Overview

overview

3

Static

static

1

ebc77d7916...8.html

windows7-x64

3

ebc77d7916...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebc77d79161083ae402bc44b67c87dfb_JaffaCakes118.html

  • Size

    51KB

  • MD5

    ebc77d79161083ae402bc44b67c87dfb

  • SHA1

    9e41330b11064ffd290061a22e566d2541c60fb7

  • SHA256

    b4410601229465e1dc03162aad80514871f2f3475ea0f50cb59df19a41ce380b

  • SHA512

    1bb33796e0c24d6b7f523fa22325d81af58e9210fa166f12248d0784e808090085738d10c8a8a49d9cc75ada1163a33753c93abdbdb5a384d556001580cc2bed

  • SSDEEP

    768:9uiY7GgqL8lJUxqKAIxrY6aSsGmK6mW632tLWapmT6JNqP6h:kGgqL8lJUXhxmHKDExqPW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebc77d79161083ae402bc44b67c87dfb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e417457bd08cdd0eeaf5ba8982d80f6

    SHA1

    135db43db52505c71583b2034c7dc3fae0578f42

    SHA256

    49388e110415fd0865890d0d3578183caf697dc968f341039b04447077ece94b

    SHA512

    7e1187271c8b16efa0f023f5be183ce035ac1989c8f45db11a3800ae739ef31e62412d3dead9da20f4e2f5476e156835e6a74a24bac3145f968ee00493195549

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee274dc1f6f8596e396149878fb7ab5f

    SHA1

    d810aca5a86c3fdf33e25c617c6e28d18a3b5d2f

    SHA256

    df6416da9d617fa8aa403047d1db81ded973f477dc9553fec195a8afe8d363b0

    SHA512

    f2efb60f49842dcbb55ac0733647a8919408decbdc3c5d10931dd5534cf89429d160cd9636709b1e8ecad4a9f7c17fe774a6eb0c5ad0ca144e816be6754c168d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    173365ce7117bfd2aaf997a7dc567761

    SHA1

    707660d8e29601ee01eb151247537045712b7cd5

    SHA256

    15729a4e7864b94d2218584546dda5368630db090e9d017b9be1dc8583e28bd2

    SHA512

    76d96482c8ff856ed2d23edb6d22b3c2e14d850c84ba2d72dc98d24adb7177bf3c3fc8f3bd6b70e18e431b8ba5e908f6460a4a7ff79b5c0714cd064f76a6b8b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b176d6552542333ce4abe87331f0a901

    SHA1

    931eebd7c7ce9a232b29c39ae31ffb85a7032ffc

    SHA256

    8a375303a0fecc2a70c5cccea33d36060f87b4824f00f9758a1761a73f468119

    SHA512

    f29a0f6e4441356fdd12b86cf0ce86384f979d6a5235ed9069742c76ec7b72193a63eca9f7852d0d9e7cddb8e88352e3cea13212b026cbc36339e9230334f94a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65a84c6f7f76447e8b0135199e610857

    SHA1

    11e8aaf8753f315ce523771053560da414564b92

    SHA256

    550f7b6dadbd0ab623bec12257c64c2674da334c17d696f4fc4a0035c504100c

    SHA512

    423abc129aba519ce96586d601b77f82e831721f13b7cbfef2a5aed515fac61d18a797b6cdcae0d13df3f0e0b91d96293c83de3abd71f5e8788d9db4e5a36073

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e34821f83333d50416dcd4e26e552dc

    SHA1

    b4e28d0b627bc47c42cd569636923f0873fed12a

    SHA256

    d645b3d314fd3e85baaca84334fa46644066586c2b3e13b52b46cb84675b6935

    SHA512

    95bd0dedd4894ccf84516e299e95fe22280165729df2286a9fb2a5ae9da0a42fe92fa6a356e59259be75ace7be2ae94b4cdcf4cc44a843320f1ea7182863630e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93432cfcda09b00ec97c2b675254a23a

    SHA1

    7d80c6d2a732644ed4c87236c23e80eeb4727506

    SHA256

    dc8fd1213aabec4e22b4caccf0f36d7ed0eab22db69c7b7249f7f0137929a90f

    SHA512

    03a8ed23300373f24ab0b770762e2f32f038951767d5ef91440ab1536bb5bfff3b84a3f12a7df07d09782caf2c4f3acf558c653d5d91c0fb37e8ec4b0a902410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fbccdeff37e5ab2490cec8783e0e049

    SHA1

    e7e6d6f49ae996e7cac01dca40904833fd1d1317

    SHA256

    0d0e8e483bd21ca1d03d0001c9baa1d62bd5da3135c53b5c4382c43d83e10f3d

    SHA512

    82e61101c226628e8fa44934fcad11e4de4b1aa6eac75222ef0497528d700a19eb61eaa3c7575ec8797e71ac44ef3a70b88de00ea2f512714da5cdf007131d4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7b1a6966e3288eb51bbd2b23844f1b6

    SHA1

    08cc4f80e5b030828a211d9de75055b4945bfda3

    SHA256

    fdbd5dab9bacdda16c3003e764ff927ca5ee5101dc2a7d26088cf06d1a69cb71

    SHA512

    2787558d24a396a4bf6345fb105e99163ff388c76be23e6f73db0b4699a9e49e90ea79c50db8c83fbb7e8746224fdce7e0cec081294f9047d93f50050867066a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aec4c269a6719722a5b7de004ca54e8c

    SHA1

    336982de774f73ea5462dd3ce4f1a49b0caea2b0

    SHA256

    9b6aa105749f2a1448f32427340550601512b137d625e4cb2d764a8f93f1ab83

    SHA512

    65bdd3eb8682774278aa3421059507bb3c47f1af387e9de4939ef0e97a12331a6fcd2eae971ffedbc295fa7eec108ba5f66404db2c4a0162b32761381801f85d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab84AC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar855B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit