Overview

overview

3

Static

static

1

2f806f45bf...8.html

windows7-x64

3

2f806f45bf...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 10:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f806f45bfb7a59a8bcd0782874f6057_JaffaCakes118.html

  • Size

    37KB

  • MD5

    2f806f45bfb7a59a8bcd0782874f6057

  • SHA1

    bef52e4efb0a1b48b51a4613fedbd649b9f5fcac

  • SHA256

    c15c6bbcc3e836529dea8da117c10735cdf37e99ce7e3dbb855e7c06e27c2964

  • SHA512

    97f37ccf5c7c60abfb937d9dbb0f899c1baea4d5e2f6a964b5d520f250c111702f917059aea33897b21c9ea0ec8817b988e0420438f3e7929129ac788affd967

  • SSDEEP

    384:DvzcTI9ypD3HbhmgGTNUwWI6cLDHcQpDGwGH3EKIroKGWuuhW+tI:DkaysTz/6cLDHHpkzS8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f806f45bfb7a59a8bcd0782874f6057_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9096A354A7A3E42F3F619F51DB75C6B9
    Filesize

    891B

    MD5

    6c397da40e5559b23fd641b11250de43

    SHA1

    5f3b8cf2f810b37d78b4ceec1919c37334b9c774

    SHA256

    513b2cecb810d4cde5dd85391adfc6c2dd60d87bb736d2b521484aa47a0ebef6

    SHA512

    0f0369b90ef4930f59bd5c0091067200828bde84ea703c1029ec5603cf4bd1084f0e7e15f370dd5554a9e310d60bd01ba54492e2e6d6301e44609033ea9edbc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    2329454149d6ada8e21c5e804c60fd67

    SHA1

    b500d071ec97b069092f228b5f3931c2b8f4014a

    SHA256

    64b8fa9ef8d5f20a845e703ecc14d986c234c59dd5f2d7f60b5db11bede4dc99

    SHA512

    4952ca8ee922a98cda862b7a78ef2def5eb88727559d1db9fb83e7c3fbeeed33d16d85eb86a35329acdc65eb669bbb0a57d94ca3092daa8a20acd12003a424fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9096A354A7A3E42F3F619F51DB75C6B9
    Filesize

    282B

    MD5

    bbc529e735d99db8c840344a6ba2da6a

    SHA1

    64cbd7cfec136bbca8f58e5aa54c8a39d2a52d57

    SHA256

    b0098f26a8f7087ddc6b715547e7ff5887c676485d2be2385cacbd573723e374

    SHA512

    eea5175c994ff9df7b2bb2eaf556077167d2f6a416e8d83b245038e35f4e2af328dcbb7bedc1408e66c3a0518cc2ea66fa86d8d5338c814beeb0d5cbb50687fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    744db707b32281b418e176ea04ef124e

    SHA1

    6db6b2c6dc12f6a437105cd8a370719954e2c0c0

    SHA256

    ddd62aa4a4ec9f13d7e465c2174eff5d41e8eb4f5c9ef015c46c875daa73c85e

    SHA512

    586870ada053300d8370d42ba40981b927e430f719b545b17bd90680f7e77363a705d04fe53337c8a1b26c59969327972c6212bb09973af984490cb999c7be58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eda67d0c09a356fbc88512ebd7645dd7

    SHA1

    00001f1d05622f76b7f3e4d38720b6a779ee1d13

    SHA256

    15f517e23e178f12e676b9a55b6887c5d1dbeb37d4b81c20ea4fa3c404f8fd47

    SHA512

    59dce681e06ae976c0f3d2bc41349e61b8d17448159f8d9ac15d81820816bb6c5e4424be30024eabca96dfbd3776fe83fb773ab0f25cd78cbcd20746fd441952

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afdeea0809a767d4f55296ca7ec248a1

    SHA1

    d33d5d2e7e6eb5890b618b89767efbd0710ea66b

    SHA256

    fd5725c2ae3a1539352c73b41ab044e8ef5f4705c8e56e7b85929124495e4a4c

    SHA512

    95f4e7d425ab694e9dfd7a6b39293c38e7c89f9dff51bce852766598f8beb46834224482f5bdf51fd0b444e5a23efd816647009a7cd4f0348686a2dc085a646e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18f75648a16678e887e84dfc3e03e24c

    SHA1

    c59df067de78cc6f5960f380602a890e524e76fe

    SHA256

    a80d089f194871e799a86e993000ef2ba74b3b42f844827df7d891efd64f5e17

    SHA512

    6eb92a16c291f10ab931ad1a5541f8bd3da84596bea0cdd5c3d9ac180bbbe1680e6e9fdd3cf9451a2caad52ea47244d4a393d13895c4ac356777f9a8c54c208b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fad394f0d747f1579a78877a0dd7f8d2

    SHA1

    8bd2210db8db9fb4b69559629421dc3e44335ade

    SHA256

    3e8d90acb56761913fdf4a464eb1e8dd7c38ec94084a64e74b3f3569e0b70bc8

    SHA512

    68e769ca604ec74494d65ea45dd115361ea7ce47798365c2af18cf4a55bebb3199a8b65298fec4deb7d43f1778345d7680fb11199b427acc4de871a2de8ee229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80511b50acebe4a03774de42f382867a

    SHA1

    eb1b9160a54c16156580b5da12aea6aba62e1387

    SHA256

    89d239129fb2f59988710d899ce2f601d082cf4dbf91c491a866056bc71b6f5a

    SHA512

    df96e9a10f7a528f32e28440fba557a326861afb25f89bb0fa4013683f7cd994704263bd3da13a5400229e7eebe0f7b7fdc5db430bc294802c31b26a96b19b9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2da58af2a375b2a7008b89c3aa928cd1

    SHA1

    5d0ff386b0b4f30cf4d58e83d8e94235158db5fa

    SHA256

    989fa05b2452627352901c6d0d99721885e177677ffa5de321140f6702a17380

    SHA512

    6152e195c80b8e79160908256d355a1ba66b059a5424a738834116bb0ea12b9d8714b78f9af57f9d6966c9726524dae939f80d5cf1d89d87a1d81b35f73ed829

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    2ea0e6f3bd8ca489ae808feae8bdc1ed

    SHA1

    c941fc35216dac0efea07cc472b267221394aee4

    SHA256

    0d6d28b0e92e2eccb1ae5166e2b5a94d137dde3cfa4b327b7edbc2da6ef956af

    SHA512

    2cafcb0c8495735b7242bf3685026797e2a007cfad7b0f8ce77b9f224f1cf3f88afe544beb777685e97962447536dc16893061893892a317122ad084fee58ef6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    30d6f404ee3690d7d19266b3f886ff83

    SHA1

    9ff88bdfd578f51fd49d80a03dbb5a6a4cf23716

    SHA256

    f3f1799cbd3a7928455b28fd48324fab801d6d190ba3a7ed215dd5f2752c49e1

    SHA512

    6a904ffa2ae573e9a409219242f2a24db17b916a0263e3ec70d32a9fbb46c12eb49fd827cf392a13e69644d29f684ff5f71bb822a430796ee77ed144492c76bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    19ba1d3ed811cb5b0fb86e90ec5e1bca

    SHA1

    8bc5506077f913d493aecb7a3d6bf8bd0dca473b

    SHA256

    959b1ce9378191d0a86bc68046e447d702ef50f2b0091150cf29093df5c2bab0

    SHA512

    727630ca21ca8e564732b3b53f5c2a50fe7c14886120c2146d46c40221f385661b04a893e0d41215ec9a02734468440aeedf1bb7f6a880cd81c1a8502bef780b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFA96.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFB16.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit