Overview

overview

3

Static

static

1

04105800cb...8.html

windows7-x64

3

04105800cb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2024, 02:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04105800cb210fc03d8d99ddb319db40_JaffaCakes118.html

  • Size

    85KB

  • MD5

    04105800cb210fc03d8d99ddb319db40

  • SHA1

    f48165889a76404f1f2b45f5d54213260d1818c6

  • SHA256

    a949d3a9cdcdf16dbc09c56cbf3b7bf60f2222482138bfd21d90fb019bfd4bed

  • SHA512

    341cdc2713993673bbd591752f13adc6a4a03a0f7e2ff31011485ab47b02b0bdf70e4f49b97f028a8abb0d6b31094868feb618b2e8bf194460a5cc63b3a32c36

  • SSDEEP

    1536:L+ipVn1BUNqvLKvr7R/JnV+WCUsSo0mjiMpbqqvmznhKv++nPLB1Vd:LBvLKvr7RvOiyuznhKv++nTB1r

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\04105800cb210fc03d8d99ddb319db40_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    798f49c3e0419ec9fb257c830c1b3b1a

    SHA1

    a31751ebbb41b1bfeea9444e2f67f2b87865caa3

    SHA256

    96a555ad17714250f41e8f6fc96ae61c2e76e1ec43a2eeec50813706607b435b

    SHA512

    8f47f18be13016f592640afc84a590d830938cdf90a2df691a61723c5b08b052c98b55d18def5cef85fc0f17b7f5ba423dd413c3a2b065b5c90f2adb7f4485ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20d85b2cebcfc52dc30dcbb287947c02

    SHA1

    c1463c022339924e433edbecd8b882ddbe3d520d

    SHA256

    18de57398fac7a1f10c4336053632b96bc8e8d49335f3367d271c220f7390f91

    SHA512

    2af6ec9b91ee9b7e0fd24ce1e46fea46f2f40f17b162f822ce4f71384b77a1eb2d3abb175f107968e8b5c47b5d6244c8afc3bb7b0135a84b4ce57df3540c055d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bee2b6e32499ae3ae0c06db6185f9d7

    SHA1

    78767b20aa835315a52d056fb2389eef41476c26

    SHA256

    1cecee1a4b336bdd2b25e74394d224da03f2b9a464a03244f29b5fa61b9d7f38

    SHA512

    7a601ce08fc737f8e1b90c4137e355b9495d957d486d2bf392c88b2cb5c3a9e27ac3c064a9c909659810dee32222666907084a272737d1e50b2a4bab94fe419b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8e6ec85187115ecb013abe2bfbfaad5

    SHA1

    fc6edab19e3847d33ff1fc14cd3c6bcfbbec79e5

    SHA256

    fc03485ead0917526303279ae171951f0e9a21f11d28fed29baf531194deee79

    SHA512

    869c3b1458d4b038331b6e0503de708ae2823b3389047aa4ef5ed2b15776d3682ea1deb2c1c614686e0f2c600011502735fb3a8811c5163d1b21e25e1735aa5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9053a29f0c1878c6d0327448a399f9b3

    SHA1

    8a10d925dc263b13cda03282a5a443429666d1ec

    SHA256

    824b71fe066d9f1b5ee1a7785a4cae795e005423760f4e236744381b06a14d2c

    SHA512

    5ed3bde5270b2c021efe406fd503d083fe24e769672ed457d8f7881633f5ae5b1995c5565399c78b526d9661127635c7d6836bd61cf194ba2cdc86f5ffc2eb1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2fc2d3a0c6e67da55fc687d56a056ac

    SHA1

    a234ecedd798cc94f44a4346646fcf959ae924a2

    SHA256

    eccad80586fd865144c99cb87030439801ecf5575302ce25ccdc8a1eaa1a47b2

    SHA512

    287cf7e7345f6932e6aeb662468e834ab6e246d405129526eb372196ef273f13ddb31ba7a0db70d45090063858576482779aaf7ca75a00b4b749f13113ab1ea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37f7f841f195aba65b29686d8f0ed243

    SHA1

    dc61e8fe6c071d455a575d488232db0b57da7180

    SHA256

    a10504712b09ad791b41bdc43442b652bdf78448169f2aeb8b1c4d531596c8f1

    SHA512

    9c3c87ce59e74d4bfb27f5185106f611c2ad4fd3d806478f1560fce627b69866c52aebefd5898a5357152d7e4f8dbd5e27006941301bdad7dbf5affbb5b9fb7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a64285c727c6ebb35c087aae54c2f336

    SHA1

    e417caa1d8cccfa30cd0c49545e89bf0fe7153ce

    SHA256

    adc54ac3280fb3f830fbbdbc15ab801f890d8636365c4701ce1fa82f61b14e52

    SHA512

    73fa2b38bd2e6a168a0e3f0930d4e6aa99d7a6173daa038efbcde35e1ecb34d0749d05d0c6bedd827cced1a4ae413723303da63492c7f0e1c8f262fa5be73cc0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE6D8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE729.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit