Overview

overview

3

Static

static

1

fd4368f815...8.html

windows7-x64

3

fd4368f815...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 22:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd4368f8154ab721183d146f4e18bdf3_JaffaCakes118.html

  • Size

    142KB

  • MD5

    fd4368f8154ab721183d146f4e18bdf3

  • SHA1

    2643c93aa096e4872e6f62efd95db38548e3287b

  • SHA256

    9f8927d81bbe7b60dd0d2d46bb04ac3b71a5e67432e291d63a86125ba5db19d1

  • SHA512

    1ab59f8b89e96652697812f1cb8b98f5ac558aa8433de7b6fc9e89023cfa12af0e442b07acb33bc45ba73461df3776d326accf93ce6000c6aa7f54c07e0221a4

  • SSDEEP

    1536:zrZydlEbbA99YZHqRHHEExx66++IIddtt77bbSSSSccllbbFFDD998811qquuHHf:zkdlEbbA99YCV

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fd4368f8154ab721183d146f4e18bdf3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f24a11bfe8e8d66bf06b15b9f85a1505

    SHA1

    4f31e377f1d065b33b65a336dc6295153357e124

    SHA256

    1a168f3b891c6a9e2f34adc58cb32e906167f85361bdd818928d8cf40d5d7b67

    SHA512

    3c72071d7d9f478da3154f609b2f5e2cada2a665035ae0907d7230da1e7e37cbf04f5f24d8a299b848653ae7e857a014687cabe5e812dbc7b454be6f731182cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1d7aeef7ccf07ae0722a285292429eb

    SHA1

    53e7164495af98f798ee285cac92e8fe9791f9f7

    SHA256

    35335ac25718d7a83b234a55797f7691da5d933dfbe954fce793dc8c5bf0eab9

    SHA512

    cfdb105ae7c780cab7d7df89ae8a236ac5b1529887608eefb8bd920cab2b31a8336fdb039303b3b1aa5727c1cdc2dbf8f970d6ea72e239bfcabec4602f71aef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3acd802cda81cb03db026cb24914467

    SHA1

    da1d11736c7c28b7a31e6d38c493f6a89938287b

    SHA256

    becaca81e89c9a82a90deffcc39f8057d5b4022c9f788eaa59d387a287c3d9cc

    SHA512

    a3b39ab516137970f10c9e5dc75faf1e72eea78277030600559a7f6db7bc586b204079484e2afc9694e8ca6039c009ae60d01a5bdff556047b850d96b2e021b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48dee14ea6fb6e76b93e97b4bb05317e

    SHA1

    e9b7285b71d16f5a4670c2117e3ac55dc1f66efb

    SHA256

    fea144fda16b85f877c2caa739bf468f416b154a0401f13d3553ed745ec2c505

    SHA512

    d4251fed6027800fa5e0bf9d4cec317ae051b5840605fd4dd0d33a5d4f81f2f1b27bfe4b4bcff242b61e4e4b7cd4004dcb38583adabbe7efe82baec0a6da79a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    955bc21fb67ee5d68009119bee6ef330

    SHA1

    45c19c2a8c862a6ab2ef0644f42b845a49475490

    SHA256

    4d51332a1934375a953256449ad13617864a0e2e38f798d6f9b5ea5e438c0e62

    SHA512

    1c6c71288512c777dc8b01c2b0258756c0f1ac3d8c9eb8430070c73185c9fd0006c795f9a77fa8d9d3f2133b26166faa4269f55d71dc91fd36e0c4e4018186d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff4cde72d1256383fc0df7caaefbd191

    SHA1

    ddcddff555f0e84c8728d31da1d48fe4d46144a4

    SHA256

    ce993ea222ee3fe18b19670572eb91bc15645aac019630be86249b7af450276c

    SHA512

    ffdd0b20b7e3857be5f62b56b59aa947270396644648732485400568395a86e9965e624c2477dd433c1ab96fe35c63a822cf5545903e92edcafba49e713c4db8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a28cc849ee4092c5528662b04be91bb

    SHA1

    8e1e26dba5ebba0dcbb39724e18205872bf4c62b

    SHA256

    a6bfbaece3f504616763bd41e9e842261b835f40f27461ff5e316eeb4d333f68

    SHA512

    5aead57780b179d2c15be98a4eba23c3ba571d724f42bae384c2b570c974083bd55e559dc1fc67705411634f3314d387fae4c5491975acbacae3ae9866f1183c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6e93392d8c233c3df076b195330e393

    SHA1

    f68f7e35671b040e882bc674a9699155fb301383

    SHA256

    b845b0d442a4ffdaa02d65af36b12bf401962b64456bda77ec86755f78313cb0

    SHA512

    08995d81b10d02f32b7bc943c9646bbfdf5322d93583738ba765825bb60d2289f68d36a854e10b29d51686933368bb7d688eae64cb38972b20248cd7d24f0b77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47f3f6f4ab96402ca1a1a972c2e49fd6

    SHA1

    b71e3bb2fd878e708abe31fa1fb74a9d16f24067

    SHA256

    68617e429a870efa874868103f373660916df35803e634cd52ca8febd9e5267d

    SHA512

    689362558e73e53b8e9e89942622c2e6ee9a7cf64337af0d2f7ef0d98705a837cd49e22bfee78d934b8a476a4884d739a0da0d228015ba50ba01152e99719797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ef8b3a2871adb0c960797b899abb7aa

    SHA1

    ccf00ce97836eab4103330645bacbcc00ea78b9e

    SHA256

    12c2cbec3541b0a3df621823204baab249cd7666535db2c9134aa95fcd8b09f6

    SHA512

    a1a670edc34149e14a4a6ef4ab96161787d2aca502b450822a4e4e897822b9212a5e62178b96d20b7bc0138b288798545fffb030128f506aa102f718105b8154

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2474.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2496.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit