Overview

overview

3

Static

static

1

eaa658d1fe...8.html

windows7-x64

3

eaa658d1fe...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eaa658d1fe0c46ab77f1dfe9b4633ad6_JaffaCakes118.html

  • Size

    18KB

  • MD5

    eaa658d1fe0c46ab77f1dfe9b4633ad6

  • SHA1

    23f2415e06fdeaa73e93b82938d7adfb343a63bb

  • SHA256

    29f542e2c769c26b2f25955cf8aee0017f88044dcc95d5438fd67f25f47b0675

  • SHA512

    89a692acc373b27c54f7fe23c0bd39fc2e199c336725f3e1ac3b4896d906413790d74b6cbf39b80ca773cc1aeab97431e1d48a62759ebf42e4efbd89ccd7df39

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIc4ezUnjBhSk82qDB8:SIMd0I5nvHfsvSnxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eaa658d1fe0c46ab77f1dfe9b4633ad6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08d45f4bca482edb007eee7bd0f5c493

    SHA1

    fe7fad8d8fc2f2ed4706e12b8b7183d62c45ed76

    SHA256

    620003f7c1432d398903d7a19c62fad589ee4823cbc94a1ff72da46a9602c770

    SHA512

    7fda6fad22aef00da17807fd308e7ac2500913dc521f2ef429f818554401c1154ef2faa45026ecd65d2e953a153e9d5d4f794fd2cfb79af0f1b7c1e9df098c00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7439af6179667812963f5831ffb5705f

    SHA1

    8c30d0d5cc977d70dc904d6b181ce9736c675c90

    SHA256

    edba51b0c46448e2e77df96104afd9792761ce94ab798c5fdc09079022902b51

    SHA512

    b6a04fbc736a61322ce9f6dce56338e8eddcb71db5ea55566a37a647905cae704f415de38d65aa41da6917384b9e40d7fc38409e5d564bbfccbe478cc437177a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f8096341705f98c110908ebbe2862df

    SHA1

    f820dad7daa91a8d671589badf94c80f0f29fe8b

    SHA256

    9fea29ed32b620fd79c22f1f8c20250bc0945ad3a3b73216ddbc1adc1bd9d467

    SHA512

    90b519d259b2c55076a843005aa1837f5ec2bca93fc69ace8ee319794e25a9a4d443d642586e195eeab3b309c0aa2b06c4a58087dc8a86407a1eda71efb8ad19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1a0c16d5cc3f791ef77b5bc4b433948

    SHA1

    14212ed6c27b2582d220f6f5c8ab091353f61250

    SHA256

    184361b6189b99e091c44162c23fed0106cc94da0b3ff5c2aad561c22f7dfc6b

    SHA512

    cf1c96e667e5ebe8d8f487d0c7a62e02be79d5c7a07ade86b65b83ca8209c8db2ff6b048adead284e3a85d371182d3540ae6fa0a034f0e13df9b99803b699614

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a69da9b98b50c16702cf3f2f21463b43

    SHA1

    80ff706f823aa48df433ca2f67b7cd37dfd0d121

    SHA256

    fb026e0e0672f4d2b5d786843a730c733eb500d252b8f925d53a92e9e1930be1

    SHA512

    b39adcad755d815e654afb0ecca9e3a20dd5f689e8609a715d0c38b5e8343a25b4acb787e73abd424ad08c3ba6cd7f0d630fec49cc0e8b8a474e782e835cede2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c202f09163b13d396f7fb831c80902b6

    SHA1

    961efa61826dd3ac9212d262c498bf636e2aeea5

    SHA256

    9605bf364ebec8b22bd84976f4f29dad955544ed3a07c1986708f055969477e3

    SHA512

    8b2926b97f51e24880b906cf93f7c9ecbd072f8dff2ee754ae37b925fa31f6f559ca1e8feca557fbef13474c3fe177603b52673d02b939b1779222c266c7aa26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59539e450a9f11fd6b800503bed067fc

    SHA1

    74246cfc06568d48f5735a8c45e49b5ea17de7f2

    SHA256

    4070ef9010d1d72432134d453057700f3f429d4c155b35707ad389535d88853e

    SHA512

    4316e08a044a73fb8473113566f1ebf7e237c9d07fed7008963aae6e9373cfe45550d1bd6b010fcd21b7cf802732ae628c4d4c6ee1998b6f085381669c2daf04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3927c1e759a198f5485f73566e05c421

    SHA1

    6953b225b9ee5241c6f3bb849ba19be19200d626

    SHA256

    92aab46040e055dd6e19fc094c2829bcb8a37ea3ff75f1fb53970950d62fd7b6

    SHA512

    0e553904ffa621469641b445e9c69f9d5606ec2bbf7364ef508a375a32145c8a9af8e79776b0ca9935c7df6a243780fd86a866c5b735706e867cf1fdc8f90ef4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b2f55bd10cc33f3af7572086b628a7e

    SHA1

    a057f29cfce4ac57c5ec56d2b0c2fa9c4f290097

    SHA256

    16b8696ce588904a818d3ed6165209f1549a31b6e8e4a6e3b71e73fb502f48f4

    SHA512

    35fc00a230914f26857be4b2543e74a575cbab492ce7ac7c4753d4004bc6f8bbe142643467f916ed78b2404a14b2532f5708166d746060021e1071c465d31a1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE8E9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE989.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit