Overview

overview

3

Static

static

1

27fde0a30c...8.html

windows7-x64

3

27fde0a30c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 00:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27fde0a30c957bef841d4a70c3a5a99a_JaffaCakes118.html

  • Size

    45KB

  • MD5

    27fde0a30c957bef841d4a70c3a5a99a

  • SHA1

    ce3b7e66c193931884ac79896333b801550e9da7

  • SHA256

    e0284e30d5beb11f77645263d8611d87abe7b5b6debe0d35ddb243af837d5eed

  • SHA512

    63c217278dcbbda294c70c0378b11f1107c5a0ae93039c0bc7cba0035ccc0cf69f1ec091dc14f96093543aa4ffe63158984145eb407275ce6db672ebb89296e9

  • SSDEEP

    768:ShPlkzcXJ/6+tljZITgZoeRWT6hwI5cWbI9IVbIT3If2caPB4r:ShtkzcXJ/6+tljiPxT6hwI5cWbI0bITA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\27fde0a30c957bef841d4a70c3a5a99a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0597fc0246cfdeb6fb94863358020a9

    SHA1

    53bb601ae6b3ab17578c75662e1152cfa23e0684

    SHA256

    2d1a6b70d366dfd0789c6913ba50b0cbcc6baf8b4738886afb2fddb80dfad220

    SHA512

    5271c669a46aa90d43d004288cd7bc481ac890312a0b23440771a59fcb938f1e1875888090a2e671a8bfb3700ae1029695ee7e297ee6096eebf6f86ff2d1e632

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92aa73defa86adc352e64a8b861a75f7

    SHA1

    a2d64841638c06010b682a311bdd940d27820535

    SHA256

    665fff4c8631ecfa12ca9127ae46a68ad0d54af2fb32e1a2677feafdf60c8536

    SHA512

    3a39433cef0808c5f99d707331fcb0cd7225e3a20c6becbf929f9990a84df226ce4e577f064393e1f8620fddc9426ee7d73920201ca6c0315f819e0c1eada4b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c0e3c3869167339d2c47c30ed7df47a

    SHA1

    3dae67460f4d3527c428fb55b0d5fc210a871001

    SHA256

    70698c552d67840e4b3191f7b065077880167aad382fa026357c1126a4b7944d

    SHA512

    cadc6bdfc0f0ed4a38a2c0f43be3ee135cda55e03b6fd49b14f586e0f8a856f54716728831c2a8b767f86c5d6223fe3eebd76399ee1ed27ee1fa98b87f0ff1c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6da8b4ae570f4d51407a65b3f0a9279

    SHA1

    41c95683bc738c2b1e3ad846bdd5348d5fc357ab

    SHA256

    df5dfb6d5c853cad7cf8b73bcc8259fb11630be081d72b7743aa12f34f35bfdc

    SHA512

    ecb07261a742d785acec21bd061a10b102c783e49d6577d8e9a68686b6cc3dc390631231a11c6dce06788ae45215d17cfa493e046a65dad4d303341da37b43cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae09d26167bf7899bc00f6ebb6e98c10

    SHA1

    66cf269ba5a376d6b678e39b4d21e72b1aabb32c

    SHA256

    17de48bf3412c8dd2963c70af89bafc9807cea519ba121fcb00ee931fa2a18fc

    SHA512

    a45904b0a03d6a75fd283858f9b12930c0c1ae445ea45c0be4612a818fe549d0f7c7efb4aa7bdde689865aae0bc9da1759e986bae1504851cec1a5610712ffb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3905cf20f597397464601a9a1bd5d36d

    SHA1

    0740c45f6a9de4ad3c0a591cda0aeee7b18cf6b8

    SHA256

    244460460eb2cc93531200fbafdd0e0f16d2cc80ad56d473710db57976643d12

    SHA512

    32c0122b9dd0fe1b80741f9f36b5484112547686805000d3845db1d39e64d30e7df724a360b39b7733dc5d68a6f2b3aa96720d9a995abd0fd90251e592951fea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c69acf693022592503d35d239443202c

    SHA1

    9836b7df6aae2cc168adee0ceafe2dbf191fb394

    SHA256

    cbe3b6755ae39cbddb9512e34c6ded13bd6b3e5587d6ddabf8b74a8b6c319ed0

    SHA512

    37ef323624f3b509ffd4e8bc5a589307aa35f703adbe10ed755b11b62e3af361f180d85706da17fdda8c15c76920d35b90e2a6e3978478c34f1fffc01c5ed0cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b29bef625aca56a0745e04388a173e7

    SHA1

    6fd93caa9b8e69cdf08524c9543f58e54bad63d6

    SHA256

    8d147e275c3fd51ffd8438533b060ac0ed8551b2c1ed32c5dbcff50dce828600

    SHA512

    4f23442bc14a7721acd00afadda9a93000a1855187ffa02aec41498109968b3d63dedb942c8c0ffbd711ff52a7c4a1251908b397ca58138548505b7f16f36d63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97678a82c5d4e35b10de91633b1b6a70

    SHA1

    22249144ae584f8cd908afc9a752c54f91d9186c

    SHA256

    64888c34ce3f6db0a604b67710359bd4b9a28d41dc7fb011d9f499cc2c760b31

    SHA512

    ca6c76a716a4a17c5f97da085681b2ddd9216fa896d9631330041aa170da9cf45d3bd7b4c91311a7ed26fd8dd62d91fc2265bb539850fd8f389ea4e9693efeee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9B28.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B89.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit