Overview

overview

3

Static

static

1

54d00a21f1...8.html

windows7-x64

3

54d00a21f1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18/10/2024, 01:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    54d00a21f116f7f01c89ae2ad3c4db1d_JaffaCakes118.html

  • Size

    8KB

  • MD5

    54d00a21f116f7f01c89ae2ad3c4db1d

  • SHA1

    bd8176cf0f293adea9b8d1ccff6aff0805e32e19

  • SHA256

    ff6b7fdd42b672f45ca447cb3a6846c89aaa2c24c34dfafd6fbbc31ac329c028

  • SHA512

    122cc1d6bca98c6db526bdfef2303a2a947a059e8e9c3ddd94a1f45daac6de5160e92b2245fd3b7b3e4f9bc61337c964cc688b5b6ad3621aace1736445595893

  • SSDEEP

    192:CJ83vqzMnUN8rDHaovHvHQ8DdHfEYuzJD9uJO:CJnzMnUN8reovHvHQ8xsBMA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\54d00a21f116f7f01c89ae2ad3c4db1d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9a93543ce88eb579d380db47a7e06d30

          SHA1

          897f1127bc2556d802d8259fd172d1c3de7ba0dc

          SHA256

          26ee102aa2b3bcd8c800183f5e3997d2a7e54c7985aee31e08f58d81f7e9955e

          SHA512

          37e67191a33f22537c5e349377a36c79405bce15058a2586e093edb20b6623a93cc71cc88fc18ee94a2650afb2906e587fb09c38acb165b0ed690095c3f1129a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          422e70307be65d23263d15a415d4d489

          SHA1

          438f994d86f01aefad7f33deb3601034b990ebb4

          SHA256

          6370f630cc3fe893f4bdaddc2406bce7c5de3ff8993a4c9480eaf02799d07c29

          SHA512

          492063e90006c44c2172012f1b7dea0cedbb9a913a81d0189bee98df401f66c2075009ea5e6e3f49b89593fb9ecf2316bb0deae2035fdc9173800cede9ba19ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f1face1c14b054dc49ca58a1c8fa8a3

          SHA1

          455e5493d7b2b5912f371ddd47607b66ac43db10

          SHA256

          f0d5c3501b03f0f1e8fd7b5e0f66660091e2c669ee981c015556255baffec4ae

          SHA512

          c065eef20fd5f20295cafd18ad174f6fc4b47a3d2ada2834d3639bf4ca24f3116d0eebefd9623e6bd20b97f990e245f41d5dbc89bdf2c1897aa97da6b4ef258a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3c848925c7128c5e31de343e5ed55ab8

          SHA1

          b3e4a8ce5b6244df17045da7e68509b6f21494f4

          SHA256

          714c49aa2e75661573d661022ff5928d6b9382e82b724d6fdab2b514b32e6f61

          SHA512

          151a3e730f5a19a47137f3db0e19b4d517c97f889b4406c9ddfd96e42116fa2b9b6545232ce3c453c27bf4d60ea65340e92fbf39423a5d3b08dbe7869ef5f083

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1ae52db44d4d026d6a9c1347c3ae3ec9

          SHA1

          f3f8d595e7217cc4ed3857c21b8f705f437d91fa

          SHA256

          24d01156b418638022a2a6c1009e4767a571a442653edf45a7f3d4ba3fb738ee

          SHA512

          bba4e28e85acf2cfb8334b7b2795e11a84b5986b9e136b7f4187208b73db78cf48c8cea6dfd46d94910e0a7891d7ac3508d87c567e5578ef3666249a2a9abe6e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8c2549dcf7b7668ee115fe604734151

          SHA1

          9fe08a8f7c96d71963ed7b82b9485abe85dfc58a

          SHA256

          ff56a183343c8d839c96f9e43a98bb0e275a57ea4194b98aea6c79f7b847eeee

          SHA512

          824826092ca4efdd6be94bdcf94cc5db873cb64a962230e4974528635d564f39626785ab6e72820066ef5ebdca80a821304f6f0266f10312cb9835a2b05c8ac6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29a81e3156fc399547dd130bda7d8296

          SHA1

          ea2c4658fb9b48d28f76fc9657bb3a9c183b83f8

          SHA256

          5d5f516a1b67f17e33cac0d130fc1333479cbe39909fd3c96175d6703afdc39e

          SHA512

          aeadf653820b13a106de0ce7635503a8691111d578d8df1fa4278c53778d21fd53304bb09df2053e595dab540a659b1ec097db4a581353fc9323fddad76a8afa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab22EF.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar234F.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit