Overview

overview

3

Static

static

1

0fdd403108...8.html

windows7-x64

3

0fdd403108...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0fdd403108c3740774f58d978af8ea34_JaffaCakes118.html

  • Size

    21KB

  • MD5

    0fdd403108c3740774f58d978af8ea34

  • SHA1

    19e62f2637bf112c7aee285f294f89bffebc862b

  • SHA256

    6c883a111ad8989ab8041054a3059563455148fc01223f180a382a0f165966d4

  • SHA512

    2e27e777b02a16d18be72c640d4b23afb592049f08b8bfe90689475e3799e93c71a8dd59892c01c0a7ee8be0e372de90fb809546d9c6c64fa7002a0ed6fc8165

  • SSDEEP

    384:LalIcCt+Q4ZhOGTHkjoAuQYx1n6Z8u1xa/gvWaguLZ:2LhYb8u1x4g+axLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0fdd403108c3740774f58d978af8ea34_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2624 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74c84076a4af7e1417ec90eee7608e88

    SHA1

    dc11577b9c0cafde03f7739ef4f552767456cbdc

    SHA256

    b181e7bc2c17ec9244adeded832974b322f186be2ff1b24fa957f89b189bc60e

    SHA512

    635eb777f29d312502ea9467dc5d4ec18dbba198adbeb6b4a4ff64ae1652c2780b90608433e5025b5c5e8e39bb77b331c93c31f6e75cefb80edad1f7fd4cbb5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e2c61b63d1cce24b1bd9e9a0a69639c

    SHA1

    0d6dd3f6de9b23874b861a5b1fc14b8b0ac10f2e

    SHA256

    3147cb05b96a650042488bd3ad4a9e43158860068587a76bdce8f52bf04e1c3e

    SHA512

    6bcaf8d02c5e8e61bbb2ad6519a2974beeeeb182c2075386f9c0259e1d43cd925ed0a5a87d81ae05c8b2282d7c2f89b82482a2ed3dd5e88b4e5a365f0b2ec0f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f164df11fad385f6c3d574e0e00911f9

    SHA1

    8bf53d3123155db83dd526957ac350b946e067a8

    SHA256

    d3db593c63b8ba2e4145aea95877189e46c8f835821ded28f42c0e5deda4fd31

    SHA512

    a368bcf48e4f85c6be84e8e3ba5e7a61c1419dc26b2fbbf4a263efcb15e24721ea966d7fa7b82a01db2da9a1cfcdf3af1902722931f42a042c4d3f627a0ff288

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ffcc6d6ca3d0b2d6c407034cc34ee2d

    SHA1

    13a00ed2135724ad49e5810b3074def36ed7a05a

    SHA256

    c9f00ce04215b35e600ef48e09826ddbed7629b56d1f9056ec1c7aac42227123

    SHA512

    3699d474d7cdb9967b8b187f5ce45e9ccf2983f1f7248bb10245215d3e86834e3c84fed8c2d7e9d87d9addc7b4a971bf70f0423c62e39a16d03e5487d0b8e7ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d220e81a2576a686b59677067e5f629e

    SHA1

    0abbaf612550e80bcfed81b56afa10c0145c4a51

    SHA256

    65a5649b16fae9e51dac2e2de1c996a6ae469a41ae6bc350bfc5746499486b83

    SHA512

    c43178219abcfe9c1cbc6df3ba05d99e8a59f28557f0c4d7c46fb819a3649ac4fc773456df39b42f5143f6192eeafba9fd76be9fe908e42030369b4b2f6739d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a02f41fe337bda8ef03a76fe34e152fb

    SHA1

    ee570eaaf0ba0d9b3888cffc3a19c0059c5b5552

    SHA256

    11c527cd52b8863082d22b04e5c8a632ab9139a2b742acd5ca88f59145d23eff

    SHA512

    6d24b6478fdc76238df6f3c3280faef84cb135cd5f385912f75406e62ac71972e52322fc8325affcc9f9cf088ffaef75c1222644bf03310d40db547b38e8a191

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9269df723ea20697fcad079c7aaa7d22

    SHA1

    e2f4dbfb0fc97d4050d070ef18b54ee0b7aee82c

    SHA256

    1d05b9ba242dd7172bc556f9d36311575dcd937f455e1a3869e74bf8c3157f46

    SHA512

    292e3d33cda72695bad19278faaa513acd7236438478853bcb8b240453385fc45570ea580e43f90ee0e35b7643d2dc8d3f1cce7fd06094a70a0c70bf00da4fa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04dcdad111e8659e42fd630ea8c88c7a

    SHA1

    c8e9f4530b6fa9503f63f17c944425e7df9e7df9

    SHA256

    8c26f431be89de0f68673a563214ff4de25eca099b57ec8b02b0fa4d3f01a592

    SHA512

    9105fd531899f306687b431697def1308671b16af1de8325770a119225dd980c6c101b53381635008d91e4a8f9c428a37a9ed168ecb6c9a51f34cbea295269c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1910d8b5509640fbe49b9fa58163ad13

    SHA1

    cc6fa177fa684799c23ce9988238d7d9604026b8

    SHA256

    ac1d12add13e7f011ae105352f8fa0036727d50b17966ec8bd2a3a186f8ddbe7

    SHA512

    005e96b01f9d12aca0537b3d0e274dbf897eb852663548dce085e53d561df8c5a9125e23d7ae08073b5eb49a6fdf4296d6d0a6c26f627543c75d830a377326fb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6394.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6425.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit