Overview

overview

3

Static

static

1

2d1fa5c856...8.html

windows7-x64

3

2d1fa5c856...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d1fa5c85683e0aec2b86526240fde8d_JaffaCakes118.html

  • Size

    23KB

  • MD5

    2d1fa5c85683e0aec2b86526240fde8d

  • SHA1

    618937dc2e3e598f1670efefea958b2545f313c3

  • SHA256

    7f0d9ed482d0e81c1b7d0ed099626e0b12d3932be81219dd584e14a921c1fb1e

  • SHA512

    000181092c0e7edcadc57852f9431a1d7d470151e1c7c3f9010b515ef446661de9cd61d77c5aea8bf2feb7c41949f57e3fbd8bfc63441b9ae0fd9b7b7127002f

  • SSDEEP

    384:JOx7zq5685LiKj85LiZO5uWRm5Li6EYFhq5uWrEA5LiB0J0J5Li01+5uzo+qs7OY:Yx7bkr+W6Su01s+qyfn

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2d1fa5c85683e0aec2b86526240fde8d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b13aad1d6d2f4b8d0902847b719ad75e

    SHA1

    0095c32d12e0f9f5007bd1cd9a68d00bf84c7de7

    SHA256

    6a73fc9fcc956513dd7477751eee10530328c2f3f3c408e3eec98ef7cdc63afb

    SHA512

    579b44daf0449eda0fe1583d8b72c8de684746f2fe77b7732a3198298aa1e4cce8768bce06b31d3c6ff8e1b487c26229ed5b1638eb048b7c5fda043ee4a7d8d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cbf45602b581f81eec4d8e2a7a6c571

    SHA1

    b2ab881e1aa39da60cf878fd14ecee5533b74544

    SHA256

    221304a99ff4072a4f6ed8ad6425bd575cf27c11cd75020549b8f3c73a07606d

    SHA512

    893299372a073e2cf0b9e780d9c247051ac289971fb6a348946d9b8da0f0b466df05e25eff8a5341590c41546f2c999119bbb0c692458fda0e0b641cb5c3e3f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e203925022ee14807b1d9dc24b3e1358

    SHA1

    1a18f4e0b1194b05ff65b85bd19cfcc8867f559f

    SHA256

    4fdb7a59ca391c7b566af7ecb93358d66b9e757b73442b2d027722001c4a4ff6

    SHA512

    038ec11f7ac6b85d92aec813e5f492fbe983b1d94ef41ef3bf96dd38a96797a2cc5d149d0b269409258924aeb781376fa6bd7f121f65118d5fbf48a6e44c2fcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f007430ad831b76f628a2936e3f2155

    SHA1

    989418a1436380d6df962fa726b2ca894011efc1

    SHA256

    bfc46b01af2a35c25e6fb69cafb4f34479fdae53121cf657bd1ff8ff6c3ba444

    SHA512

    e200ab35216d66285cef5368bab8444f89d1c9be2199a921ee915bf3d1e9b5e6d61bc0d48d44474ccd0afb0c74d715ac1474d35dbe195e184710fef5d44005a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b17885cc5c2f0664b7bfee4a8f67cde5

    SHA1

    d00c877e2ccbd94e95016f3f24e105f998aedebb

    SHA256

    7052de62c09149d8ab1bde46b0fcc011e988a55f31ef7d13d440f012235f0280

    SHA512

    4b68812983001074a26f063a21830b0bb4fa870f27fba07c7d8ee5ba3a75df7db1e784fdf9409f5dba2bdfc84d8976d682b17fcc65524ed306cef2b83bb76e3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf8298362f31ec6607fee27f6e643f99

    SHA1

    abc4d2fb213172e1e9079cbafea2aa0c9c65c627

    SHA256

    da5598af4e60f2e9aee7debaf59276cd4e2573bacefdb030151626917ef94fa6

    SHA512

    bbc40bb1ae081f6caf756eac9efc736dc575fc1a75d21cfa0ab793e54373a3ad5dd451162dcb672ad9faaf64af2b4f1b913fb2ecebc0c7a77ff49fc2f7329673

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    420732b108a1022d317d41bcd3d4df63

    SHA1

    fc4554fa17ea5e5adc3f166d85f281420dc5e61d

    SHA256

    eee17c3d80b77fddd09c594f53435144f83ab97fcb543a58d1ec29de897ca769

    SHA512

    93112b0b8d355130cf06f21b561ff17e83edeff970865ed1c2c5cf90c275208ba0786ec3a52b6cd86bda4e8d7d147ce7228e1ea4959e11b88f624897ad5b02e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5074792dbb0e9d2da20c879cfd51aaf6

    SHA1

    ce57033e314a1f86c56867a363d2631fd2734c04

    SHA256

    ee847ef8173097ffb820885702f22f33cabd0c47697602204be8e524b9510933

    SHA512

    77137dae75e96fcb7eda0cc542926efe81565048eb43505cc2330b03a51656fcc13695be82a58adf14feeb468ca39e2bd5378be155f985f7249305826a464499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6193535c657040523cd50ecbe0a87c96

    SHA1

    704f5493533bf9a4b789c4c606f1ebe3253d723c

    SHA256

    97cae145e693b73294f9e03655a646c2618f233ba28e8e316754f421198975d1

    SHA512

    26c92574c64e4e332e56fa5edf23347cb9af0eeb029f5db0de950d8f6a1f72cf9007583858ddf0e76d924d005b1581b94e9b444a9c0b069327466cfe79617b0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    deeef016c22a45dd907791f53aab4829

    SHA1

    bbf911c1a6fe1a200d0dd8caa88ec485abf64c5e

    SHA256

    612b628217e1b702e89df36e331c1225fa6596431a7af61e2b79b94301f668cc

    SHA512

    e2adfc4a8570cfa3f000274531ab89ec44348a3f1155bf6ed562659bbbee21e66cd27306c7582c6360921006f16230db62dad81dd9a3324e78c6a99fe0db4741

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97319456ec6c5836c72bc582c234cb58

    SHA1

    42676f1de3551aac634d432d2ac419731a958a5c

    SHA256

    d3ce8d808d126950cec889a931f4d18dc4e8bf86d647f16c3b33d0644338a982

    SHA512

    670ff63757d5090b36600d98cc865588ce2c355d3f019c40b1a70156b066fb0f10b256a793184fa5c0d20258316be18a94f544ed4a59abd5c769652489107aa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9c9cf7f82e811d069f6473c75441533

    SHA1

    40f36a4871a37af5028ffa9c2acf161a8d215345

    SHA256

    6b2172b167ae39126bd5a98ceb97938a0b8e16386df3af1796bc4b11a5cf6113

    SHA512

    12c5c88d72dd9c2bc77af7d79a088eb7546a991488ff95a514b6bd712e5ca782f668f21888babf3f0fec68b114ad684a259079fc172f2ec7a543f25b729de99a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72a2e6d2ef7f38933e8af8369956ba4c

    SHA1

    d7e3ed3b03f69425c29f29a915f31b5480d6f4df

    SHA256

    f8d033b91210aba351822bfefe0fe987b8aeb663f016b1cf0ea097e2db240869

    SHA512

    6e9084c7f127b78ea54a4463be5c114f8045098b819703cd40e3677ef2a21b14ff468520768a487020c0ef8b057c8c150dc0f387074179be1fdcf47f83f78535

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e66a73e8df36faef1dfab8a82783f04e

    SHA1

    3a25ad412d0697101d565170ef9cd314fd9b2145

    SHA256

    91feb60e140396ea9fc150478308963eecf2ae6ca8f09a9095d8b0af2432382b

    SHA512

    3e13160b5d3aeceb20cdc076e67da765fcfa4de54cfb989018f0dc98d22a384f4d417977bdc4468e964eb5e6af79f7db2686dc91195bc6c305624c584e11178d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25151fddd27afe7a561a0c4261ce26a2

    SHA1

    6d28b53338d1f61f0b0c3da8438c7e0a02aacc1d

    SHA256

    bcb4d9a996c53503d307482561937349c8de60e79381ecc7a08113b3158abd6c

    SHA512

    382a83b9cef1f6722a341b6225de2bae78e9adb5cf352d76b1a02241fa223f5b1ef96eba85430204a32f1ee0d62b2e92dca62ac5d42bd7c0fdf259d2a561299d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5290ac4fcf504bbc3ff194bf5ed6890f

    SHA1

    9ebe20c195756dc6a348f151d68d54c9c48266c9

    SHA256

    c659316ee634038263b5b706504de70812589314fda04b48dc8505d152330759

    SHA512

    02233b9ff435ac3bd3d930081d7b57b1b12a1ff8cdff365bce2646e6b012975e15a58c6977a5d5f9cd835961813bbc47f451aed3e7ca90d034b6ac6986ff0edd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56KJ964X\ga[1].js
    Filesize

    45KB

    MD5

    e9372f0ebbcf71f851e3d321ef2a8e5a

    SHA1

    2c7d19d1af7d97085c977d1b69dcb8b84483d87c

    SHA256

    1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

    SHA512

    c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDCE9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDDA8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit