Overview

overview

3

Static

static

1

fc90b19f00...8.html

windows7-x64

3

fc90b19f00...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 15:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fc90b19f003bc9d55ec087e94043361b_JaffaCakes118.html

  • Size

    23KB

  • MD5

    fc90b19f003bc9d55ec087e94043361b

  • SHA1

    a8ecb474d02ac473316d51d31ca4a7da8c8da020

  • SHA256

    26fc58cc8018e1a90645c9bf5e1a801e16ae79e63be0b189c794ce72bf2fcb41

  • SHA512

    f6ead7bced4cbeb58bbbda433f9dc2f5644920f9e48e8ef0a2f0ab031db836ab2a6e8333b61c8353e1be3a7f50dfbec139754253fb29224f9d48ca58de9a3909

  • SSDEEP

    192:uwrCb5n0qnQjxn5Q/DnQieiNn2ePnQOkEntVBnQTbnNnQxGLnLnQtEqMBCqnYnQW:HQ/wenGJAj

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fc90b19f003bc9d55ec087e94043361b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f15dbe9495fa277496474da2ba19524d

          SHA1

          64abfdc5badcd5c102e32c65865c48c48a52c9be

          SHA256

          fd3a2d5e99578e4020b9d2fa3d0387a5ed4734fa6951cc42de635e12022504bb

          SHA512

          b4b1cb7fb72df93121c8add664d2bf66e1e27f5a741b3562ca382715112eb1c69dfe3794578ae0ccbc5ebd412f023e445e67c64713f4cdd8801f391f5a0b90c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          686f3afc29a7fb242b999aec200a0271

          SHA1

          b45aa9e3f914a18a9ec075d1f235abfd6f9df854

          SHA256

          d4a660055b662168bf63e45068c39f8c5aceed8ecb7ccc4ce997f6552e7b93bf

          SHA512

          0a9644db4cc55f71465fc1b2f8455d9dfe28eafe21df247a0062591b2b751efbafe1fd38c5cc68ab3aa31f1dfd05fcb1fa722ae23958672def5f3a54fa669926

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          40884714ce1703ad20677b895d3d3e4f

          SHA1

          ae04de816116683601fcf4dd3dd6d0b03c8d966e

          SHA256

          97d765c42b39c2340e74347efdf761b589348ef0794a4c865a4fac4c7da33937

          SHA512

          77f15a3dae699de2952017ce372ad1672aafa9e45dfee995b9c4d430e7d4615516bfa31dacc96458eb8a01feb90005ff60f0cc820068a4344b929a1f4c85ac56

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          44bcdf0ed9794c524c9b6577b41733c1

          SHA1

          f88027ee04a3b85c448003d498d39a14a51fa625

          SHA256

          c6099d2f05f55248294b3b9fab3a16e019fe28b7ab409dafd31cbd32c9dfd586

          SHA512

          6f6dff1421fd051fbe7020c081eeb3000122b3f05f4f5541cdb36e56eac04f401af17ce6271e72e6b51a353e75999565526faf28c412ac138dcf9cd1116c152d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2B08.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar375C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit