Overview

overview

3

Static

static

1

ff2ae67660...8.html

windows7-x64

3

ff2ae67660...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff2ae67660b6859d6f748901583abb57_JaffaCakes118.html

  • Size

    9KB

  • MD5

    ff2ae67660b6859d6f748901583abb57

  • SHA1

    59065c8e72045be45e640dee0773ee099ccd8eea

  • SHA256

    f2ddac25e88ae3b34f5eac9bb7bd1578f1d42ba0475c66cad41897eb86534252

  • SHA512

    b19cc7aaf49b5118de6e899c5373b886cb63740b41dd5a5acbcac36fbc130f07c843765586fafc2bd691c527afa9c2aa77182bab1cd61192ec47bc45338ff89c

  • SSDEEP

    192:+hngNaC4RuRd0yNtIg6pQv0yfouaTRrC7D2AX5sB454:+BZyn6pQv0ywua9rUD2AX5x54

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ff2ae67660b6859d6f748901583abb57_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9975796dfe466a1520224fe92c8aa1fa

    SHA1

    3beb4b010fca1db09e74f942fc78173639503fb7

    SHA256

    1a90dd310c0a660f8bd93cbed9705077af90ef9410f533fd600d7bb9c1b6a2d3

    SHA512

    9a3ae8250415a16c21596845aa40f9c5fc19243954bfd73f1d91e9dc3f7bb5ad64e5596055c74351f3d409f8c9b9c9ba4c2f56bb54b39745d60aba20124e0f46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35c8a8fba260f9f1034cf08b50bddf1b

    SHA1

    034a461474d2a24e50732ec014c4d1fe878ebd54

    SHA256

    529ac21b8c2deb794b8c2e92ef848c3e058c1ecd32db14d3aa1bd3223d20160c

    SHA512

    a62e11de8f3111b8bf91d9755146d255cb48d6561765eaaa5881693a0ac9aa56458acc1f63c397327adbcf2bdcf0d0f8e92f5de6695fa49048b3a2290e305970

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5045ba73533b5b66fbe3f2639c9005e5

    SHA1

    509cca065cd28669d9d1290ee7c28a710ae0407d

    SHA256

    ed4b7a625d52edbb218c7c8ad77a2777283246cdd275aaa26fd555e2eb369c72

    SHA512

    65e6898611eb7c5ec697a1f3206e1dd7b44fc2ffa22f210b16d4e9e5f0f9594d95ae3fccdc79fa7668d5fe5232818672bb377f0c4ee8a1d0e14831d20092930d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15ad9a66feb767cc67e9914d73cdfeb1

    SHA1

    a5162604a4e85a16465c9cab95ce3f59d53692ce

    SHA256

    1e1722907fdf17f7518db27f829af40c25d84a944d687a222c4175f1a015c80d

    SHA512

    8e6191459dac42a69a8e34984911eb933851255473ed3dcc0ee6261a96ef4773cdbafa23e5ddf3cd1cfb726626757d510e2d3988c3ec4cee6327d318f8bd9079

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd9a86757315714831f32749d828b67f

    SHA1

    a41ca940eb30fca49aa105e58c4427f2f9e326fb

    SHA256

    1465ad3be46788238e3247c1dc65572fd0fe4632082a89975454ba7189eaf02d

    SHA512

    74fc397a20f0ec0bf709b346d3f7ada4958fd4a88fa75a642d0cb2773f99d639a3725414c881eccb1f86a8fe4db2470c59771622d325f775ea88b53d05869709

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92cc8998eaa7f4b5c9f40fdd291b8f90

    SHA1

    496ae288353e0fff4b5134e8b59801542468d165

    SHA256

    26baec6fdc9b27c3090ed72ba0c29941fb1d9b5285de2bf1c13e944431f29b32

    SHA512

    f68af16babec399c3182f501205b096f0e7ebab49b1a4526fedd916c6289c3fcce30cffa06c9b9445aeb87e97abfa60a8ec0e2ea4d9cf785b4ef708de4c0a224

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0fb5e437b95c1bef3f2a21c0225340a

    SHA1

    27de6a44a9f1214fa65e68333c0295334bf5fb40

    SHA256

    119ef86f23c92c8e7f23b25069e0e964e1d319e999b194db770e0948e6063aca

    SHA512

    8626940624a5fccf6fc26ede127666f761e68c4caf2038de6520666908bbcad9308f028e1321254a2b773a26516d816b39d38c1ba8f0dd2ee4e00db83f345f15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92aa85326eff0d5ed60d269fdeb5f1d9

    SHA1

    c133a19a1b0a031ef3da42a0708287eae61ab99e

    SHA256

    f03b8174b172d5491d6ec9a2efc50037c126889eb0a201ea556b9253db8b5e4f

    SHA512

    fb6fdc313979145ab9bbc98f1cc205d1fa55414838408d7f99082ff4de0f4e3054c646ca6453752bbbdbc4ca59e6d47a7edd302bebfb0cfd9f9ddd2a30942b00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54f0c8732a9395686692c98c2f793812

    SHA1

    b4af894dbe6a9744413405ebaaca792fa2a3d54a

    SHA256

    759379ab73055753fdc682afc33812f47c2afbe97e74f7dd6e27de0ae1259c27

    SHA512

    bd49d39abcdb12028a291b469caaf95b1aa1643208dd28d546aaa72f70d0e229fae867c35ba8671ec76e61a11cd6b744fa0db82d46fd30012c27e9a095b16556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cec15ce1d6b836c6d38e5889f30162d1

    SHA1

    497d286d89e1fbd1e253f3e1e9ba3404eac47854

    SHA256

    cbb5fc74d4c2ce73a6f07fca9c4b04a9906c142ef550cc5f16ca572740f1f343

    SHA512

    0a778f87e23ba0b35790cf08839c6da08ebfd67bbf2c124a646b4264b5ebbb9a1131ce7552e48355324f847ac3697a2b0f3ee7020416bc7dd7fcd74007b31a11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    183cab660471cf930fbfc6e3549dd5ef

    SHA1

    1b513153caf737bf2e82958b8c0a2c3518000c4f

    SHA256

    5ffc8498f5156fcf996e25a49298f32530ceb1422ecd31c0185f3fc528f9a79b

    SHA512

    739020acb0a777321bf4f7ee24107fd57f71a41b136440b54b1515fb479eccb380d4ca8050f9ade34e8311f327d69908728fd60f15c610da6ff6085da8104bb3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFB60.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFC01.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit