Overview

overview

3

Static

static

1

0b0a2731ee...8.html

windows7-x64

3

0b0a2731ee...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 14:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0b0a2731eef31ed0c6ab0b6c253a6fce_JaffaCakes118.html

  • Size

    101KB

  • MD5

    0b0a2731eef31ed0c6ab0b6c253a6fce

  • SHA1

    3368c4437dabdb68bbda18568f5d9a0c8fc1458b

  • SHA256

    788b033f4d8e891eb4e5731a4284a5bc3ba2d79a9e51aae5fc01f4595138dbf2

  • SHA512

    352f61208d3f1104d2f9a670d3fb9e5b6b53c88eb073b4647d50535b3eb4e40e523f58c35343abff85c980e9b70036a6910347f1793ce1c7a59d5292ac369a8c

  • SSDEEP

    3072:SfI3so9bz+wbPl9ILwbi69WhFkax0T/EVTHxEcaVTAF:S6RTAF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0b0a2731eef31ed0c6ab0b6c253a6fce_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2568
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2568 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2253d31e1ee423712b6abad6d8224eef

    SHA1

    0b7c4eea9c8b5b647e6506ac5f3b5357d2b73c09

    SHA256

    3382f233609098895bf59cfb33087a092ca1582af71254bcba8b5e5b950b478d

    SHA512

    73b48296c56245f82001f91935b4e4482ae6ff8688d42ab3eb4d674bb4da77cd27202e719971466f8de94857f9b5d1422afde88fbdb360f261451a607d618903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f512bdb8c9e39a887bbfe5d8c427a58d

    SHA1

    8f86fe1f44a5d27669f2b0a2b0da16ef9bd1f6c3

    SHA256

    907e352fb5afa8595797546387ee7a14db98015dc8fd2c9ab2c2830c2e44dd48

    SHA512

    d2b6b115ca8af3e321cdd8c192336fd5fcec1da729c4a7812ac95c62f96fdafe52cbb936b7238a9eb36b8072a1ff37d454085351dde9cebfeb7066d394f00032

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f16b768b3d97c9fcf2b4555876619da0

    SHA1

    c97009e65ffff0fd64df754edfcdb9a8993789e6

    SHA256

    288585b81458e842e2436c80dbc844b233d997a0fd698c569047a052ed306c66

    SHA512

    0f6ec1c674ec1569124adb83294877596f4b9cd04aed223820b596a07bebba49c3f6f55ae3f3fc4ed91f50e6a6df117510b7606d111a3875a75a85443b3f959b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c55662cdfe0189bfed08af3534a71725

    SHA1

    9972c5c62c54592b9a2fe5b5c762a2279c7cf05e

    SHA256

    e0ab8dafc58eeeb26cb1e4d9190f8643e2f9fc401e3a5cfd0f2b8b1fd0958d03

    SHA512

    eb66795ffc9694f2c06fdf4b49efd157f251d59a8de3437e667159347242a88172916d5d247db23924cb950e5c1aab7995409e3e7cf4aa866ec0b062dc3122ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC0C2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC26A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit