Overview

overview

3

Static

static

1

fbcda9702e...8.html

windows7-x64

3

fbcda9702e...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-09-2024 07:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbcda9702eb4ae7a5cfb0d9efd58a1dc_JaffaCakes118.html

  • Size

    19KB

  • MD5

    fbcda9702eb4ae7a5cfb0d9efd58a1dc

  • SHA1

    bdfeee3e8cab8b5183a0bbefd7d8089fdb788310

  • SHA256

    46fdc6cac78768c77cab082f9e389cad8033367ba4f4f33a4e957fdb4dcef587

  • SHA512

    72e4de51b96e17bd7a20819075a5defc254f4a64c765109a9e9dadf7496310a30ec9977c652a6179886f09db33fe649ec3a3d4bc1e230efef472985dae788e4c

  • SSDEEP

    384:milIcWtz4QGGTH8rnR4nBN6Z8a/gbpmguLZ:MO84g9mxLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fbcda9702eb4ae7a5cfb0d9efd58a1dc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2384ecc7f28cd764834838672763c334

    SHA1

    e6a65092e6404de0f2350dc4f4d78cfda7f10a25

    SHA256

    fd27022106acc801043464db7a69d52738a7a885344a26562ef22f7abcc94734

    SHA512

    b0a3391ba1b2e195f8dea9a0d8a75d0c5393a98a858c31af589e10e3865f97cb54b9590110a5030d72020b9a33602b311e0333b986bd3c12f28fb3ed30a739c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a559975c53e72cf2cf0c9948b4e236c5

    SHA1

    5e981f217acf40b888c399f178a1fbefb5ce62b7

    SHA256

    cf3eea5f4c534ea540f0ec6896a1f066106156ce9e5d379c2edd1137731fec8e

    SHA512

    74c45d6de86f0f48a10c13e8dbea8a690eb6782e5d1056642cf8076c3913ed49caff1c8eb893eb1aa872f441fbaa31b2b2e54284a7d24465f333bb1270968bb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afa31807e67da88d2c9b779d7dd75048

    SHA1

    f1e44fe74827de7c41ac4751f4437b035ee46a55

    SHA256

    f9cc4f43f27af43706a2aea09f77ac5a889d7de9d0be7a20ae9723a3b73e938d

    SHA512

    6182bf466c2f8f658fcf73a6443f3696efb7927e5ed53be1ceb98dd39918da04921545b3f01bab434968febf8759a79270dc6e1af32a303cdb41ab6fc13c6c8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9381c8828826013ec16315c9ecd19938

    SHA1

    a2507e105dbea6ca36476ea7faf995547487814b

    SHA256

    8fad68bf17606a81fb17da1b6235f2f47e48d6807fbdc3a7bd1eedab9e0f6e2c

    SHA512

    3a62a07d09ab50b76e0e02e63d3598447b71179780896b0a559a19ab642683db7ae72b9b3bee1a66f4faa5f8bc3738184b8f8aefed34eba916624295a81a6816

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35faeb574cbf52d0d407b516795b8336

    SHA1

    14bbec03f4f6f796922b9e3955620612a975c9c0

    SHA256

    c588bb62ae751814f3159dcd7727b4daee07b637f1aede323e91a4ac2a3b75b6

    SHA512

    95f69bcb32c42c183c2a9e48af9a60d2c09042146b372aa13964177fe1ef4ce5e845e4c0a259ae4cc7eb15a2a4f7bda46375acaed082c32bd6c40d927526e8f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34da1eec5971f31b5a1a0a0c1fd30708

    SHA1

    0b9b26677598181697dc613bb53b58d98c0d0e18

    SHA256

    c995b4521cc7a8dc364b7fd572f5e774e4555f3f6ae7d0e6c40d1c49bd13a6d9

    SHA512

    d84c5de9f9516b7ffca2535de11c52e3f11c2f44d366ab4cf4cc39cc86587b7018e707ffc0518d184110ff2fcbc62f58e2c1094cc51b280ddfb22a2710099368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c161afd3bad3f865bbad107d32d47492

    SHA1

    47b69e1abb8186621d71252eda67199e8860c9e4

    SHA256

    24798551a858aed0a20c89e1499b03f6e81d8ff4402748982d94b7109281f4aa

    SHA512

    8659aff42044f0dab8fe78ae81bd9b83aa81a32a3ea4b7b963872e69bd3b94024935e55cb7ee14fb326db6565732f8478adb82ab9b14841262bbe5d6e06e74fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4e79495ef1a6150af44c9fbeab212b0

    SHA1

    cb46ee9c23dc876e0e1c88313b2bc5713e68f31a

    SHA256

    ecb5bd71ce58f2d7d8a1ca1137364b07bc2ff612d3de92d4c3808de67e34832a

    SHA512

    f3f137872c84d65681cba4d1296c704fc97c4a54c597f3b8fc8683f2fa4002e1dcefaca407a8941a134e913f33679b2910ab562622531fbb6189ecf9e5894f22

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab74C3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7564.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit