Overview

overview

3

Static

static

1

fcb83ac204...8.html

windows7-x64

3

fcb83ac204...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 16:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fcb83ac204cec19b34fd3c9ba7c8ddc1_JaffaCakes118.html

  • Size

    750B

  • MD5

    fcb83ac204cec19b34fd3c9ba7c8ddc1

  • SHA1

    9c8824ed11ce385914dde0aae13f1ce7f4ed61ab

  • SHA256

    1f2a5f2b51d6f2b406cf05b575e920f77a00640a7d221036e39c92168ace91ac

  • SHA512

    1125eae7a5f46bad6d275d2f4d72ab7a94ed8041483a912929e861716e3fe5ffa28d1c1b316ac497cc99fb7601d52cbf7290c434f2f4e81b7ece26f5cbc16ba7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fcb83ac204cec19b34fd3c9ba7c8ddc1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0a6a308beb1d74c2cd56f35bb8454012

          SHA1

          d40c74645eba7942aaf1f8c2e05b6b272beebf73

          SHA256

          964603ba572773840a47b25af80cbc2385cc4257cdc338c53af23183953699fd

          SHA512

          75da9b04d1d0a803a8feb19b150b903b74c4dba97eb399ebf19523a000483507294e2daf305bcd9bd6af1dc89c53617c46dbc8d9a467abb5e1bce69eb9380792

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          49c0f843edb3654527207d4fc6259e69

          SHA1

          79c12878524281716ceec4107a7cf640c1cfc9da

          SHA256

          83ad449af32a6fac025ea8b26031bf3bb8805412e33f2482bd08b40ffe1a48a9

          SHA512

          3d83cd55a862bd05199403ca3262ec65d0cf0be0727efb3cb7271038975603fa83f979ba2168e86598a286fa1d1c81b93bc5e76dae44ae7f8f3a3b798ed551f5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3240fe8e5abf50599af684c6b38db9e9

          SHA1

          a6e1a3ddf7f7748d62d1763d9e26ed541a241bd0

          SHA256

          a79e8380537556f07b93da4783b8ad3b0a16944eb771bd5533a44a67d4a69442

          SHA512

          8652143eebde4f06b71001ddeb4abef3b50a95b17b663acf6e6f0b86dbb53b874a9c2f8bc85d59459844bb7c541c44bca346bac704ccd96b0d7fa77751846c70

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5d079043ac5f83f823c029ca5474940f

          SHA1

          214853c1bfc37c3ae67e675e9466388666639316

          SHA256

          4a5adb7a7518fa04ce263d37093a8a72a3a81f4307b211385d9db554c4a64103

          SHA512

          6a67002775d38b664774a26ed42df2e52a14923801704337bcdb21fc3ba1cd77421fbc168cb8755a00365404a81d47b7552ea45de7068f83d8e0cce0073d4046

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA9F8.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAA2A.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit