Overview

overview

3

Static

static

1

2b214a80f3...8.html

windows7-x64

3

2b214a80f3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 04:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2b214a80f3e5be6a2f5d991c6ce863b0_JaffaCakes118.html

  • Size

    44KB

  • MD5

    2b214a80f3e5be6a2f5d991c6ce863b0

  • SHA1

    72fd7149da63bfebc35dd996eb576940d8b30099

  • SHA256

    21f4ef29fe1e5655b2510c7284ccfb235eb2d41735c19f067899a141b3dd534b

  • SHA512

    283e3f7a0def076e3d4483c67e81f44d3d6d04772304f9846e45301f89e1795e77984bdfafe765f8b664f6dc38ed100c1420f71305f3604f73f138312f5f48e6

  • SSDEEP

    384:Wpoj9ayM5cMAMgi3YBxX/hMYWj2ymCa39yz34YyMuzp+pkgMKZ:WpdykcNli30/s2yuyj4Rtp+pfMG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2b214a80f3e5be6a2f5d991c6ce863b0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          4c52d385bbd301409c676eb881f27b4f

          SHA1

          75a7f84f93946e55f9d866bc12e4ebba50be8728

          SHA256

          35c020c129282250bb5c197d06f6ccf050065c98e4f5b711d148682048ac06c3

          SHA512

          34afdd9e0718ce8c137d71c017cef5834d6d6c5be2a3979f9717b749f9604401e040fd46181ebfa2178834c57d32cc611ca2bd76a05e4ace9d2be5adaa3e8635

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b01590137745dd4ecb36f35328f67e31

          SHA1

          2e3114607d176e7b416b8809eed53137dea6dfd0

          SHA256

          00278e4c252eb8b63ebd2247172115e3b5c9b1134ea4ec1b625cd69c6d88df4e

          SHA512

          c2cf2275548355716860b0d70079cdf0df740e34e31ddb3576ed27e3685c0f1bac49d97828502e0d194c0208462ff65aa9626e083ea1d1ab6a18002d23fee7b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4b02612c65abee517a3336a74d7d4339

          SHA1

          339d35fc22d6bc789fffd722fb0f1e33fc287ef6

          SHA256

          1448c8d4e665eea95c8ed9f8cb8a9ae259e3fac1f6e08acdb634c69a1cd5ca91

          SHA512

          ed61cb167d86375673538fd844328b93571c027ff0d966991eeb94f866ecffd1d20b2ae42fc09af3494becc169282876651d53f9a57494746746591d596fc995

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          32b62082df4a296b78fadbdb69a21d47

          SHA1

          c3af20cb85666e4e9356a2d4eb9983fea361f656

          SHA256

          ad1bfa2a3ffee95a8d576564d771df0e9a3d8b030e446b47ac07e6eccd7014d2

          SHA512

          04d4d5846726cddafd802e6d30bfe1e2d00331fd05f871dba7d78d9a90d7a3209b4b38efb0c86abf01c6b6a8e69afebb2d45c6ed1be28145f79ba3e066d02e43

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c8158caae8446085b0f6b807e694fc29

          SHA1

          311c5fb34425c8ed331982bc25c8af9789032f38

          SHA256

          89986162a14892e803139074de69f365647d80e73fdc3c3344f9f2a961c7eb8f

          SHA512

          dd1ad661fae943061280f7390ccb95d56ee3a2942740fdf5b5e6be7bbf3d2dba75bc18174a42517418c76f3925a0181d042848f1aff2c34ef96ea77ca13b01bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b0c59008f50acbe567322e5001828f39

          SHA1

          4ef4f369e0608d879e95186937db1f37dbc35d0f

          SHA256

          37b964c7810050badfb876251a1a1c1892ce2076c05d484f1552f9550e616f13

          SHA512

          f1992d1b3ff7c0af71970336af1abf26f5350ac9fe55b3ac7eb82eb922651af631114dad23f2cd9d5d1eb4defe35ac2f14a15182f87da28dc838df9ba9f9b3f0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d02c34dc20b67aaf062f6e10d947e4de

          SHA1

          2df15d7eda6eff67e76812aef4e334a37fd65992

          SHA256

          e3ac97a166aca8a9bf853dcc6cedb6d1affdd8faf163415ce5489966ab9d2b03

          SHA512

          920eddb9b28a35f4f080bcfac6eaeb2758ba6fc0f58d42df8004ed51216b06a6c988f9f1c841bd5f211abe5962e95aeea63fe231150e3900df913ab408d0438b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1a203447108f337f4de688e9c527a307

          SHA1

          4e678d99bcd453508521c8e14d34d591abb9da78

          SHA256

          eab27bc916efba4d7801e5e81b38e86763d23c2e50d1118a1e7d7b68794a31b7

          SHA512

          ab0b9c6d55bb4234a0f618e6111758d9cae95eb04f2a59927a31d729a10baa00a7c237f56bda034d03a72082ca561ce4dd30aa8676d84858503d22826275f96e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          45368e6be3f3aee3fba5ea7b3078fc2a

          SHA1

          a217d84e996b82b51f3b8385846ac58110e43d89

          SHA256

          0e08b93c110f8fc666fa57e062d49107582728b77a82899f91b781a6b2fdcb40

          SHA512

          aec968286a22b86f1dcfc5f0a9b07094ee09a8d6d0ca97a45664257d2e1fe9f9da81451d8c24f6cbe201a1dba8edae780fb92dc90ee00edcc31516d75f3f5dd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b4b9c1b7d8a74bb0c3a963a79b745d69

          SHA1

          c118edf21dc7c45d92b3be819f5d06348c278cf2

          SHA256

          018c5e273a98e5028401927c972e5520493cec9150d0f9378455b3ca3dd0e752

          SHA512

          2849d3580deb81e97125eaadebb98199100b0cd3079f2aeddc25d25feded2686d7894118b651f748c98f8c535d3a68d264b9b875a37940d98c7efc611e5faddd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          6428cd49fe009fa3d64c9b78cef9f864

          SHA1

          829c63f7dc98771b3c756873393f2e14f6e5a954

          SHA256

          155dea02c9df95ed530a124ed1ca44c11b417726a3a06630080a930dabcdc351

          SHA512

          1f6889ee22741f1fc4109ed5f30ffca664bf098c159c108b1bf12a6e10a20e67eb68a2eff52c71da14b642b7d7d742a21e062ef0f7c0e1ac6bf19ccfb4b95f38

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\f[1].txt
          Filesize

          40KB

          MD5

          613dde91e2774a6b7955d1e7a6af09ca

          SHA1

          9e196a284401d45c1f49eef6d1b56ae2f32e66d6

          SHA256

          ed3be498fa88c74c993b1c034ad77f532d3ce82375ba66049edb0df14464a8ac

          SHA512

          df334970dcbd7256500c167b03f9dd79d60ad6acd257b3a35980373d9fc3b6301b4b85a7d0e8cc12d06eaf76e1d74920d98375bdf5b241755686bffba3f6fd94

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabF22D.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarF230.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit