Overview

overview

3

Static

static

1

fd97e9de86...8.html

windows7-x64

3

fd97e9de86...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 02:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd97e9de8624e9940c9f48b9ed130d45_JaffaCakes118.html

  • Size

    19KB

  • MD5

    fd97e9de8624e9940c9f48b9ed130d45

  • SHA1

    79a4acc0c5c352bbe4c4515469e3329682ceec7d

  • SHA256

    2587c279db00a0205e95cc5c7b89e887a64a1f16edabf7277f8e04d7446101d8

  • SHA512

    6c5b432b066875fe8a766e9adfbe9dfe9abc90309391ebfc935dee8d2a7dada9a7c6d4182943a1bd80dbebaa9b0581d63e950fbf0361daacf76f9bab899d9640

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIm4yzUnjBhWo82qDB8:SIMd0I5nvHRsvW7xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fd97e9de8624e9940c9f48b9ed130d45_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    471d28266b3bdabf324dd18b4c8f3048

    SHA1

    dd0623c7c1f064a2a6fb17f26bf7ffee14593b41

    SHA256

    69e50f6549322ac69ca550e1c45eb260ddec76a2a6d68b4f516aaaf3f6fa60f2

    SHA512

    edd08fd7098b820b37033d521c18621c89eea441b9f9877a9326a0641bd63c2e5ccf8c9cc82eb8e4ae64a55d8869d6d801e00ecaf0da7f05208e0302caa7bc77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbebc25ea6d06462970e83372a413cd5

    SHA1

    b732b9ac813fd2c657a6a60cde50eb722a52d2e2

    SHA256

    b2d4e07259918bcfb9ec16791d39f3f787eecd3ab3f0a12e8e40ee16637ef3dc

    SHA512

    40f82eb53363272019f79285b4998708431daf15cbd51505aad48c39952586b966bb30359249573fb502d21e6087ea0194375733b45bd4b9b1abd9ce7041e2c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c39d57052ea2cbbbcb96a51cecef773

    SHA1

    96b1212c8b511d913b513f59f25b410a2fa4a4cc

    SHA256

    f2ca9e5b9bf588f20055f53aaecef5d43f7c697c55aeebb276bafd2990462574

    SHA512

    a2b3cb8b4c47aa0a593a97cdac5840e2129356a02b5fdc860dd3be55b483a623af4e8edcadf8656b73c2efba5f94c6d36a9940886456885db6a89fd0301126a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e167beabba852e3a005d5fc14f75ded

    SHA1

    9795615c9ce814b9ed81a1b0cc4ac71f35741703

    SHA256

    9ca0fc95641a732ca6671a0e16c7060ee7e8d597149c41a23edd3f634b776464

    SHA512

    896d00293a4b5a9f37bdc2ebf03d54d2d98d13bd3a69a6a9143582cc5466287a8a0c21fa418b87d035d828c429575c111595bd06abe4b659f6b5ef52105fc31b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0948f518083ddaba96bd0f80b0a105f7

    SHA1

    70dc37c73d6ca8804952ee1c0d6fe78b2792e056

    SHA256

    de95f0eb89d2b373d12b34dae7fb68b619f3c34eba48e3666229d60e07f4b569

    SHA512

    fcfd3b484a050ab282c59793f74dc0f09e7961a23df10f99d384101f233214d8f668265d872fb43233ea92d160063f1fdfb7102b24cffbff9891f2e9205cef30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c932fa6cd602a1892da66dda39b432d

    SHA1

    014146d2b421cbfc087f16f5efd3e20c6682a633

    SHA256

    58c53d337bc479a8e44cc0b2437e61dabc1a6f6e9f25b917feb628e8e6cd3b4e

    SHA512

    9f79a543441372d690b7317557217a07b3771f38b4114378a2bf0f7d7ae8a870b64b6e9152d302ed9a7676625e65958c3d1ad345ecabd642e77274795dd8f0e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f00a1ec115527d28c5930cbdaff9f34f

    SHA1

    0c6d82220629e72e8e9d3ef5354de8fe96d438b0

    SHA256

    3dd2b7d45c1c5c2f65cf59bb39f3bff0ed587fe6afcb3b995bfa1591180b61ae

    SHA512

    0437308ad9341d9aab5f9e0f8036ea497d03abb52a3cfc324bbfe10a0945c2e0740302ba327705853c6a030e7f36ba9afef30c451289304224b8e418759a91a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cd59591a2c3c60502a7c0472e80c1ab

    SHA1

    2a3fcd9be628f79e1225d89c34ef16ad9b41b870

    SHA256

    9fd83f5a0a35fb8cd2becf041ee7abe84c76c4fb9e7425e6775ba4d7e53e6667

    SHA512

    f99c5d8c1b699b1fd62746f31c10701c3a716603c4b29aa99000735a5ee43a565a724c4f2c5a96f52de2f50f80fba0fd07dca08913dbb0a70eb870700d30ce7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDCE9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDD4A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit