Overview

overview

3

Static

static

1

4689b1f790...8.html

windows7-x64

3

4689b1f790...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2024, 07:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4689b1f790b9f439c723761120e0d11a_JaffaCakes118.html

  • Size

    22KB

  • MD5

    4689b1f790b9f439c723761120e0d11a

  • SHA1

    18a1ae437336cf75d9b70ade89e4c60d32941eca

  • SHA256

    86293d1ada2c67edf2919dde84e64bdd0bd859cc16db387f346b9cc5c88eb587

  • SHA512

    e0462a1dbd920a4138ffa27f316074115da607e828719346f321decef4c7c48493daf6a947c5f91939dbf359f57ee88f47ddb4a4dd04cf2c1ad5d663bedc2c03

  • SSDEEP

    192:u8IDv+GwvBk8X3isQHSlBFS6WBsxcCyTj+I+UFD1OZ1Oa8OSTgnuv3uLxFudNC+b:ZZS+GshNld8qc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4689b1f790b9f439c723761120e0d11a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2968 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:896

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e9f513c8049749a7505f4fa6960b4e7

          SHA1

          16d901ec7505e1bfe6481f83784b792de87d7d35

          SHA256

          f3879e5e40035d25a9cf6fb12a8408fb22ed166c1de072f952cea572ea16e244

          SHA512

          44ad5cdecc9b8ea7156aab5cc706fa16feecbb3587ab330d84cf095fc484aaa57a21a3c34cb13e3456720f7649c474c30747f9c9060b6c4b3209c7349cdac10a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d3051c3583a362df9fdb56752bfee4ce

          SHA1

          f36c2094ad24ecb1aef4904c19b7a89a9765c870

          SHA256

          bf0af04028ed49302f0eb7e47d285314ac95f669e819066e337c7c0433156e09

          SHA512

          2a27b3c03b444cf50e22b5433a755087ce8a8bf06f69b8415d47bd1c67dd7d5e89695ab01e90f23829a7cca6435e6d6572e531100962a469a58b5adcfc0ee420

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cba9a2262a8c79bccb231cc13be65326

          SHA1

          da36e905134b383714d2bb14da884db720d34562

          SHA256

          e6ecadd1049535e5594034a322186d82862c6ec24f80a900cd895a8b9084eaed

          SHA512

          9eae330712ffc581e2cd6f531db29b7f0ecf96d8c0ef56cbae4cb217ed5145431b552982b7e7c990d2241ba4c2c42100728e56d04d353dfc9c47f181b31a3a30

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          73acbb2ebc1dd19ba863bceb3d525177

          SHA1

          652704f8896ae2fa5614a5de42730abcd750aebf

          SHA256

          50511e594a022bd6a50369a2888f4b11b100ef78007673b855cd86a33f1ea228

          SHA512

          14973552dcb9b7b1bd71756ba0e1a2231961c40ca224422ac543b24553d496ca95b7044591d939329a813df0dba41af853ed57132a00a1cbef0c50f13d18b22c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a6b8a33426f6e6f0e9817c77444f321e

          SHA1

          f0e0781dcaa3dc4087161526388b8475243a0be0

          SHA256

          85b2be7bc6ad0601c6a8795ebb3d13efbf3fe153f18e6bf3876234b4642fd227

          SHA512

          d2aafded89c1a12066e9bd62b6ac26e6231178603ae300918f05ca9a3c0e0d9be13a20c3ade3f10fd25751bd01d6dd31cdf13d8529f15bed66e545eab046c63b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          629eb75261d0574c3ce3190281370dbb

          SHA1

          2c3d15828564ab416000ffcc1ec812b06f6c590b

          SHA256

          7596eb31eb5fa7b9f4fdcca63e64482facde742361892f4a6a9b7c5e709ec70f

          SHA512

          435ff88e38f12f261c47648a89bb3a21d233a084ac2c6582e701fcc608fde48666a53bb569f961d3821555db3a298a303f29187bf350368b47e1c595d8c836c4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          921a4a42935eede4b5af0894839012f6

          SHA1

          1593179ed8fe727291300b252ebff3c69254168a

          SHA256

          c48afe15d22293a2655e4961f9b5187b21565dc6757af27d5f364164d1bc614a

          SHA512

          4031e67712551e8b830443d43461d7f97b9c08cf309397c88a82dbb82ec6880e50fd85f9d84123a496ced00d0b08b833b1b2c232af5fc23bb8e77a6603f93bce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1e3eb3de2c46722828ecfece0705067d

          SHA1

          9e623f0ae699c9921791fa4468055c967775daf7

          SHA256

          9823964d6dd38a828cd3f3451ddba48f6c664c5a3ad63888dcc869dfd956de99

          SHA512

          34d00b1ad16841d4a1f50d1922c0f300b50aea00c06e9a36617a7e50827f0ff2dc7ef888836cfade8a3cc432bad9ecb31d9acd51019158ecb12d8509ee4ec0c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          42bad62f0e19a46984e5d3d81a0fbf55

          SHA1

          ae2d7f8c2feb5c1a8618f434c6c9dd6df395f5d0

          SHA256

          b47fe2454f6c8d75887c50dcac37c8a59d40392cc3d1374dca606801e4e7430b

          SHA512

          a7422f9b04b502c477c32f0d2db77f50e3664ba2af8600ce436b377ce7ceffa96f25756c4a3b29fe72a8c42808b1a132ffbdd5b05d0878a006329b66cc4dec1f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW15VCHK\extras[1].htm
          Filesize

          795B

          MD5

          5d8d79c3cb9af023240b1be6f5057aaa

          SHA1

          df22980677b134e83d878893f7c7984e0d78a240

          SHA256

          e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

          SHA512

          66f432b622cee0bcc06cbc0f833de1471ea36c295b4cd93eb848d97e69c2252acd2fc8972db51ea35475a424f4d6cb5001325525fb04f71b8704eb24de1c4008

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab561.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar600.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit