Overview

overview

3

Static

static

1

2bf5bb155a...8.html

windows7-x64

3

2bf5bb155a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 05:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2bf5bb155a3e6b86781be8b21fa53b38_JaffaCakes118.html

  • Size

    11KB

  • MD5

    2bf5bb155a3e6b86781be8b21fa53b38

  • SHA1

    e57e39f373788f256619bd47b95b90e41ec3c1fd

  • SHA256

    6394ecbe2bd759deca3f61ec9d042aee8dbb2ba3b195ffc9c29caf7fae136760

  • SHA512

    c798c864cd89fbca35fb22cb32a0fafccebac358c2816a0d61b1d2155084dab7ce01b3db9baf63349a20947c0976ac280e1758a97e0af7263f179da19a84bc78

  • SSDEEP

    192:2VulIsr036v8k/w1wvqy/B5AncpLKkf01BLOXuBuLbdU8d:sulIcu6p/gc/B5AncpLKkf0BLOXguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2bf5bb155a3e6b86781be8b21fa53b38_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1030545c5bdd890310cf822595ed03b

    SHA1

    338a14e1f68e10de1276c27420efead1781e62fc

    SHA256

    c470cac33c4b670dc23faa660e5d9ab458a3516ec724ad8fa332899c802a4be2

    SHA512

    8988ac48df2bf7da24ab9689f18670bc4af2dae89d3a3c4c107f307221ece879494be9cd31f4fa1eab4f534a226a1361e6bbd330dddf8b9557f9e314d1ba649e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d970c073b86bad70ecfe626ef1c97096

    SHA1

    f05d423f963bd15e4595e17d2b6e066bd5e441c6

    SHA256

    53d1998640bc7680024dc6735fc1ff9762fc951325e51b3290168473c3684be7

    SHA512

    3e7b49d58d998b0df093ef61c12245435893b48043cfe0090bcfa0d95c2dc0785557359b093178a2e8f0a03ffcffe90e52e98a6409d4a13a98badf8ab9cab1c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe11aec1f87a9e28ac7f20c74a9f59c0

    SHA1

    ff8cabd6d5bc27b4e108ea1373a240e912ec0352

    SHA256

    ce87bab4df30208a41c7df49dd9df8c67f724fd014953ee35f45417d12a98d82

    SHA512

    ec3f2cc49c0e51b5a22c44ecf21510d315cc3df5352dd77100598f2bf97affa7885dfe0309f084cb09c9bac78856cc201eddad410eac650276f8affd88817809

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2b99d12f79b6274eb614901de239d33

    SHA1

    edaf90e8b8d8cf06f25a79f134580f2ca4f48b68

    SHA256

    57f63ff32995bbdd27741c4e11166d3b2bb197d5e0239d8bef229a084885ae81

    SHA512

    8e5ec61395324faac94813ff109794b78d224038feed4a0f62c7d72a027ac5c0b89f2df596644cee7aa38273b79eb7da0f160fc49dbe514656d646af9f62b782

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bdab2247abb56acbd6bcc2643ec2e74

    SHA1

    e68235d9ecaa54e79b8998266b41ba2727c3e747

    SHA256

    71fdb282c7bb4ff07745f1d9cf8d85148661d4f5c682b0167b1822bdbc2cef8c

    SHA512

    25524996570e147bcc7d3d6b021f49376a15f87d0c07b572c85694538386ada0a78a6021154a4c42102a5c2470ec203a65c6d53ea0f612aadbf3fd17000bce16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f3510bbb00dcde1ec6df34043141c31

    SHA1

    8cc3cd443f8c5b8401ebab0acb3127099408b277

    SHA256

    4d2b44f19828a4dc2763efc8fc7059c0719cd9b970f8c88954165c7c78bd89aa

    SHA512

    ffc0eea44df53503c36e89ac95cd8743463ab47b701767d036b2cebff9120531051c042236d88c5cf2240176e280d27c0ba049ab7c0eab3664e5c3e2a28fa38b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b7755b8257c95b24c42ec0294057c8f

    SHA1

    f44c02bb3b5c6dbb12f16b0870ea4592328e120a

    SHA256

    5bac0b99b7c78f4de822dfb6da77718177fd0e0c7e3af29a51bcc82c02ca2145

    SHA512

    81f80c0c758017ec3c7016d670798ad6cc052bda06600893a08659077af408ad121fe4841e6837efede77f50a24eeb810a262c89e2c3cdb687ffb4baa012b4be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2242f28623398c8f132be7d530d34d3a

    SHA1

    9265b0e67a64909fd5af05cc525cea9bd5ffa9ba

    SHA256

    3e4b35161ca131ac480096712be7ecf98abc155dea27d4938a86f4cd69d753e5

    SHA512

    4568a1cf9273f32bc595d3e5d88396bdc72ff222c9a2578d01d9588d377621a07fa3e9161748202ffbe5a46f3a199208c44f0f2c3926827a54691741d695c265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e71e2d43f277f4667f4f6e3fc489fe3

    SHA1

    4705dd22b8053314b0993cb4999833abde68dd80

    SHA256

    30a969d689d57487a5aecfa8d30c91571cd9556a589d240a70a3b38ee1abfa08

    SHA512

    73c76f440b19e68d3c1a2a0b4c2d475f448e9952255ffe71e039711eab6d3ac3f9d58ce12942045baf2df3bdb08faf1cd420062647b8f9a6e98bf5797fb6e8c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6FD4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7064.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit