Overview

overview

3

Static

static

1

f0d50a20f2...8.html

windows7-x64

3

f0d50a20f2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 23:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f0d50a20f2ddcf204e902d1347904740_JaffaCakes118.html

  • Size

    16KB

  • MD5

    f0d50a20f2ddcf204e902d1347904740

  • SHA1

    7f4d77bfb9871a5c9ab00a5398ca77453bfa9789

  • SHA256

    be4666bfff40c2aa9a44a09c710e40c6234434f5d86fe6ac4e50a0cd52dc9e4c

  • SHA512

    ed383f6337d8c670eed9d836e48ac7aa8f4272860a50c3fa533c28c6e48dcd1afe2372e40ff8fc000186d71c15f0ab9ca36a81cd4b6ac2428a22153db7b738a6

  • SSDEEP

    384:eF1S1V8qovGzUbHUypOdzpKYHWacxWMNeZq6:k41v9PsacxWMNeZq6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f0d50a20f2ddcf204e902d1347904740_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29cd4b57a0da8b4d514449fd0caf0e60

    SHA1

    2685e396979a5cccb16e62a940ecc63993cf606e

    SHA256

    4ce54cb1406fe3981afe1ddd097ccec2b6530ec2200c9ba328b7bcfe4d6f9ed5

    SHA512

    c847fa19bad9f279848d17d09452fde7ca65520f7ada3135d91d2730f3bf4c4c6ec6c3ca296e93f1e250cba2ebde5b0d1cbf2f72b3b6716fbd669f72193a5a1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a15b13c63e0dd46964bea49812adbaf

    SHA1

    c6e6fcaee93fd867e96d4febf75a7cc292048955

    SHA256

    bfbfae67f44ddffcd5f05a60bd57da4ec2cdedd419c3b525e255d2e54510d794

    SHA512

    9727c5ef751054b8a8a3aac4b9a738a9cb20c7aaedc3699dbdf9b9135f31d433d29f3f0500759a5140c277dcb9d4e8b80263e999cc037c2adca952da11643810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    983f3ac838e20487768226106ae152d2

    SHA1

    56d82c0524f6ff1d719a87e651f29305267e74cd

    SHA256

    c8a65dbd6449787e510a023f940f630c21027d5d3112f8c5a9739b9abe71e33a

    SHA512

    4616a0177fa4e662d7fa7faf381c2372570fd877787b979e281400fa1181885394284e738d37377916f39446fd18b8c1efc78e0d8a455891cbea293360170b5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c16485cf74d96682d962737e5fa8c5ef

    SHA1

    51cd7b4ada27ef9f869ea2dfe43298f40f6cf293

    SHA256

    86f82e8d18f06391e876c1b9d890fa1275a4ca1e09e9dd30988aea301f84a4c7

    SHA512

    d6b68f0db62711ac96e40b984f55a6fb24198c3e42a2d453254bb32e0afa92a59abc589a651a243f3bd3d70afcfa5aed3497c3dec6c5e7b38df77900a3a755b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be72e0908ba8d0b81916fd207fa40ab6

    SHA1

    2c49b7e4233cbd132a52d0306813944950a715c9

    SHA256

    919ec6822b4a0e3ddf545903dba89156a7ec248aff7a8b2e9a7cfc5e5fe78b22

    SHA512

    a6b5adf408a29cf9782e6778aaa99ad1f5930f4737ed4d7da5bd762c2e3b439dd70aedd42ec5e1e3b8b5a1aaaa98648a5bfcaed79cd7903b57212d7500c1c89b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d11709cd5d0f982656967b4c3afe7546

    SHA1

    41081bad9c3e24a96e1fd9c34af732c122d9af35

    SHA256

    e6ff168862675fd21f563f70419864e906e85166d1b0fc2b504766a25ac7c9b0

    SHA512

    ded05fe21e00b91f29cd65dcb502616c8f612061b75f343774021df8936aa8e2d251d05f0a3449080fd86ec0b6c153ae357c23edb7db89ff79ccb964f5608c20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c312ac10bdc0a2261e4ac311d9e747e7

    SHA1

    e97d4170065a4eb6206a0f4056332460aa2aa6f4

    SHA256

    73ea6e32ecedb63d1908457ac2463789cdcf549cc4a836ffafc59f9a3bb7619b

    SHA512

    ff17017a5fe7104b7905984d0ded4463bf424c743f0e7a230caf0278f9451e997d6ca2702e54089bceb9872bd762951b4bec460f81482e1d5b7aa48057f003a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f0075c7e39851dd4eaec309fd6821e8

    SHA1

    f39da938f7d5109d3ea6bfaef95a7acc6e85b6f4

    SHA256

    7375819013f3a8c936fc1cf432d67173019ae4c4ca91b3127ff8912a2c4e713b

    SHA512

    74f42e2a9a1a6d18562864ea50a82e35426d4409e4c45f55bc4b4338b3271c11be0e2adb25944b00a02ff763bc1511a9a49c37c7a34bc5431a8ab9beba96b572

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6459107357ffc144233a4a5c7a67e481

    SHA1

    7d5ac3c4b28dfaa23fdee35ef4ea61ff4ae49a8e

    SHA256

    81c6997f74f9669a2ad69141bd89370d36fcf2fdaf3f30862cd17c7a1bf2e70d

    SHA512

    cef27f994e4c3da33b530debc46e35fd7874c028b714dcf71bb1db58a430e9bce56848abb74b84036b7c719019c5efa2bc53da4d763279da3b66e631beda6e0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5AF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC69E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit