Overview

overview

3

Static

static

1

ebe3f189f0...8.html

windows7-x64

3

ebe3f189f0...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 17:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ebe3f189f05d933163794cd4b49eb8cd_JaffaCakes118.html

  • Size

    194KB

  • MD5

    ebe3f189f05d933163794cd4b49eb8cd

  • SHA1

    7f0750a69456375a2c38e4f39661b7c374b7b16d

  • SHA256

    a4a1dab8a0241ca5568aaf0ecb367e1ae5967285c7c5a2c5c5fc5cec158bbbe5

  • SHA512

    6d46eae5812e8fb457764afc25431eaecbbe88cf332560267be24298ba16f6240f9ef106ec06ffd13e19afa669f8786675b9c19da925e5490b1bdf2d5e9edb73

  • SSDEEP

    3072:l59sWJ8jLkePU3Vn+f97aEhUX8L8CRwBEuUn:r8jLZSVn+f9j

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebe3f189f05d933163794cd4b49eb8cd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7b4bf16e4641e18a3335c9dd164ee6e5

          SHA1

          416f4888b64d9fe6d78836cd23b96e9476683a98

          SHA256

          2926192338dc84db7b428355953690ed0ecea545160dbf606c4fb89bea1b13e7

          SHA512

          8281e0bd6c057b7050d856ce0b7693357c8ea42c217597adfa94abcc0b9944c1252c066d31d95f28959f2d49204614427bc9c0737b61810cfa521563f65babd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bafe1348d5dd8907350ad99e6b245629

          SHA1

          8dbf580e8ab2440af873ee63b1443da2c462b8d8

          SHA256

          6dba912ec2c19ced03d6e110cfe1bed849dbad1b98e3ba9cb4c05a71227f270c

          SHA512

          31a8ce37c0deadc9b30ac7fea52d4bfc801368f92807ee5a9f6e9088c412a409269c838f577589720077b9e2bf576e358cf58a86264c2c087399b1a657446dc9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2edba1a46582db59e56c0890955469c

          SHA1

          131694bf078bb7a34ff1fb968e7c16a7bd683a6e

          SHA256

          4c5e4ea6b6a4f8f7bddb477085b00d48007f4c03e27032f8035e4db54bd5a421

          SHA512

          3752fdc79d2a8cfbc37f6fdf06728580b4eecf7e7232bce068bcd7c1a40abf7a275188a554b157918283ffff5819fe784a983d0229bcc0e04aa7128c9391698b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e401ab9154ce16b73392cac8057fafc7

          SHA1

          17686ec418a53bac945d08028aa83974dc7bf348

          SHA256

          7a492659ecfc674b96382b097256bdc28f9674a4f619875ffe5c001949976450

          SHA512

          40fd573ffb71d6a1b852fef007eb25da7bc0a74270a14d9e56d3e07b0d3614dfc69eeaca87848109cd556adac0d73c3040eab973c071fe5847bfc8dccb2a9341

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3a28c84ba779c0f607107a54c7e813cb

          SHA1

          de2f228b993912feee10c496b9b4613272207d60

          SHA256

          2e58786ea1aee8cabb1edec5151c40e40dd5f3f36d3c2cc8aebe0914316f8497

          SHA512

          19fb9cc8e0180b2459fb4730b284442f425435447780c76487602f2bed312d1ed84a5a4e3cd60ee7b39ccb622fe9a293c5a0bb85054922f110a6a6a000144d76

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e48fd40ec1b75bef32f48a3b5ba3c3ab

          SHA1

          7f2eac86f1127bfe5f3e09b1a02e943ec36e0862

          SHA256

          c84faec88e3bd015414c79161710a566083cbcb93d9bde1d1aa4276539553852

          SHA512

          54691a6d7e53f88f7b1aa56da8e1ff3c5da1204680dd05d964706191b9f017fee539e140f08688157891633cde62a7fd2f9fbe3ed9bf60dd669098e8a00db4ca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0cf745bbc5a6f9e1d6769fbdf2325d2e

          SHA1

          f30bb4734473289c6784785308aa713cfb78ee6c

          SHA256

          f2f304820c5970edebe570168435a496b39f33d04176e4dffe6df19223a22cea

          SHA512

          f944b06f35eb52950871eb233cdf69d5fc9ff7028d9c189d532e20f38fee96912faaedea927c79e322b18a75a78ad130cbd48ff51c0bfe761ecf68ff343cf87e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7741cbe5f5b71f2ab138a287eebfe903

          SHA1

          bfdcfff9d55fe9c268fa5c7ab2b47e7b27fe3a13

          SHA256

          e6e2645af13eeece0f17adc46fc381c09efc31d2ff832ab9108ed67d55d0727e

          SHA512

          933349a4e59044509ab932adfffc61571b808ca2ef0efa20dfb4930544f7cc7dc367055f523a397d0442a94b568728604850ef955a421b190e650bed59b454c7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7addfa290c745ca41e7638d5c8a32cf3

          SHA1

          ec9cc4047a7904e4f9a848d517776cee4a2313ad

          SHA256

          b01cf3dfde25947d685ff08332787d65d9984e3412652a4834acc9ac8cb2e6a8

          SHA512

          912b96b2e5a17ed70acca1e9c715879b1d39451478e30bd7c08bcdc685b190a2c6770f2fb22cc5c1279d76e66d4fcfa41d33f1dd0c91ef7e43f7e2c9a75be664

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          18b46d3cce96e4f99c9ea8cd31df26a3

          SHA1

          f31d99ce25b62c1258c220d76a7bf5e455411b95

          SHA256

          e15fb807440b098e902a2fa9364655aadf64eb43676a014e1a51e000406a4dda

          SHA512

          539076a80c577beda67d57120bffad9b53a68fe59d9e416cc4d3e64ea625ec50f5170f3b01e69ac2486972dfade04c60e5f7de5f702b3c88f8290c7a49e1efec

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\css[1].css
          Filesize

          174B

          MD5

          f3608c4e58016a2fa664056cd4364554

          SHA1

          dbb8854ec8efef869edd7dd9deb501592200a47a

          SHA256

          bed118664d6a70a4434485b83128a17cc62bb96e9a1d10c97ce61825e2549237

          SHA512

          cd69bae5398a2d56be65c7588c6e9fd81c5e10f28bd6886ae91038a76c6098ee3ddffbc62273837acafff84b408c8cfadb5f30878566c820cfe110c48941d0e6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\css[4].css
          Filesize

          576B

          MD5

          8a1af4a616b9213ffabe41e0d355101b

          SHA1

          6707646dc2c9db6e8a6f8f6e3eca0139d8472ae0

          SHA256

          f4392e77173b0bcd1b59ccea677805114398570af90e257f63be65cfa7973801

          SHA512

          939d3db715eb2eb7d3c5365996883cac184b76212df75eac1ee7b3ecc8a95343a5573d1aa766f773313c7481ca03879322f02566bb4579200bfa17bfc818f704

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE217.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE278.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit