Overview

overview

3

Static

static

1

44e22f2117...8.html

windows7-x64

3

44e22f2117...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2024, 00:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44e22f211745863ec2b39b742754e92d_JaffaCakes118.html

  • Size

    85KB

  • MD5

    44e22f211745863ec2b39b742754e92d

  • SHA1

    1bb6ce887ea81eb3b042f2e39fba2307d6ea1573

  • SHA256

    2fe05f71d56b9b3e6bf13e3195e58e8a36b9282370a49d2a6ca515afc70c86d9

  • SHA512

    3949602febb6db4ec1514b022ef49da8776af777a27a5d55c58cef68b735b436637ee9d88f2e53a2e1238f94d627ff7e128260acc1f17af72c5bc3075924d1e6

  • SSDEEP

    1536:/+ipVn1BUNqvLKvr7R/wnV1WCUDSo0mjiMpbqqvmznhKv++nPLB1Vq:/BvLKvr7RMEiyuznhKv++nTB1Y

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\44e22f211745863ec2b39b742754e92d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4dc8a1654fa73d85e406d191f5ab25da

    SHA1

    18d3da7207d1f1b87f9dbaef867981deea009763

    SHA256

    f9b25fc338e92e78a49c3f88dead0cbfec2405daa2257f9b97c6f03fbe8c32ad

    SHA512

    f637923544264e3a2052480da015f5c6bbb27e63c69cdef757064eccb67cdce0fa728a5bc1ce3f829bfc92ef4e2a904579a4ed7a25d6fa278ff4b29d2e53a334

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d069b9feb07f8667e50e1589f04e78d2

    SHA1

    e92b7fb5fc065b30e0e770383eac9e40a005576b

    SHA256

    1e4e9b3c786a761eb84d57ea372fe976439fc360cb98aec61309d106e222d93a

    SHA512

    b3effe76ea9464280b14e56c11fb06b01a338c4c46fbf0bfd4cf44d43f1d40b306c0677cf95d30fd502eb34df80fab57706816c7da447a151cc4e5ba0ca47fe7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9ec96e6d638a77f683613a32abd44fd

    SHA1

    48a2e1d8669cf61df4beacb0788d6b2cd4ace2b1

    SHA256

    4ccb1ab6ad71f70e28af24a04d2540b043f790699616409d3af1149e7d7d0274

    SHA512

    c65ec60ae4371362abf58d28309ed867207c72195da85b169145d28ae4fca00009073e8b69416a0b64985d40a53d986334c466969528babca110ed03786899a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3888855147fa349c92d69e92a6bc9660

    SHA1

    11dbaa0b618901092757a4952ae2b0742f89d7a1

    SHA256

    809dcf1c7d4999666e54db484cfe0388b9a519065d186ff786e56c0a8dff2c17

    SHA512

    e0d9ec198c007f79f8f4a8341336c82589baf74353a18385917359e13fb085c188e76d58c10ceefc6206862d8b0858e0066c08438af17ebf188febed39b9b6ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e0962215d256698c0c5631705569eee

    SHA1

    0ed017174ee0127252cdd63298c1d630180680a5

    SHA256

    624979bbc52467d42e6f2345d114f5276f668bea850593f654fe738014fcb37f

    SHA512

    3409b675de7fb76324deb96d59e3171a0fd34f9edc81a16acf185f05575d0c2790af6362940978698ef87a718262019802b453392f2087e6d9d3a75e10179f0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60938bb531df7f2e43eb328f0d704293

    SHA1

    7475efb9c6d8a44588670b627adea2cdd2f34bc6

    SHA256

    e6d5d29346b1e87f58a4af60365a6f5b989197ac9a33d9abed5f01968b840abb

    SHA512

    b886cb42f71d7b3613b77d1c8afe89337c87f2f74c3de5d4ec0fe7a7dca34eabdc3793c31d242dddbe00d894e459047ef8cc827d99b740ed54823f7d85a755fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cd11c5914988deb45bfd75e3f902220

    SHA1

    53d44246c208891b61a20fba8e98f61b0660583f

    SHA256

    0f41262ba5f715bfe799b9616b58cd28d96a37a856fbfd124d5056e31a9c11a1

    SHA512

    b0c86a1995d2c7242147e7ec3cdbd6b5f5fdb6a7c94c9b4df893ad31a19265953e311f70741831c53a12f6b9ac18c7fc41eab943c622c3411782e3403a8f9db8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc4c09e24f3c2dec2421336d0e4331f5

    SHA1

    c979ad7f37cc99f58801865472aa33c14b2fcd96

    SHA256

    1d0cc1f080a202cca8928e3dceff1e30194bacea8fb19871bd07e402058af97c

    SHA512

    8fddf0be6eff43d82e8f37c6808871b9f49b4c338dce77a1afe69e9cc8291f4944733a1244a2120c1b6e659d87f6151ea54b0fe4684723cbdb00e73b54129ab4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2251df10889bbd9de95292d48edc0b9f

    SHA1

    39aee5e65cf545234f4333dd5d168bd04b4e976e

    SHA256

    b8dee3d58b00bd875c278d008d659598926b6c2379e8ed8b98305ce9bd052451

    SHA512

    9ed986d162b07ada328bc7df8e32b187dcb2379e2caa4c22db056ff11cc50567647a8f13d19b8733826656e07ed119639e630a092aa850f3e3b2cdb4df5bf10a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF97E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9DE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit