Overview

overview

3

Static

static

1

f9b6022070...8.html

windows7-x64

3

f9b6022070...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9b6022070ec5b8a701904460c9373a3_JaffaCakes118.html

  • Size

    21KB

  • MD5

    f9b6022070ec5b8a701904460c9373a3

  • SHA1

    f3366579da335c542f4052a67bdf7ce62d1d0917

  • SHA256

    6e325fdaf9bb05938df50cb4e1982c6ce1bf6ed909beb46b2013537effb8ef98

  • SHA512

    cce679164d37dfb74a478c634ff2d98b322b57ed890608916ec065368b25ce97003b68e6b281fcd05f467895c28e21e357aa66673de8d2cd97cf363a7797b779

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIn4XzUnjBhd382qDB8:SIMd0I5nvH5svdMxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f9b6022070ec5b8a701904460c9373a3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82e42b052123b2ff0f7ffd449a9e9819

    SHA1

    ca0b0162c7fbc17c7733fb677aa07c7319a62b72

    SHA256

    a9e43b1ec7e3221fbb67c5fc9a897dfa7cc6ec5f0937cebc6f87ff310b8f9345

    SHA512

    e8224a47e8d98a109d94eb2c432e5415d80ddb74a20ab40b2bb1d3d4d29989c0f65856011426b049785bcf569e3817c81bd8f918d9a3491d3c71e0996263733c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17c363beacb0093eabcc9ab65f48d628

    SHA1

    86459e0c825e68b881f6b7b01dec415655968b9c

    SHA256

    f9a4da294e7be1a313f0772be30f174956e9ddb03452ad8008b54bc4be981dfb

    SHA512

    d49c2350d1a8e26911c25f8fc525202e8fa86567ebc267c095e78aeac55e2fb24dfd3ab44172498366c1b31e5b2a75765f7436e667490c49e7ef72f44f5f85b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    812ea4ee9f3e179d7bb16fd7855411b3

    SHA1

    cddeaabc2b873ce1a2750b4486ee55fca635abc3

    SHA256

    dcb14f28712227c365383d958a07190adbfcd2fdf41369df897dd25996cf6188

    SHA512

    b99c59bd60de71ce0ae489ac09e3c24d8b745d8111d9cf3615afeb72aba025b0ec90e121d7e6bebb2278ade391de60bf516fd9c4665e9b7770b431855d0568c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2fe4a256db5103db5f87f6ad3782ba6

    SHA1

    3e7de9c2d21b7ad50d86dbe7c7b48dd9ee151344

    SHA256

    b7c3e367ac7d34ccd43d7f84c231b9a34e49aec09e37124e683267c6205ec021

    SHA512

    c2a372eb58f903b3bca5d41d7d7458c949ce1c20a81df22a08b27eea2f8ba16eda718ed923c825f22d64890e3bc09698011bf611fd119d1842dad1a3c3e75f53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01d5ff3a4b32d16355714fb0240fb6c0

    SHA1

    8986f4ba0430b5e88d0f2647315f01154713f945

    SHA256

    4826fdac57aefca57db7143c51a56255c1631092a6a5d89109ac7a5d3fba7430

    SHA512

    afdb0fff18b1ad3faaf8f0873645c36b06cbc97b8166c0b7f28a446b90bb95b3e4243231cce135a4a8a2b1307ca6745a4874cf8ef3e113a6844b70a0805e2ca2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bca59aa5f41f4971305526166f15b0c6

    SHA1

    85967afd6dcec990a79ee0c9105dbefc394b0a45

    SHA256

    fe5518e28d51218d7a5e4c0ff9f98e196833c9b1cd7448d81ec62474af29e191

    SHA512

    29ddd2dcf5e22875edf1d0de50c60153ba0af8b3061753b982f9087157d177f5b45ebb97721708eda1499e29b4e127cf730fd1dde50279bd7ebd7b5869966661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceccb91f04ae9d155c2a82d1c4e70e9f

    SHA1

    6ee48ab797525648fdad1f50c183f76cd5bc845d

    SHA256

    24525bdd2ad671087615c73c09e63593f91620cc29b8c34238882f8c97b7b30e

    SHA512

    2a4410534d759ffc1c67cc74b14107549cfd6202bdb35f54bb19142c055e5c92bd972457b9a1d6775e555e4aaae65ea82d16f19e249006c17cd453218e11a18d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e311fc9f17ad8b5f28744d8d0376675

    SHA1

    c8f20929189a9cdd4a5ec4828ce7c1d5ada7cc6a

    SHA256

    1f0eaad1ec19782f64caca6b4b8b817ede60899afd2bd4a6d145650ddb708630

    SHA512

    b2b99ac07fd983a96aa70f11b5085774da889b76179c9c6faf0586a1222369c2d8390c25134360790e8218d2a870a3bc82fa424801866d274122c05d628774f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3f4f2c9676e6750626ace3921838d24

    SHA1

    5f9a65a4b8134c37b06c34d274915d5ae21fe4e7

    SHA256

    b947bbe28001f6d3c3dce997dd225bdd3a7565c50ffde3671b9a86b54b0b7032

    SHA512

    ce58ab02f33b4a098e0f29cc6a391cfabf4488e25e7e969abb57c6820702b85babd587ba890afb5c7433e496d411b01afa6bc9362c52c55e5f3508aaedffc66e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE9E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDF0E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit