Overview

overview

3

Static

static

1

ef323de602...8.html

windows7-x64

3

ef323de602...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-09-2024 06:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef323de602e0ad1d924df4f8338ecb76_JaffaCakes118.html

  • Size

    20KB

  • MD5

    ef323de602e0ad1d924df4f8338ecb76

  • SHA1

    55b0c7e0b8bcdd7ae20dc5f20ca523501e6db669

  • SHA256

    e51910297cfbfd7d686c5a523b4645453aa9b23914dc3d4a9938d65dad73b8b2

  • SHA512

    09bee5e106e078d7e692964a3c82a4e9eacd5586925e0ca49b384b4c60d3697ce928fc04b0e1883b35f855f107073b73b27de832ef9267588ac8a72fdcae5614

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIq4SzUnjBhSU82qDB8:SIMd0I5nvHFsvSXxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef323de602e0ad1d924df4f8338ecb76_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f6d33ea00a86efce07d4c0a00f9d65b

    SHA1

    df858d4db646cc49136294a66098934f33bcfc64

    SHA256

    392bd36fdf8dccf5abdf786e5db41fd8b9fa02fe860f0e903f14b52e09c333db

    SHA512

    1a3b5633991d84072badbd3a95b7f8aee139d1ffede9f8f02b02c11bf1615b990ed7ff2b53d93b9430ebc23f0978ec1200deab6dd0b36b3021a90771a72dde7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3bbafa7cb6e4c254e2afd465168e536

    SHA1

    a2571d4e5b4c9334b01a65c0e0e3c03d5587f9e4

    SHA256

    4e35f843ef7085cfcac887f0e052a5f88621050ace36d86c45e7dd58f8117e81

    SHA512

    1c562160a8917450c5290ee7c173a4f91d79e8b074e50f2f30509de1d24eed91dd20496839755ea0fddc26d5195274b41b22a917bc3ad98a2fb3eb353666a194

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b147ba66ac01406f13f3e02ebbd75ba7

    SHA1

    d972e32e44f674d37348976607c6f760f87f5bf1

    SHA256

    71b3acd9738a5bc545d4c1bbc3feed31a2a2c8abcb8b50781bfc7c870d83ab4d

    SHA512

    d2ddc6fd9cde8020d11c4c703120670934d27471b59bba9d97429b04f8483374641e9b215eea5412dba8ec3b678b0afc5887be5c7c9542f08ca38cb16f90ce6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4f2552fb59408b1033ebb0b7ee8f042

    SHA1

    4dfc8ca203b4a07208a121b2316b930cb866094f

    SHA256

    fba8600fa2252f8182c9358902600b8d47759d51e3b2708b1a79b66a7a2a8b58

    SHA512

    82d2831fb4c180dc298154c36381fa066ed0454fb301655d0c2a3b49e015619fcfa56b6dc5702cff2da972008e0377ccdfec0321d8ff8ce40ebb7cf7def5cc04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55874f80fbee004ec908f8b09b72c834

    SHA1

    b3bd0d7a2c28ce1e9d50ff4fe1152c8f0dd045ef

    SHA256

    83df1f1a41cdc48ebb989a1e6d1548b627de4f55092fafcfcdf246af87947048

    SHA512

    33e4ce8368278f019af0cc6ceb3c4ce68155af7d7e1ac24c3b079a2c7a8a4f83c25c37987aa50cd54bc20f787065aaa43f8818ece1d82c0a17b86704ba0ef833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce3a5a05d8a84d98887e49f85c4d57c2

    SHA1

    99669ddca7e853d8f18ca1180ac324136b86ec0b

    SHA256

    4f9e70ad5ae14ce08859e56476618344074bd826a9d9192c95465de85a283d17

    SHA512

    f971f9b5e4b407eb5796e54b706d73fccd3a3fe356eebec09ccb9546466708b08db203f3cb17d22f7f4c7bb864ece3d11b6620aa4842c5c991c761928c94948e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5c725b124e14e11b858f9304adca896

    SHA1

    f3d6f0b34f5b218f8b019c67ce5728abdbc0b3ee

    SHA256

    8b8751559616420eafac1030e06050e563855af823cdfbaab99a95e5157a886a

    SHA512

    8a037087eb0853e2832513e2bde7858a137fa744fbbffde5c8944532cfc6839dfb966c734755fbb16307e796d1d3dd28211f3e46c4e81bf4a30ff1fbd84e0e24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fad07aa1f99b70502530b95f128177e

    SHA1

    cd9a5845b2b2e6581244136aab7bea61c640d9cb

    SHA256

    0f659702db4137bddbaa3ed69ba959ea15b5e2755baee1c216342024988c7176

    SHA512

    e9aea2eaa469163c41502cee1fb2b5c1854d4b459115f8e83b3b225c4064c21fc4b2d80920cf12897dfed833aee5d40c0ce8347fa8a51c674d18bab31f54b9a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d5eff87a4daa19cde9f1634859f5e6d

    SHA1

    c49c622bc83fd5654e570b8d82f0b5a9a623a7f3

    SHA256

    87b79d9164b3a1a9ab7dc3d03c36244edf6b77b87ac9bf914d3888996041379d

    SHA512

    b701694fb053dc7ab5ba6a6be79d7e224da6a9efe9613bc25d740daceaa08bf0c987fafdab70586a9068ac9d7690d789d311635661a23bd25dfac3f9a3367445

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab54C6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5565.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit