Overview

overview

3

Static

static

1

fac952054a...8.html

windows7-x64

3

fac952054a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 19:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fac952054a90dfbc9e65d45761c41692_JaffaCakes118.html

  • Size

    34KB

  • MD5

    fac952054a90dfbc9e65d45761c41692

  • SHA1

    11c4a1174a5599972f548f0c3f62250d6c46de31

  • SHA256

    00028acde71b64ff9beae6d7134fab1fd9d3d1a761c97e64c23d4cf3cc7957e8

  • SHA512

    e07ef251a8fcd7e0da178b821b04f78f33ed23896181dc07b2e0b665f6a93671585217684a8eb8fba55cfb127c8d3f113bb11b45006f518b999f70babfe849d2

  • SSDEEP

    192:uwzub5njOZeFnQjxn5Q/NnQie4NnhnQOkEntrvnQTbn5nQOgNcwqYkcwqYAcwqYb:i4euQ/UhYG5WgEnAGDhFLi2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fac952054a90dfbc9e65d45761c41692_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1560 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dfc83b2d4fcb193aee152ff9a35a0734

          SHA1

          87fe369aece13fe03b1d4e743e27228fe40f69bf

          SHA256

          5beb83b3be952323e27ca9845796a8bfba50bf0fb44bbdde67b2e39a9a673dcb

          SHA512

          34a745345c853eb3895b5fccde37ce58aa952d4c75287d2db503095a783730141e7563969b2f6f8357eb8e1819a23f7556ec9011d7152ab73aca3f8a5907ee12

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          21db3545bbcce5c67d0ab3497925947b

          SHA1

          13575792d99bfa2c1bb40d780aa1cb27eec1544d

          SHA256

          4983b2af8705fdd8d858bf565272658b06ff13441837ed02e09a934e46190ecc

          SHA512

          ed1574b4abdaf6f0c394f406d21ae1b46b835f0142783e303b37d3bfe857015c2ff94abff60531cd993735b58b4a0a7cd3448048ba1dbfa7bd195076c0f3d702

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3b4ca9203c4bb021151bf2c0a56b782b

          SHA1

          ed1fdb7a1ce0a729276eeeb4ebcca9fb18911bae

          SHA256

          74bbe1db57be19f33a40dd0d619dc6eed05edfb2cbb6ed176a4e5f0f8fc6b978

          SHA512

          ec2f67b4992eabda462186b0a2a745cfea85588b91c5c4396c4361757666f55fd88570b394d58f84fa8090b92d1943274aef4715542eebc6c32536fe252bbca0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4c5c8e4e54487055c6c9f8cf5636a09f

          SHA1

          bf0ed5db0cb93df63dd53be9557794562c9f916c

          SHA256

          fe1eb7525896e5a82301c82af98ce0db76a678b9f0c42dee84feb1c0530557ff

          SHA512

          2c0d80ad3d0fae497f844bfc37695a0a7c4f749928ede1bbb89a584201f7dbbe66b6d6ad9818b94d1a614f864db0c51b9f965ba718ba4b72e2614b86daf69b96

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2f33669a4960517165011bd0958dee3

          SHA1

          c2afee1addbe1c4230cf9d2842e769da1eaa6fc7

          SHA256

          1903489a78b5f455d28567315f229a0e3306cdd301d59cf7f539e390b80320bf

          SHA512

          bcf4a693188862fb2857bdc8aef74ce71840007ee9966076307fed2c58480c4308446f8bd234338a0f5e0af7a1072c378ad60f12f23603ed7b004dd6494eab6b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3bc016adf57378edfa9199630b12a9ac

          SHA1

          12a8089df4ab9eec2becd3013fb42f1794a5f0a1

          SHA256

          8d1b9071a8ae0d024cd53bd25da1466b5384f2b1aa5387115048c590595aa9a5

          SHA512

          c82ad533dac71e70194efcbd24f7af76583e57e5ae4a04fff019558d7d6e83aa178e15fbfa62c2150f55b4855993c682d40aa77bf773c8a2c5284a64d87c067b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e79aa67781901bfb8c7872f4932bf1d1

          SHA1

          3b74a9e659d05f669551720c3bc61d6f04d3d741

          SHA256

          71ffe83b6762c0014d54b4ae5f43b5649c80136295c60800391033f95f72f94e

          SHA512

          3ee0638be1e0dde3d70aa53bb6b1f3c20c285c7849b3beb2cca0253fec8dc444458a1d91fcd302519a6353a677603bb04885c9400a39714cdf6cafed7bcd3e8f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ee1bd950cb3c9ce0e6ebe6f99d35b154

          SHA1

          448960be066e3a30e10ef6f1f04e71cb306a014a

          SHA256

          d04e6dea7d093d5927f478c1aa75ffd52da01d19e51509a8f456ff607438fb12

          SHA512

          fde3a9464efb4ab7566cd35ad3158f1fa8e7c3a23b9b84950f4d21eef9e98a64f8cabb87045197f15a0e1ad4f0e1bb5c8fcbde81cdc906009b4b1269dd0314e4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab6E7.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar738.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit