Overview

overview

3

Static

static

1

ebca128840...8.html

windows7-x64

3

ebca128840...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 16:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebca12884094995c018ca5fd9cd287cf_JaffaCakes118.html

  • Size

    57KB

  • MD5

    ebca12884094995c018ca5fd9cd287cf

  • SHA1

    bd3bb14862823489b8914a50c8f400b5f01ee45d

  • SHA256

    16521419f1286a124bf60f2614032ffb908076f1846946ca8fed7ca85b67cc75

  • SHA512

    d9a0de4fa83b8ddd5c006d24d5b9634c02ad3b18f8f8cbd31ecaf94d8e1f8ce9501e7de7d147d70cbb5e73380dd62f6ae70e35392730eef2a5970b9d944fbf77

  • SSDEEP

    1536:ijEQvK8OPHdVgBo2vgyHJv0owbd6zKD6CDK2RVrozIwpDK2RVy:ijnOPHdVl2vgyHJutDK2RVrozIwpDK2m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebca12884094995c018ca5fd9cd287cf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:812
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:812 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eaf4141538c5037ff2389837dc1c3f3e

    SHA1

    8c403032b2068e3c00b39e5cabcdad8da9a747ad

    SHA256

    7604299ee6cd60d5f7a3be7051bcfa68b4f61a4afa2d131859138a6263c482ae

    SHA512

    81bb38c7442e213ccc2a16df23a9b260483f2692478749ce87cb35e983dbb8b0b1e2b0aba408d38ab96ff2ce570da139ba643a3029d35f1c4d21fea9fd088374

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    282f5936258cd69b3150c101b9a19f89

    SHA1

    ada3930f3a7e3ee9ffa454f5cfb1c3209564e636

    SHA256

    0bcf90c65a87724d2e3bc0eb4f2c455020880ed32d9416cf7457d88d4dd0b6ce

    SHA512

    670e8abd1ebaae3a4f2922ec840994aea2af6eb80ec9c696d43a1b0d9330a1d2dff45fc509130b447d01e6532da4f98f13f5663be243d83b6f962531d5a5d76e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    576f441640331c715b4b3277785a848e

    SHA1

    5dd69d7286a455f41dc78fc5e91290ac8c3bd690

    SHA256

    d1a67acffd8e210e5a9f6a21357c803334bea47a949b8d89fe145b076d4a8bde

    SHA512

    dd427de006aeb77fcc4191b12e9256e55e43b95ebf771fc0f41f6fbacd919b6950f40a32e7e0ad660783c4b689f73f2ccea4c2e2dd4ff8db932ee8b6dc706792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52b3626a11e286cc867cfd89f0cdc917

    SHA1

    d1a2b96c60f318177b7df3d052129653302936a7

    SHA256

    1dd1a10d1a34fd5a17c162cec9297f77ce2e98d7da720650e1122e9aa18b801c

    SHA512

    05ebbe5ef9ee5918ea21bb37ceee647975d703eacfdb06c27fc04e436d39be3d03ff7c0074500d3417b8485c0a1f9c1f2d997fa41c6f6025c9a3756650dec735

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baaf864874341f58f8d801b7cf3e0222

    SHA1

    18e7aab610b12f569ffa71b2ba93c51310df077e

    SHA256

    5de110deff358468ec09c39dcf10ef978dbbd136d83ad726a1873f3fa2149fd6

    SHA512

    e58da640bf158f14cf8c89cc15887e7054ef31698143977c56a26b8048b223c481904e5a0b6e2fbc8079f7d569df0d23b2c7b7d5c40a3d2f53bb4d43f27a05f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aff5c6d162c54238114cbbc7319fa261

    SHA1

    53df4de020e62d3509eacd6077a48302b5667834

    SHA256

    409175c63b215030495e781dff13af2c2c86d3bd233e7bc399ca54513a2db7b7

    SHA512

    cc804fa3eb13b861ec52b70e4c1908c02b806c2ecd037eb02345a51502afe64077ed39cffd48232a9e59a7adf2dd0d810a38181982753f63ae2948ee468ea276

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3856463dbbb452d26d7990699df6f2c8

    SHA1

    7fd767d197f91c149735b9ac155c14ae4cb5a52d

    SHA256

    1642a18fd5116067e10f595e99dd197bb571f0b5b8cc40663132f16b2e478434

    SHA512

    4844ce9e844b274014d7d6af27240bd580cd5daaf7b14ce221760a0954510ad3c127314b8c7555baaf18ced89822eaa3599dfe469934a67d7a64214ba3eedb7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a814e2ae1fdbb929fc757123cf0776ee

    SHA1

    3e8acb34894a06bc843b53c9dbd42ab1282b6326

    SHA256

    6c55841f82358cfe3ec047a8578cb090604852d63d697a1da4a2bfb385314683

    SHA512

    862cc76f508ed991455c5e146bbf9e79279e3756b129873d25e0052b07792bdf65c73185a4895a08ac9b01a583a83a9bd4c4c967f8790a3c7a662d4cb9415c9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2425053cf4fa70fad3ed3e11426ed1c7

    SHA1

    ec813efe8bf261e3d6139d98232d6eb21f60e849

    SHA256

    ef00f773e916968c91adf26c48ccd38582743c925895b1f11b8becd7aec06749

    SHA512

    b2482ef5c11b97bcbda8528cda0d55530799dc6b01aa061e32831f51cda65800b2536374c75ced1e04f90cd3407b96d2707858f52b0cdb0370405f65c13f8ccf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcf1bc9ae13e27cf434a59d13abd65f4

    SHA1

    df50aca1731f9278e0634df8ea1d8795ca33cdd2

    SHA256

    3cc2151ba9634879882e5cb5ac87013f3a815361a7c4074a97375d715f9c6573

    SHA512

    a6c79ecb3f71e9aa5b844ef69e92a3e6050ce3d5ca9d17ccb91dbe1288580d18a4d6bac8879638f46681324401598235dd0620c1e05e50d22231d9e413d63d00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    725eda8fb81f9f14794dbbf86261ffc6

    SHA1

    f6a177ee2943a1d0a06e1cbfcec7fae9973b6313

    SHA256

    c5d82377b1f324d02c508a3dcf43f29f6f413fda21d83dd1a7a709d9e93dc6cc

    SHA512

    9e5e4eeac156e1086fc19019ca78ee57c18d5217e41dbec38b73ea0ec0d490777f65c7e5f2bc10b313bbd346e58c56e2414a401c0703cb04a906175034d810be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92931ac8984f9891fa13baa0134a4ac5

    SHA1

    7f01543c65398888f016a3910c030db7f87ea5a6

    SHA256

    2cac30ddc11ee9ef5ce47045449b6a477cad282f269ebcff0fa9479444479885

    SHA512

    79bc545ad0732d40ab388c9dd1e0489eada387c170790735c52137c0aedfca65ec613bc17f274e35a8b9c7191f9665f3f2bd0232b5d5ef0302bbdc05cc57d318

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    758065d84fa605b4701ae7893dcbce3d

    SHA1

    5cb68853277ec79938d3bb59a0f01e4a16360f06

    SHA256

    7dda012f47c15a2f2d73fa9c1b46de661131d126dcb93d023a33a1b6e541ff0c

    SHA512

    abe5d3a2c3210441dbd6cbb5f1b2638150f0a7b443ce209739049a37b36d57ffeedb90490e7bee0688674b2d8970ac511b0d0863c3762b4322460eb8564b5bc2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\f[1].txt
    Filesize

    41KB

    MD5

    171eaef046c8beec47133da176a63d87

    SHA1

    3f18281e12496ecd32f9a54c05b18fe653bb0930

    SHA256

    d1c5afed3bc204e786db1e2985211c22c6f4e3cfe18406192aed32fd4d72828c

    SHA512

    8197167e27c57e00128bc4618fddb4160a42db9c9556bb869095dcaf6996ec9a65a22a6639265f6f27f01a6fb1b00a04e4fca0f01e123e69569f7583d626b69b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA575.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA5B6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit