cffa6cc43c7aa17778d25f

    SHA256

    dc8ee920cea8d963efdcae9f63ebf4da9c36edddacbe69612aab9b0b6c72b692

    SHA512

    fb5d1b3935b74c7fb95f9d57f1546e5e1c70f7f3fbe94657a6053e619c7961179d1b751a7b83bee8a5c934a4cf2dae65562d991cd74d19420f2c2b2600ff6282

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8097d1410f305e0d16ce256a225c9d1c

    SHA1

    7f27b3daee5a273ac8c940caf4dbaba8f3673dc5

    SHA256

    3b1f537f01e8a74d4c2c8b4da4bbdb8d7a8e40228c85da9bb30d81231f49164e

    SHA512

    f9c73af8a88499ff27c33367281aca07511ef8a7ccf59095b41cf1262eb227ceb5192432a270d46a9a68b47e70006a4d6ab55689d39e5e317afd62e1eef849bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dab5f0b52bf924ba412298e44d8a419

    SHA1

    411ea47c6629b1dba1cae9a7cc681cc271290ee6

    SHA256

    5890267f6cabdae926e7520418e29f3199b405872194dcd757b4be23ebc2172d

    SHA512

    eb4c8ec07532ae16d67576cae6e2d13461d926206be398d408d140c167d14db60fc966edf8c07f574c0fdb463d8a379c93b78c3857dc42bc49b6f3152f1411bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94da649bb91311f41a3435e178761568

    SHA1

    5021e28f95adbd7cea553fc631b24cb87d0620f7

    SHA256

    71844b06555cb23517278ad054d3f85e85ab77e8ed74be7f31c851a6704a281c

    SHA512

    f1b7bd687063a328370120a93a330f5bbcca603497df55f3deb57000e43977557ad0f0e0cf73c918d1554b665511c922904ad39f61a24da711a94ec917490e1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a08435667d21a6fe0093135ea258e165

    SHA1

    d8dc42d7de22a1350d264a8d127b812188b27b5a

    SHA256

    ab497bc555d17fd54544f9362dae0d6f2496f5a4b3257f320728b40ab91eb45e

    SHA512

    f0a812162cfd02e2586d345e00e376cfbbabbd7cc83c5826dc764715ebe70dfc2967bf7ba7c684a8f2b0a633d130843f364fda14ed4edac37aa8ee3ae0e5e170

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC8DB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC97C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit