Overview

overview

3

Static

static

1

ef17d26629...8.html

windows7-x64

3

ef17d26629...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef17d266290c700099b1b63e6352bb44_JaffaCakes118.html

  • Size

    85KB

  • MD5

    ef17d266290c700099b1b63e6352bb44

  • SHA1

    ce9c2fc58e24cfd5c7eb13c3c8d785e4c934ba6c

  • SHA256

    7eb1218a6e2f04a43d44c06c740b4779ff033b097b88306c8b628152ce6018ea

  • SHA512

    03cabfab708845aacd73e587ca727d06f11e810a9283eed4334e7856a50593575f55b77c804d8fdca756693aa53417c1a2d86613bab8afd19512042399c83d36

  • SSDEEP

    1536:l21PApYOMjikQ5YVENFD9JjVCsjyo3L2/VQB/oAC:l21PApYOMjikQ5YVENFpCsjyAL2/VQB0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef17d266290c700099b1b63e6352bb44_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f288cc2e6976da7b516e6510d46c857

    SHA1

    29cf136300db5dd0ddc3e12cc1f7dcf22ea01cca

    SHA256

    91662b75e6abed34158af176d60f620c3803a978700a1c06b8b53241795b1bf5

    SHA512

    8d8792ebb98bd6546bfbff7645a033f904b744fc0e38cec6dd8a710fbe1767933b4d5ff535057cfdc74bc674e28acabed4fcc1d538dc51367f71acba450135c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a95837d1af7229e2db1c20abff40424

    SHA1

    f2810caf646398a63416f87d4a6fd5256af2f228

    SHA256

    f59758bdc87cf012aeb75e3fc9eee22eee2a8ea618a05558eb1433c4c77d3828

    SHA512

    54eb2701843fac3d15caed8dde93f08908437b19c483c0418ca86b7823e666622e08c1fa68cd16727c7ea9fddcffc898daf64bf37fcbed7ab7763930c6038329

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1898b312c7e5cc5f3915f528727ccd26

    SHA1

    fc47cd079d577f8a1a1fbaab6a651b6a173e41d0

    SHA256

    7fc1e34af56606792af493db810d3625c85eebbe371c738073f3e338a5d97649

    SHA512

    2378bd602405b95afa080479bdfcf9be9a9b66c929e04fb2ed66fca637d03f7eebb9412f18c1a7b85c7ae9486bc7ada673608f2b3bb675edceab1b7a9998665a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7a07f8517488a64cc24c7bb06eb6cc8

    SHA1

    e29f91294c88e77f4df1c49a4b298ecea82df6bf

    SHA256

    3f13d68303616a0d5e8be55395a2ca77e6e9b7540f30b474748a7abc45e5d131

    SHA512

    5f0f326a70b6804249997cb18470bdc88b508679a99dff1454eca998e00aa3cd0748c86fb499fba5d81978ea8f83bac031575b383d2f67611457adb80ce2b3ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c3a82c2972bb3b6f04a22355cc7e36b

    SHA1

    cfb6536dd0cd6457f46cf846a09950520833302c

    SHA256

    9f2c02a8af1353100dcda19ee7ececa39e8f0a23c9b63326635a3249785eed3c

    SHA512

    ff779675de8956bb1b4816a9ae3a1b05b22f3796c5ec612c42044f0b590e1a7a5948d57892e912fc201d9788fc5b75258b4a3d94fde35cf5c60e2ceb049bb82d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fea58474f9fcaec71e549629c7622da

    SHA1

    4d1a48da781e43e31f8e1c862d752dc49bf090e5

    SHA256

    219a4c91808bb69c6f765e70c43d49dcbc707a718aff5adfe1122e21321e2009

    SHA512

    df613c6f332762e2065efe69fa972474f70529fd444a0e3a22a487c04a5b1c1411767acedd28503b9dc5d0703e4dd17dbf7545234f2a3d7a6ada96582c90249a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed2b4a6127c5b22fe295aff93508afaf

    SHA1

    4cd507deee9237bf485b660f08c38e101bdda38e

    SHA256

    5518791b151c8c8eb26460eac9f712237bda2f0b919afa05ceb1768ea509b87e

    SHA512

    49a1a6b7a2f8cfc233260d17bf8d33fae333660e47974effbea984b0d294080500c45ca1ec0ac3b1715d580fe0cfee5e5d9d7d1dbf65897ecd7f23ff555bf05d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbee753653b521a9069f2b5f18142f0e

    SHA1

    b6158bb9e231b95c1428ff81e375094ceccf2eb7

    SHA256

    012469d2f370ea421104940b52b009d4752d3c849d6a354a69249c0eebf28cd4

    SHA512

    38ebb967ec3b3579ad768172d5fd93ed9bfa4ec71e60313d363363b1cd8ddc466773e205c8e88b75aabbbc877ef4c522a28a4a5f509383f54fd073cc351a3edd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d0d84871c8c0fce74d82605adfec841

    SHA1

    21058a6803ebd858ba9c399277804892664e6194

    SHA256

    d403b2e8d77cb1edb38ce3a11e2d01ca059ce8bcaa09a83269c7763e81f037ea

    SHA512

    7202c6f6f65daa51a4c9f8d234aa1a236efcc0847e37e80d614fe1dabdf225bfb24d12baa1ca4ade50aac8488a1c44935b62221b6e7b7b5eb80d4bfdf7352590

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5402604c20fc1696d64fb7a1ee5fd4c

    SHA1

    934fe818dc3e562aae16ca2cbf235a2cb0719a4f

    SHA256

    7e3df412c991cdce727a798433e426feaa8f382083548ee1e8cfd368d786cc65

    SHA512

    e643b15c136f465bf6f561ba86d44ef33d81a2d1acc0b5c18138b0f0d9c31161fb8fd9060b3366306aef2c4484dcd9ec19166884df5c3f502b4639947ccf116f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c68818dbe20164114eb8c91d3d18aec

    SHA1

    bb8f7d1228c7ad603dc8c81651169207695872b8

    SHA256

    8c5fd56005bed5b9fa796c35f79691793c199af46769a696b633df95c54ce2b5

    SHA512

    d4e99e9988f5d14f522663269efc394bb1518581fb2724040630c5cf603ffdcd4fcac007460e97813a85c295b7d3fe6f1231a8ff5ec52d4787606c389be8a061

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9975a6a721b48f81371c73b96f680546

    SHA1

    5c7a19c1f40e9c8489cf2329d4929ae57422c924

    SHA256

    16b869eb02cc63fa0838e9fad3fe8d0b6ef305e575cd8ffb5917ed2d7237ba2f

    SHA512

    485ada1ec4a040aea441364affddecd90dd71a231fd08676a2155eb49561b7dfcc2777b23856f67d8fa8407f418ca25866130f55d5e609f95179e7c2576a2f77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6beb0737ddc35f95aa329088453ca499

    SHA1

    0dba58c88cbd70fc2e96e5937fa0158b08f1e2ff

    SHA256

    9aac047e102d9df2d08a67ced8212518f45fed167e83773f9915c22670ef50d6

    SHA512

    df721282631a64401e682c8434c9aa2da7ca402ec2d655cf97d526fb2c249f618fa9f719f765f99c74eae20e9e25f4b0e40cfc0885aa0a31b41c059a6c953b6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d9cf6f8fd2d82a9195b673aeabd3659

    SHA1

    c8bf6e767a2d7676b5d968d90f98397b53521685

    SHA256

    ccfde31e4c9b0d1d95fe703878342a033b9238e17eb20d89bf42fbe84ad53030

    SHA512

    42b1d0919f075316c7ada9b634af57db7ba88aa02759b9d577d6ad5ebdcd212f5a2e14ea2bc993b097cdbe23e3613ef8f445ee69174ae0fe8f17fb6ec4396648

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b010e130d58edf1830fc44c4cdb0450

    SHA1

    fff2ffa4d45fe7ef2f70c2b40dfd9398e20c6952

    SHA256

    7944d3bf6c17863c85ca81f81f53d81a0e3860b32567fe1df906232ee4a91193

    SHA512

    7960dabff582ce82205f5a2e062873104979c35cf7be1a29b2a7aa6ba0a9178e2120d4ed9d189be7b671af65ffba28eaa8d27d0b06692727031eaa34de0134da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7335549074ef12ab62cab3e1f3e3075

    SHA1

    9e7213e51851db80a8c33a1ac032c09b636f85a2

    SHA256

    02fdf4e6f6914d3821c920f75d15bf5fd07921618f4806edc0780e931eff5a3b

    SHA512

    2ec3d68236aaa14809bc6e1a62e24e94cb177d6b90b42278e564cba11694504e08f891fb6a581ddeec01526b9fa633ce90f428f6b88cdabf3d653a47363c3e05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17cdac15d914e525b6a787b8b5252086

    SHA1

    dafc1755cdfee7456b7918943611ee9cbb6bac20

    SHA256

    7b38306bb84bfd39be5c4548e6f31b95332948a360871f64b821af6fcb9a3a5b

    SHA512

    b0aaca18e95e70e3d775bc5cc59a944691b5d74426db80dee0953807ed8a871e8eba5a548f4ab10517bbce0a65066e2b6b3443f5c4c6b9ce65a807d09b80a61c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08a3b3d6384be830e2439a5f0f1e82fc

    SHA1

    540c1f8aa9257c5aa5e96e5bb5d977d2c2038fef

    SHA256

    26b6fa027b7eeb257f89a61556ad290d8210026393894a2d6af73808d1bf5c8e

    SHA512

    4ace7562581781bdd6adcb817bb942322512975fc6d08f78aa56f9796ad0d8947ca5106d8a7dc132b22d89d4a50c82d36962c9d2adc5a94a97e7f949cff9594a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ceabf1bdba0161fcf31b061aa368aa1

    SHA1

    1b31a02f0c4eab4e5ff7ec327341a0add10439e1

    SHA256

    db7d216bfddcb211ce5c09b025e999f2ff49d660bbed5353dfc03e9c21c40644

    SHA512

    b93656b363572f4c4eedae855595d3550c41a2ab11e8116e7a7554bb84a5e2e7f9cb097729b0020dc920894bc11d0cade9a2f8fd86d0ad0e760a10aaec7a2bf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    437a72e6fea2e1b24b0dc7c2689e6cfa

    SHA1

    9d7be8a041be273657ecad6a95fdf26932ec8123

    SHA256

    7c863992ed01737017102f757c2c9b53b7f8c8361b0dfa18d5e3f8af69d4e666

    SHA512

    973ecbd6715d7873277f9af0a4a463ccb7eed3a9b273b6f5c5a572bafd9721826beb4402c3b5b6e7d2d797b6d5791a873f7514dfd9b726314df0c11b7bfe6f25

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOYL2MRI\styles-m[1].htm
    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD74D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD75F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit