Overview

overview

3

Static

static

1

ea94e40e33...8.html

windows7-x64

3

ea94e40e33...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 04:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea94e40e33209e27ff525b81c2b42eea_JaffaCakes118.html

  • Size

    18KB

  • MD5

    ea94e40e33209e27ff525b81c2b42eea

  • SHA1

    eb1b49b57b0074d7bc98069f378a75f2eb864e23

  • SHA256

    4d8b631cbe31b78f78d7249f08b5771aec487ab05910e3bf51959f8f02714cf3

  • SHA512

    21f119a1a8e7adf4c87f92e335fecc2e0489db944dd237d9372ba8f88c737dc86fcfd699740752ab1073eff98fe687e1b9b0465af71e6bba48836e3aad209d10

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIq4OzUnjBh+Q82qDB8:SIMd0I5nvHZsv+TxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea94e40e33209e27ff525b81c2b42eea_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf604eac6ce7eb8ee1053ece81b5b85f

    SHA1

    7d07dcc0d647ee354731a6ea9fb0bc21fd740754

    SHA256

    e6b94a978a8d66b8471fcce334735624dbef919e7f26c365aaef9450ca68017b

    SHA512

    164c0cbd287bbebc19f0aad66012414466d44238607cf762d061108a49dc60996261a9dd6bd5856cbb480f55a0fbcff002d8684d61bc366449cc1fd827de9a49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe49ebad2176f6b5803dd18bb9b3bfee

    SHA1

    d0d717dfb4499e82c02251410dc7e07cb813fe48

    SHA256

    94e11dd58a04ad588d769846fdade4ae1d3b99a4aaeba50658b41888082ce346

    SHA512

    360f60d4aa4f370a4591ec139aede9da7d096a18f7f17b66c205c794c28c47aa5379982fad0d626b0a41887d1d1ecea72d8a777b54e4a31be12f4509893d579c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9d53597f136635f30402d4d514a0479

    SHA1

    101299a805fdb091f01bc61a9386d3508d8a6f64

    SHA256

    4f8a2c042d0b2742f2fb98ccf2db39236c5d70c2af1f1bdc195917c906a1de15

    SHA512

    396222c843be6e0d83c4b991f99c272dbdbdda5ae5d2207d1730093de9e04299c3613131f2afa3f3a7263f8dcc9fd52c5582a5dba0d3366148891150ccc959ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f515115a3fc4cb5c07c0eb55c0e2717

    SHA1

    28ccdb2d049566a80f46f8e78d85967eaf33b272

    SHA256

    e1ab2972346a6d360ba724c635449655d67608d1325e2254af7d83824cf797ba

    SHA512

    711acb3cd218ea86d0e86e966fd3175e062a29bc1ab40c2361c7b50756103cbcdb31dd8464dfdfe0d00ef5b29ad07156dca105d834427a1d8962e95f621a6671

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70c22138891391a8bf435fef4cb3c06d

    SHA1

    4853b55318174f0b5c32d51397988c7f3462ed8c

    SHA256

    e5bdf36d7e0ee2065dbd8275d8e92b33ae965eb6c232398f2c05b8c6c7b62275

    SHA512

    6b48f10b27b36104388e93313099891c495ad63a2d7d8b40138c59ec5fc645bdd93cc5968e0b5065a19d5b902d63b6ff2f7abd97cdb2950b817ba8d2de38f7d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f8df1c7fcd00182eb17dd8f8900fec8

    SHA1

    b63618b190334ff335d6ecf1c5a59c2966a5d9af

    SHA256

    fdd4de61323ba8c5fd6605399b9ea769a32d3412bc37b1d7a30dd298bc45f542

    SHA512

    e84f00825bb58adade7017d592e719b7f504299e5bd9205e4c128d06933455e8811409e0115c98531ed9962a218606bd6da8d5f35c55928dc9e0972b2c559f8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcc9a55935a643674c7de6e4e6a365af

    SHA1

    92f162eccce12352318b0789812a0cfbbb938001

    SHA256

    b153e6194880515562f3fe48cd1eea70a7f72513f69a2397a677a8aec31f2f86

    SHA512

    7acef464afb6f774961e29507bb1483637288b714123563a13d621938d31eb1c9a1a64a4dff581348f99bdeb858c7a2a850d9821865a4009b70c9fe280c7965a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    464043e5bc9af5d26a900c138b1da14f

    SHA1

    570bd434260490df3c02ca450e1d73880b177a58

    SHA256

    99be13bf5c052b3ee5de5b6425aa5bdc41e2e6d0302c6c98d856818b689a4319

    SHA512

    007defe76b70bb4d471e9fcf00221b79ee6c7966fb3958119f861fa1d7aeb6dbe137461261e54d5aa8d846e06781cf9666afb8b0899984c79c61a3a17d21b94c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec430bd41cfdc860a2a792be5ecf5d51

    SHA1

    972e12c41f1a1eb221ec7cd460a190099718672c

    SHA256

    68eb78d8854810a80546c706397b2580ae37f14679cc14492998ba48ae848104

    SHA512

    325cdd1695db8cb2986103ca7b82ee5e837f475c44edf4f088fa064c77ee9c76bdcd41410c8ed2f933b6a2c41be3a589dd46cebbf31151739bcc1b93c97e224d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab60B8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6186.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit