Overview

overview

3

Static

static

1

eabf45a1fb...8.html

windows7-x64

3

eabf45a1fb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eabf45a1fb91ec468e7455e909fc544c_JaffaCakes118.html

  • Size

    16KB

  • MD5

    eabf45a1fb91ec468e7455e909fc544c

  • SHA1

    eb62497336a06c0c7c0cbacddc1b576168967c6f

  • SHA256

    188087182b72b0d2e29f581cbd8e62a472c81f61fcc3c3d43d41afc414aadb3f

  • SHA512

    b52d5581fa14c807fd939eb3f462c4f004627c48695db90cc42d2e230580193dbd3443d54e174e0cb45e10400471b5c61d1eda961dbaf8b65fa7db2c9561e879

  • SSDEEP

    384:lDmZ5OrR8RcrAmj24OGYKb0CKI/i39wFx0jzJf:lJriyrAmj24OVHI/i39wC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabf45a1fb91ec468e7455e909fc544c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e06a9007664f8f01ad620a49adb4e36e

    SHA1

    53cef7cd331b4973a01a6a505d383e244385cd06

    SHA256

    c016481caa95b9d0e53b1b94d8e02f6f043bc4b91ab71a3bf18517eb5d44b1ff

    SHA512

    0028847283cb441fd166b13a7dde2c061a1efd6a8ef94f5dd0ce58fd89ae6cca3916114c989835215ed59655cee48ddcffbd571d148ccf9ac08c5ac1bae6ae89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89343f68560a4459c7b7497b5eb9b1f8

    SHA1

    b66f61bf670dec009b07bab373eb8b9ddb7bbfc6

    SHA256

    506c829613a6304eba8fde90d8667354d2b11b74839592d4fbf328cee1b33e66

    SHA512

    e66583e9dffbda4d5f38a2dab712df10ba744220b173a102577fea86ea09d8af852feb0f69ecbd36233bdbd2045a195eccc598a23a7dbf141b362e810f09b927

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b54dd9958671aaf8ad9778f5d0998deb

    SHA1

    f77869ca5551afde2688a7fe1b4850dba58ff0c0

    SHA256

    23ec4fbcbdfafa103c3372316377188b262342e1d1767a70a32f1474a8f1202d

    SHA512

    3fa98ceeebc538d4a0742665c7ccaaab8b2bfea123c94f18528d9423b8f5726e8e24abecf7e470b01619f746aff2d9f27eba29aef6ddd51115edb6a05ae1013c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eddf5a8389d0d993edcc97e6487a4066

    SHA1

    421e5d0c1cc933995c87f2c1b681c4b64193ed2b

    SHA256

    c33007a43c1e7c43c32c1c090d0f0441d1b5bdc0fec82885e1bdc2821e329f1d

    SHA512

    13cb6e0e0ab2957a4f677da098c3dcde394c579b1c2208af7e890fc970a709c758708e11b5c0a2582dc8eaff8355c3283f7359caa391b26f68b328e9139d8808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3ae9d5a5cdfda98d28663e3541cec5c

    SHA1

    6c79d1bd203f4282fde4605bf67833635faa0136

    SHA256

    26d4ffb9f906118ae04f079ef4096e6ec55ad794394606b75dddc7867a660153

    SHA512

    68289beae1be6289cf418f418e68b06bb4d5c8de9e31a976c536b2f8072de25036b158374cb00188a6bff282b40e067e5e9dff8e8952498842d0a3ca18d523e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0963fcfd71d632481697c2ee5b4c8aac

    SHA1

    eeecca3439ee3e99470f6b6a4080dddfc39873ec

    SHA256

    aeda77ff207a9595f7f68ce2882eb273454bb590c97e789aa10a07cf93a9ef3d

    SHA512

    7178ddc6297caae39537cc110d4cff69acb8c64830c38b109e8da324f523aa601c0372fa12f39b80f65bef4488d0fbb4782f09c0709363e4c12c1b4b6efdc36c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3301ffe83fb78226e9a0148552635009

    SHA1

    ae6010584695950cee8ac51f728c1261ace1f4b6

    SHA256

    ba2ee97dbf1223f83528bf5dc556ac3b3ca2ca14d4f79a0d8427945d8c04ebb4

    SHA512

    bbca56e98476a5f3b027a4302c3757dd0811c5400cd153fc47a4e64f0ae4809763abdd28d2e5f997dc898f7d5f0c78883683c253da4d64b91214e838fd35b842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    189b9735a539481197748b11aa4581f9

    SHA1

    eda4b144b2ac12196fafbba15090c53b3aaa2a6c

    SHA256

    f1253b3685f2427116cc3f74cec805e59ddfd46d107f44e2cc90be21d4751680

    SHA512

    5de3c0d12f96d4b1a16fbe72af4903e3422d506b7655773428397a6f4ab87d66ba4f4c9310bb6b4f1ea404e682c034a6793429d6df73bc3a794589c0896e09df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a211c54d2bef59f3b03d9513b23e4a10

    SHA1

    249c148f440936d04f8a53f95a9b7ff7be5c8df9

    SHA256

    9a589110ae795787bf35a9143bce660ed1cc1e28dadd0885a4574d2470aaaeb8

    SHA512

    3ec29384722523a52ffae59774f9de547bce73299f3615e5570ea2423ed26f5a0d600efb6502896fe779491d38d9bb73b324b7ea6f687f18b9acd97834f83ddf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE38F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE3FF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit