Overview

overview

3

Static

static

1

ea8b6e5361...8.html

windows7-x64

3

ea8b6e5361...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 03:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea8b6e53619fb3dff8e4dfa7bc660f2c_JaffaCakes118.html

  • Size

    30KB

  • MD5

    ea8b6e53619fb3dff8e4dfa7bc660f2c

  • SHA1

    52188396f03e976a6e7e136fb64f3f8fe96e9fb3

  • SHA256

    1e55ef8c1ebb69318fad052be3449e746160982ad7f2a55e2d929da0ff9ec91e

  • SHA512

    1baca0a87cc5bf0f337e59fce4bebba85cf9dbb7153e101ef389a2530d4c3981281fb0f2348cc50d0f1476308861bfa295f973b3cacd10101666b749e4097fc8

  • SSDEEP

    384:cDYhPhPmHLteubcq7Lb60kYQuIfGdr94RAaIgcKKX:OYNhPmHLteiFL+0kYQffGd54PfaX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea8b6e53619fb3dff8e4dfa7bc660f2c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2640 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0d0a64be96c56261e0b1093b08d4637

    SHA1

    feab07d36a41731007d1cd77aa8bcb7b55860e61

    SHA256

    d4acb5cc10b32355e64eae83ab00b546c3b08ffd3749a07444005b67c14ab7d7

    SHA512

    e87b6b8552013ba1b9ba36bf1131d41cb1996d9ab88cc74f5a310e494b69d93a5c756ece61a87905e317dd9205d0f86062670e43d567f1199d47a9fcd62c24cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ea3f838c14ee6b64c8f424653a39dcb

    SHA1

    021cfd94ba1616655c316bdb4c048c0234421916

    SHA256

    8551c0b56c0a66947cb569f57edfe442211d3546abc98a59f0d8f5776c00089e

    SHA512

    352ca8b402c12d4c95dae313e86d931b560a15fb2102e2319e8677d16abac4b19262ee10f66e4412e924b238612c9ce756fa49a111eb64ed1c2d9cbafd5a1575

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b70e2e67c714f0ac2465384668410c44

    SHA1

    08f3e36527eb834e26d0b355ea29f8c6d914a8af

    SHA256

    10a0b6c805508a0f7df103ab2d7bd9183de770f12c14c4c76a67cff2a176caa1

    SHA512

    c14fe9b95d17a6a5918fbed1fdacb79c53a65791a9abb11a86ce46cd3d759335638151c7724c9114739aec58efdcda1b289510422444cf218924f9fe460ce69e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f731cf0284ae2e9a8716b9351616cbb7

    SHA1

    8e2a24b03b61027ae7ead5e65ff4c4cbb602c889

    SHA256

    e857739a303a55186ce0ec3bf138c21c3444330e486105e440a20aa8b7346c4a

    SHA512

    93727bdfc7c69b0238cad221cd664fd2db327f124a48c5a32b654c0c04bfa1d6d3277a6f776a0a1a1a51de62afd72407d9ea4a5ab653835a702347a4d9803410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac876733c433cd8c8f496e4e94641ad1

    SHA1

    57c79f849af0108d5be4f05421e75309cce24d04

    SHA256

    6b7d5ffe996e72eed17e97f6057a27a6e1f9cbc5449507d50415c442155d2cfe

    SHA512

    f6e66d6acb903899028d1b363391d901a10ab13a48fdfa36b38811611d60d2bd41e1d4c61768c2ee3c3588683ccd76b2dbe38f95850059f85ccd50239d5a2469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1f98db5231c18c2eb96387348b85e56

    SHA1

    454ab57d9a6bf2dc4e7ea42b2a1c727fe02eb931

    SHA256

    bf258ef0413841b8ed56bd4ae79636f61ec3b14a50ba49f7e9216be2b4ed7b03

    SHA512

    7ac6e5363c71f665b13dd88d8f3411243955d627be256dbd45069b31b6ace766352df62a5e2c9bae8ecacff5eab8d04ae8ee585358715dae4d6c053b1537ff66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    113eb4e173089f6fc82abdc7fce75646

    SHA1

    a49c86f35a0230b99fdb0e368858a24e0e19dc41

    SHA256

    16f5b7a4aa6f8238c47e9187caa86910f0e7862dc6a60a9befc82d9a7092f134

    SHA512

    3fa7311b988da5f17d8bee3923ad336e4ebf97da6e6a55e685d6d18cb6e3f338cf75eb046c85c90226fdd199feb5150c07648315bd7f234e108a3ea47a5b7c8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59091a5f358ba0c7466a2f86edf42387

    SHA1

    2bf1704d8f2d21229a5365ae074c55e952e45f6a

    SHA256

    89b9fef7c236dbfa3fde31ebf34c2bb75bd438e8386d4ad2fb1c5e51f20e131c

    SHA512

    b4cd437cae881ebbd8555de39522abc6135fc950ea9e62789d5b987ec7113848441812879d7608b394600c27c01d338cd32346f157d973796179e2e7d87f7422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c293a2ae836ddcdd17fb067005c10e44

    SHA1

    d04b67412ca8bad7e22533b60b81cec7b7846161

    SHA256

    b95d4867d23df32ddc0785973a83f197564f44d14c2697bd31921c97aa8d7f9d

    SHA512

    9abd2c70ea400a77e1bcbc5a8334e2cdf7c1e7eeac1ed6221a3d5dc2bb395cdb4a1856d3ea646b7bb3d4f58c81fcf34ff1e6acaf1afd302f62489e09b4944b96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4df37379b4cf018493f170f3e327492

    SHA1

    f82237e1605090aacd3cd56bf818b735de9b372b

    SHA256

    61a5ed18abf0648b455956c420a1c54d5ab77531da249ebc0e86a6bc4a01ad40

    SHA512

    8fccc1760af9d675655886a0ac6a4780fd69265eb1340efc15b9126b8cc14804d66fc7a476bd0e4d17384ff12c0b466c6c702764112a84abbb58760e9d8af6d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f37119c112b0c501d431c7ff601e3e9

    SHA1

    6d15012857e5e9b3bab2c800f4dc2272882d6f88

    SHA256

    8b3da7ba176332bfa2bc8d67c91d9fe00fc86be5e8f106e2d4afc3cb33144efb

    SHA512

    e4fb1790dc199d0ba4ad8f6f6397b0e37afbc255c797fb496354017c462f688cb337a4a7d0cf2727f712fdfd2e1c54172a30b28d276a05a14f79ce2b59e6bc36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ee96ec9fdd3e5f98b0cc0b61de224e2

    SHA1

    e817b98cbaf98eeef6873ad5550591827775ec27

    SHA256

    61ac4b7a960d2ed95e84a93a3409c074246e4d49824d78339965bd841715a719

    SHA512

    250836d780c389a1e69d3bc026dc77fb635b46e5ab33f9f3e5d93e2cd53a83d431fbf966376e65f1f318437c4ac6415ac559ae148727be6e48e3444366f2b373

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79f57f2338fa190a3bd2f1b61052dbae

    SHA1

    c07429081dfb7067515b7830a4d419f1c360e394

    SHA256

    b27ae8a13c0692623326d7da249d78a1495238c494be97a082135327cbf205cc

    SHA512

    98656523d2d10f13e86e2075558f64277e24234a71af5c18e9467d92d5916bb593c1ea3b3d78ece95c6765e3b9d177c8efd1b3c74d85d37652df866a76380bbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63b66b06a3b5fbcc502574b54f813a90

    SHA1

    97d323472934d6221ef46bffab5cf662a53cd89d

    SHA256

    31180cba2d88f8233f2021d3bfb54c25827aeca3e979e5d0e164b63962c5cd2c

    SHA512

    7fc8c7563f0e830922a1b26f3683a53b199638263e43bd217b02b692efd7da930421ec504f25e14b2eab233e852a54449fc342238470b88f792e09a4ba650544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfa1f4f565b6a27542ed21cb986e4ad7

    SHA1

    8bb199f62f7b3f1420495bd657327ad7d265ca99

    SHA256

    3afcada9d061e18fa993134033ab67a44b677e0c5218c2e7e6eda75513517f2e

    SHA512

    01569d6880f172442b7bc63601b83a82165c81d65d1e2bbd912c47836ba6979c20ffc23c5af0dbbd7086d3eb2bd9512ce2379d6dcd72e8ec4c223223e96126ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB0KZ1Y4\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\cb=gapi[1].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    e691b2e17de9ec018eca758518bf5dc8

    SHA1

    3238d543acf53b803dfbd260405fa558717daaff

    SHA256

    438d41bec769ff386a2c1555b6bf9105362f67dc3e711c81c6092ee7fbf6ad2e

    SHA512

    5589a5cb408ee8e0fd473de24224ba8fa1453eba5df6e591570810f992160d4f3e8f60f8ba74d9994861759321f5bfe0c4a608636913a8407b5184008457afc8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD63.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFEDD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit