Overview

overview

3

Static

static

1

eaa4b289b9...8.html

windows7-x64

3

eaa4b289b9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eaa4b289b94098a86a61befa57a2a33c_JaffaCakes118.html

  • Size

    23KB

  • MD5

    eaa4b289b94098a86a61befa57a2a33c

  • SHA1

    470fa9fd7a8df757cd5cedb4d3f93e94190a468f

  • SHA256

    d51d3c247f57e113586ca5c6299c4d54fdb92e1d4a1b08927c634bf7eecbc71f

  • SHA512

    703ade59bf5d0b3e39ee06842ff362839f76acc1753ebbadea4b14dc3256509e7170a03737f337ddc6df13542355251c8adbf1710271831393b24da0d6832338

  • SSDEEP

    384:SvdwGtJmKAbXLZUYg+a+EwMv4Gr44Ky3ASW9pp8B+:SNmnzLZUYgg1p8B+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eaa4b289b94098a86a61befa57a2a33c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    148131010707cfeef00e827633540e47

    SHA1

    6815ec5c319cf6569f7a8806a40ae3f3a92b6fb6

    SHA256

    6a4758370e6a29331d908f9ef9d72745748d67ae1cc73d8a5174b0cdd7b53535

    SHA512

    948f19f2b805a9f3cc15097b4ed452dccdfc4ae0738772733f4a22cc5f412ae5f25cca955bfd3d7c6113e1344befbeab3aa5b0a768f9d803febc3a392298469c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e9a0a0676de2b3274ce9eebbbf748d1

    SHA1

    bd09593499b5a4b4631b418d27c209baa4d68621

    SHA256

    8d031de1c0b141c1706939c525793fefd4ae09b3d07c060ff79f4cfd00cad36d

    SHA512

    59631afdee0f39816eeeb67b6ceda73c182750c576d970dcae24440700d85957f09d7c6e45d9c6491e44784097ed97e58f03e9fb377cb4405d05d06ca28474af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2068fb2d8f510753ae1c365df5f8bbf

    SHA1

    41198655f953fcc633e0a17ce490904ddf8ee527

    SHA256

    9e291bbefe2eb1971c819cb33e36d022e7e0b36e62f15b7c4f5c430113436e3c

    SHA512

    ff7c3553564ecdce9ce32c97843cb5c2a8cce0a526c59c02c4e2017348d75b572d3cc7730c14739147d246478c9c43916409c2011c4dc45252ab9460443b64fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54277bc59742a13ae13945bf6de275f9

    SHA1

    e8e121f2f48dfba1f829fa862666e8f5453a532a

    SHA256

    2b95801e04c64d5da735d96f01ac6565ea36ff344360a14ecf90fcc3150b927d

    SHA512

    ff22048317ce668870df1da2da046d4bf543cb3c5b7ac825c51a14c02d60de2faf27e945bba6728dc25d62c415b0dccda81c9c198e84914b95293132eb162545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5142edd3f91fb5ad829b38765bb58f3b

    SHA1

    fbddd53568c581ba2c54d1444ba720e0270efdaa

    SHA256

    f432ddcae08eb9d20018a3d825561ac1d0b5c53ea1b5c1951ec6a1a473fde5a4

    SHA512

    1f87a4a2e37b6462b0ce98dea66e5ff9ffaf46cb17d4edb34223329631b3ed46b133e6f9370f23b6f90d219adb0586c276467a0a2aed75350f7ee94a41c6fc3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e47b853b7eb838c6ddad7a9ce3d83964

    SHA1

    2f7293c745717464b87cf81643f4e191186f310c

    SHA256

    4cc8437e9a8712df1e9a9ec6e03346ff835b3b28f66531df0a6a86f078bfb144

    SHA512

    6aa4c0f30eb9b5493b449d7ea9f5e6b3c4bbe5b3127d9f036af6edf6d7dc046eb236501d78a0e4bf647ab8c6889aa5f3b39cb2b5b8f9f88b21c779de5d778020

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    360e0b7e22803dc7f64986690fb67489

    SHA1

    0cdcef1167e33f321edf2d1b10dcb71e5377be51

    SHA256

    4df072c991a77b33a0bf1f4d5da533e5a135b3bd7763a73d4bc6ef15215d6cdf

    SHA512

    d27b28e8956cbe2933ae0c5963c0a80d5a9a9fe7897e6ac3654915afd46727dd963a5983671f9ffa5f6b679f22efdd4a80a54532a21ac4a3280a59d4a46354bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a48f1054290e8c85250d489c4757e1e

    SHA1

    16b8e385a2028e57716f9fbab5394f0fafdef519

    SHA256

    1506790196d080137d303559e7718881546ad027be3a68caf654cc19ea916b52

    SHA512

    c6558fb99fc5ad4fc6c24299ab3e588b66dc1bdfb148fa25ae56f5ff41575e6c8941ab33334a755f495dff25bd544654e6167917fdd30ff213da75ace16ae3e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc27388f1bf902651a3de766f30a519a

    SHA1

    5c712c5fdeb25b54b4cfd6209fb45b325afa9dde

    SHA256

    1c7b02b059e1685128ab779f2f2f94d3011503526d3f8b79c1f2584306f7785d

    SHA512

    7dfae7962a58c4d9b5cb6191663eb035a36fa1b34ea5930407bbe9cafa0c822a87e4403c5f93fc64964a658020c145388c445a5387c68384b3467553eb73e4ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8CF4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E21.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit