Overview

overview

3

Static

static

1

eabf0c3d09...8.html

windows7-x64

3

eabf0c3d09...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eabf0c3d0999303d40b481e3c2b201a8_JaffaCakes118.html

  • Size

    840KB

  • MD5

    eabf0c3d0999303d40b481e3c2b201a8

  • SHA1

    4e893224bdb358b6c51bf7789e84d3e8f2581356

  • SHA256

    71f4ddb8e0e08c6ea8b7c3c4218542b0884b1832b5d07b308d017b7c33449d4b

  • SHA512

    e8f9c77f62e53ddf13c454e920d9c7837e055af691b141833c63ed854f75b4b1c93ec13e6439d3fb287ab68ba3a45a0a2e435d08e3b9d1afd20efde3b71c4859

  • SSDEEP

    12288:/5d+X3ZrscWy9dHn6CD5d+X3ZrscWy9dHt5d+X3ZrscWy9dHv:P+1jz6Cb+1jV+1jb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabf0c3d0999303d40b481e3c2b201a8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2648
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2648 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eb3c2c3176fae1245152c765fd9ebd7

    SHA1

    76ec45c9c2fcaa12136f6bdf45915c4bf8b5b80e

    SHA256

    a546e0ccbd52997f51e9bdf71c46c2a5b542a5cd22c2c3207ca0a5ef12607903

    SHA512

    2325a9320dcad7609597f8633b3f2d2fbbed5b600c6e12dd9bafb665556e0a59f74ba3cccf2ab7c7eba2d73c78569d572a6eb48bbb1b7cfb4933d4e1a855c647

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31c3d350fc332dc037a3e0c098e3fbbc

    SHA1

    6cf138d8bdffd1154fbb084d7d3ccf43a73b687b

    SHA256

    d7464facd90a87c64152e3cf474ce74e29ded3360bf2657d4670d91e9799b6f9

    SHA512

    e151025a80989da93cf773763141d588ab6308d905b1d9c8e24dfacb65c3a6895ed327e36dc010b5c58a1ccefe0a7da9f3b80f87af707c8d940a51d6ad9241f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ebb3109624bfabd67ee0d8329f5cd14

    SHA1

    028946f971391179f73d7844fe88136bfe3a5476

    SHA256

    8181d6246822c3167cde2e39d102103011d3cf93f615e36582d67f246c19b080

    SHA512

    ad899b8da161e1b4306abcbb7e2ee4e30fbcc8dd4bf0a4877968552d2162ea271c1a971661f670e02567bcb310f47ea73d9738c0220d8e0a7e5b89e18cc1757b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec9673e071fdfac6e39bfd1d735c4c75

    SHA1

    f7ee3eb64676247e64b41d4ac62a67f701d15d4b

    SHA256

    552ace80ec5223547aa2499d5dde8bdc3217d6149e53264217e21dabbffac4f5

    SHA512

    fdaf666dc18f6dce770c3c2f1fff8638a101763fdae10d130262ad306a266b01e4dc5f0ad1d08b37d4340a633b591a3701a9e9ef3f1a18163190f836906e6f9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfa9dba1541125e7c68e8b0b33eb2b59

    SHA1

    cdbc74ea27d302372fe660a3959e9a3d7337646c

    SHA256

    ea6de0b43c45fc4b668fca483bd47c05da1daf5990ae56ec4811dc4cd216faf5

    SHA512

    3c660f51e0acb49abd0d64857b0f7ecf35e6a3e6ccc25b2adc551f2a9441720228c3fc04c60468c0b7d453a264c665df4cf4b0263563aa25c3cf3a3545c55b83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1b72706774f8dd1cbafa29eafb78ea3

    SHA1

    739db14e4a850bc095586ea765f41aff71a7dcaa

    SHA256

    8df113aa1565c101f5b7bb78181b5163457a1b50304058df4233e765172a5d1a

    SHA512

    c42d44337a7e90581f85d4466a85df3c6f0aa4048f2eefd8ee475a315f475ecc4ece33c69dbd6f8086280ab5bd92eb5a90aa0e41543ae9ca77df712460101b4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8767bd1fee93eef41ad9127812302dfa

    SHA1

    f6b28988fb25eceddd7a95bb648b031ac2b722bc

    SHA256

    a9ad00b81c160eded5c1dfde56d1a2627c45c4148abefa83e739d4401096c832

    SHA512

    5a8c0717d7f25c568b19f9a15ce89ba8e92ea7029ea5b5fe19fb02a68c64c5fc691abf2880993b5886e10eb90712a24a3b40af8f35f32dd123ca40e17096c1a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fddbdf57107172fd5dfcbd8e850dd93

    SHA1

    caa0f499900d9c4d9de2bf05578699ed56dc35bf

    SHA256

    def305024a0914a1eb4abc957e84e15d07e41cafad9805cd49ed2939c89928ca

    SHA512

    7c17b58a9f062bd03d2ba839b5a22670f00af7809383b96c43d6bf083eef90ac346b7dce5126ed1b6f35e02643d2eb5e112244736981c7549dedd498f6cecbb4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA4BA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA598.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit