Overview

overview

3

Static

static

1

527711cb7c...8.html

windows7-x64

3

527711cb7c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    17/10/2024, 15:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    527711cb7c40dc1d52528cc151ceaddc_JaffaCakes118.html

  • Size

    20KB

  • MD5

    527711cb7c40dc1d52528cc151ceaddc

  • SHA1

    4d8856b77bac64c83af117a4d0a0f00639d0c2a2

  • SHA256

    a2e2bf38e2f929410ca4d5705892a1f318d0f44fbc98cfe610c7e41fe0796917

  • SHA512

    b3fb1c268ef10f29caa975746b5102b172d2af393a29976be1174d18d0c1a3d4b738266dbac1e655f824f8904478ac47c303d4098854e67d43e82b160adf557c

  • SSDEEP

    192:p494BdTEXCn3pGGfEpVjvI3q88JhavFVVzxmj:SoEXPHpVq1OkFVVzQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\527711cb7c40dc1d52528cc151ceaddc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bd91b4fecb22e094cbc69d631c83552f

          SHA1

          931eef993a2fe0e15dc79ce1429a85fe37ec3cee

          SHA256

          ea1db424734e75eb4568cfa260aa67d4a67c70680ebd79b588fb57a9fd2acfa8

          SHA512

          d555aae12c8ddd2dcb868a86cfe8ac48eb5239f7dc75c1f4e30cbcc39d26732e0a0e8fa948897eb09a0ca73dfcdbdf62b13c4d16463a3a7f5db89fd74c696a8d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c47b9777b903052955e1a41aed4ec6ee

          SHA1

          05de5b064c653f7aa8e7dbda6cd6169f31de5dc8

          SHA256

          ae8a79ef4af03732a008ecc12bd9c3f20be5f6f9fd62d0627cd78370d408b06d

          SHA512

          ca0212c2fedabbcdf71ebad2a9e1a486c50bc2411adf4c501abaad05d2334f316a839e3d3415a637a71f2ab3aaa4b6bab09254c63729d92640b48c3c90c24d3a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          31c4958eecd5244f8b1529013eb57c5f

          SHA1

          0d3078cca53cfa7e4bb96a02bca994d6a5b9f3e7

          SHA256

          59bef1756eebf643daed6fc7a4b0bdbc4835107223828705b364a82671f06f9c

          SHA512

          d57a0058afb951e7cab42ceb97b7a92a0ca8b82937e74ae66663d44e2ae2bea369efca2f8716ee9cc42eea90b72669abfdc0054ef8db59f7d04a5e201613f672

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f709fc1aa8bb2f01bedeb88eee81b055

          SHA1

          d23be037f339d0f40e2cf5c2fa7c73882a7164ec

          SHA256

          9d962ccefe90996f01dae8766fe1ca5fee4df551374a766d4e1dd5e9aa4bb931

          SHA512

          7143eb1dd547842e0a3f039214e493fd94bdfe90915bef2bd9fffce2a3575c758b5723ac0ed010c194ffc469f23dd440779a329d88826cf756c3b34df80f9c68

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9867c226be6a954a88c0aee6e506eb61

          SHA1

          70b2ff2c4dc4801e7df6b4ae95e98260aba78e6f

          SHA256

          3de2504cfcf95a58e48890ba18a2ea438f1a18d876426a2a6b066e9d5df10faa

          SHA512

          11f995e3f9c8bec304870f9ab849ff1ec3910608e0c2c8bbc9a28019bb5575fd5c137d60afeb0e3ffeb81103d5b9f8897ac2275eba802784735082d83c78f5da

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9bb56130babe153c2a570bbfcf635145

          SHA1

          c3a8176d288bf56d25f2aa1990acf83840a1254f

          SHA256

          4499ad5920b72397591d4f551e166f8f4082e50840c5da1cae0759a7c3e21a22

          SHA512

          0a676569974b068881ac936e8260f83372c430062f77962ee9883e388fc12f97b3f2e882a41ab48c05e46a21a442879d0e973234679c735a7d7f40be5afcb93c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          80b3fbe212ea5c693f20bbc3f225c043

          SHA1

          b53f5acfee69b95cd4ca686b6dbcd5e74d14dde9

          SHA256

          569e1216ca32aad185de28a5db3e0ae2ec8174130e479fdaa1681ea2907c7467

          SHA512

          b1a6ffe57e6a22b6f583185b9756b04117ebacf3d426413a01a94c21ff810b9d221521c9b083f40e5b72f2ff6d34bbdb9411dd6fa25474fd2c5c33d2c556029e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          292cfcd39618af07160f1c2a2297df6c

          SHA1

          683352e253367e8476615e089d497feab889daf0

          SHA256

          f49ad3f1fe48e29f54b3088b30e8a6cf9e90f12b1d0a6976cade2eb7f3c44570

          SHA512

          3968a9580dcac5c1005cbc87d642b3c422f95c25ce675845b1ec5c62afb054cd2d01e424889ed74e8bee4c50f863e305f116d4e3572b67ffd22f515a96cbc72c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ebda7a075756e139a890faaab031998f

          SHA1

          178dc385f4ce87a2dddedfe1dcd10c3502fc7a3b

          SHA256

          3126c98211e272d34e1bcc795e823830d6a97ddba4aa4f2e7fe1bcb503aff19e

          SHA512

          6a5d348b13216dc2a224abc1cb5f9b420cd023b20de239235209e93164f65e6f0664596a6320fd04f970b1638f66837331a6b8ff4fa83bb442354737a2a43f6e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6cceeeb87f8733552f34b057088e773c

          SHA1

          786913f5df13462eb1eba9ea23c89bf264ced638

          SHA256

          dbb124e4092b2f7c77205a2bdc97d9aba5dc484526717b17b0b74ac8113b516c

          SHA512

          fd40779a0cba1309e11f796c0c44156afe242426ff1cd236d6f1850ffc4206c06faed6fc39a1dc40715ef2ec80959d05598592e3e6b5d8c84cd735d1f45e636b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b945a89bfd7509417fea757ac9a3ced9

          SHA1

          2bef122a5bd7b9ded510568b1abf7d34f61b94ed

          SHA256

          367c0b010f1b70d20d13c093142ea8b71cb5f5a7b0c42f6c03946d28e7477e43

          SHA512

          487369d7f66d8685adaacfed0cb4c182f0118af6a1fc9c10c34ed02903467d194a02aac3818344e01f180669b8df880ec700f67fe928df003c852a5e61c1663f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabFB70.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarFC30.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit