Overview

overview

3

Static

static

1

0cfebcb7f5...8.html

windows7-x64

3

0cfebcb7f5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 23:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0cfebcb7f5510bf37d6286c6712b55c7_JaffaCakes118.html

  • Size

    11KB

  • MD5

    0cfebcb7f5510bf37d6286c6712b55c7

  • SHA1

    fe7981b77555073d2474269b7da1d8abea194795

  • SHA256

    b765a27fae75dc4868c1dfe3cf13d27b0facdacb014cb6f0046b6ae93b8d74a4

  • SHA512

    61dc40d8e77dfb40833bdc49e5c0201ab198623bb2e536a2b7aa67275717275456546b0148811839306a65b7eaacc38abaec685bfb5ad12038f3165a7828e8bd

  • SSDEEP

    192:2VmlIsr03Dg8k/w1wvqyuBG6rnrek3A01bAuBuLbdU8d:smlIcuDg/gcuBG6rnrek3A0bAguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0cfebcb7f5510bf37d6286c6712b55c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2b3fc4f21d9fcd43254bf4da91f44bb

    SHA1

    b94b05847bb50a3ff3c077b9648fb4ec23554de3

    SHA256

    b5175c25b0c9730b2547c19f0e1e4c48973ef7615d3d80dbe73a3125cd4a4986

    SHA512

    fde1cc04f62e5bfd3949f7f90bfaf73c086f107194efbc9d952a07b184b00a08d732e4525363af04b772f6f94becb317ffd40081b65c2ed6feb76c4d4e69652d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edc3a57b38fc0353538e038b2e30ac21

    SHA1

    717d77d3442d9efb104fe6e6c92a0e05ac5ac2c1

    SHA256

    0d868db8bc6d85043c02c1c7a561773c9f483fc7a3abf52c78466ba12b2387b3

    SHA512

    b9fde9d7a34ac7bf92a16712061e3221fa06667d9f65525078b169f7dda0ae8b8353beaa47f54e272504f76e9ce5deaffb07debbb678ee74a453b2f74f66839a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93dc5a72c95390ca419cc83ad6286de5

    SHA1

    6f799b1f48c00ac7af64ac54901f0122c4a740c7

    SHA256

    7f331ef82a755f40344218943ec8d0de2f59f26a983889bbad2424beef855035

    SHA512

    196c69b426cfef7c1a825351e7657888ea92dd3210d75641620d081400eccdfcebee7538facd6feda6d7f330c3aad0212ca9082f8ad69af4fff993932795ee48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73e486c7c44e4a2a4fe2b6fa568452f1

    SHA1

    c34df84474dd802874b1b756b6b60ebcf1c444f3

    SHA256

    5ea1026182b16bc7e558552b86b58ed42cb5a267f4a4a9b175b2122efd812835

    SHA512

    6b82fdc4176cdd2aad00cf0c9167316654c928b22831ad9bdb6645dc67d109799dd02f7d050cf1db1aae3d3d8b064cef3fdf704f26eb9c8ffb5425f710f6468c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11b2312b32537755205b0a589057e20e

    SHA1

    b2f38d692de62d340f373a53e60a2fa41b878ca9

    SHA256

    12799c1c3fd79713ae454d1a7fb7faa42ad7d9dff41d7640067cbba88607a35d

    SHA512

    4b4f420be8bb090e2f0b603752bfa03e795f14ea180bd0f1dd4b07244a771de91ea50ecbe98fc28c6d774837c9f670ce6848e25fee57aaa6b0ec9eccdd3fa2ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a31ef7bdcc86a3659639a6949a27e52

    SHA1

    40f7c4e691d2251eeacc13ed6596e3b0c7910011

    SHA256

    a04f1e6d74b002add2b7dd2e98f3eb492aefbb11fa449ca6f4b5202864bb58a8

    SHA512

    978f5e0ef4b96afc3c4649798450e4aba02ecd5e9e627c3b8e379cb8a8be5ccf4b138348c2b06c70ef9313cac90424e520c493d779c7e248958c1b120af8b48b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b892550911d69b1391e7786781157071

    SHA1

    0bdd3962b3fd3216059d6a6c3e6b18dcf4ba4722

    SHA256

    c1ff27c98644ec48e896c5034ea5b025aa6105681829bd4027726ab2c236029a

    SHA512

    ceed74c4d4e03f6c6661baf9eda731931b7dd6eab31cf4a55ace3ee70608c394ad41110785ec767d4121656faeab45494a148142cc0d5e2efe950cb3cee1371b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6de7a147236476ea0c984552077e0632

    SHA1

    9bd67de134eb823ed8f052f52d68a26209e408f4

    SHA256

    053729ee85b85e2ea9cd8234f462e71896ebeb755a1ca276952e149a3302e2f3

    SHA512

    4e894fb9670a6af2e3a5a68449192b5fa17f252bb849708a5b68ec1d3105714828872133b2872904c5c7ddd4751ff345ecfa59cc3e3ab9b8fb8e4fc27268617e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8c05983daf9b631e59b8c08940b1893

    SHA1

    0a5ba63468a7e6b27d1b42a50c1e233e274d3a8a

    SHA256

    75d669dae604c189bbb359ce8fb30ef3a09aedcb60c0aabda228f29e497355b4

    SHA512

    e3b2a396e1c6a9b1f45ac0ec761fb90afb6c57107af03905441633b3c87cc7a67d9513679f2167213bdf77a13d7f7993051ded15fe77728f2475eb75310d877b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4A89.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4AEC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit