Overview

overview

3

Static

static

1

ea96a9aebb...8.html

windows7-x64

3

ea96a9aebb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 04:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea96a9aebb9437345db92db3a77518cf_JaffaCakes118.html

  • Size

    19KB

  • MD5

    ea96a9aebb9437345db92db3a77518cf

  • SHA1

    8edf7523e6d01899729a88ee5eed504cfeebd94b

  • SHA256

    708d765b05f7f3e9af65fa7d22e12f09250ba1a9e7a00faf61c5dc81e66f7250

  • SHA512

    6854b611d06b7a45c8cb04cd2f5abe04f75e1e5341c59993c8ed01e6a3e47fe11d4fca13429ec274cb929d7473e89a47a1ff3412e9b945033d7de9ac7d8345c7

  • SSDEEP

    384:ziLRKhgESMVBD8cSQ3R0bSEXJemLxXucfIk9xhezzVc9/a:ziLCSMgc13qbnwmQOIk9evq/a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea96a9aebb9437345db92db3a77518cf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2532
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2532 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ae67b5363911d7a4ca85a9684bdfc27

    SHA1

    34f895b5ea1ff49f9c5414cd74c42739867c2527

    SHA256

    5770e0e1db2ecece0319e82b4a88b61ed0f08bb6c6f1145f266b0db4363563a9

    SHA512

    42aa3a2cb02e09c298415b6f6016ed05b0b382d60712e7e6fd96254b9ed230494f9b666121eb8bf93b3ec8969e56c3b062beebfd7530f24ba127c6cc648bbec5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c205907da65092c21f59bf2a76d9e1f

    SHA1

    5818d91e559d8de32b7cbf775032bfb155fd6f5f

    SHA256

    02f2568d4341a20a1178ecafe176797d228c2b05043aa1c858196d0d3a4b4e4e

    SHA512

    61fad5640dc886a08fae420a34f2387c7644964074dba4627225f993c860d5d4e37f8c4f5c6f2028477aacb4fb36c070db17975c76a5caa801dec04d52e677b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8da865e2fc9020975ca71ea2b5d80e91

    SHA1

    b650b24cabab628df157cd822d38950997d3e04b

    SHA256

    20cae66f267ce823a1ebda47e4d0c186fe50600152d36030004f7e31bf889ba7

    SHA512

    03abeabdbe0d409bd83157ddb2d124ecea0ae8df3b8dafb78a38fd4cdba3a88722caea9b059e5046ccf43013dd7d49b5481c28ead5456f3113163b6c8dcd23da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22d286ff696fd63c6f80b38e74f28d62

    SHA1

    16508befc4c1a47d45beaf7acf183ae64fc3714b

    SHA256

    ee83bcbcb16f7d5732035f0c1fc3b3e07118d1c5dd11218dde935663459520f9

    SHA512

    9e8e9e71d1c5eebec2dfd94f4861481620c4748a12fca09f759062dbf7c47b360b996db7a3b5d7867e37bf07f6b0c6ed6e52a853080c34de1075cfe3263f02fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b17e09e240e6778809abea8945829650

    SHA1

    a802bdb32d2782dac5c6fa6da821d5b88fa004fe

    SHA256

    736849d9bc00903022e7d3c3978c4d0bf8cf1555b74cf95a04f0dcd2dfa344f6

    SHA512

    592b6b816b424e818292c45b8547571cb6797cdc4dd0b8f0ec9c0ffe70e45cb06c9bed2f42d56d3f062abd0566bf841d23865e11599e460e09def695e89e5e75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    049a39676ec7db5786f07b2e7a2b1ca8

    SHA1

    d2d893e3994ccb4299d209aa41dc843e1a790c13

    SHA256

    20b1a2547bd8c28823f55db1d33ccc693ad3cb190bba22a05f6082629720756e

    SHA512

    272acbc9f196ba0425680daabdde73804da3b23fd3f40af9443196600261962030862fe261cec5c8c52f7e9a8ba35907cbf0f80b6cf5150e6863d581916f6f3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f1240dfa950afccc415063f521867a9

    SHA1

    fe99b0a175797ba658e4041a31e3d7194f23c733

    SHA256

    c47580a14d70c16ec60b52c0f1b730dc476e812e19668b02c1ac429e13602b6c

    SHA512

    7045d6dbddbeb22ec9f62a8d289292cdbfb502ac3f8adaaa34abc8f989ec9aab6f16443735646c02910ebf212118429eaadf289f52fe58e2f7cac1f6bbfcefdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13e81242777103671a3751c41c9c1822

    SHA1

    fd45e3122f4099a9b7f6927f06c0036879afd29f

    SHA256

    ee010ea7544d8aa4adc4907d8765b268998ebf4e3be4a13f52e2a56176675c79

    SHA512

    510ea2388f1323c9a3a4cdd9501530e32fa099aba3f786cc8277b4c7c5ba78c66e25ac50d35bb159c229b08f1759245aed741d14e856a9c20612d475115bf469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf5c9dc739e66870714e8567bbf4f11f

    SHA1

    9d6330d3ff12aeec8fbf51423ab22a3dd45f9f8c

    SHA256

    15a75b9f2b219b7345bbd5ec0f5c762ff9ec8c0bface621b34c3ec47ead77e65

    SHA512

    b1cec0ed2c8960a52dffbdead4838b094af654494f3aa9ffd1745b8c9a8d9cc2f1a0e3732381f0816876e0a10fcbb7439e68f0658d91885bc653c3984457fdb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4074970de2fcb7bc2271b59f88de8588

    SHA1

    3332a54dc6c9d659d9a0338324114038dc71e21a

    SHA256

    c084faa01ef4623d1105c90be57e13de3db8ba57e115e67ebda9df29a648f59b

    SHA512

    52f0f08f1694e96fdac168ec3d50dcdcc28cd4c24c5b6b272e62835b81d6b5245e733ede6d1aafa4b84b8de8f54756439c92cbd96d7cae3c3fe0277b90afbca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53f53783a55535b827131915abc16674

    SHA1

    eee38ff466169cd6c1906467bbcfe88292452323

    SHA256

    803498b272acf3cd0afffd627f21cb238cc340dba45a671063fc4686ba391869

    SHA512

    5ffd66f20d9d19bf689c0e57b6bd951cfe39137e98bb0c48a46b991cd981489ff866f0ff6cc64b6ebd2b84a6888e5bb1e45b5858e75bf04f2c2a5c32916c3c75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba0d6673c44be64e4031126853d15c59

    SHA1

    e93a16fcdc2537e4ea003ba2ef54e512c4336435

    SHA256

    cd3c3280d5f029b05caa1e0e536e34af72e5498499831ddbe7920e1e9e0812cd

    SHA512

    c3027514f298819be5d0c403c6efe7353b373eb2eb90c9a34b861ca725fada5c7723cdbeb4da35f6f14ff7cd90415b85b270a4c2bf3dd2487d9da46c169ccc59

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAAB3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAAB5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit