Overview

overview

3

Static

static

1

2fd1aab547...8.html

windows7-x64

3

2fd1aab547...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 10:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2fd1aab5471aba823a9325f55f8616c7_JaffaCakes118.html

  • Size

    27KB

  • MD5

    2fd1aab5471aba823a9325f55f8616c7

  • SHA1

    c048f70adce3592ee632016a32b517f0d1713cd7

  • SHA256

    d239772fda6fab22728c5c28a7d743cacd47fa9f67389c80e0a022c986505bb2

  • SHA512

    cd9d36af84e8be03429c9463fc0a7622e9cd5520461a22b633c9fbb302b1cb6aae10f59714935f09e5ac0dbf9f77a2ed30ebe5af2162937e8b67866c9bc9a710

  • SSDEEP

    192:uwfgb5nzWnQjxn5Q/anQiehNndnQOkEntSgnQTbnpnQ9etVm60nQa/kGk1+Ql7Mh:CQ/tIviQa/QSL04

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2fd1aab5471aba823a9325f55f8616c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f29e9a396876d0338b242f62c6d0a14

    SHA1

    ed8d20c467f4cc0f58963bd961b0afb7dd986b89

    SHA256

    c88c726bb52a03ec2da677d930d771876f4890ea03a505312bb4237137669d76

    SHA512

    245c46452069072cf0ad8c47e72f83186ab536e0b9a312a8dfa072a6741898ca524a845da583855c263f55755363c38c3a0cf885111561f0ae1caae92bc27962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6f0df9055b5a8fa0c9906517f0f73b0

    SHA1

    a650f47400f4dba254947d291cc777146d1c6547

    SHA256

    ada07f467042349404ba08d233dc4be3d15d6a90b8d3c4cd9c20f21e03a93c28

    SHA512

    5d413b4d23dbda80a22699f965f106d5f0aadf367fb5f1c9f7c3803bf8b2a809492cb0ad987c431aa1ec86c3f8bf54f53a490a538485405f7441aaee9a074ff7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb65513a76ffedc5d3b16280a087554e

    SHA1

    3ca00655988fc283507cc463518ee4443017acf7

    SHA256

    d8fa56aa4310a9a01a6c85adb70c6813f43a8ed030f8bd7218c7b4d07f3fd7b3

    SHA512

    7f9e449b2f9e37d9df71e1a982560e3c36c2b6a006ab5b1f7a9d8892813d404c4729cc23741d81901a0c2b5e28ce8f751c40de87456df3a2a97f4252dee0b494

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65f1a65892c63484744114cf5052fd57

    SHA1

    f7f2ff88e212da5c9e5c765ba25b819a05f503ab

    SHA256

    2f1c2803c5c099d252d7788ae4684d8c8f59e37e1f597f5783cdcd67c55daa68

    SHA512

    bd80ecb87cfed436c7a290f7edb0c2752eb0f6108b94a8abfd76ca119ca6dfc3a0ae5a929b226231f69ec20536f46c1489b45487c7791e71d79b7fcf9de9aa4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a09c55724bea761a7599760bf845aa75

    SHA1

    05197e317c25f47066a7feebb70025edfcf5f269

    SHA256

    9b803f8216513da821d4663f471093510bb12aec851ecb0d8e976fb38f175158

    SHA512

    ad6ef2e9d41005fc89b0066fc368a1397ccb6faa23db9c8b9b8613cb2d6b36c9c4517923d7e11112e706098e6f2aba72c19b27f6d30c826742e40ab09dd8ba33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    809690893e7378ae26c71e38b6efcfc1

    SHA1

    cfbfc4863261e3e16cef69453c517ed02d4ec6fd

    SHA256

    e88d589b2d716a923a829dcf23b10dd74b8c33d2155d2a37cf49923cdef216f5

    SHA512

    4473aaad4b0a0b568f7081d5d6fa17d04508faea2e3f89d9d90d982f902d8bc0cb936134415f3c0d7c946438dfddfaa979cea73161b8084dfec5670b68683719

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    692e119bf7aa2156608827147977fa98

    SHA1

    a51a190e8f81efeaf8982aa710a6a6d54b15aab7

    SHA256

    a6d0844274d8746ece2c804d90bc26fa03cb3040b2ab02ed3d85e3188a591123

    SHA512

    efdd14a71bf93605a737b042a9c01167b1bc3d95c72b8976bf1ba095d05edf7ab539fc1a14e779d1bc35941a40a9e6d61d32b30a0678a021d78f5c6a63a1720d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e73ce67c2880f965b93fb546226f7efa

    SHA1

    85783f378b2f49f68681c2fff9554e9cf74053ff

    SHA256

    de2239ee597f020eb1cb45bfbb0fe21b2337b89b5496a63367a64c0d78c9791e

    SHA512

    b7914e6f73fb003b9d5857c0a69afff9263be620cbbfd02998aa900cddb763b3e0522cfcb9fd03ff0e1acd5e34313df51d586c58525753f6a261ac2af58b7e5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4860c47a6058f64d1a8faddef52f0423

    SHA1

    4fc7c8c6e0cc0bb532df48e758cabb317c9d8a70

    SHA256

    1dc273055f87b4acc387638bf30b30ae18978cd5dd13c811be12a3c373cf951b

    SHA512

    3c292bc7af1bcbdfd6e04f18a2afef84d066d876099188308a4dd9cf93fee31206b16599b8b117b05f18b9debcf6bdfe26ee83850958dd44c8ebadb23ef4190f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c9c349ad8300e1eeef244f1dd23e41c

    SHA1

    e41483c63aab344666ef4ec6b43cc6beda761b88

    SHA256

    a37c4e89585d6f252d6b503464732a950b631ddc001644f0ae5c65155b0247b4

    SHA512

    80278c45c5930aeb67ecb9ab197f2da6f8427bea66444ab63c6e7e3bc33e516312fa056ed587cd9de99d3d2b67a397a121bc7d0c028514b19b283244f5b0a41e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae7a881310e7e1ff4c5d0f19c419f264

    SHA1

    00d4333646105ff09f9a10362c4dfd36cacf9f0e

    SHA256

    0a59246c523431a7413a33a8bfb0499457afa6c1bba4ba059068e6e84ed19704

    SHA512

    54e9519c37b65da2f262a2d2b2e9adca2df54348d71338b6ab43bbdd8f34a2f60f460175a0246d00a46720cb5cb8020ccf86e8f21d4c1c3656185dd4f80c3e5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b616cb72821f7cc684495f524d82751b

    SHA1

    551b02406966c99238eee6ad6fefd168b10cf058

    SHA256

    8f2b83c453474fe3e8366d9f354af13121bc98eb36355bdac5158eb00c2aea2c

    SHA512

    95abf9973a5a2c1d54c75f851fc5d528d3af4c0b9fdde4dbe30c166fd1c291275047c45495be056b4ea40f48c3105c616d79276663f328e7a24a6646a696e136

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    debaf4f47da65c4c2169677f00fd5dc0

    SHA1

    8249742c0e082386c180d09b413b9352bdc0e5dc

    SHA256

    bfe76f574bcd3d97413d598dc7001e392dffba808f84ee8ccb826f4325dd6647

    SHA512

    8bc759251d45b17c9e689c58df6fa2e9a63b495e59f396ef1f69f8582783ff0ebfb96dab066f61fe1c0017df448704e620441766d1138d255975d5463086b630

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27c9b4f2eec7608e943627b8ac7a4e84

    SHA1

    4efb58e155d0bfb51766b058f0958af4e5f43711

    SHA256

    fdf2a4d26857f0a5d31b2ea3c582082e79e1443330e2b9c88e3b1b8a4988d61b

    SHA512

    8191280a90b3be9ec23b7a63942473f578aaaeb0774b14510950e430e29d255ac1703f2c08bcb9c23f16a65151f2635996fe60d4504d88f843973657394ba8fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9226a72db07e4e3b61f32417f10c10ac

    SHA1

    776bb6d5cac0532de90dcb040319b09e8e524692

    SHA256

    82e8a77cd8d799f8daf4a560b0a5e5fc8a6d6f33006db7ead6b541872d980bb2

    SHA512

    b510a872139e29fc10b29b129eecefadb4a15ae68b794430414a4d2a39e1b741691aaeddb41959d624a3a3de1e953e12d6a5eb6ac3a87606bb3d81508c9114a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56ecf340ff6938ec06deaf507718a9d4

    SHA1

    21ccd562f99ce675e83ecf41e4b388a9eeec6e09

    SHA256

    664c06a328621aab23f1c1c3e0fbfdc2dd6320c871acbd6c7eb3abe897a5b8f8

    SHA512

    b230e1284e77b4a31fc95ceacd756cabcd17438993155214be54882e60c6c025ab4fd6ac186907310bfeef0dec4086530365fd2ba327267dfe66865221677c5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCD02.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCD92.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit