Overview

overview

3

Static

static

1

ebedf590c2...8.html

windows7-x64

3

ebedf590c2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebedf590c20bbd93403e514274f3b3c8_JaffaCakes118.html

  • Size

    89KB

  • MD5

    ebedf590c20bbd93403e514274f3b3c8

  • SHA1

    a0f2d959fa3e57618be233f59dff8304a87b5fdc

  • SHA256

    a9ba91a3c8fd85cd8490801f6673cb4f2d080c11ee44e0a3f1cdd1a19a85b82a

  • SHA512

    30771fbfab1c600ac586f443a0dc7b53845ed56b14e6154f778460672a915ff6960d6e86902d8beeeeb7fcdb8e6df5accc0dae5bb5229f7dbe9eb8cdd2282572

  • SSDEEP

    1536:A2Mf4JdfoGzcjiQc5SGOSimKrpAbeN0SehKIEMf55wMfcK66LhnDBPLaKlfJZXb0:UohxYjK53ObmKe66SlsR5NYQPtlfJZXI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebedf590c20bbd93403e514274f3b3c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a28b38579b29c2858c50f9b685dc9fd1

    SHA1

    fd3b2453ef1b99b59efb5fadb6466f0cc5cc7134

    SHA256

    f28841005e51758651d9cfd292b6aef0915b1e6a777ea75479eecfb5590b4636

    SHA512

    e260cf1e9dcbc04c272e14a145c05dd37910f3c4d5759c53e0532cdb7eeb9de7b54c27b36b1c9ffd21dda2fba57dba08254cb1f2b8eb8e70ec037eaa4c8e7a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    207cfed272278b15963d38887ecde212

    SHA1

    1db03a2f63fece37bccbc5fc0d7ae499b2591eaf

    SHA256

    b5d7e5a395758ec3df19d47f631b66ef1db650a32f66ca25774d58ce67159a9b

    SHA512

    25bed123e5859e1d798a2d9c346d504f7e1048d0ae4a35e438c94a66bc835b21ef3b9ab4a2be66b6c6498bee3dec87e6c7036b76a8f775de0aa4ab975bf54cf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f139ade4709e60ee278829e8e9e957a

    SHA1

    af0ee1543f94609f6900c296a3d8c541f754690b

    SHA256

    c56f74e1674325b91dfb3ce179fbab4390fe67950dd6134df0da892c23efa41e

    SHA512

    16b3b0eda5abc410adf90968f39abff58648fb4f2d895da5928bde5e31b6314a070584afc389753c2df469fd673662fb03e50e94afac03213e1dddeb304c228a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2b8703670e610dbae7bea4b03407508

    SHA1

    bd96afa6c1fbcbd147e6bdbc614656cd8c401880

    SHA256

    c37dd3831443eb1e23f68b89cc9330e882d19ff4422f497be73c9b34d2ce7b68

    SHA512

    64fed247bc4cb7bc59cff1b15f819f92fff1be645a16f75a132ecdee2cfe1ff3b45dc4330d259fc213998af097ef6a78815971947381cbf90e423ba77162245d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fd839bf0b9c4c63960040ace66008d7

    SHA1

    0e057ca109a4ab56f1db7f46616479bf76b21c5c

    SHA256

    3f58831d28883ed5d439020dbeeaa1367e680a9e1d9ebc44609d6f60f5e389ef

    SHA512

    4c37e7634471348382f8c7585d1bc19cd71b39fce07a6538eb90e4588a42fa39756716a9df1cad4f36c878c97c2060396a3f1f1c8dee09ca424edef10b028817

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c270bf4d01937e2b0964386141f8cb6

    SHA1

    c9c717d67d862cdd574ce40c8aac7a89b3f4ee4c

    SHA256

    fab3c171814a0a5b4507f7deaf555589785f00b276926a108beb1144741de681

    SHA512

    3bdfffa2f5c32c4784c240bfd6961ea6c8bc0116985f38a41846ff4ed88ea52a6f5cae3afb8d933a716db9fe65dc56a693b2423c70c3c102e6a6a535feb4af53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9df1d69fbec972b69cce14d444ccd9f

    SHA1

    f95740ce5d262091c3bb5861e4741a7dab734dcd

    SHA256

    11db55476ef97ed608d0cdd6f822f7dc53699bb3e05d314901d8461e59e16e99

    SHA512

    8a88d37c46958f3009881d4911d253f24b9560e43f463631dc4852c2e5bb88b520d93f10de09b596fdbdbb6fe4e18c4e628386c018bfa1a36239a6164c55a63c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78878112b9195657f820fb70a4703380

    SHA1

    61d2e635d4b70a7475127a726b474b345c3aacb7

    SHA256

    e19d28a0fa887c1212cfe341dc578a07514bc64944ab000472bfb8972c97015b

    SHA512

    3d8923cc8c1a84bb848c2eaf831210b282337de8123d54b36391e3ab6ec2e5acf68b35e627933b6345a960482c72a26e311c5fe75197548545dbb6b5aca6a363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89268fea7169a3644956e696b3bccac1

    SHA1

    5d1fac442f1fa67b72db357cc4b6b7d46549461b

    SHA256

    acda930b0c97bfdc5655cfce1bb029621ab859cef88d01b76ad4342157a06f21

    SHA512

    6410888ef2943519c9ef971fa2f8ed3ceaf5e3b04a7fedbe9bff2078f1aa64333ec04ecdc0167e6d80a1fbe407267e07be793e9faea98206ced1f0a60bce1d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9f54a17624e9ef91e07cecdf079136e

    SHA1

    d088135c79f8686e0ba3179846860d2fe440c16e

    SHA256

    6c142b27a63751ac7535df3c654557b8db2982d336a8b669608db64fbd45d032

    SHA512

    5dbf60a15b53db58b06bdebb785f6d8827cf1f9e2480040c7789888f765933cf2d2dbbe7759bf7359f5ee281afd6a57dfb4f746e1fa83415dcbfb793bec20250

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE2C2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEFA0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit