Overview

overview

3

Static

static

1

2a87155b91...8.html

windows7-x64

3

2a87155b91...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 04:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a87155b91bfad3cd97319a72472c3b3_JaffaCakes118.html

  • Size

    53KB

  • MD5

    2a87155b91bfad3cd97319a72472c3b3

  • SHA1

    dcafb2b74d6cb19bc04184448b9f75be094db177

  • SHA256

    9fcfa7f1188038c84f8e69bdc6a0106c8961db335b4270bab086fe5f65a73770

  • SHA512

    3d9465dc29b6c4c94d14dbe5ddb5747c0f686f2a2f2a39c3d329d5686542915d9daf10b532eb27507a2c0f5d76225f8281439a421a72d3a9d7343c0fdbd8e710

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUQrunlYr63Nj+q5VyvR0w2AzTICbbzo8/t9M/dNwIUTDmDD:CkgUiIakTqGivi+PyUQrunlYr63Nj+qd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2a87155b91bfad3cd97319a72472c3b3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b296513cf71cfe8f531d51d8607e0d6

    SHA1

    48ff937ffa6b0500291a1c3adca9ad4f177ffca8

    SHA256

    7d3422a93133c735e598baff17c5daa3844205e749d9c61303110f8d1550bbc8

    SHA512

    d4872777689f90511c1756c9f926f134a64bf8bccb1b56bc02bb4525184a9b066fad2cb8b60c87a2bbb995b016862f7ebe7a065937fbee792eba2cf61b15482b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e93d1b07fb841dbfc79d3c3aa547399

    SHA1

    1fb1c2c32beabaa7a02149cbfdeced63b6281c29

    SHA256

    674ea1e728a39ae5b43226036f4de9a9752eff26e1f50e45248d6421a7fb622b

    SHA512

    f7d2efd2a2a21702e2b168b21f302ff88a30a681de57b6897c0395681585bbcb79dc2f6d4cd31b046564e0db973e1a3ff03394906217b273b85af7a04431d967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4e23aaffb9b23c6f780b18ac9569788

    SHA1

    be8f67292ac2f47924e6c1571ce3a2848d5d8e27

    SHA256

    ac04f94826b569773e1c4657902163f74badb27c764ac30589e02442cb40e60d

    SHA512

    3815ac4d0a8ea04d1ebe4100f2af9e0714b1fb9fcbf57dd7bf3a1727d893f427e92ada64d5bf4d5732ec47722d6a4cd8591c96a3889af1d8922ca8ee869973a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11b090e24a4fd894be283933794dad54

    SHA1

    2822da60749dfd6a99481fc09d388c8f1f8341ca

    SHA256

    61b76a9643bba2db59d962e4eb822887c1cf7afca278d15d2e11f009548a0fa3

    SHA512

    99085fffdb5f649b00c38e127969e15be9806ea21f756791e53cf431939709e53d18423a242e30cb9eb128e0cb480d49f4fa42280793605eeca6b52daade674e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6025fb9da6fe763a7d68661167dc2c4d

    SHA1

    945837259c4f814cf5d9e52429e023a494277441

    SHA256

    0bb1d3f5b226cbfdfcbaaa9183ce0a9580f706efb157c1904734f8ed70903f4d

    SHA512

    dd9e9a4ab24b7813643bc96c4e78f139f4d91654706959a0f62344af2c3dfe9da132db0144bb73b6f6fa154ef0c83db08a7222d634e2425860956ef44fba1dbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08a55105f5d0b4641ee16ef47ae23e43

    SHA1

    24093be5ca4aad69f9f7fbf565ecb534286dba86

    SHA256

    43190f1ee9a9dc9d4226a7829b94d3646172854f21ab2971679a455daa6d9572

    SHA512

    5a215b001e6100466d0001962440e75818a3048035ccec2f0e10679089b2267f6c3e5e2cef932f170a7e5e7a1e30f6878a78da1c9760bc498867d17fbb625d77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea5b3bebe5d882788fbacf7c11419a82

    SHA1

    187c510c26132041a25cc3804fe5ff6fc4312600

    SHA256

    5a0cd6afb4ff1072395f623cfb2f4f4ac2fa5a4d3487382b944ad01b54aced54

    SHA512

    2d3eadba426739c5df37b4bbc7794f9cdb21bf58abb09ba8ba6193e59e332a124aedf668278caa8c2f5b3d984b72376de513348b017e732e2d44990a7c20d305

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e6bcf70fa80c8f587ddc25e0050e28d

    SHA1

    544f0517d8fca3af95f54a3f178b37e57dac234e

    SHA256

    c3d88e7f5ba364e8735ba0ea279e484c599e9a71316ae82128257351004d0592

    SHA512

    b0fd68a7448bf5686b3c311ddb915affb8e5b7039f19edafb4f586d63062dbee083fbf545531f34a9fb883672f999902978503339777d8784660f949eb5a80a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d661f8aef881e5edbc70cad045ce7e88

    SHA1

    922778cfb3931e51e3698b4e2e9616692ad9d849

    SHA256

    ebace91cf661056138c9ec9692ebe200e7137a31f5b227606972999afe76994d

    SHA512

    dda627e87202f2815cd9637fde1e549e0347476e6fad357cff4a10aa0c8ee2065178975eee883b1b70e914949d77e57ff3cccc1a9a030d7f198e9e2491d0cdec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d37d6258edc7cd44aedc3903f2aa934e

    SHA1

    76a86c8e458728d55359b360d785061a9b731e39

    SHA256

    01cd092a0fc22bc0e1b4b0d271e3c21356289fdf77ec8f8221c49dde89b5df12

    SHA512

    07373a3e82e64ff70b36e43e6ec9f9305deb28203fc4f5fa32ef400a9fa115176d71c603818856e6501dcf4bd60e1182e6141c0092521f35c43a91a4df456a73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae4d8c88408d5beff40b070a3129e832

    SHA1

    d23d9dbea2b0a63a2d12151f265faabf6f33279d

    SHA256

    5ae9722d7f9d3a83693cef1e671d17ab34de3d9371352b8f6aeb2acdadcc8100

    SHA512

    e87a5ff1d845cfeeab1719526d08188233f9e404aa9e1304fd4ca547589f58523f2b0d5e5be065e0dec3e75d7e846c68d68f7ed7af6f768363f84038982c51d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea5088143703f17a685b8388198d3961

    SHA1

    87fbe6cbe53166bc3c1a8aba11e6eebc8adfbf07

    SHA256

    04afec4145c3ab6cfc0372f7606bf3ad44ceba3c31d24dffd753a1dede0c79f3

    SHA512

    4ab1c62a73ce9ce1889bf404b303ab424f1c12c9216f4087e906d0acf2f9ff805b2262e2e28500889728fd4699df11b72a51cc1308035fab0baa9556d45e17d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdcf217ab8f5cfc3bf04b322d0dfcce1

    SHA1

    41a8d7099a06717ac1db3396cbbc36b5a36f604d

    SHA256

    6e9ec8fca0e0bc71293278710e4d0a83df52a45c8860937047837e7d5298331c

    SHA512

    078faf5d3a15e773e472cec99b346a19cd482d2da595d18cc629aac86c4f9cca39074cfa50b44ba3af23d0abb0d311589f0d420b678f094bfb0fb37b287b56d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    672e0d7031b170ec9873ce4f914cce49

    SHA1

    8f9c5b2d8ff08daf275e4cd5ee5ba6a13ef1c5ad

    SHA256

    b9829d07857d9ca5c242b67323a78f7ee71fed5d95a1070c566e53ce32722623

    SHA512

    fe050c730d009684b80dea9194090a8d9bec08af36c700ad6c4e52ddf9a3a5ed2ff868366b92a9bdb9582120ac42ff64eec1bd1b1dd74a00dd2bebb629322a14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a8ffe324a9b75f0bc32cdc7d10c65e4

    SHA1

    84e443c8775505d1b46b54d9c5dc01d957c91aa0

    SHA256

    678af0db3f70ccb7c9105addca90a4b2c724c6474bbccc9b41d2187344be1198

    SHA512

    3f7603e7e3575d9d13a3baef7875fc77dda1ebdfc8eec7e66544b50e5a312a3fc003ef503f0081344210cae9ac7662572de8d26a7eb38217ed54caa2e4dc13e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1408daad22b2ed1a4a71c41f51692d91

    SHA1

    331da8b47692bc532bbfbc7c0e6236b0f9796cee

    SHA256

    107de354070a0bf87f9c2c749e8b4439cd672c19dc039087c0996c3a991bebc9

    SHA512

    b02aad5ef36135784a66e940b390227374f12583026e14110139ee94f13dcb2b6ad4f65d4e3d6973698a91f66382d90cf0f47b0bc0a96f5b8d89244fc9da53af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fb74a09e288b0a513440fdc37e9c8ee

    SHA1

    cb936acf59094bc14b4b139a9c72bce9b7ed58b2

    SHA256

    6e025be2a2cdd48fdeca4d46fa535b354f88ef7bed81e1fa4ac462ee2e0f4b14

    SHA512

    3c401d36a29a9626eb9d3ab094e5c5a68a19e6f5a1dfc66db2116c54bda95c0a5bab100de90cedc24a1bee953b028b7221b92521d1695296ab1ac9dc7b152e96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08973dd0cbdff505272d0ec69242a0b8

    SHA1

    d65fdfe0fbcff42ccb4b765b2f22e79797df1cdd

    SHA256

    d52e57816bac8386d25700bc38c4c5e0bc2ab0396607ad98449e1e810a081d5a

    SHA512

    5f7456b4c8b217ad5cd27420b43ccb5d54e166d3ec581ef5ff3748d904ff791e86f0b19641480d9bebac575e3b15216f9567f9ae30396340ebddc8f835ff8d00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29328550b2350545d4f97a9dfb99ea55

    SHA1

    a46363d10447ad5c498d772cdb2342a0be461123

    SHA256

    a882bb6ad512d125e0d3d0484f24f60f39ca037d4e18068f48196770de4f0def

    SHA512

    bef1a9c411e63aef1596bf4bc616b22d75ee8d03e99cfc7477c6add1ee2ca784b8cf7ee4c495baab2e142b7d41a274d2a0f440f6c592c9f5c8726cd3fa3e666a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\upshrink[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB4A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBAA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit