Overview

overview

3

Static

static

1

ea74194bac...8.html

windows7-x64

3

ea74194bac...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 02:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea74194bac71661cfef7755b4d75b80d_JaffaCakes118.html

  • Size

    18KB

  • MD5

    ea74194bac71661cfef7755b4d75b80d

  • SHA1

    dc00fa0b43c475054c16c0a8f26824511ca865ff

  • SHA256

    1148585dade96e792ba9b6b2509732a00a0bb88e629cb5cd963c7e44ccdad177

  • SHA512

    ac9fa57a7a4964b60f47121ecec83fafb59da451610ed0b45c05ca8373badf2bcb81ce27581ef533e7d46cf1eb69cda4752f4a6a80f70fd50b91749772fa1b82

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI141zUnjBhDV82qDB8:SIMd0I5nvH5svDuxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea74194bac71661cfef7755b4d75b80d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77cd1a05c74b44ee0f94e61818dffc57

    SHA1

    cceacba56aa7f10b7140b024ec35570a5441a99b

    SHA256

    3c5b93d76a034664abfdc38ed3abfe2f5cbded975b0d0b1aab2e222aa92d831c

    SHA512

    25e52c15bf16c7cb94c1f9a39edf0d7ea5984c2073801243575be29aea142ea6c745bb3576dd963ab5589431cdf9271483d82e7570fb3165fe9e79895018db1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dce1f75ddc26077e3e366faedf84366

    SHA1

    273760978408cd588ee4f1b105b972afda6fe776

    SHA256

    c12e84976a77636dcffd3155bc922b32814bec38e7b28cbb7957495fa4bfee45

    SHA512

    08c2af860b2d1119a3b508822804eea7656d20b120e0f03a127ca700f39e05c38af42f9f47052f2085f267644ad1e4fd0d49b86a76b2d581324ac974829c6c67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14ee73c0678326563ad722eb4d56e77a

    SHA1

    0b19e95e4e9cdcca52a1f3b603c7d6aa3310aa97

    SHA256

    97ae06b2a483f23907d13a04e542fbee2f02f0761b7e5314e0291d9dccff79e4

    SHA512

    b392a57c0740ce5a7eb5cafc57dd2d78e32bd32942ed61a389a7f3070e8cbffbe4c2878c4452ba4c29b3bad0b546a8eb649c23485e78beed5af5b6104eaa0002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d67c2a0b04b36ad252b4a13c3ccf19dc

    SHA1

    b9e218c8c002e63065c0641c5716cbfb32fceb74

    SHA256

    56ff6367ae9494d562178b84a3ee9dccba10ec0715a6b85913b8931e29b4c1fd

    SHA512

    641051b87f44954227f626c0be90fa1c603fa43e0a1620b186af8146462bff6d12a8fb2720e5a1fc4defd0f5e206a9ea50ac05ae269051bf12e2a6adc7057ce0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a9d4b05680f716928aad5539b4d2107

    SHA1

    0004e92a1c74c86e1d33775f6ebcda5fc5c544ac

    SHA256

    cd3775b872c720576e18f61c41b355c121d690a08eca501b520bfc8c8946fa84

    SHA512

    08585eb5f100337452f318c34e196a918d33f0456732a979d78c2e65cef7e8871e64169ea708db7e7f9d648c2c0edfa8745537cdfa849b54d26b8ff4b1a73d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    300aeef182af3c8fd545b83263e808e8

    SHA1

    93d47827af401a010a9646ac1e293522f6fca05f

    SHA256

    dc554d2d76c54ece9d299bbeaa4ae64fa03bc4fa9e1632a815b167906396101b

    SHA512

    18f3f08ab321f3fc671757c13e2dad3ce20de4a71a5e410956df8e99108c1c461084f9f077a65799c9f58bf1721ebeed2b8941ca1c52c1bd7ccac8c590c5c608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    412cde59a39ba16c9787b729b80b9e67

    SHA1

    2b96565003915ac7fd36bf254b47104eb2cde7a0

    SHA256

    d453379dfe7e4700a82dd994207a7e26e9d7fefc750f98e6cfa4e5e7c73a333d

    SHA512

    a4f3acd1054f7432c015c1609bbaa547e0f3f4bab4a08a48bb4c16d50d49395c44346838b60b62f6ae4fbbf9fac521cc695a0ec2e1de66a2abf819cb013459a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a23a8ef89cc717eab67150ca4655dc3e

    SHA1

    d45b0fea98bdc7fbd391e70a3b4ee95ceb75bb76

    SHA256

    ae0d1a0a750bdf8bb2de8f340a199d41aabc9cb61ab86d5d7a206f78a616037a

    SHA512

    a78d36c27192129e6bcfce9ef9afc690ddbd90ff1d7e85f767a7bf17dd02cda049b744bcf32c4fc5d725ac2668831f4dab8027889468572c99b0bf15b20ef58c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd0d2e519b7f98f01a1f4fd9e0baf6cb

    SHA1

    661c808b35e2a5d59013baa1d16b562ce54dde32

    SHA256

    5eacf7ba5f51630265164f6c7b72ddabf9b9ca65b93df9f82dd687f8c209a902

    SHA512

    e7c76ed4621cacce73523712608caf6dedb65181c2bbafd3e55bc4c791bb4f7ddf78e0fa8e57c470d1f87c70c7018e701ea9b1a29de47c8f67a388f526b31ea7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab81BF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8230.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit