Overview

overview

3

Static

static

1

13099dc231...8.html

windows7-x64

3

13099dc231...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 10:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    13099dc2316476f5145b1083821c603b_JaffaCakes118.html

  • Size

    12KB

  • MD5

    13099dc2316476f5145b1083821c603b

  • SHA1

    6481a80394a33b404b1b20dbac6cdc1bae56e4e0

  • SHA256

    9bc111529d7d3b65c8aa7a7ca3a0df7468df88bebae5f7f5cd2cf435ba96321e

  • SHA512

    dc2b2e9e8939779011ad5004c9b7fdaa162df8027526f9174754ca325dd6177266c000cbc720337df50bcabfabe87ad90355b09c12037dc4b6af9039b0dd1f76

  • SSDEEP

    192:FfzC9l1nRJq2xgP/ttjifrR7YywM+GV5kCJj5w:VU1nRJq2xgP/e7nwMRV5k0jy

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\13099dc2316476f5145b1083821c603b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8f767a933739dd951e824fe5e97ebcc

    SHA1

    9e3e40c3627c359f10c576cc2c9230cc108eec85

    SHA256

    b3866f50c2bd12c1761e4ed417e122ba5fb81f113830123cdca1714b69b5a3a5

    SHA512

    76be16eff080aca060223501e1cca75870f758e8f449e7c9af7410fb1015f943679d64076320fb83f8d35037a2c3d778a14acf19c8133c4d9a5c09530fd3de68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    574083e17fec6b0a37ea02d6f8b753a1

    SHA1

    3aa9f93099e94424c6a14651e599d1238f2fd393

    SHA256

    7383be2cb11e68755396b4ac8a055a93c86988f3d1a6b1f43e68f9d36abbc953

    SHA512

    c5e3dddcb3f675746d1f1f93ee2423213714e954a891673be32ab841db6a1603fcadbf97dabdeddac0e413d302e61e0e0e88696dcda326db683eb1924f179c34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a46a933d7d400e9221b15c2620151de5

    SHA1

    3d0067aeabc817ef080e32b479090d456df29306

    SHA256

    9ec34ebfaccfd509913ec8bb465e975d7f44d32402bf677ea502cacd0db21113

    SHA512

    8c6644967c680831306802be2f95510660c6a9735a828596474095da7309122b1ffc3666cc761a3ff862e65b916e95bb68cd0f4368a3e2cec4e9c7ab091086fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8bc371a678cf818bf08224a22d5a10e

    SHA1

    5d428af672b8db2fa038b50bb59a5c9c07fcb6e1

    SHA256

    a33945822adb573cd5e5fd469200475f71102d6775292b074c932a66cfbc2598

    SHA512

    2e51ab6997cbe15239339f6cd89ad130b63ba8259f7684e0a998436da1123ed6252efea4d60012ed18fd5aac7c8b739c6704f53d1e18f059b654e5a58d406a11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00e948533f58bbb475d24d539e0bc3b6

    SHA1

    975c9878b5c83bbcdf229a189e45e8884b16b0fe

    SHA256

    4726e3d1374bcf0b1d47e42f9f5513193990cc109c70f2e8fe774bc7176738e4

    SHA512

    bd415f46ec99901bd3a726d1bab1251220ba320de1023c50c6b79001a4ae8175fd25f15748ca8dc713aaf58b0c5ffe69dbe7b00a4f3e6e1a6e48dccad24c86df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8da819a6019f5adf48ab7a77a1eae5c8

    SHA1

    7fd1e2c5f9964310c6a7a8e460d6940e3902b59f

    SHA256

    bcc9aba98cb495dee65b151d7f0643e42fc5082bf0437699b483e06572299af7

    SHA512

    37cb1f52e3bb65bdba8e39b00f2a2fe7d5fb4df14f963dda2d7da70201050b816245a8c76f08915b180748401f900583bfc5ac7ce9511e1010ade58b94ab7c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa69c763fad9f8d35007ec5485e28d59

    SHA1

    de586e2e5be749d3707e047ff5798b700558a8fa

    SHA256

    609b6155d9bcf01a70f075d2db8ac9584aba2cbed25611b365e0d1c0f3e9f9f1

    SHA512

    56996d32bc93d879d6a945a721269078e0183d874b787167e5f728b56728ff51fb34e0c9601c6b58a8c80f72f28f2aa6c50d38bef7eab0090bde12660efecfc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f763636a6429c09ac4dbc7ffad5b2888

    SHA1

    1d64e1ec0444f8207954973cce86d2ce57966eab

    SHA256

    de0c09cac3c693e5dd034895cbe6e3483adb531b123b8a2f6c499e27eaabea55

    SHA512

    086014724fffc947349a2b1c979066e2a84ada8e0b0a7188144bf85a1d4557b7565a749d0bb58de9bf42bd229c339519ebbef789b32c22b415e0654f3444f85e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8EBA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8ECD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit