Overview

overview

3

Static

static

1

113573e3ae...8.html

windows7-x64

3

113573e3ae...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 01:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    113573e3ae5725218cd4d6dea40eb4d7_JaffaCakes118.html

  • Size

    145KB

  • MD5

    113573e3ae5725218cd4d6dea40eb4d7

  • SHA1

    f9891bfecfd691652e3881229bfa3f6becc32386

  • SHA256

    c7985a483b7bda15916dd5901fc519afd2be96ca7d890ba4eb37e007cb6c35af

  • SHA512

    3fde96c1a67c9349c818c18086d1fe35389df27efae414558ca7032f0251686fa5b1c55660ab2a3d296104e21c0b5cbf2dc17a484fbb724b48a9257ac93e840f

  • SSDEEP

    3072:ShzNVnx7dyfkMY+BES09JXAnyrZalI+YQ:Shz/nx7osMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\113573e3ae5725218cd4d6dea40eb4d7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1044

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          56ad68e99dde06093aa4cdbeb112dcb7

          SHA1

          c1b395224e4e9cf3b9b083d9aec81559aa33f25f

          SHA256

          cff46d3aabb8f90ee9727039cc7f49a96345b1f68cc29b0855f4418286d7d6ea

          SHA512

          60662e37010e89d593d157fb65633572e30baa612325ad78c1f9599686f8d17b439a94b1b3ecb75ab8cd55ad7140fd966ce72d711636c193f21250c34d69dcd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4a91fbae480e720b46ad166e33755b0b

          SHA1

          5ff4564f6c22eecb726c9bb6d5c6b9bf1c37cb7e

          SHA256

          7b073fdbf6de7bb1fb48f69ab8eba913b0bc46aab4c90a811633623aed737fa3

          SHA512

          fbbcd2b04da97a9aeb6e6df3879d12bf1260e16f515a6b967d90bf82a2204d864ee7409df8aac4d1032dd6f5e8f8282e1cc5c30d51e2b2d9eb994d7a3ba83378

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f69f5d3beda61808cc1f01866b763bc4

          SHA1

          f1a012fca60ce272837fe8ad7f9a77f542d66198

          SHA256

          a6aadf396fd6b1650cf126daed992543b4b5442fb6f2465414bf12c5b858b9ea

          SHA512

          fd33e4b42dd302f52ce6bb4ef3b8e20b9034c769504681ccc1df562b56dffd952e2ba845d5dd3fe1529379c3dc405b15de738d38479cc91f4d1f9b361b9c633f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dee579d1d968daa4c8f36125c1aba9cf

          SHA1

          0920697e81e41716d74fe0e0721ec4580568c81f

          SHA256

          bb5b7cb17feee9293cce6bf36575cbf92691915e4206cad25ab73954ca955d41

          SHA512

          ff28c8aeabbf4a1d2a767bea1619e83fd98157cbc9b6bfe996f1413130eea6a72bbf1509802313b7c6e8d747513f0799f1a2a82a3f7467a73d26d6ae73a18171

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          588090bf351d53f328521bbfd1e83e5d

          SHA1

          251ab5c385a3aca0f004ee278686642522bbdbc9

          SHA256

          993bb356fef8c14576d8202f3fb32e644d6397a7c6cdc22d30c06df078c6e952

          SHA512

          f4ab7be8e856a43ee19cd41a6561d7ace4a7d060fd5a34a9ee96bc8134f691a8a21ff9ea72cc72ac3ca62e0901f791f87823784c5230f6beed1a972f52ac9c26

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8F94.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9C64.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit