Overview

overview

3

Static

static

1

eac87aa7f4...8.html

windows7-x64

3

eac87aa7f4...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eac87aa7f45e65050c397251eefd5c98_JaffaCakes118.html

  • Size

    25KB

  • MD5

    eac87aa7f45e65050c397251eefd5c98

  • SHA1

    f9d15bb8785efa5687637dc2e2ae03a0adede116

  • SHA256

    eea64c29ffa011921cf04cd96b1c16dfe612c3a425b000a9367e8446b6540cfd

  • SHA512

    50416f9e16fee4be8011549ff21f909d7f893d9840b3cbc224f18e2c7a426929e3cea224e75c0ef998e948a6a5c4c2fa05c6c53add87929c4c025aada63571d0

  • SSDEEP

    768:SCVsvD/wlFlPNVNxNee9eW8D2rqPqjnEFLZ8F8m:SHvDcZjjYeV8m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eac87aa7f45e65050c397251eefd5c98_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1860 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85cf3b92853f77411032f153ca8d64df

    SHA1

    c2eeba437f7a4ccaf91567b6fae646cf13fe99a7

    SHA256

    6b638e5b0abfacb7f37bf515e4e3d9a42a74ca5a0d37057f477132114022419f

    SHA512

    e07d8c7538220e48220fc3709264097cb040455660995d36e482183323775e08b87f0292bbebd32e7aaa72463c7d4f6e15d1d152c47e211f43aeb0d6d1161d6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ed5c49f4dfdb5ae134ada496bba702a

    SHA1

    b15f99e650d308ff8ec499f774f45e0033928448

    SHA256

    7c8bdff066a0d98aadd407c1b13a1a5bf2b1975be490ef9b3952c5fba794106d

    SHA512

    88354df9c1f0a580388a2ba1da727539938bad306b6af82fb1b40a006389931f6b3e74ea2a6d75c7682acb6dfaedf7bf17fbcb9cb0a7ad633e923d068dc44993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daf84dcd4a3828f1f4f806c411439a67

    SHA1

    c2a0a43908e50c84678d4e7f2e281daacb803b1b

    SHA256

    34491a44365c203937e95ea3ee5fc1d01f789769ef8904269c6b888dde2fae7a

    SHA512

    e04722cf03c68aa26c69527e13a2e9bde7b95f408958240c93cf277618060c7ce36e44554aa82badbca63ac63a9c2f9060f83bf6518137074f59b172a0aaebed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab7b509bfc70b697abef6beb572506ab

    SHA1

    5a6f9ca473236a6607458d3c36685be7de5f9376

    SHA256

    2bfb9bd40baad283d3cc2d8a3618ab6c3299ad6ebaa3574e703c6925eb785079

    SHA512

    eb22cd6d72e44fd6ba4e9f0993807947a83a6b3bc41237325cd5943ff73e388d5800d11ab693e6cddb4e34992f064ea0c39e666d52196df2a906e611b18f3412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29f1ae03bde6272e9d145b018ae3c898

    SHA1

    721d445ef491345989c4216d6b63ce0b8d606eaa

    SHA256

    60c7675a022e90314924ebb9ec3e260d66cc47ae546033f151af1d6465c1a13b

    SHA512

    294bf63f45fb4eec386a28ff890dee6d14f06fa6d33ba619c1444c1db6539f25a8112e21f5b01ce3f9a91c93ca9de186a80bdd93745f7727ee576eac2378ecca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b3d246c6a01978a44fe5432840f65e4

    SHA1

    d83d9374e1a5702ac83bb7d25e60106c4a7d0e14

    SHA256

    fe905d479c23096ca713aea68ef653fdfacf91fc8f4e0b510bf7cac322c5c0b7

    SHA512

    63b42ee96c2b327230a14e7d5a3e0de9f7bd1350926719a7f86640b3b648619b56e10314f14f764bcd25653550c5f9c4a00580c1ba35cbad973a6dc6f263d38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b45c02c39fdab1b80cf998a2fe889891

    SHA1

    6eb94adb8339dbd6f8b92f0fcb408c776f5b6098

    SHA256

    b47d417478c1dfcc716fefc60e4e70bf6445343accda6baa5978526b27a2b266

    SHA512

    be0edb012d292ea3fc28d0f7b70cb2585b05e11659c57d8590db2f765557234fb25fd36e56cda2543d2993e1381f682ffefe377683dce42ae4cf7b261d7d81bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48631612c1acf0104c14d51258ebb596

    SHA1

    8106677284031758e4586637825b781bbb3d928c

    SHA256

    e11303e88e9363a9243a630a5336340845d583cde388009ca664cc10195c35c0

    SHA512

    2dd15302e03c0520418c1b37df188536d4efc8f39a34e9db662080d2ef4671d96518dcd0ca2beb8be6f0309303cc2ca6a0a20806f3145a2289e222871a851d39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e669528948bca4d2c4f8cd8eb089acc

    SHA1

    5a988dd202dd1d174ff6bc08a1f51668c00b7a89

    SHA256

    ea5b5216a4f7acc858e3116d126aa5646011f013debdb65a4a6746765ebf0a80

    SHA512

    33b12125b5b6f194ea4770453ebe0ba50ca0d7434ba6102488bc12a4d61f9c2a9f70661b0bf3256ffc5329001aee02d9c6bbd3659e738a4d5267fbdd3cb2f515

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab582E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar58DF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit