Overview

overview

3

Static

static

1

ff1d164245...8.html

windows7-x64

3

ff1d164245...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 18:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ff1d16424526f764c5e378da10646ef6_JaffaCakes118.html

  • Size

    57KB

  • MD5

    ff1d16424526f764c5e378da10646ef6

  • SHA1

    a91d882a77472dc331a118b123282deb8a6d2a0a

  • SHA256

    c205338501ccd1d9db63844880da8503e879bd23de05f5aedbc21b19cc0e6fb3

  • SHA512

    a685ddcc4df839080ec93379384177130fa25be8f6c3908804167d8395c9e3acc1517a5849527c05c64f3aefe5900750e91a37495f0d0f01734233c3c866041c

  • SSDEEP

    1536:gQZBCCOdP0IxC3XKcDhcKw87/vYefXCjUO8TYI3QTjyPTx95JJ+yZ5AlacSyK1j4:gk2t0Ix9cDhcKw87/vYefXCjUOcYI3Qz

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ff1d16424526f764c5e378da10646ef6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2152

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b80c680437482c874f6211b031c7a003

          SHA1

          8f0a5b832fd81f079956be572ffb1ccf0160aeaa

          SHA256

          45187f2b08a92a2cb26a867713bd7fe4fe5b80a51a251d5bd906e3f98215b53a

          SHA512

          2f31d4c631641a886efda2fbb45a5315cd3dcfada7eaf3e1a2ccabcba9793f6bc8f4146f02ce35539c8bed7ccaf3afa25e346651ad1a7070ee0f4c01c959b53f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          96108747d74dd041719b162851e7a638

          SHA1

          a43b721d19c754d13850beb5d3493bb1a34c3084

          SHA256

          6dd6ca5ab6e034e83ecdbc2042cd47f8ea56caaf3eae7c9f89d0da4dc5c2798a

          SHA512

          c50b9ef963e8610b58e81cfc8151b76c3e3d650b1dbe1357e52e880e5790a4a14e4e4ce312fe5d6b75262e2383b6f1ae63ad16f217c5b3423cc45aa716c568d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a6beef94cfd4ac8a2795cabc7300e945

          SHA1

          ef71527c59525b20fb767ab3f34e389aacd83169

          SHA256

          ad423a470359be3f95b4ed5263440f7693752f0438a5efc38f86b0e114591908

          SHA512

          daf75d95c1d6baf12eb68c70e61abae01315cb38b5e67e497054701806f05bfd2173d1e5c109f4cdb0b46e0c08f6d49e892f8043ecd9df6c50bbe479e3c46d4a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          57ac64fcfa41e1bf2a56b833b56c18ef

          SHA1

          33943400d26a3c802e5e7bafc78f0d093787d551

          SHA256

          d42de2c079c8bf84408d3a1ae98c910e2267b01f1674a8734253abb84d84edb4

          SHA512

          d8804513b94fa2df53bafcc61c2dfbe8249ea2568f4b6c393c8ce4cc93c0afbe7497801c64abc39a07c5dd002938f2a0c2df18d91b5d141e5fbdb1135c580456

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          892d5c8111634265f5e4ab25e526c4b5

          SHA1

          7085142350a3d109023da398ec5ba37619445c16

          SHA256

          cf69aa47f908a81a9cc8486644bf15a19fd8cd5b57aefc0502e835baac836332

          SHA512

          8eb43f90177949d32cd952c473e710655d97e4acc84d3ca6bc4304a14d9b8252f737b67e91a875bf93a71a79b840cbbd227153ff09ffede2449bb5098fc6a2cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1baf27d1416f3ed388566989b890ce6a

          SHA1

          5cc25237f6575d0cd120a52e7a7c7704462d20d9

          SHA256

          8cf4925a4ef4d5b7e67ea85e61c7c866347088cb42202bdd2729a78ed7084511

          SHA512

          fcff6a81546ddcda2d21b60ca02db3a49ba5b07b7b308685972bdc714941c82e13cca7bd34c47e2d02977d056572c0deb6f253d25a35c8c4dba77fb37bbdd634

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b239182a9fd0e35642e66b17523681df

          SHA1

          d2b6f49809cb56cbd2f5929ff5f5464a66c9e5b3

          SHA256

          1f0f1d60e8cb53dd85ca5d8d1f236577edb98671c6d85828a79a7799c6e77971

          SHA512

          0dde57d631c64ea241a5f3557d60f8c5fa604e25ed44a709e72fcf8e5192d2adcd2fbd65c8d8d862f49ea6f29737e8c2ae2add77568ee3eec8e435d56eb9bb5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fdd5206567152c6289e501f574f74ae8

          SHA1

          186452c1f2684805c79dd57d0410d311758ffde4

          SHA256

          76147003d7a4141a3f8b5ae936928ba05ddc8cb9d0aac80290f5732dbca62db6

          SHA512

          c46c864b3cc80202bd9fc5d67cb26858245194552061d61435ec16fa2754a6f5d0a7e56eb0eb7f63b7939c8da1c5ddeb992ab19d2f77af919dae1450a573f938

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6bb37f73e92e6932cf176aaf9a9c49b3

          SHA1

          31c3184b265e999040a8f616dca86548cbe3fe91

          SHA256

          85cd7f871c53b2831437e0bd1a7833460970ab9fa4a9644c4a1ede9d2b844957

          SHA512

          fefe1d6e944cf77caf2383df3c97e4f9c605a1a4141b54fac90ee1bae0c70bbfa06dec1f0eb7dd59cddded2664290b0067314981814b724c0bfc1f69f3e3386f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d5043662e7d48b66bd110638d283b126

          SHA1

          3cc55f1b026e7380dd1ce7fdf9e24a35c014fa34

          SHA256

          6b02095711cc26fe9fb77687947f76efcb2830c94fbd3748de0a967bb2c1c737

          SHA512

          d4727e6012523d6c0accc6eccdc3e3913affb0777771dc24e8ff056b21739af854e500f743efa453aaf8903fb174458872e5b88651e832f585ad664af46429c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b953ae06859cc3eb5132c480216d08cd

          SHA1

          dae4df249f1414c90bdb26556da39bf1a823646c

          SHA256

          06bdb7e3c118262748e6afa0d8556aba71cf449c14be5fe57633f38c3fdbbc15

          SHA512

          6a2da55c7947e94367094d4dc6ee31bc310f376ffe2e821f3574eda2f04ca01f51f04d6f885f1cd7c21598803d0d7f24c96f21d3603f522ba4a3070fb578c98a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0023ec199b70a7fba891bd0b309eccfd

          SHA1

          200aeffd27fff0b96fef8d29feea635a7efcc5fb

          SHA256

          71b8fff96243f930a63587dfd324cfe45b7d918ea51eb9ba9407d9769fe57a17

          SHA512

          d1d3f9a23ef05f1bc5a4230a8bfc67ab80ddffb07c8d938d1deae44d0fd14e28d7afe1fbfd764cfd29b4b4986bda002ef9da9eb2f61a81db2ac8b3c82d9cdd49

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ccc70297e8a14593e597a72a2f9f594c

          SHA1

          f288d01e618389859df7ea3c0eb04ae3efde0026

          SHA256

          464b3ddd93daa507697a4d883184698cc7d3daeab2dd3a20aba029cc16c8d09e

          SHA512

          cf1714b244dee83c196ba3fd911b24b82359d088c13f4afe90ea3de2595c7b44cb77841b9a492d80674010c4f8e66cdb3e0eacd5c599aae81d8c7c4a614efcc0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a78c907471f914294784c7f9aa0cfdee

          SHA1

          52706a3e9cd6a145c76482d0e0c5bf81e6acec34

          SHA256

          b74acf78ec36e58a5060625b21a5a27377c50931003c479230acfa4aeec455c9

          SHA512

          5aa752c18b74c864dee7668aaf0aeecbd1f5a73f4f334d01fea9bb6c35c411b963699e9a7b3cb543dbb6881b8b12cdd25af782cfb57576e963b58d2aec2380b8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC51.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC64.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit