Overview

overview

3

Static

static

1

eabd45b504...8.html

windows7-x64

3

eabd45b504...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eabd45b504015ebecf4f0ec6e73eb367_JaffaCakes118.html

  • Size

    313KB

  • MD5

    eabd45b504015ebecf4f0ec6e73eb367

  • SHA1

    ebbd7665e5c821cf928d5ed19f221d5e6b282e14

  • SHA256

    f4d4c82bb3934a46c9f13d83c7c1e168ce01cd67ee7598d5082f5480a515688c

  • SHA512

    6aa5dba1066f5c9651e148289057493357c84ecb436832a740fb69ab1c575e56d4436bfb2e957f4801e7507fb2dbde6bfea6d2479a059ff4e042ec492f732f37

  • SSDEEP

    3072:bw2PSrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJ/:d6z9VxLY7iAVLTBQJl/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabd45b504015ebecf4f0ec6e73eb367_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4d9e811ac65df08e1722de8d6c81247

    SHA1

    24090f58cb625b56dbe96989e4f76525ae1fc0ec

    SHA256

    bff57321383e175e83dd8d45b75fec08ce6562b4041f8235eb411b562b75dc5a

    SHA512

    a01618de2145826a475e9266191f62d77be25ba5c785b78660c2fc96927901a76b95b8dc6594ffc4c1cb5087338842fb14537bb64dbe61fe50e25ce1efd7e524

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4db14339791311fba01c6751f7cff656

    SHA1

    0a48a4b744bfa8df6558d601d12de3b2c92ef999

    SHA256

    9e712ac568810b1a1c3e6be35e8016733d73a2cc163be93a821efa5c4494fd67

    SHA512

    64f0d0b40d669b6d0a1eb324d4a68fb38240b2e818281e870c5dcf65e17a8f53268674cdeaf8c512e9edd2d126216ca5cde58f468b40075fc15c1d487b202028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35de629d525f84b387bd76d73c54cc81

    SHA1

    1ed2d4fb987ad05308bdedb35452cd8d5dcfbf83

    SHA256

    7625430c8c1ce6fc92c698bb1a1c31f78ae9491438709bc3ed48eec86b7da3c4

    SHA512

    06510c74101f14890ee2b21403de04f013d9e9f8bf3ea62f20d4ec1e385787f88d510fc9510deebf05444316eb172cf115cf404d71c274101bbc7e5ff9943252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f4520f4c171ebd707b6b650a7a06b01

    SHA1

    c298881f7c76742f522a57b7ebd86e813d0624c0

    SHA256

    91e78d1282967543578b650fa4624a8eb14ece4bb1ad3c74dbbc12599c823ee4

    SHA512

    9cefd774095030d00b30b418646d9975fb78ae30a9f625e13844e63bd6da3ea33b30c052cea7fb50f06cc50d57f48bafd803f6d109dae4a10eea030929bac567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f0d84faac6b35375a552a416ff6bc22

    SHA1

    dacbd89fef0e5c1c0750a19f0b3322e7900c1d59

    SHA256

    22c81a9ca4207eba5663b48fe98dac6151acad2a6f84377cc91df2ac13c6e73a

    SHA512

    1aa51dad27b5ac8d1659e3b96918180f4985517101ea04a445437a8dc90ab5a071021897b3fd9d59b09101f82762b7ab83741ead67160ca214f32dc83e7e5c4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    941a7a538abb886c777c64f89fb2d5a7

    SHA1

    4256e5ada210e9592c70a809b17061b85051c233

    SHA256

    3de9a436e0838203f5be7a9571289f3f47af0225fd8448cac9f69fdd74f6d38e

    SHA512

    874966a95375fe5f1d087f27fdb43a247088c86a76c250f3d4fc05a6409831b7812fccb426b58a7b5ee44a14a22156ba05b1a4fb2cbb148b19bdf34121cbd7cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    875d18cd3dc9c04bcc4470bb93c23802

    SHA1

    0a6fbd1f125507f64bf2f944130658a2548ed665

    SHA256

    65909d3d39e9f6816f02d1528daf44f37edf29f8522048afc09964bd6e68c2ac

    SHA512

    e21ab17c16aaa7ee252c8362e11c7cdf4ff2f7979e7051bf209e0976ea642e6b875d6e9daccae5f2c7f60f24e44202fc57387364e2c69f4a465d79e70fa73a07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4beffcdb0c2bf029fec4266e25f09dd8

    SHA1

    e5c183d52ce03c1ce2e30bf52a8a3001dfe3f8f4

    SHA256

    d8ab961fda3e28aa047e5925d5e76e0c0fceda8344acb8a78196d14eec3789c4

    SHA512

    e6d93f4b804f8c2d0ab24301176cb51f7520f657525514c710990865b124d2d0cfa8f89fcecb40bfc0c8d169b4985a509287e1b0aa5a1725d6186392181d3e69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83ed5460dab006a205e6991d019d22ef

    SHA1

    c1413251f890b25111dd0adea81cf7724bbd5a8c

    SHA256

    970c18585d254c6948618752f3a617df9a699de98f8a3e52a62104b256087073

    SHA512

    b93c0332debc9754599951d000b48c109be55487f22a95bd95f31540c78acee71b5f5ece0f9718bd2f08d73c08d0816d553f25782694316bfa7f5415d1e547f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab407B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3C17.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit