Overview

overview

3

Static

static

1

ef4e62d12b...8.html

windows7-x64

3

ef4e62d12b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-09-2024 07:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef4e62d12b8564c36293ff001b992978_JaffaCakes118.html

  • Size

    19KB

  • MD5

    ef4e62d12b8564c36293ff001b992978

  • SHA1

    62a7ccbc940667ca219e51b58439488124cdfb7f

  • SHA256

    742e812c5634ec169d85c9ae57c1e43401c6ea500e4ac719912c1499842ff4c6

  • SHA512

    63cdb02ef6b3c8d87afc17f013bda2f4caaaae9ba292d2f905cf18da1073188974b228f9c8c1a72373697181ac5dc1ffed0792b40f5f6fbd33be826e6a0ae72b

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIf4BzUnjBhjV82qDB8:SIMd0I5nO9HFsvjuxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef4e62d12b8564c36293ff001b992978_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2828 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e22593086e40852db29f2e7fe8e2dd98

    SHA1

    a32803e28df011d9336defb2481cad8755f9f4a6

    SHA256

    a9a8d46b3684feebccd2a2638cae13da0f21da81fff8bde754abdc06cde1a2c5

    SHA512

    79bb1b224891ca4b66581df2a8ad4d5ddc4c4371df3e8b198b206e0773f6b942ff8480d6280ee0fadc2c686b65182a2deb6206e7ca7a2f61d1e24296068097c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4151dac8d8395162e0498d97a591a77e

    SHA1

    cb4320ebb6e39adee479b5abd07019671648a5cd

    SHA256

    6b8ba9f90f9a4d6c9e36e8e49b2f0bb36cc588d3d82bbee024207898effaba09

    SHA512

    e4039a68cc32d8c2220e0b54f71900475e0f6b2f0de0594d1d2a9eb844a23260e710f18d4a348c83bbc427bd4d556e56f822f8c84361e4590f85ed9d7f727652

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3672fbd884030be6f452c922a6b581f1

    SHA1

    4aab6c94d7c8643283b940d2bfef52333170bcfe

    SHA256

    82d08b81e29ae5453bff5f05484edc7c5cded9db4037227685d687128e9315fd

    SHA512

    3159adafa9868e48f62a9b314617a8f760b3ee18740dec83e4da1c9f7a50483ce29fa48c36acb9c74ddd6d8112c06b53c9b328830c7cfb468b1c30ec811b2dd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06e2f55ee08ace92f1af13c9002bc02c

    SHA1

    caa79c8385d2b0245eac208fc67cd86736b6470a

    SHA256

    fd9b462bb779993badb6a3092375363e94319f987cf9f2c7b2f8880e1d8129d3

    SHA512

    84d3867f0c7133918c2a909ea05e310ea40f47a6ddd97eae21762feb4ab9ba6893a861a39a4332319aae5f4a50edd1fd81a03e2525dd05b0a9fad6c8419c19d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cbc0dcc3ce48c2d7665af3664bc1721

    SHA1

    d9886907c4180559a63417a163815c27fd1293db

    SHA256

    735617ff9d00d9e4748b95f5508401517af9f2dcad746016303a4815f900b594

    SHA512

    85f8adee6f40947c2fccc84b8a3ee212bd7bcd3f838bfcedbeba41bd57d16098b708dfafdf3d0c3a15f68a1f93bd41d837fa6eb9c15dc34020351ce8272d1e0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2fe1a716037018814066f033edd1d3d

    SHA1

    431d0df184966714ae48fb4c81ac99061862acae

    SHA256

    f8071968a2dc8483153901dc3b8bf08beaa0f948537f7103d2f2a8cf0abccc83

    SHA512

    daa9c63907d9306c70805cdbfee31c1ebf48d371d136479812062bb79cf923406353f43ae733cdae8e506b7f546085b533f5a5110254906d70536c2b57ea6e85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf35093f3c40fe92fe2074535096ce50

    SHA1

    0b33394884f1e24c88d941d81fcc1444882acabb

    SHA256

    fe6ac8669f6a439a4597704a875bc0e47cf626a692d0f96017a0de1811708038

    SHA512

    7467d1ff20d9765c3782d559859e8e54788e8134f6ad6545a5902792a4a310c023f623dcd60f48953207d6c75e5cc333f40688d44a9dbf9a33c60f98394c1a9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec8e5e78b1b4e82b2e9297f446cee3dc

    SHA1

    ccbb2ca64b61a02640a0e9f549783f6035688014

    SHA256

    ffd2704f892182e03b75843f7a846d55e70f39e65c6f7c60076c7e4e49408c14

    SHA512

    86b96ca7d8f1913568fa31de7fae1edef31b1b6f1326685135576c5a95567743b1cd2a291f7f706e12b5b86a23851db9fba74abea42184c22127d142ab070611

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67644f2f29e96a237a917fa3126d1f37

    SHA1

    5959c2853320971dd2ac9bfa929d9130705f0511

    SHA256

    4274eb9725f53ca037e893bb445176a4b6987179c428c192cd4832318fa30cc0

    SHA512

    80cf9d25488a65129145731ad8eab6474e7c326501d3866b2ba5919ff4852b9abac85e8063342064ac120f99d8d771816fd61928de13fd32406f33cc691c9429

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEBF6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEC67.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit