Overview

overview

3

Static

static

1

3bbe674ca6...8.html

windows7-x64

3

3bbe674ca6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2024, 19:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bbe674ca63cab56f23a180cd779d808_JaffaCakes118.html

  • Size

    5KB

  • MD5

    3bbe674ca63cab56f23a180cd779d808

  • SHA1

    05f23b7cbfa2bfb5dbbf6ec0440ec12db01f04ab

  • SHA256

    252ba2c40e205e94bb3ebf7d91288f2dfcae529f39675675caec1e0f3933487d

  • SHA512

    3cb94c8cd827c3677408388fbfa6ba78eed2c312235639691ed2c252f8b197c1331f0d02206f1e8eb6dd1a41b0d46b04f68ebf4a0ed91338058c624bb20accc4

  • SSDEEP

    96:Ol9u0oeCJH4y8kjofN2TOoaOxszo2cQf9Xc1olZBZfSFGrigjUq:c9u0oJ4xNNHofuzUQf9Xc1olZrWG7Uq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3bbe674ca63cab56f23a180cd779d808_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66165c2ceceee78e3edeaf6df72f2c18

    SHA1

    c0f3a58c6894e34865d35cd7cef890e3e29b3f22

    SHA256

    26eb4b3a8d6a46467507754db46186e21cf09f70dd4e8157127bf2b69055c15a

    SHA512

    eeedbf166f5c97fc49644b55a2365e22742c8e0b7f8ad4b6afbb86e5962443991f2154579f135a8ec80b392d3bafb5ec9d05c8829fa19dfe58787f8e8e5d259d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    000fd5c43489c9e84aa0aa6d3e1130de

    SHA1

    281e2e2533d869e311e5f0f3f9f4f4aec144ea9e

    SHA256

    64fc76a9c04e30c9197d19f700c9771701f4d7ddf0b226a6b5e3d7e53c8dd467

    SHA512

    1ac6edf01da6c926ce410cd802ebc903a99eb850973a7150a93b814758f7bbfded4637237388303dff93825129ad1483eff5bbb066f0e7c388b18d73b1c6c438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df89ce6dcd126d6dbe9ea4d4cb10812f

    SHA1

    637c115a8b6400970e7f95d35116018fd14a4a0e

    SHA256

    16997136961695e3849a62cf18f3e867a8544e5d38709b803d7efe859128dc92

    SHA512

    2b0b9a674a68b591221640f798d2abf0301dc3bb7894730028010ad5b04ab165b5012ed52fc848f910842fa5f3f3b750871f7befe50584b3c186e70b7f018947

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33c647aa7c4a8648d96ae27e5665926d

    SHA1

    50de4b8d319fd22bb4a3c73932c0e2907ca04882

    SHA256

    0add64dcf2ae5f0feb180e099fe09e193979d94b13036add79cb27ace13f1efa

    SHA512

    6f46e61fac0c18a45f82709929012bf8fc41601cd7ce7a5386dab0e3c675377ef5042ddaa17b14d4b6b6117f3a7ceb6f575a2686fbb2e5ee308a907994a3c98d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    618a57f43ecaff0b98cdb1f660698065

    SHA1

    469055854b6c37870b7fbd53f0092d3f5104a931

    SHA256

    17887ab320622bb5e1bf027fadd489a7d433734ee7c673f66dbc3a58ba355e7a

    SHA512

    286294325114977d9a0efa19af0c1549e19c52f274bb1b6e0c67e849faa115613e6e01c16711dbb9cad2656411ebb3c249ce0255d99542ce7fd9809823626076

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5ec3285d57968b198d5b64d5cea4dd4

    SHA1

    4c88ea694d41a32a08c18446820e4eb31ffb497f

    SHA256

    e28aabdfd104c677589799171387cd3fe93e52e744ce60b2ff251458a82b14bc

    SHA512

    94d76cd1c70441ae7b71ca1ab9cc247d445b12ff50633f4aad25cb6037f809655cd3c4e176a95afb6fe918e865f5771339b626ddac151c27358b4518883850b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82e11cf1c72be34da68869d1ed8e03de

    SHA1

    8c28f8ca27dc6170de8ba5101feb908d02625042

    SHA256

    63cb38395ff3fd24f3a5b6d3ae95e1ea9ca74a2a0fc836f32f9f7bfdf5368c71

    SHA512

    2f28d539add776a7e2a92d554c1296eb0b37f89adeab9660b7854a4f843777e943469e5dbd9358bc86169ef1ca59f99fb2d3d8221627ff9dc0434889f6f53a65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1583cf48382fe9d0f464ab7896f2b05b

    SHA1

    ac9d9562b89cd7dcafbcb181504e47f47c6e6843

    SHA256

    1b659665c87e0e591fb54044092ef09ecae12b1dc5c358a88b8d526823c245c5

    SHA512

    6d21279e869197a6fcd39fd720342ba7236433e3f17549f4e7e82b33d5557352c59eb4b6f4a34ff39a2e297300920897b71b89a02f10d181c880a926f9d6e2b2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2A2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar303.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit