Overview

overview

3

Static

static

1

2e4d1591d9...8.html

windows7-x64

3

2e4d1591d9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e4d1591d935ae6ec26b0acf68d2c989_JaffaCakes118.html

  • Size

    11KB

  • MD5

    2e4d1591d935ae6ec26b0acf68d2c989

  • SHA1

    d3bba11c65bd6fe52a12623aa38d786804f6e74f

  • SHA256

    69579f5f9cd42798247a3df3f64b7d92a8df84c9173e81ceb5771093234c800e

  • SHA512

    c0901602367db05d884002ab0ebd11802c39e3b832d1be153396be73a999e38726cabc0adfdd056ad5d345e57bf8a48990397cd512abb172026a4556906617db

  • SSDEEP

    192:2ValIsr0r57MqxhT8i/w1wvqa1fRLOXuBuLbdU8d:salIcIQqxt/ggZLOXguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2e4d1591d935ae6ec26b0acf68d2c989_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0599abd92482fb10678e41e57dd0d6bd

    SHA1

    4337422fd08d14b295f3087c83ea5f674d2407ab

    SHA256

    07ffff4d0fca544b7c716933a7ae63c23d19c510eb84ea86d6528a5d1449e79d

    SHA512

    0014d4691db4b48e67e605bf4d73f186444fa5b1cb6ca52ef276fe83dc07444a81c1f6012419e24c3dd8a5404e0ee27f907f640000dadc9e54d668d70a5f7576

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    203599c48affd2a25ceecd01d46ae27c

    SHA1

    6ac1a1908282df4b13fa6342c680de9c6c6a1eb2

    SHA256

    243c7a02aae0060486b7cf88d495e3d4cea5dc3638fcdedc4282bd9fcbe2a7b7

    SHA512

    02cc47835710aaf24f2712291329eab3153b6b1e3be749e6251083d01dbdc450def7eeab4bfe8fc0fd64f55e5737b1348c8ded9d5b72b81f7072b5433780a97e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58ef8a99ab6a29a0566cd28d8a58494e

    SHA1

    927c5ba5d0a34f966d5fdc3d2182a00c881d07fe

    SHA256

    572d2d6229e37a95d589eb3c9a5d1c772fa871a260b8ea4768c7f5bec8381d16

    SHA512

    eace808f1bc451a222219be7946e4a6861c634b0fef0bcefcf79bc98c63b4b9d1d0e6d9be6d793add8ec811a25d2ef31000860e181479a1b48a0d3aafac81ca6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db606d4d04d21973622938c6510a26a

    SHA1

    e293656b0b0c9f71a6ae846fabd021788f56f126

    SHA256

    34de523a83470c2f43a356b63c05481e3a4454a379941b27a685455559ea2116

    SHA512

    ecf52cdef7c7cc6bfef04e58bd89e8f5333e40357f3dc5a4f029c25c1de24202b59d24591befee95de11fcc43a196b221ccf781b3fdfd90790c1eefc534e6029

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1009db50cefd9f4b1fba58bf075f665

    SHA1

    0d9cc6810c3d6daa1e4d47b618980c37a731c99c

    SHA256

    bdbdb479d3808078950e3a093890c416e9e8058a9460b92b4f9e9fbab5f5f97d

    SHA512

    29425d5809344f41b64e406985512fbca63cb9d6f46471838c2e95b5ddeb7631de34d4790bb38f4b3b308818eaa5b332e5efbe4ca2c4382cb356a9470420b96f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    353446739c01c514d7766825c6dfa0f5

    SHA1

    141da70cf3cd5fe65fb3dc6bfb5d0888001a1a0a

    SHA256

    6e7bd188fdd0a92e0aebf159ec82b32a12fac9e31ade27f1e50207e35a6e963e

    SHA512

    d3fb101ce4b4d67c05dd6cd65da034a4e17c5f092898fc71161962ae32a920a276e91aea19486e53161d4808c986aab1697e8d796b6817e5bdba545621b5eb45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab15bfde47bb72c75b591fd1aa647c0f

    SHA1

    992c2fb04913805b334923a38872f7b72d614d1c

    SHA256

    66d22665b15989957bf370cd3b058e23a0004f4a8aaff47b3e8ba190e9f3e921

    SHA512

    32e65e6f5bb8c0c17a39240ffa86046713866712e38430eb4b8c609fdd9413b1ad5913237ad7cee3db6c8693268450da780c801f2d47fbeb364994e6e8967b5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e94c73e34e47a205487a00beaaa1c46

    SHA1

    974215f4dfd5be1a14a3f71e2801938a4d2d8993

    SHA256

    32dbd3b00b25defa52671e368002b6f51535196c55659e582f643c6b58008f2f

    SHA512

    7cb6a15b6324e8670fd3605ca0c64265447dce3807c81468dbe4d589552c146f082a8011b035da71bb0f0524f53cc94f4fe4fa52d14e91d37ef629f2149559f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF1A1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF221.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit