Overview

overview

3

Static

static

1

28a51526bd...8.html

windows7-x64

3

28a51526bd...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 01:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    28a51526bd133900df3211cf508fdf1d_JaffaCakes118.html

  • Size

    85KB

  • MD5

    28a51526bd133900df3211cf508fdf1d

  • SHA1

    7063a630eb30d0e0d9de32b33cf6a2097cd50358

  • SHA256

    3d7e328c3f264d31321624e3bb5fd51fd9fccae8e839563681005a9607f0eccd

  • SHA512

    7192114f31a60e5d007c91a290e1d4a933780d9f32e4722db9fd8f0b0e1988c336831b5aac61c004a29b2536dd6e086031a808e17f9a6fdc8be04be2832d2419

  • SSDEEP

    1536:w+ipVn1BUNqvLKvr7R/DnVYWCUCSo0mjiMpbqqvmznhKv++nPLB1V3:wBvLKvr7RReiyuznhKv++nTB1J

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\28a51526bd133900df3211cf508fdf1d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:620
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:620 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fbb39911e9668af4658505f21e20e03

    SHA1

    2a4e29ba043a3cbdf6b6d8da50a30731b77d1eb0

    SHA256

    9eb626e84472afa098de345f5397f254920e358c7bd22edcc5bb26306fca08ec

    SHA512

    bed78364fb9d82c6c0b8db82aa0fcddcb97b04198a27824d5bdcccfa628b54606f5244895bafe88ec087376fd72650f3f5c62bfa67baf1cecdd5d0736360c735

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efa03596d4dd9e699214f558ca5a20d3

    SHA1

    cea7e533ba90607a926a2ad8d23e460242c82503

    SHA256

    763378abb08b0873ed411c2347613d7c00dbd9bdeab77a8d7d8bd58c29ac30e5

    SHA512

    7546c42a64c2e124b5c3c8d367a97c167ff9513d56f23dd22d28c54443da6ec6a7cd9914107a133161d9c00eb5960fe23bc8d2fcabc69963fc11e8f8acbdcf5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c140ff463a2d4f31e30aa3f3648047c0

    SHA1

    60ff8a830b4e0d3b3c8f6e84b785ebd9f7d8dcf8

    SHA256

    2f1a4c2e268cdc146502c761b18cdf1170013075e55a6937313fc6a7be26c265

    SHA512

    126095903125e6638e441d01cdf7ecb012903aafb9b4a58266189832da38c14ac22973363d193ef6355c9c13dec7cf1d292524b67f64fdefcce6218351177f1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca256cf32da01b2afab776b48258d461

    SHA1

    da173c105ca43f23447ed2a0580b692f65986a70

    SHA256

    075584259c59c7288552b506cb7c878bc064c105849c649a78efec5e83b21e51

    SHA512

    44a32f84220ba707896e210c1fa3a9f4e2ad8b6846b2a03cf0327d6ee2fed8cc826210e35703d94fa26418dc5765b42149d9c9a573fb2bb9a72122813f35090c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13c3faad312f59c0eda2a9b3c7329eac

    SHA1

    b76fffc67f6425e28f9a330e901f38f95e2dddd1

    SHA256

    d62a75741b286bbc33c27c2c47ec68b657c9c91d120b30a479ee637a42fb507a

    SHA512

    4e0ae3d953d0b4c6c467e0f0f36d0f3118c4c57e36d3524dfc340f08ce45afb9535837d248cce9c91bb5d6feb71e8be45f59ec3751546e320c77459a4c86d6cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e63721bb51e5289a157e06968eb1e6d

    SHA1

    f5dc5d4648ab80c16abea1b1bdf5f73b32c1193c

    SHA256

    37c72622b1f3eb004d9698bcc5c0ab4daa4d9ec3afdd85d08170d34a83ec7bf4

    SHA512

    764b4512817129c3a468e9dc56a04cac63ed6e33fd34cc16c642b1c50ee9d1a8ac811ebca824e4ed931d1af16d6294cff78dd34007895317a718d9594b971229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcc4ff22d2b135b1ad5064f21d70011d

    SHA1

    99fff73eb4198bd1809a0d8ca0b7ad8928ae5bf6

    SHA256

    c495249f65e0925949cda2a9cd3641004c4ee18ea070733495e601c38117e56d

    SHA512

    9992c60cfe1d8d7f12d190174bf5542f350fbefdad11e709590222cca191f7d0159fab518febac333c8a6d39c26be59fb5ef3cd5df676d7931a07d703b5485a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d39257141f6ef86fe7c85d11f2051dd

    SHA1

    7bd77020de9d98ed13530c69f38a57f174e1c5a4

    SHA256

    0ab2be3f9129313be0c45e4467da4a14439f99f26bf4cb5d1db1d6f649b05574

    SHA512

    9ba04172064dede899ae6bc307499da30f7f4eab9e644698996ff847082cbe98cec89e6d7f077d05c8d4da3c70f037cfc0a641dfc427e89e26ae2ce94d79b607

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2376454e2f0b6678cbc2fe53818001a

    SHA1

    ea5c9996a383bf10805eb03e9def224fdb57b696

    SHA256

    e53acf02c6aebc410c13eec531de7f73fd4f5fc57d90e0fbf090f2e5000169c8

    SHA512

    955131d48ca69d92a42f9dab10bcf1065fbcaba81e724a0a05128f82fbc2b34bd31615dba5ad4bb2fdea2bca1aebb33954a3d665660d17cf5bc5aa6915a316f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9A00.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9A9F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit