Overview

overview

3

Static

static

1

eab426196d...8.html

windows7-x64

3

eab426196d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eab426196ddb0c16f0b89a15de06cbdf_JaffaCakes118.html

  • Size

    18KB

  • MD5

    eab426196ddb0c16f0b89a15de06cbdf

  • SHA1

    b53df9e83e9e59284c0cdc330a57a8b7f5160fc8

  • SHA256

    6579c0e5efc132818946274a5d9da60c8af9d77c7fbd41100df190b4a1d34b5d

  • SHA512

    fba50cce36d6130e5716c0646c0f9227d344d841b067e6f5b5424bca2386115bc4e54b0bb2a7cc5e133a69484b8d2a5953be65ee74b3f1cf35eed284c3fbdb15

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI147zUnjBhF/82qDB8:SIMd0I5nvHxsvFExDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eab426196ddb0c16f0b89a15de06cbdf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2948 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2997b83358c9fd9106e8aef3935cbf37

    SHA1

    b01e1b2dfdb86a3020f4098db0f88cf4e83d82cd

    SHA256

    5c68a71b67e72f0cd5cfe755bea1eb621e0e613793633ea147881f942fcedecc

    SHA512

    8b924276fe150fbf3534641b46312d8bc39ee96c576372216ac1cccbb0683ad4e83cacd3852199cbe8e71e06c6dd55543994d721b7fc96a4c61194df86ffce1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db35ecf1e8ccba9c8564b1707f396446

    SHA1

    c49afc2e38265b611c191973d83a628622b2983f

    SHA256

    e9c0103de3a0f3c532722e09a811b5ac69ff5e652bafc10f5e7003baed001697

    SHA512

    20e8e5f1975e454d467376d2b2cee9286f9b651cb38c5ec2d5c03c01da36225bf9b50177000fa21d5b4cde4a310a57d273bf5c8f76b35446f70ba511cc7fb988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94b7f31b7bf77487341777c5c787af6e

    SHA1

    dc901223391d11e48880a55fbd84609b885e1529

    SHA256

    aa1b6216dfb4db759ec25ae6ad26b90356288064df575c2040315e297be1950a

    SHA512

    aa80068ca2e6c317fe650192549fe01742d7be80c1328a86a643a3d660e020c643b0cd87b27dcc5359dc6d7ac6b4c0f3fc2892a335db89964a14d4e003c56bff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ba9a484dfb5ebdee9d67b3ccfff8ffb

    SHA1

    598bfdc4b859e2e00273ff7025bdee7a19288548

    SHA256

    8265bfd09719be4f93aef68959bf97ab79fe51a41ffab47ee9ff23003338944e

    SHA512

    1a568716c785b355fef369ff5ef4c26dee680515bcc6eaa792b3ff7738e180964389fdf2eac06ab07bfd2990379fd820acae3896cb930cfa1ee098ff61888740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d62c21f41b9b5ad247845b5fae28138

    SHA1

    bf7fb4ac1f8ba2a730de05d2dea4007e06a034ea

    SHA256

    1aeca14fbff14aae8b29d19006c9bd906e676f09ec78ce2daa35194ed07f1f0a

    SHA512

    c892f000a2bbc1ec351a7af5b3fdedeb53ac376330f5fcfab1e647f74bbba42391eb27d5f9773b6855605809585d1d3ed9772c8215ba57f5766262beb0ea8e58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b3b594fe916221ec38825ed4f6d5d23

    SHA1

    1c4abfe5be368b00ea1461865cf1ae5302fea950

    SHA256

    cfcdb2459bf37b7f63344474a0d0d39b70246eac83c174c4028f8250796a841c

    SHA512

    e82299d7626487f9c15715240b270efa240400c593015be0865099855860cccbf8e558342cc76b7f4f47d8731f44111abe3a936022d65b03993f9745ff0317f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0324419f5a9a039b08f2ef272d5ca05

    SHA1

    9695992a13c27a7c792d6a56b90babec826712b3

    SHA256

    57dbe2dce50f2bd88884eb4dbe9c30896df93f55f7a320c67994e57f97588746

    SHA512

    16d6ee90e3d16258c00a8fbbe721350ba8ca635e8dbde55c6581153d5842c062389d94ac44b690a73331e44aaaaaa0b6c528435f493edbf3ecf29392b934dcf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a2ba2742da24e86e240f6fb9c9f9b92

    SHA1

    2ae2af67e57fc2b0705c690264b3bb3288724662

    SHA256

    904093fc414688aa62dc73efdceacfab72eef15f1f525607654e30d8756f8920

    SHA512

    f53ce2a2b2799b689a1fca3653486e348f3ba1ed02d557460b50125eafde7f1aef8d7123cabfd74f5081c8541f206df925309f3cf0d0955f721be07eae22aa71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    493a8dd8b666ccbd53e68c79de670c3c

    SHA1

    634465ccecda7e7c53df33e4842cbf2d77def24f

    SHA256

    f9fe97348950460c3d1e81fbc9facd90be0e85e2b405d018284ed2d0acfcec32

    SHA512

    f0f553d44e44d676cb839b4405224f34ca7958b5714b8afd90a7dced5973e332e6667bc453109b71595ba2a5157227176631d7d5d42f8ba4d338c7b5a98e927e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabABF8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarACA9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit