Overview

overview

3

Static

static

1

3de5a85ca6...8.html

windows7-x64

3

3de5a85ca6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 04:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3de5a85ca603fb632bb6152b47ba66b6_JaffaCakes118.html

  • Size

    24KB

  • MD5

    3de5a85ca603fb632bb6152b47ba66b6

  • SHA1

    e433af36e741dbbd5c29351b92fdb9dd663c4691

  • SHA256

    1cbc7ec06c3875c095fa2d0afbf012d0cb8e8d402b103ede6d65eeecb065f5d5

  • SHA512

    0512fb2d5e6c8281f573867ceedb80b32982da391e9c0da18980fa64335c1b787bc965bf3c68cf8c038cd750e0ce3415fd058a813f5f62788791f6892cbedd89

  • SSDEEP

    768:VWmjIZClCL+wsAXA05sAnhpyN4w4ox+4B0LGmBWi:VWmjIZWy+ws8P5s4hpyN4w4oE4B0LGmH

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3de5a85ca603fb632bb6152b47ba66b6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1312 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          6272b0c84989deca55f3f855a6d1ffff

          SHA1

          3475e6e7634b4dbaf58de9e1912c7aa0b765cbd5

          SHA256

          5eadf8a6d70fda999f197f417ba7873f3fab533bc2ea43b66bb78af6a7eed831

          SHA512

          2018f0cfd6bdf0b3410279d6abc2b35f2c73aeb956e51e3ac6641d625f8eb93dc573ecb47b30b1cee9511ef04d8a8d384e2af6d5ee65a38da9d7cdacca0d65d7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dea363f8adbaa1aaf5004dbef4b96882

          SHA1

          e7aecefd1632de4c5981b3bc6cff27eb795e95cc

          SHA256

          cefad7e947f606a974908f31fcd3a0721c3fec8eef62bf3ab990d28463e1b6fc

          SHA512

          5532e5d960d0e05ea4480a68cd9d3fb4a148cbb86310e6e51d7833f35a97360bbd56b2be23bfee8339446f4cdc9132363502157c9a743590af22499eabe454f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          214a60060bf74070e68cde3488d8b3a7

          SHA1

          360fdc9f83a97b9308e2260a09c681d787354083

          SHA256

          d3c14ae5682032f6aed3e8cded7912f03a5da33ec695d009818e2a02a3efc437

          SHA512

          3e96778d2c7e69161febde4a5f6b9f25f901d07e64d5c68b31a7dddf81944aaf3ea80372c2ec3cac0f42d275f00b55d6ae3143c2a91c350b0680872c1e41cc38

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          308f71b3195b2c79152a1259b3c90e84

          SHA1

          e5ff1273a3fb61b6622ecf714a206c3986e98f8c

          SHA256

          46f25d5f08365afd2ead485875d331a3ae2e88dd09518900901e0e562f82fe96

          SHA512

          17a8f17c831dd845d015145ab6146f52cf116fdd0ba4559a32833a2065c85213063aa81437f52deba150b0bd78eab85ebdf7a0ad42d87e312ab1a6308b633161

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2bd8cee7237b8f36bc579ef0ca2368a3

          SHA1

          c9247bc587bc6e7e911a9522a4488bf382d1bf9b

          SHA256

          72bdb3c5af5bb416b6026340fc7a25a976d8e9b197ed05408d47547da8469d9c

          SHA512

          310aff19c3b0089a1627946060f96c82edfa197d04f7dca3bc26d0ee103cdab10c67789edeb4f0f30235c8bebdadc73bf3d572edf346de5c24690f4fcb1fb792

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9fca52a5b07b1cf09a1e01e4ae94228b

          SHA1

          176d996cdcd0fb9a892676c45f1b96db2407d63c

          SHA256

          e345a7a81cc87cec957f04817fe5357502b4b83df2a3ba2f1ac17e2e03fa5c4e

          SHA512

          b514ec42006d0b36e7a91bbcf81789d79eab157ca57cd57f6e0d1bd1928dc4a95cb433014e034ee3ba1ec72ba5bcebacbb9d3a18d5a822b3313c0679d9bf5fc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          18eeb2cb1f47c48395eb6b030ccd4b6d

          SHA1

          55601f59ae0d793598dc84cb645843bb9225c288

          SHA256

          e72e09b5e7b9b6c734a04dc6f74b25fc7d12927d633cb3866d08f3db164e6bd1

          SHA512

          31a43ea577e42c43d8357e366eb8ebacfda8f2277476bc0405d56f14ba6f40a09f1ac6e59dec04f9b628cde58d5f15c14f572d4f2503caa87d10a171f0b991c1

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQ313RR\f[1].txt
          Filesize

          40KB

          MD5

          7a5290415f62d55ab49dcbe2c89dca9d

          SHA1

          66b7d63eaf9ab63296381b3223b81d73e908e909

          SHA256

          d990cd9ed308863d297c9fd1af34e28a81527a985827bfe5c5d55d6b339cf778

          SHA512

          d72cadd043383953622a1b78f0b9334e11945da803f76d4b14cceeca32d3ff203a2a10e0ddde6705011e5e31494db3eba621f00fbe6528056e88b60238345cff

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD71F.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD7CE.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit