Overview

overview

3

Static

static

1

0da8fb245d...8.html

windows7-x64

3

0da8fb245d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 03:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0da8fb245d296fa26608c98c5033fa2f_JaffaCakes118.html

  • Size

    143KB

  • MD5

    0da8fb245d296fa26608c98c5033fa2f

  • SHA1

    9b4de9c819ec957b76d719e3b112717abce00aff

  • SHA256

    bd52a6a1db9ed2de497b10d42718bfefc0ad44534db0e7b20efe84860fef1a62

  • SHA512

    4f9140e50a27d0e642c203528810c7f50fd940338aaa85d2eb7746564554bac5b17d1fb422cb36aa11b4520c991b0ab0cbc06f11c610500f6435b102d54782e5

  • SSDEEP

    1536:SPg0cESJEIBx76vuyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3om:SfL0x7dyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0da8fb245d296fa26608c98c5033fa2f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2348
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    449a8ef3629a44451a601d0f6f71c295

    SHA1

    cec282014ee497ee908c33556878a347b2c6f658

    SHA256

    09c5783411404318d3b707951a929531fbe8f6237cf85b64bd55678b1c151246

    SHA512

    f67c2c7c0f1422e263bd76b83f78006c074f16e6c6d128a80d6a193cfa9e28690dd58b4e2d69ac9a28dcf546ae76b26e4b501a3798194afb4216fe4f41498406

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89d2152eeed3381f358286c1ada7c6ed

    SHA1

    56f9d8aa175e47fe01799de4b4c10198f02e6aaf

    SHA256

    1fa621d8732fac1c26f2d094237b2271013ce84a00a5878d4c8963498e0564cf

    SHA512

    8498c36186bd6e8707ebf47c9728177677ec191a40e2277b69dc53deffa1374586d1e1170bcdffef5c42aa55eb0697d8aa1cb114e5772e87e8b625e8589c6fa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3bbc3b51f7f47179d95902b047d2ee3

    SHA1

    4218ab845e3b341c71c61e88e7ce4c2b4a4f7acd

    SHA256

    51c1cc48766659b231c195d988fc8f9a475d7031230cfea7eef813de36e4805e

    SHA512

    ba2d3f7fc3baed3e36ee76e5f3b78c0b09351924a9e639a347ac285f2a20a245463a076f0411c58e89ac7fb1753d679ed7bb709cffebdffe44ddc9713f7537f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb7387107c6e65036e06343f34d2c243

    SHA1

    b5064fd05a86da70571429163f56fe9c15bd2354

    SHA256

    db699c6209f374957efb81ef4c3422ef95a20af9b5d2692e2e35994f41f1b80f

    SHA512

    3d91c278a27df96508c23c46215e7deb8eda031959c9f4ba5abaccd5868b13bc7589a5c4dd557b5979bdd1ff6fa5406a8b4fd93e8848e1b9ac9aa2d4437ae05b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17e88d4ebead494c8f9eac6383d61250

    SHA1

    24ad623a13061b1eb2fea10fcf5eaad3cb48e785

    SHA256

    cf88b591fb29c93462015cb4b7e983dc74b7aa93ff4249a0a6e0756bf2cc2277

    SHA512

    2bafbc4a0aa2692a754b92d2d06554a3a49c9e9ce3779d452645ba9a4c8c5088eccf2d15b3630df410a1fd045551edd17611d23a2791ddc277cc11d9b1b69dac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f162c1cd31c18d5de7287aef325e9a70

    SHA1

    9a87f37f54673c7a266efd583c7792d48e945e63

    SHA256

    fbef4dfae166dc5250633e5829753d6d0fbe2e608104c83bc1d02581ff1794a6

    SHA512

    89992efea807f48e23bad4b12ab368eaa104a24d1b9444a010321cc9d9c99650d91cd3aad5280904ebed38260cc054d2c478663cff044c2989d3f92facb6dc94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9f9ec546b96dee7102cc4b089de96fd

    SHA1

    dc52e97aab456707b9f33741a84b1e649f4f2c5c

    SHA256

    e4ab77ff71493d7f4ae635e4ef4ab2a60ef114b6c75660ba7869e34f5b272e22

    SHA512

    1f76033a6774a54282615d1e9678bdd76143445924b9f1d4264a4dd324a5ea5d151e85b64d00a3f46b5fad95e788dbf46df7cb00967cb2ec2da43b0f47c0e22e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1552d1f2636c6f3839751fc4596d8a1

    SHA1

    472a457cbf8845487e739ce6d6a3e05e07d7b908

    SHA256

    1c90d69145f8643b086300fca7bcf39874677ff478f75c4ece0c96d72e890340

    SHA512

    02ec47319c16fdf6ca794f074a452f579c502423472930e60e13493907c38c6273285c760c2fd8cb5b87cc87256fdc96706495c3f2ede86a2c8619e364ed342b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA045.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA0E6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit