Overview

overview

3

Static

static

1

fbf406c8f3...8.html

windows7-x64

3

fbf406c8f3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-09-2024 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbf406c8f3c1f599a33b53c3b01e78c4_JaffaCakes118.html

  • Size

    33KB

  • MD5

    fbf406c8f3c1f599a33b53c3b01e78c4

  • SHA1

    bb1146073ac39f514b4c6fdda37bc71dc9b8c9c2

  • SHA256

    49cce55485aea1ea447a6f1596180100fff87bbda4b7d94ba8a0751ac3efe091

  • SHA512

    b60fe62012e048fd6885c862cbf6194ce8ab594bdca70c3835dd4b8e1160b88cd44ca6c67b63306fd6a79e17ae2ba445379c517fdd6ba1b68907a3ac77b3bfa7

  • SSDEEP

    384:SBcV0irovqC5XaqtGwnyObetds0fw4/hkatolfKhxLEyvP4nW5UtMf2hfRekSx:S6VfsvqCFXtfyObeqOtoRyvj5iekSx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fbf406c8f3c1f599a33b53c3b01e78c4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1836 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2084

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ed93b2e93f387df034f60f3e4fd5845

    SHA1

    0c7430542b2d00cd859d694e4e810437cbb4719f

    SHA256

    0934a7874476e974081ab3bb8758ba711cfa8202564dc61b37ee1061921ec11d

    SHA512

    35f137734eae7fc5f5bed00e59662b2657ceb6ce85d585f1a3f5152de026f1dda3d3b7b6e00baccac06afe00c46e4a828cb7fb0b9f787f1801ccfd96f5d73895

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3d0793d250a83eefb5c9664ab777a3b

    SHA1

    298e25c434f4f4c9c237917107f0395c99807ac5

    SHA256

    1c4096c2143ef99f03686faf2f3569bac73b73b95b3583f1a61e34bb3eff2342

    SHA512

    e10dcb5502caee93331bfc4caaf4ca84a3504936f523ff6b8e1bc77fa0221e006e43a42e7514cb08297b8ca9e49cb1fde353cf3e235bcd39ab90b9c9f4961569

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16b0c89e310e2bc0920578b2c5d2a14c

    SHA1

    9ba1bf99dce65a57e880ea75b3a476bd90ae4cfc

    SHA256

    ab8d118431eab40be909ed6ece30a4461947725b2f8d952747f6589ca52b8d5b

    SHA512

    71a3be8307a77b20ad471f0646082966a8a9dbbe4470118839ea1e94f22deda821fa3237dd7ef8c8bc359e2826a4afdbc3a35e8a080c53c58d71f52131e35105

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b668fd106448e3349f003d39b67c62be

    SHA1

    9d8ba7a2ee79fc4bb330a99519ed53d8a6876aa9

    SHA256

    6c67c8ec022729bd0882029373a5137969dbaa589961271509fb5b79ab77f484

    SHA512

    d19ed5993a284cdbde5e350b94bf0814f915680373a84db3a5e67831ca6a736641a25d81c0dc77d24179869b38cc1a8e5a3d54af3d731c09b30b8f45e1f45633

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfe7ff332a7a34234604b9b2ec7ea907

    SHA1

    10241d71ed3655085b8c8f3adfe5b7ca09a7178a

    SHA256

    5b615cefc5cc99a384d1a27efaa27a605f8d9dc907ed55ea62086e269a6d3d8e

    SHA512

    9e7e5bd7b6eabb0c66946c61d70d9f7e4d17d4fa4fa82c1ea2eb52ed09e77e7573118a4f67d6b96c45f29be0321c92e7e954689d1ae884fce542a94eb72c23aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df2b5bd17807a39de6d9ce002a2a7a5e

    SHA1

    fec23dbcc4b4cbd93c74075a12431d3e1e252e51

    SHA256

    aa6ccd3b14f1fc946829aa8086b64b6bcb0da235748d93e8e87f8fe519a61b6b

    SHA512

    efc8979c67dc2f61cf259eda3718bdd6522960609bb994d1a01d3c7346ae2d1973500662dc59f88d9f552a4c0b725bb37817f76c89d0af77ea3d1dcc9e292c06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22dc86bb10e333524eb82aa32caea072

    SHA1

    ab825b7287022f4b7359d78f237cbe2e94613cec

    SHA256

    32a1d36e89020e0b8797621d4b7740a431045d65f84e22759a964c6760c87a70

    SHA512

    7d9e38414ed93d58f6243fef3d50788dd64925d2ab7defd1a68289e00e730f5fdc5de438f68ec4d142759c8dbab504b8be8ab60536cf3b22f5d3ddf32a85a3a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28b631c415d3abd006f39e644436b519

    SHA1

    d8719a5acdc80c3d6329eeec8ec6b8ce11ccfed3

    SHA256

    40c7f434f90ea7cc436d89c201779bbce463a91fd3b82ccaa0d9be82553c6e98

    SHA512

    61d94830f8a9e9ff18626f4045feb4f8ad8e61240ccded7e890d7d03c8f097edc2dbe81fe0f8b8957b2701ea82b7ce2f17bad1da69eac3234a2d85e1333cc434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb4614e81d6ce9ad073bf5f5c6b62897

    SHA1

    e60069f4cfd8f1791e082af4d5154b082557e37c

    SHA256

    b90598192036b842d689da6461e166bff7300597dd30e507009a02dfdfa02039

    SHA512

    cccee44dc3c17897981e76d2df8b07f6c9e12ea4c9ff2a3eb1b0f1c7612fbd15cd99d694e4f014f8bbc3b7f1c98a28a34a45289a703965800c1220ea183804a7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB914.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB9A4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit