Overview

overview

3

Static

static

1

ffa5631621...8.html

windows7-x64

3

ffa5631621...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2024, 01:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ffa5631621d5edfb5e2c3b8f0ece7c33_JaffaCakes118.html

  • Size

    6KB

  • MD5

    ffa5631621d5edfb5e2c3b8f0ece7c33

  • SHA1

    ea0c5966058bd8455ac7a29ea0712f40d194e2fa

  • SHA256

    1ccaf8efe04800e464b7ba589f421e6c17f459baca3ba1969fda10b4c5f77f29

  • SHA512

    023c4a836e245f26ea12f2c33b0842312e092e4bac636435876a5675766a34d80f11df9840c7c2b5c9c9999d2448726392b0887ec6b054579b8bc2de3c61e94a

  • SSDEEP

    96:uzVs+ux7PmLLY1k9o84d12ef7CSTUTZcEZ7ru7f:csz7PmAYS/ub76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ffa5631621d5edfb5e2c3b8f0ece7c33_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8bfb90f31c50bfa4704c16947154944e

          SHA1

          b4a4ec32fce4013b5d875bb5e0bbacbf3de48c4d

          SHA256

          ee9a799308122d23d64157ae81ad5172ca6a2ec451f70e4505f4f89bcbc2173a

          SHA512

          8250ed216579b6736cab8aac675cbf44e03e51a2ddbb01de0994c579b08d18e77adc223fa45b98a8dcb59ce65e4d5c8707050a0d0cbcd5a0da966395101396c7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          071ef3f84837544f5884accbcba13d91

          SHA1

          7805d2d05974a5481c50170c15d488322147ea05

          SHA256

          a2b62c8b2a4f186f8d0f0780309e731f6e5f3990624b8a858e39da127fc3ec93

          SHA512

          f13e3e2b2872b6964267ce49c9edd3f5fea654186647b149b97fff5e61582f8f03f017b8d24191e9fba61454a9f6ce5f01203de661079a47386eabe6e4a37300

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ba30f05c5b14f4698d17b02d09d2a112

          SHA1

          6a29d5932eb7799ba612046066968ee95c1296c4

          SHA256

          0f577d1a6ae42153778216c1b83205fbfa8c3579c94f40224730d7df81f673e3

          SHA512

          637992d5e0eeef1b3fa69c3a3dbd33c05d22f781a0d3e62e865a8af048d5aaa20be2376f6325146ff486e57bc5ef2fb734479d7b9d438105f4f21a214de713ee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dfb4c67ca0f8d346f5b7f93ef57f590c

          SHA1

          f22250cc0d10c91d2a4ec7836cf0bd4fae598f4d

          SHA256

          0cde0965568f895ad9143410a320046c771a3cb489cfccc3607763a61a8ab96d

          SHA512

          d37feed206314d2326ca671ad258d47e89a95bf1e76889c54a0a1b18f0009e679f353803c498782270367aab9d5c5e2003726f6cf46a13c26ab1acacc4e22a5c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10665577c9354ad13682311616ea29b6

          SHA1

          d84b4973757a355d972d09b16351563b77c737ec

          SHA256

          ab1038af55db5573c8b4796cfdd1892a94ed37be0a18d4a33a937374df6eecd4

          SHA512

          cc677a1bd6800c0e87362cb7a62eecb898419a6840e1e81f6601cba562f8103a9dfc4f5e56a9f0ed9581366df30c69f7d6fcd0ce483ded85a6e365b2115b03d0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          eb94c9c1fc483654ee20d65e2dc0161a

          SHA1

          f0d66f2bb7bc393b55c25f448cbfc371e309b6ad

          SHA256

          82ccfd3f908855a5c4e80b1c8ed00056c5b2b474338ebc2dbab68bb37d14c0d5

          SHA512

          7ebb3bb3f4c265c2b65f28ffd6dde88af73fc97c65d1743bd2e17741b051bf60065254560b2b87161b8bae2e36e651d5322860be995f24e49b5d8e3d090aef97

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          96fa75144eb21df317e9085e2b866881

          SHA1

          173468a3cb5426d2ca5fe7e249b848c05d06ea48

          SHA256

          8a69bb5e4b62fbf9c4d7c9fede6694ad56776439c1b5a256f00b645f9d73ab07

          SHA512

          d82075e9db1e7c886bdcd03134982f368c38577806388d9b3c49d796e53f37224206583afe8dde76c8c6170198d197c4e71b0ed3a0b5a2096d730ecc9d88c4e8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e1df708011388e23cafb0f943d7820e2

          SHA1

          9a0c18116d5191b94dcca8faffefc8ccda1e5665

          SHA256

          f096b80f6beaa7e7d56ff6d1556210a55bce83c033ec167d70d5a5c90c50d6be

          SHA512

          b46436caea54d332e52be137c5df672df01ae295bf7d9efa741595b62197cabef0d60362a017674087e29d1ded69e04e41b509b49a21ec7ecf03713d144e6444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          39154f1d70594d43e5fd79a8e4ef3f29

          SHA1

          2674e32988caae6465a8827046bde264e9eea2da

          SHA256

          9cca4d1fdff26889a0d8b3b449d50b971c512d09da51e0a66070b3041acb2800

          SHA512

          284939d6904db0bf3a14336764f86a0613ef1cd56ddda96020b105f35175d03335142fcc9947a572ca2c3ba0e644e22dbcd37114538bf760d719acb6a6abfbfb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ccb844bdee797f6132008444771a2f88

          SHA1

          4180d79f7b5d33dc524468420d4f5265758b4adb

          SHA256

          3f4a78c3bff65bf16167b4d052a240155777004afe95437dd6b128005d27d3ef

          SHA512

          93943b88048cb2170b2c06073bdc20d43964ce3c21998a53f25f7b3157c06edcfd4018d2268ad9d5209b2d23817182052b016976acd7583287d201bc0cb204e6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          97a1f1f582948242f32f7616538daad2

          SHA1

          6f1da2187efc569c755303a3bf2eae2122c80d45

          SHA256

          073759fc695f1ff0ece756ba427f3313785f58d780e00f3ae1ca7b94d6a2108a

          SHA512

          ea9ce6964e4d44a91ccf5c18bedfa8d3e7976b8d3c9aa879299f33e742f5dd8848987390dcbcd4cc0936bac4c9dcd4319a2becaf4015fc53d2f44eedc56e7c93

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab15A4.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1674.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit