Overview

overview

3

Static

static

1

fab620c640...8.html

windows7-x64

3

fab620c640...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fab620c640e90bc6475718aa11c5e0bf_JaffaCakes118.html

  • Size

    23KB

  • MD5

    fab620c640e90bc6475718aa11c5e0bf

  • SHA1

    01f80a830cbc28cf8a622bfe9b7ae8d3bc9ee699

  • SHA256

    66bae03fae8e92da4f1e16572aff35b77a049ffc2179e18cfa90cd6b8896d6d6

  • SHA512

    59266cce7bcfc2687163aefe2a06a70c1c3b805f7a8fdb073536381becf964b092ec09af465a5c526e7804aa2794024fac4a3a19fac444629945b41e63328abc

  • SSDEEP

    192:uwwT5GTSq+2EHb5n36/x/TkEA0IjqGVnQjxn5Q/F7nQiehuNnfIvnQOkEntrHGUQ:FQ/Wl+b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fab620c640e90bc6475718aa11c5e0bf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6e21e20b685c53e1d86996b55b99c00

    SHA1

    a0b925872dd8efd0368e90f40fb3e76e56cd5b39

    SHA256

    fac9e4f3cb712f14afd499aff57fc5920533cd99521c312b4cb4a46fed5244c3

    SHA512

    9c2fda766d027fc8f7d9b2d01acd27addba61aa102c06a7636f93d46c7596b4517f4c29520a4f7c24408ebe6db626221e5231372b47022eed85a0d8789d36e43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0ea08329c242dde2ebd8b68b83a5dec

    SHA1

    99d31d3e864e63af8c22f7b63126dd741749a9ed

    SHA256

    ac8cdac6b59ba632b14a8abcfd6cf9fb4c7c55923cc5743cc7c35e0832785cf6

    SHA512

    45d8133c6d8256eabe374fe9670c960ba00dddda1fe106b022a7cd61ab8c4382e61d6b2d35341b0d8fc03dbe2d12421499fe26c4324393a77bf3b10b00290f90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    782327dd6f8103a3d9ddf647d3a67c80

    SHA1

    204a6090f20dbec1206caa8c0c5016c85beea536

    SHA256

    bd87839edbada23537dd9b412a94e3c37a46af54c9a6672a297c75452aae63bc

    SHA512

    74137714efadaabbc7ad2affe68965c5d832a20a8fd742f8470ecff3ac6cc6826e70fd5fcd8196ae2153399df5703910a701356cedbe329359e0fec4cc4632ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce39cb7fffe21275ca31880800f9fc8a

    SHA1

    e1f64798c645c67593a64fcdaf843ad56ada2e22

    SHA256

    2acf504b3433e9d5544d48480abe322caa5c43995e560c9fbc9700e207f3f9a9

    SHA512

    1bdb935438a5127ffdcefab4b0e9e539737a1c10e8d584b5b7f1819b6efce48ad895f550f6d5d132a6b3dc51ff7e8868e262eec75f3a0eefa19fd8c132f0d7f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87d6aebf4ac6a09df0d825d78e2486ec

    SHA1

    94908de023dbecff20450119b850b66e97513bd1

    SHA256

    9a6213489cc5388ba8f1cb2676a375e6b5abfaa8919b190dbca46c3a20175437

    SHA512

    7bf71f9a360f2fd283842a474e3ab693559c2ba28edfb86317949594156d924c285202e34d57fcc491ec1876ca1f73fd799f10288a1a657ff3421c1878351547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afd1ab014fb55fd36431f39505c10cc3

    SHA1

    033fc331b0d9b91bb5047745426c112fe4f8f65c

    SHA256

    8217f9ab45e498a494e10afc84168b1f964cbd468ffb795b92b68efbbcd05e1f

    SHA512

    5d87e37b08710a9dd67a3ed5bd8519fc5db4c4ed0017064712006926b8bb86b7d65bff0c0e4a37955a9cec821e147fe3558eaa253cc201003c49985c9e4c0722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7861fe249261bec5fce27c83b10674a

    SHA1

    89348bf2e8267781ad9a1fbb6c9981b8c5bf304f

    SHA256

    9ea8479688df8773b51a419758a9afed6616c066d30acda2dc93e994b5e93f7f

    SHA512

    fbaf3bbf435169c37406fec713455585387dde2f8123217875c82a1aefd4a3febb759323a45696ea8d742a91423e6af7f9f123015788b1eeafd87ea1d85b983c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58f051a2782fc69e0273d631547a3e8b

    SHA1

    f1f664f0979736bae5c33a5b9cd36b0a9e89ebd6

    SHA256

    73359a41956bbbdcb92374375f2ad72804574821f5ab106a415dc47aaff6f4a0

    SHA512

    73f7f9791db91f1dab4bc01ae9c154fd03ed7d54da3d34e666860e2b709a8ceb842884ee3334a05b553f244e1be6eec0054ccd4bbfc76f0b70f0d7e929faf246

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd9a7e85c1a8b1d295e9bb1e2a6d4ac4

    SHA1

    0ba24cd312c70e283ace6a3964f5b94faaefad23

    SHA256

    ac39788a819c6485b52086d562259744b2735f5842801d2a956cfd674f570f39

    SHA512

    2c895b0106a1c962808d2600b0a2c961a88a3fdaa48da2e2736a0b58b5c7cbe403dace364f3dd55f7fbde889cfac7187d332d44db39fd5c5319721769981499a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    384fd23e64a3e4cdc996cc8d7c2d413c

    SHA1

    2f3c061d316cfa9cf2699385842f726967d7c7f0

    SHA256

    4468c76d5bbb77d64a70773b5bedd6ab88a3da99b71563484d5efcf48ce61bb8

    SHA512

    7b6eb495885e4dbfc697dad286c73360629eff23fc63e4641798dbef3d365f884a4dab43c927f6137abd2f7ffcc6396e03a49d92a52782f82a5ceed57a00d746

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dce03e8c4a27514bb8fce0a2b04d4d53

    SHA1

    1b0063139b3f105436bdbde5fa37c8f58a214c40

    SHA256

    f88bcb79aa750b2696da05af0841cd6bc7c58cd30192ce0e0c84643f994fd69e

    SHA512

    b3c554883ff012e062c0e1660edd63be916f8003c50101d841b244c1f807d290b2841f37b2c2c93281ddc20066c47f8c77457241160fc6a69e31ba3a99df531b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7881042a829c266e58941a379ec458a

    SHA1

    8d39114377fbfbeafe545f053a9b03882e4fac5c

    SHA256

    e34f54fffe86449bf7dfe0ffd97973aa8c673501741a012353235efb7b2d2b02

    SHA512

    ce675791fff218d9b2db581f47a8ae4d91c545593b3c066606c4d156e5220b2a09be62be43f55b22021787ef84db532147af869ada2ed506f9e266edd5687a38

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC130.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC1A0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit