Overview

overview

3

Static

static

1

4336e9458b...8.html

windows7-x64

3

4336e9458b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2024, 16:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4336e9458b18419977f67478b98c620a_JaffaCakes118.html

  • Size

    57KB

  • MD5

    4336e9458b18419977f67478b98c620a

  • SHA1

    d278ef4f43e2c5a05baeb2dc2fcf3230d22326ab

  • SHA256

    6393d8e737e3c777c209391f844a2b9063962151a96485fbc817ce05daf8b737

  • SHA512

    d6be09faa96cf6e665c839589fe34feac908ebf56b0d92652c15c6e1c7cce582ed37b5b4c2d2452cbdeecc9a2322bdf27dc19450ff86c6a5e927f0da9ffa7340

  • SSDEEP

    1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVroFMwpDK2RVy:ijnOPHdsR2vgyHJutDK2RVroFMwpDK2m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4336e9458b18419977f67478b98c620a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    00d2d3627d19e57e2818ea96cfc06c43

    SHA1

    3c084efc42e2e0d76f3c3a533584f904148837dd

    SHA256

    c5c01e919db0470b08189f39cfef1d012486ec2931054b211aba44bd2bcf221f

    SHA512

    7b7263f6de8fbffb6d1fa56823db65b7dbd9eeb61f97c9b126bf241c4b4456e155e634ef2c9a43ee90a514b7146ef664f1add2f49cd153f949d9a9462e16abb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34494c1359c194c43c850112bbfb518b

    SHA1

    978c2d8aa41a0220b3f4719141f3fc0f1d489a9a

    SHA256

    fd242e1c1eef7d8bc82ca470d5bc205c563d3cbb1b30e1feab2216715d14ea10

    SHA512

    57376207823919318cb90165207052674cebb3758a9ca9c4515cf83702a98d2a94f857db3caad96c70502db67e758cb9525a087ca1e1c5cb79e6e1ad3317af14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8558256d3d0da448705768ea03aa9b4a

    SHA1

    0bed7db34023e3d963e492e208517439b351af01

    SHA256

    110c81315a2000a22e2b61598a510e9f3ca99a6a286fb1f4bc29c4192a9761f1

    SHA512

    8660499a347229d9fd511b4ebc79ff118af001bbccdaab6904905bd00da58b167337e4045d8a0ca99d73166b4f3dc5194c3036cdb7f27a1e8a446ee5fd969c41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd33d9f711d92e97914b105e9b04cedc

    SHA1

    349c233987fd924cf5d5145726e5ddce055fdd5a

    SHA256

    90e7d8b09541beb2753c1b984d09affa9ed080ab8a19488a2f911d73c5b65213

    SHA512

    459e42993268f689797df4570e582df8bbc15ace22d26174fece4da2c21dcc73686e3fb3e6f874059d27b22d8e18d36260d4d5df06312a213c32676d66fcc2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e3920557e529ea88e077c6538802872

    SHA1

    7702485df6409d21d5849e30ef7596aa7b7612ff

    SHA256

    ba7398a26c92ed2f9518b50de4e5361ab59a2c703cfb308e1bf76c3062a12a05

    SHA512

    1ab2c0b6414c3440e993f1f189298161d4042c5afff5f436dea410c2b4ca3862f56f3ede19509a4f968762ab647992ff3599d081e47af1da6d86b398a0dd189e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75435ec27200dac63e546956b434544f

    SHA1

    0bccbb17f2d19a343467cd22367a5990c0063c2a

    SHA256

    11fc1b3a458a1e399ab02db1e53c6eeaa5458ba8b0d1b679c5bc24783b20eb43

    SHA512

    b8368aeae2e2064c344b406a70ed69a077ab6eced85042c150205af86bb76f9b08ec916a55cec08d88c42b4a4ad163fd99a1757b9e14c2dd758fac774c751b82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b63be6294263532c2e8c6245be13c398

    SHA1

    1ec8f03a2296213cde012ea357e3ca4ada14c0d7

    SHA256

    37d11defd29982058236cbe9072fbcd16cb515cabe66aaac7522f3414b8b0e09

    SHA512

    805c75a804679e6143fb1a536744130096cfcffff730663004099b3ce5ac245634f0fde5b9d27b02101f9ccff5dd9cfdfe8253741609bd80ac7211d7950d277d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    606f9c8137f065d29fa6b7e2d8d783c0

    SHA1

    2e6fcc4f60764a6329aa9fd1660d8fc61824dd4e

    SHA256

    8d88fe2ff4ac701efa76e9679b50c05e2d3b60e14986c0e381705fd867c9709b

    SHA512

    fc4d7d0830abdb685066a08f4840bd062423b17bd1ed0fa0c7b5a776d5fb595d091f569f6fc0fbae79cb3cdc5ecd5fc6523824b9eba09c9c137c600acc092e3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2cc2bfb033f0c02e8b69cd3e15e449c

    SHA1

    6c77261d3f5e954383df6014324c67c321969b93

    SHA256

    06c854e106d276f03d2732852d5f6e7ae0c5e64b3e773250803395a31886a8a3

    SHA512

    b87280dfa5a249fdd6b4629fb0de949b400891d3c0accacae8e162e5449581f79adca32ab22795bb9ab45dcec4d7da8a33fe2a8d690b8aa77d29afe37ff2878f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75d98f87ff338a82fa502a7558f2fbc7

    SHA1

    8e214e7e9162ed52ed287bd5bef86c00ab208201

    SHA256

    a26ce7b0260f0be907d4c23cf6c25de5cf181cff51c97aed72114070d2cf6231

    SHA512

    8dbedbf6f3bd5c591687b20df033295708cf8d4030711f848dc8f3869375871da9ef081698f8aed1e9829eb7831df5d60ec2c360548d43e93f9bb15e24a11fd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7eaebb14cbeaa8e7f3cc887cfcf301b

    SHA1

    6dc0b49f7fc030c765209c238bccf49ba71fffc2

    SHA256

    743391d547eadeb6453ca7b04446eabe78fd4bb2cd7edef53c8aa47c895d9b8d

    SHA512

    20a7edc5eeee3675fac9ffcbd8dfa6b8dd9192fe31af78f4025ca4d0fa1f11ca357aa7a812ac79a6facccce476ca88739ddafe1bbf20f500c7d2b771647c8f9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4fa92dea9de3c969101e41ee514d122

    SHA1

    128c30e352727cebfedb6f62cb2b64a7fb698d26

    SHA256

    54aaedd6ec7f8c4dc634b808f1822c2d7cc946e73867cbf4811ea093644ce16e

    SHA512

    1d097e602a605934b808566797e3c517346c48c1a9b4199871c987ecd1e3457d72710cde4959b97943a6680fa9d5309629f54b9553708a931879df0cff05e566

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d156a2ef8db51ab3ea98d4cf6671354b

    SHA1

    0434b90fefa0a265e22c095e94b8d549d70562a2

    SHA256

    b0ebf32a49ac8e4943b01ecda6e22efe18175bdbf8fb5c6adb43ba17b01a548d

    SHA512

    04836c6c35ec0f70cb565ec302ea3d60197b1e45da9dca8bb640181aeeb843daaa736abe6be83e957941ca594220f594f92368924286c58b8b6d5086a3190d3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    806ab6b72c59bc5bafc769409ac4e730

    SHA1

    3a836f8feab5778b2d78db46791615eb11eb84c6

    SHA256

    feaa9d2eb9e03cb55634c821f5934c34d493e5c77843790a2ab321f3cf74bc69

    SHA512

    1ce61b51c29b3a0fb98eae6f58f85757a40d21a12898c3798b6766a7166b0db5a22ae2ca97c12bbe8d3cba06357a50c0ba887eb26f23858b989f45863cd6d5ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AS91FDNI\f[1].txt
    Filesize

    40KB

    MD5

    7a5290415f62d55ab49dcbe2c89dca9d

    SHA1

    66b7d63eaf9ab63296381b3223b81d73e908e909

    SHA256

    d990cd9ed308863d297c9fd1af34e28a81527a985827bfe5c5d55d6b339cf778

    SHA512

    d72cadd043383953622a1b78f0b9334e11945da803f76d4b14cceeca32d3ff203a2a10e0ddde6705011e5e31494db3eba621f00fbe6528056e88b60238345cff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDFA6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarECD4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit