Overview

overview

3

Static

static

1

36e79de3e2...8.html

windows7-x64

3

36e79de3e2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2024 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36e79de3e264a8fc4c71baaeb411559f_JaffaCakes118.html

  • Size

    1KB

  • MD5

    36e79de3e264a8fc4c71baaeb411559f

  • SHA1

    57bf0453f65d797c78a75c7aea8cb1f048a8e195

  • SHA256

    b850ac7114e06c2100849534395a7ae9030843a8e4d02d2fbb702ce2da051cca

  • SHA512

    cffa94b8d24eb0c7c1ab0012b02a99db330a9713d19bcda1c35f1204d529ae2c88bf32dbb8e58f8d4339a3f8244d0e10e41e85ee4681a4ff8b42a18715ba2847

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\36e79de3e264a8fc4c71baaeb411559f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0371d8788069f4c29f7cd62df382bd45

    SHA1

    7b64d5dad9015e90de70e8319c47ff6f3b3b85c3

    SHA256

    e71821b54bd9e841c7bd516d59fcba4d64b27d66c2dc0a52441183f8c80695b0

    SHA512

    b6600fe82bcdb450ac155c996d67ef1d556f0719d096877e34cc28aae9dc745a030fecb47912b8991f0033edfc2bedc8e16413f49f62bf1bf788ac477bdcd8f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51f919814c87d01d3d5a9a78e2335120

    SHA1

    5201e892bb7b5064a3b2f95f3e9bd4afd76b4a39

    SHA256

    80f918e9abdcb5ebe1781e0d1b582e9ac3eb0060c6a4a9d58b109c2d81168f9c

    SHA512

    e7594f3e867a5f255aef16a559ce5b1885209a8e157ff0bce22a23c77c30b1f4cfe00244badac2f6a33b02ed8e6867f89075adafad2a28a878f3ac3ee39672af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95287e710db953a9b0f10f06fcac949e

    SHA1

    a8d9840007ecce997c063876e0e8b05639bd584e

    SHA256

    27ad84fce7cbc1aba15464b11413ed82c08ff2bfb5991d538e4e93f1354e2ee9

    SHA512

    70c844b6f19b63189aeece64ed6ce7715c3d2f089445fe3bcfa7356d89932ad4356efa5f38ef52764481c49d3d2cf277b2d3b017da8bf4deb1528bc48058de61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    274c8f6738bcfaf3bd97f77caa532210

    SHA1

    af4e54f4b4a6b591212602223b8a7f50973cabb9

    SHA256

    a6d42bd85351b4f143114fda0b498a230869dd39015d28cc8fd9a0e3b2e4d165

    SHA512

    c237d3c93f463f034650f21ee1d3782559d6bab4515d3c9498c9c834afa16f22b2eaad4012ec0bf1fbfee632bb94692f5c0f7c8dacd294d56c3d229e8a4b5af1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df9202af3805c7666b13520a54e72e95

    SHA1

    e2489aa2beace12c7899f22a5d555720e6f3354d

    SHA256

    bf5458c556d1a1dfa0af59780d653dfae21c85b3c98d1a77403fb3157efaae0a

    SHA512

    72e3165579b78e1083dbd622319b0a27ec70744cba009454d332a1696205de73bd4d669bb6d3466f742cc7d37a9f2786d509d85a7ab12fb6f18546978b8ff336

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    925da756c811ebedd10f87bb1b764c05

    SHA1

    58574bad1b0620798119c998644c97e94e077772

    SHA256

    3d4122d8068438e0959795ef650ca4ef69259964a1864530ef69c331e135e027

    SHA512

    45f2637277cfb0e56199aaf3efc668133024a7bb3bd14172cad4d5b2a50a2471bea057e91c923c60a7e7d802d0bc099163aac2b82c24339848ba7f2977138865

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db958937698e097510b62bcdd08efd9c

    SHA1

    8c4c49c3361541ad6ec53617937ccfe8780517d4

    SHA256

    0684dcf28528fb285edd1cc986c3527744a7302cc23d4273e43941d44aca63f5

    SHA512

    c4151e5a69e245cc31eeb7cb20049f8079da1921eee12ef2928352680f8485c34bf2ef3fee22872f594eafa5626e0bd332530db1853ebd89046c1f11589d609c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f87dfa82ec0fed00187ec8b2f311b46

    SHA1

    9dfa045d63a9e44a953179019001be88aef33384

    SHA256

    26ae44eb184f4b15074f5bcde0ddf10e2fc568645e80603a0111012c32b66c32

    SHA512

    325e00ba3950e138daddaf801e0c596ebe8811c2af6c5526cda273d5a5991e167ba3444f528ec7f630a5a520d1ea1c0117b24d42f7a78ccbab72218acab1a8bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB3E4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB485.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit