Overview

overview

3

Static

static

1

eab0c0bcf3...8.html

windows7-x64

3

eab0c0bcf3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eab0c0bcf335d0d8db09fd6a2d4b6c56_JaffaCakes118.html

  • Size

    19KB

  • MD5

    eab0c0bcf335d0d8db09fd6a2d4b6c56

  • SHA1

    001daad4f0871d8fd4e264ebe12babf011ea30e7

  • SHA256

    17e5ae8251c51319aedeb72b50b7b210b552ec1b8203b557fbb12f3e4f949056

  • SHA512

    5efdb20f3e8da45be495c8b1e02bd04aaf555a14896eeccafb5486a9063b0fe1273dbdff2aac6a980cc9f2cde89a407142126b3ab49b5dbe28cc08ccb2c81b7f

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAId4fzUnjBhJz82qDB8:SIMd0I5nO9HhsvJoxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eab0c0bcf335d0d8db09fd6a2d4b6c56_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2472

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c3c6fa3ce50fda51846c283e199f682

    SHA1

    549750f082ba1d07a79d6fa2422581be99913287

    SHA256

    13ebade3dc54a44954031990edbfdb250c6524b6c14a153d01d9fc38a279c8b1

    SHA512

    dd53e44b605288f6847978bf7cc8cc4d7a7fbf8b0250ca602c1842525a78d76e112da0a98237daae8823c9394d20aafc6c248fdd728bedc34167f34124eb99b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4cc8df1fe79000fb633e4b8718f663d2

    SHA1

    ae969fcc5753c94a1da508f2c2847a6e077d5976

    SHA256

    a216f271aa6e934d4e1b88107740c8e4d7c09661b21425eb8b89b15f5e8c4551

    SHA512

    90758c2a465fc6819bada74e4b87f75bd061332f8ba822be4e8ca9b7d00dc8697348d810635fb340c96f1c1c74798d9ac64d90f5b3e4b89b8dedf5d1ac4736ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f65f582aae740d23b834a416a0500c56

    SHA1

    0dbcdeadddcd7dd74795c818c95babe3e54fa7ae

    SHA256

    295cd0a252acd5262df22ee9adc027e7d7a9259be0746954f42c9538d28ad468

    SHA512

    ab3d76c139024bf1304bd6d89fac51ad641274135e45176fb59afdbaba2b43f436559c677f65b79f324f436df85711fd5c2a4bd2f53b6b74ba03b0a3d1dd555f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a22a29ccf19f95567118c693001c0ea9

    SHA1

    38abdc160323289f8795dbe0c438cb0a08636248

    SHA256

    2a5a91571f813066a34cacfaf106a3c1d388fbd09c905d2a5ffc75899aeea77e

    SHA512

    dab0893959625a05e64b5469942704afb6ceb6368bfc6caa1a15cdae7b39cd9a73033054a8e79508e0b442f51e297eb2f56b37f7479bc0426eb586c449f801ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da1766bd662dca58467e3a52d03a7d2b

    SHA1

    3f3c14d2f66005d559f1d25a70be92b0bd9986dc

    SHA256

    9fc91c744d87b260928823d1ab27fd0c3b134dd33ff11a19263793b7831012f6

    SHA512

    3212f8aae176807eb4292574dd4da8a60321db4d51cc88b1cfb4d04ea8278d3d78c5451db6427488267f371e1232399c23c5951ccdd58d75d9f90c51edc3f73f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    861305d9ca2fec44cd2c7ba0a8a7e44d

    SHA1

    a8741b3592e44f314f6be48840a9c96d300286be

    SHA256

    f411c269a6ae81c9a337a85ea9d34a212e8c82783757d50d93fa8a01aeb4879f

    SHA512

    39b3614b1eccd6fd5c7ac16f25230b146be5ec07478c5541f24e7ccc596ea39d926548f25a407ede64cd17880b45b220b532df5c63ed04a7bd09f295fe69d3ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2432fe77d2ab6bcb62beeeaf6f122b6

    SHA1

    d6d57af3769235eaf16937034bdf11b5d7a6558b

    SHA256

    b2a24d3c64114d05b593287229ff5b0fa8136e52cd54b51d5cd16d70be593de9

    SHA512

    a696b293c716b76e92c0f0f3353c8a5fcdb92d287e9a88203b8486e828eaf8aef1afecbaf18cd6cd86ace1e25fd0aac990f8cb93c817cff28fb1fc1cedf06da5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5ffc3d148a9438dd3aa043e560fe0de

    SHA1

    003c9a844edb0c80e82a185a63840ee7f839b576

    SHA256

    c8a3d89990ac291584c67116095666443dafd600f8cc549f07c585ad9904efc9

    SHA512

    c1a881eca428a6f34d21b499a8b2fef0ab5d967668467f921597d4ebf0bf61394cc0a66d98dde7445d051354b30bb1e04887dfbcb492337caa68989a94196fd9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE273.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE2E5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit