Overview

overview

3

Static

static

1

f4ff620ea2...8.html

windows7-x64

3

f4ff620ea2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 02:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f4ff620ea2e1ee4b5dac0f69004d25f6_JaffaCakes118.html

  • Size

    19KB

  • MD5

    f4ff620ea2e1ee4b5dac0f69004d25f6

  • SHA1

    c632003dd46c33d53c804e858e2e5fd34306eddb

  • SHA256

    041d0fe67934b2ac0ea77fb647740bf984a79a0ee67e6789a71a540f0d1ca40e

  • SHA512

    5bc90802bc2e77ca022274a41c096a33931b76c3d5561e4aefc8bf0c21a53c16abe216c3f67293fd8a2f57902ddd7249f84a36c3173a1e43554243ff9399d543

  • SSDEEP

    384:SIMd0I5nvHUJd5ZlfPP3ZMF+4svagyBxDB8:SErJd5ZlfPP3ZMF+4N7BA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f4ff620ea2e1ee4b5dac0f69004d25f6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1760 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a378e7af49baa14e6627ff49425ae9d9

    SHA1

    98ccafb0beda3a31d540ecc6c382b575380ddead

    SHA256

    ffd51b518cc07f4b9763fc772619d5f2bbff6d24f3619e2eef636e26dd056e30

    SHA512

    5be0db37d9c33cf81520e85f1c71d3eb01464b74d8cacd57d9f965fe4f9d3cb0ccfa767c75195e080fd45dced46417d581976623838d679c231d66a680289f23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44d92f7bfc447d90b970aebe178c130f

    SHA1

    376ffe9194a32e5092362333b69bfa2d0af4d7cf

    SHA256

    1ea1c5884ee46ce63668183e781e5f7595d04aabdde3523d0932b8e6f264d563

    SHA512

    d679735fc67826ade8351f3a137b514d4aaded9629b140ff7ea8983a0e16ca815ebc118c4e7557f1286c29bb9dabfd9db3bbffa1e9545b11598e8e84d9fa5c1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af2dcb29727d5ae607a0af965bbbf927

    SHA1

    f16aba4c85d1a2843edb43aee3ddaf8f4dfcb68b

    SHA256

    4ec935453a73132820b22b1ed381b9c34a7e67d1914713b2f66ac93a61bb4ef2

    SHA512

    4b55a6154512352dcfec98c0b0c4e48735b9e2b024639e1f55d813a50f158e43c779f2b08c559df11626c3dcc4b8a87d64550c162af7ffdfdfb8c1c0aa456b75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae3ca4ca7dbaa20b3dccf0dd3f417554

    SHA1

    d732925fe97577399fdd03cd2c73b8d4b42df5e4

    SHA256

    fd3757a7bb020ec59b15747aafa66ae94e50a77ca0e99dac33b649e698bba134

    SHA512

    4bafb07505813aac0d67734e965584ceff4c6da13fe510932f6e061be8ff7cdb41e79e37bb942ee27d7dcfec96c84a54fc5142e66f439926613b4b3257aa7b61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    315dede7320ed0a950e924ad8b8b58c2

    SHA1

    19666e99fd245a45ddaebb5197e40ef3188b4596

    SHA256

    3208661646097da36d5b9760d698ce4c7124b3b951db66d239f204976623739b

    SHA512

    ab9fdf1df0cb9e9d3bbdf7bf5c8c01f6f3cd7673162699bb0543e0b7065ac5834937ca94437382960518409974678cb6987bf2afda2b56fca8447c4ee263d122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a880bdf674f72787100b269685eb3ba4

    SHA1

    2152040ecc25817ea596b53d33bc8810182fb08d

    SHA256

    ee13f8169e6cef7f23c0a7387ff76c7076191a141f6e05bca568a715e14b6d74

    SHA512

    30b2c5654f59f8f8b66d6cae9e4756c3e1b9ff5e2e7eb08c95e6be394edfc73a1b01441c1670691e84b5310714d9372c31ec15cfad8150f6d868659ea2096068

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01c5c7f3e64a5153550214e7d7f1c3d6

    SHA1

    28fa2f68f1cfd27683c3d9646e4c6818a763f46a

    SHA256

    db8e40648ac2a2556c48212f3c52f5caae1f2a95a08ac12bc57ceb187a32b23c

    SHA512

    1973093452089005205d98e0e5f7cf5c7eabb4d230ca1f9d009272dca8762014127dc469bb6e77e0e0977f9a1d5266447aee192369b410826bbcb8b42b1c91d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fac4f98b61bfee9802d0a0104865eea

    SHA1

    695b3eff59662640b2407a56baadcdf28295ba5a

    SHA256

    5965b7731084d41c27b00512f3fa3860ba5327f2b23199b911f136bf9d95e669

    SHA512

    ecbcd07f9c89adf0496d3c76b6e9bb4484e8960463c193effa8461562db5fa14015120ce7edb910e2e124db5ec56565ef058dec577353b077949ceb7bb51ddd3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEBD7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEC95.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit