Overview

overview

3

Static

static

1

2910d3825d...8.html

windows7-x64

3

2910d3825d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 02:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2910d3825ddd99b55428f004f30a4dc5_JaffaCakes118.html

  • Size

    26KB

  • MD5

    2910d3825ddd99b55428f004f30a4dc5

  • SHA1

    26f2a3193d651b4fdd1548944fef60aa6b761810

  • SHA256

    d70c15f9769160dd3e83661d63c222059c54c52406832dc869fbb4c12e7fb49f

  • SHA512

    1b9ba13cbbe73ba82dc77a5b7e08f62e8e695c3b586cbf510e90e7bbecdb64ab9f799ce4695550f1c6c4695f93e5ebf25bcd561003dfede0d9244014ba53a896

  • SSDEEP

    768:SXWt3antt/M+kQS3fyW/hQMPvz+Am29jrNZGioeMpP:SXWtKntt/M+tS3fyW/hQMPvz+Am29jr2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2910d3825ddd99b55428f004f30a4dc5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2544 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    b918f750b181bbcb8ab8fc5436408fe0

    SHA1

    05bd75308161dc2121978029b2a2d4d351189591

    SHA256

    7242759effea3c573d78c692a4e7b65d69c6ac27449d678674a7fe901163e8a3

    SHA512

    9c2f5d1bc8042021bb5040fe6ca0e3491610ba3713929eb87d6cb107446bcaec366366d4fbee30f566c0fe539e6b279830f10375e0fbf88da119cdec2f3fb218

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5f119ebc616de1373d2f093a403e522

    SHA1

    7a976625b0791db26c49c2aa236264a0b9aad829

    SHA256

    1b68e4fc8560c96c418df4e24edf71ea5835dfb9f38d0111717ca99ae9467b34

    SHA512

    ab39894a521c7fde7a24fa4a7d34770e30730713d06247e9dfeedaafd52248eb549e1183642b26a78d21a7e86fb416b08c3bd3cbfd20930a2ee8b7e56714394e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f351a393265ee8721a612c7cd175594f

    SHA1

    5da8ab4f4478e0c9331840522161d7fd12a4020f

    SHA256

    1f70ae67b4a1e830c9949bf10c7844726a2fe86a5e60ddc9dbf506275f4567ed

    SHA512

    2cb8a99cafa1ec5c0d8cf7b03ee461e12b4637d2731348793dafd81fe88ce2058522edc39378fef895e6341d75ca978bc624c0cf63bf5ade4d46c682f05007d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be562055b6b8d49725f6c4dbb6ff7674

    SHA1

    4eef8572c0d25f49f22480825bcd156b8b17f9c8

    SHA256

    4e2c016c368bc4c9a094416ea20d573a9e1b94cfb839a0ecc0865db3918f06f7

    SHA512

    e56ce70a0735c90cc708b07c1fdf10774ef92688901a3250f3ad8ab7ae29dd95d8890ccfbe43dbe85469f76cf543f98c86745fae6da3e9e949a7a12ed89acc2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d6aeccba26bb76407f12760a6fab2b6

    SHA1

    c50f4b27fb0ff04bd13eca50dbdc0910529b0b3c

    SHA256

    720d6290adfa96155a30371235b1bdb1f7004c3c4359a46489a17e79437e4d3d

    SHA512

    5d7b2ef2d00ea7d360c7fe9b2d17e1dab63c7f10d9d37e8cd41532db11721c993dffd5a4c7561baf9893516b8244f44f986ebe56e749e22215eb23a1a07405c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ee689c1c1ef5cb9bae2cde36671d864

    SHA1

    f1afdf5c7d114549733998caa9361e70a0c351a2

    SHA256

    940ee74756c80d1537d48a8e8d85bc1e3dafd7c1b63a516f72adeba8690fbbce

    SHA512

    5315eb2171e8f47eff66bf08fd8ca2e3089252472d6cb7af2e35d27d9c703fdf37f639cf09c7a774a1c34180269361919bc625bb3e63ff90e3ae3da40e02ad16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    382ebff186b890d827e9fd4eca65829d

    SHA1

    d20d3382c90ee752f03b520eb97b76e81f2ad2a9

    SHA256

    c1d66b45277943af919ce309dd700d832ae5a1bac65115b17556219bbf67d40d

    SHA512

    d8f7a7dce70814239d48e5574f0a9a4e1bbc2abb4ae0bb44634702048b0566ac28a13598104c563aa70e39b003a7cc70207012a1a3ab821d3c2ca523cdf68257

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe0db04b40c1adacd876c1cb3ee78c59

    SHA1

    e2ac1686f8bdb96bb3b24c815c96c3f8d7f330b2

    SHA256

    c65d4f697422207f8a4e80cd4fb7d2f5114e0f58f819f40086ee5140585f2bd7

    SHA512

    b582627f4acd1561f5f194ad43b8a48242c45e49a4154fa15aec94c2028d855c6c1b077e93b05cc32ff3b9cb67521ad6340df8576466e1196d5fbe1bf644a817

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f751f725868dcca8da6ba7e3d69d1c79

    SHA1

    53f7275ec0df7d6ba445d68f93c095c0c9aa8d30

    SHA256

    f6a2e40af238bfba66386388bf4d2961b5b2b33dc452e8d7f044aaa3b5eb8513

    SHA512

    267bc0cd2e42525f25a9fd4777e347c3fe38668acdc4b9abd64f387a13e22fa0b2734478f6dfb091a71b715fde096b2d91520522ac2039cb9cba5dbabbf60aa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f89b23a4adb864d86c813b2de18d85bc

    SHA1

    8db23276dda9b78ae1f5f720a84ce61dc3dd69b5

    SHA256

    85a7eb23ab447ee035ab562646f911e75aec46a62e25e723126a55c2200983e3

    SHA512

    aa222c46aa0fb894165a1bf2b5b5a7b08bd2ac89c7decff894391414bc688cc79432c29c1c3b7093560168989e4844dc4d9b50e654ac779289ae25d6292eb6e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8a81e514444f599dfac4d656868766e

    SHA1

    02fe86cae0e8abe04eed966386c1e04a6db254bc

    SHA256

    6b01de3aa2126ad992df459cdd23418f02c4baab04f15010e6b5288d11b5055f

    SHA512

    5208e40d504454e246f7e1edf56a22232bf2a8cc69ab9a43a0da35fcd5eaecdf9ce53c9bbdaec218cc831c3e400aaac5743e4fc0de92460c59cc1a1bc81be2e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9053764dfd9c07be0d7922286e774de7

    SHA1

    1d3f0c1888e3780072b048ecdfbe04bc6f445af0

    SHA256

    e14e0cbe366f173736abb37196e80f4d5811cfe3b6d24cb868b2813fa88de27b

    SHA512

    2da66c000b8fd7e55562910ade83b33ea10b6e565f10792e0c1a9155de43a7570f4b6f749f9cafab6b9c64fa276533ac587e5f03c2780bc3e33daea5bb764550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16476a22e2bd09e2718af0d9f6e99470

    SHA1

    44cd9751ff9adb75157283a11043753415877dd9

    SHA256

    da1d1f0bf32949ca9cc0905144d08a43d379af338d0ec15a09eacbc5b7f1878f

    SHA512

    eb894b9f99757b02d724a2d6a279b9f5726c1bafd5213e2154a74bfde133b66a62127ba598bc8ccf810664d6f24ae3788bb1d4a2fb2e2703b30ba3aa22b64ae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a33ac21e0264f93acf72eed42d9dd84d

    SHA1

    c91c4e076dfb0af1fe5b3554b83ddcbc886e6677

    SHA256

    928666a486715faa7df3bc5c46bbe58ecaa3001df70b6f4ff6ea628b4d904c1d

    SHA512

    4a7de50638308fb042100c8c8d2394e7cebb4bce5e4d5a7f2b1c4edc909947042fac50ebbccc0b8c8bc4747997df537b51af83bb6fdefc53b38cfa4eabe1d9e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a05110dabc3b30b4e5c66327b05178fc

    SHA1

    3c848a8c4e4af3d6757ffead8d107c50d7defc54

    SHA256

    faf3fdbc20a3a558c3760904dd3b024ac5e3700efe5c655cda80986e2851a084

    SHA512

    0317686ec25475ba94313e853c20fe5d745e5f34595318ded62adc03f7244c10480d0bf00f8d1f491e21391ecb76d6a9c17985957ca2d15354015909f1034055

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab169D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar16B0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit