Overview

overview

3

Static

static

1

41e3383005...8.html

windows7-x64

3

41e3383005...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 20:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    41e3383005ebb50bc991238740631110_JaffaCakes118.html

  • Size

    29KB

  • MD5

    41e3383005ebb50bc991238740631110

  • SHA1

    d4e394b2957310fc2ca2af0ffe3719635e88bdb0

  • SHA256

    4fd0187acfcaad28bb287a988c95e98155b4869d067895792f3abdfb32bbe547

  • SHA512

    4efc3d227220e0aadf7d496cff8536d7838cb09fc6f4bb40564eaf48145b59a9c7a0788f1783540646c203c86983d9488cc4d22720a11114b327c7c725a3bd3e

  • SSDEEP

    384:qm5G0dtWnsSK9hj5wD3+3BxA6H2DyWlDrnjvIJsp:BYsSIkUJWlDjjQup

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\41e3383005ebb50bc991238740631110_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1600 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2896

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cacc7333708adeec33492c89688ed1c2

          SHA1

          d00163a47458703fa0cd77e0ca489885bc17da2d

          SHA256

          a6748e99a9021cdbb5e87a5eb702f70b8ee00b01aaa8c55c8ac11f51a45dd4ea

          SHA512

          a6b7b5710c63301a4616519871fd7d1bb32460ba0252d57b33ea4d93b6e4777596a5345a29194ba3478c5ae3295808f139eefef085e3eb2ba94344e95a21e503

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ee34373566256bb54a8f990bae7113bc

          SHA1

          8cc4024cc40e4d3d60c31d58e8fb6e3a9458f0d8

          SHA256

          c21134a2e9c74f93721edfed306c945b9776c5d2ce778fb6874faef64597368c

          SHA512

          1a8cb255a68f1e63402a1ee6a89ccd1f808e4384d9b72f5c894b826677441d6245f4fed0e02aae2e17e870b8124e11c36df13e8fc90d7d3f50477e8455b1f119

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0c52372124130358d51eca8f6685841

          SHA1

          907247ced01e3a2c339c08b2453f7b25b56aff01

          SHA256

          b99bccc9cc9c47d682aabae7bcb884c29f3dceb0c16823f9ca94f4c7f6b31cf7

          SHA512

          12e747eb1e180bb1d7fed9fdcf5263f54decfd9dbac50a7435dc874f30aaa32a20fb7e0a13e4c8e8a6e9b25b1e0737eaf9a80bdceda0a39f392e380c9e145101

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0784435b4bbffee2f001b09d4edff695

          SHA1

          3627a369a209858049b98052cedd3699164f8ac8

          SHA256

          8ce960a26a4f55a8d477836dc2e52a8aa19a07ee844708a62be265370169af67

          SHA512

          b2e34d83c5726025d75bd216d88f8c6a062a157a30089757057df44ca811699d7381088c9daf42f1f46ca4c8404ed119e521ea03d637f5169e89166a34b74ead

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dea4dd452a42a55dca10834cd34adee6

          SHA1

          8c59ddea159fe6c1752ba9e82b8dbae88a36ba44

          SHA256

          4c2a26fb1a8fb0fa36a13b1ceaeccf836611c39e2194da9d7cdf6f1a054b67b8

          SHA512

          75196bcfcab287865aba6b1df71c31d8ab47d2ad09f38b538e14c973a5c7391018ecae4bb04ff55efe6c7fc26495dfbf35814654b899aae289765398012ac2bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a44ee5b0c3093f60961a3d3f42ee1044

          SHA1

          b7a157e662a903c88c7af1ccfeacef26eef054ec

          SHA256

          2c78be590684b8f24d76614a80fb52f5b2e5ef8ae9c68152326a0d8fdc57be8b

          SHA512

          a880db6c66bb19011e7bacf708829369d4dc2f21d6be43fc2a22803d440026d47800178281aeb8a0c369521d9753e3c6e01a00c960776553a0788c3c1883b697

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1df3917464422b407a0c2858fa86f9eb

          SHA1

          3f59581dcfc56365d8ad754d6dd7a31790a2b419

          SHA256

          9477122ceec8f02bf6a8968807869e5bff5291fbba962a7b5662f7715fd48afa

          SHA512

          9018ced785f037e06ff2101d6bc0f8e0274a63db07bd4148d8dfe9dd738b39f15880a3075a533ae85fb10ccb7cc978d9b957ff4c161fcf3e8e871849706f50b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5cbec37e16ec857e7edc0616998da22b

          SHA1

          6237f8f23259ba5c8c0466ca6deff26407fb78a2

          SHA256

          be01541a4c4a8d33330d8a9f9b3cc71833e47643f635d4bf10770b2c142f9899

          SHA512

          fdb42f62644509f57d1364ab465917cdc9db22aef1c82b3b2179fa982c054ae9479e5e69ce33602f84f144e9cb50dfc30849705f57815c25793b2a6efaab4d0f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab76B8.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar76DA.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit