Overview

overview

3

Static

static

1

270049bc32...8.html

windows7-x64

3

270049bc32...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2024, 23:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    270049bc32c472810cb5a8d3583fbfb8_JaffaCakes118.html

  • Size

    5KB

  • MD5

    270049bc32c472810cb5a8d3583fbfb8

  • SHA1

    c00aa806b39fce4da7627b052f3c0f94f48cfeea

  • SHA256

    b643dffbbcd5e08a620f092f8c4eb1f1053a0174618483fd61e34bdcf2eb9646

  • SHA512

    c015d271082f89a8a08d9ad96521da1dd8e1d1d69fffa34d694bbbfe27bb6efdc24b6fdfb79e582554dfb1920344a0439d538f870cd8a5852fd6f5cb521f50a1

  • SSDEEP

    96:uzVs+ux7XwLLY1k9o84d12ef7CSTUazZ7ru7f:csz7XwAYS/t76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\270049bc32c472810cb5a8d3583fbfb8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0379180192397925c6155bc4f08b6d2

          SHA1

          b35d7fe437975748d5b5b12b98ea93047a999fc0

          SHA256

          eccd55a274857e4bb773b5ad598d577b12dacd4ed5ed9d63c97ccbf436ed2e47

          SHA512

          d68bfff2fc39403184781eaea210760d61cf7941e188a435867dbcb3361edb7393bc7b4a6679571e754142276831e675bc07245770e86985f23a247cca973724

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3115f0731b7779073120e74f9e2615d9

          SHA1

          6f006c51863b069841d2612a6f723af131b1bbb2

          SHA256

          9fe511b37fd1f9c22a3896d6dd9e4a4b5217150d531ced430b44f4fed5104261

          SHA512

          3ab45ffcede612d1f75ee762f87bda2bb224151536bca5aff47c995a1ff9d8d3e149ad06bf8b96cef9224ff97b9d82dea610e9fc1a5389982d1ab31287d27add

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c1d490a64b11b8d4087c62f303e21ce8

          SHA1

          c392901627e99c40fd908b39dfb05670671b46a8

          SHA256

          6f9e26775a9514fa961958f67bab0c75008ea3a52bd87f294d9dbc35c0c35c80

          SHA512

          8885dc7c952b9739b3244e4fbcefe8984906d1a1813155bd1f6afb8913e0248505131409cd56642e65ec2f53e2ec55a0d3bad2b37e61d52f29eee15ef6dce8ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c8d830c5bdcd1bd15521776f145289b

          SHA1

          856aab6e643f911e65f0cc686be26773d988a92f

          SHA256

          eadde05d6036d95746c910dfb43d3ddfd99217a3d756765dcbe8e44bca29f776

          SHA512

          69a2a42c2b2dde4c78a663d7620f524b833fdcce4cfeac5891ea373ae26580ff76b4b10cb9dc2132029504c1c5ed0661c44644b24c05fed3979113f253b6a52b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a7b88b1107bfe8069bdc588d454fedeb

          SHA1

          25972a048217f306ae2135af4711b01e4d3d9246

          SHA256

          1cae388573fd77d64bf70a737592a95b7e11e5d9e741ea7ca2286b42eb7e89a4

          SHA512

          b4991c56f987345dde1d8c9705ce6f4fdf84a5b77c6b73b24a37b6adb26aa7d46d44f37bfa5857953f534e57de01ef808233cb6026d8d2dc7194633c65c1066c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          91d6f92234be6338ee2204f425c27058

          SHA1

          3f686715d46a12c4ef33d8533208ad94dc47b573

          SHA256

          e8bb3b75c4995811d82ace63ea910c24972e16dee59ed078e3d4191fe14be732

          SHA512

          2133ef875e47a8d23c56c3ff68e9280752f7eff4bc701ad60beba1bddd90befbe039e9bc8b061e0ac1fb1326e05c663cbb149f2c71d9463e23b1a6b7eab33495

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d9e28e7696ffcf877e83c75840920b9f

          SHA1

          4fcea81d627cd56c30d637f79468765fbdd1f899

          SHA256

          aa557dc9b116b5ca8e93abb9fd52a36ea2a4bce12a1767358a2bb620a5fb75b6

          SHA512

          1c01523f2f54040027d32828c4949b271b20f4912a353cc419e36a2ff3081e207fe8319154d5960c5cf9d4cf9403c3eae7d4e449f0389761fd0c5b9e02f901f2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          da68441a8f10b3995980b43183f649a3

          SHA1

          5521fe145427c3426c75d1cdda97d33c4c185c5a

          SHA256

          5b514a9e00088ac5a14b43dc0ac44af3e648178739f11c6577408b6ec6215882

          SHA512

          7bb31d029483f2290a06f605f87a5dabc250acd40a82a4728ef52afa4dd9d269caa14387b426fdc4557ae2b93b273b47c340a839f2e5230f8de053d4c0cd804d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          59ce0cbee969daa32985029a4d352c8e

          SHA1

          65e83b4fd1d14cf2fef7f548590196ce5cbf8c76

          SHA256

          ae10700a224c01cf1a2cd7a36cd6f43c6b19a72043cc7eea1bcc9d4fb47329a2

          SHA512

          484fdf85cd6e7268757dfac5d3c842e1ec7eb97bff2f96b5d0c8dfa5a988861d82f34c1589107303639a09e7cad4bdbb16cd443f51470f536aedd12e57e03e2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9619392978ce39598b42ba85f86c76a5

          SHA1

          edbc79bf551e7a80314f8342dd84697f468d4b61

          SHA256

          1be246ce3f6d9f68bf28101dc93aa8d7c685d08f439b36766973f9329313f376

          SHA512

          0f90e035db5010d9c071631e5fa8e15f87193c32f8fbe24005a95317688a8e1478a16d433fc766215d40e380acd9fe06c13bede46c17b8cd826880046a4bb718

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD81A.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD8C8.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit