Overview

overview

3

Static

static

1

15c4f70fb8...8.html

windows7-x64

3

15c4f70fb8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05-10-2024 02:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15c4f70fb80d836a8bb97ed64b7bcabf_JaffaCakes118.html

  • Size

    12KB

  • MD5

    15c4f70fb80d836a8bb97ed64b7bcabf

  • SHA1

    77599cfafa31490574ce255929f2a7bfc7dd87df

  • SHA256

    ac348463f46eff10936016c946158111c51378b707d6b315fd31d0813b594fd1

  • SHA512

    a6c0e0aa78291d4ce6b0efeb84453257fd9014ebccf952281520dc07b8246f1f7ce0f36676bc76aea30d79af7566378559903e028c5f405adc7a824c95f3d97c

  • SSDEEP

    384:sblIcPVGjns/gcLBkZcnY1DA708LOXguLZ:ug/SJExLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\15c4f70fb80d836a8bb97ed64b7bcabf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    374f6c8dc74c94d54c8e09444b2e7aaa

    SHA1

    a682d264b88d6deb83eb749e02e03bce5315d588

    SHA256

    48ee5f34c7702ead82e5027b16f6b3fa0c841ed9d5c3c6659ccca41112082950

    SHA512

    21ecf4c9af4cfb52c84a5f1226cc521954c2972e29b1555317f1c3eb2dd3e50041f8ac14c8256160a4edc4604b0430203a256bd656ffd132677aae7d9f0ddab2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a35d493df98fb55d9b03e08d676e1050

    SHA1

    36d52d706c32b561fc18eecdea47dd9063076ddf

    SHA256

    b1809f75c51a253cef6cc569dd456934dea6dc9880b182ce06ad44d585b639a4

    SHA512

    939f1cbd49fab8360861a3c61b560d5a81cdca8cad1f9d3a3e8e63fb28550ac2e9bf078239389676b92fa2f6f0a778c9a1bbacd7fafaedd95606322c14df2726

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eaabc9d2dd7a5dae7cad2641d12ad47

    SHA1

    2104ac31bc04ca8d2865c1790c3815eda04b1cec

    SHA256

    9ca0e83aaf43fef75b7dd42394a53bca332af3c2c161d1a62564b39c96c47746

    SHA512

    7679e9fad61698ee7807239e51d4037fc50db96da18744a09f40411021f8cfdc3affa556e124dc777638860b2c7a07a498c8143a133844cdbdc339b0dee3a647

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    573be06fa77ee9488dd7be93a10a844a

    SHA1

    529cd73d5182f3015814f5423d9651a37a2edd93

    SHA256

    60af6f3727673d00bec8b71b817f3ec5d82f3fed09007fe7532413bd64ab2452

    SHA512

    1ded0cc015287b5e9eda1d8246020f3f5eddca773c0625cef50fa061cf8ef30b2a6ecabe41d273c15363bd1e889c435ae553f6a5645ade01de154ae170c0e40d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    486c3161145412e01400713ba7e21756

    SHA1

    3c139f0862edc3dd66d9118594fbc89cc5bce7bf

    SHA256

    c3406c2f32f6d2557d05ae3349175c53769bb5a8f2623c1c6298e7dbc4519d46

    SHA512

    d7ca35b36bf4bbb2aaff03a4a097a6e4c01b7074a9637733143ef42575d79910ada2524a781087e7c308cc4d6dfca425a3b08c51f4363127aafee3bcf77cd4f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d79807289899eeb8fed82f0be6bcd61

    SHA1

    db124ed4e47c32d3117bae397b3022e405dd1048

    SHA256

    9b7d5b850412ef692b8c5a6c1005a2a97e7741dc897bd580435377c1994f8f66

    SHA512

    7c77fb0c75a5225dbd056789aee54a65fcf1f7420b948ff7e3aa2d6c96a00f12cf6e771bbb8ec7cf28c5862de7af75722c050705cd7f37318970a7c97207ec91

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB7DA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB87B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit