Overview

overview

3

Static

static

1

56d1914d48...8.html

windows7-x64

3

56d1914d48...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18-10-2024 10:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    56d1914d48456b7d7c4fc17a5f51d5d2_JaffaCakes118.html

  • Size

    11KB

  • MD5

    56d1914d48456b7d7c4fc17a5f51d5d2

  • SHA1

    984c844579c10128ba2303199cc154df9621c485

  • SHA256

    a8ee13db4428a15a608bd0f20c83851e4b47217a823fe7b302f7677cfc7dfbcc

  • SHA512

    d1e90f89e062e68eaf6f47a929b76dabba2bd3ad00c881f28be6966ed30f68f88ef5ffb1110da4d6751998495953db902da8703d23f5848ebeecf8feae7813af

  • SSDEEP

    192:2VFlIsr03MN8k/w1wvqy/B5AnRvpXkf01fRLOXuBuLbdU8d:sFlIcuMv/gc/B5AnRvpXkf0ZLOXguLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\56d1914d48456b7d7c4fc17a5f51d5d2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa9ad46ded09869cd7e40b4fad32f999

    SHA1

    20f94793e7f0aea266761c3030a976d92e7d1d30

    SHA256

    f07a3e13b5db67a4e75807c595252c15e23adcea28039c54f845a128a6240afe

    SHA512

    31d4a138f7535b8b1c258ba7a646bd3f7ae6ebb30d22d16c27a466b72e2eee85f916e473cb4395d5e34c65a9324e20ee0db346aa47e0eda4f16c9617958914a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe668150da7eb1d2741f98d0b49c6724

    SHA1

    0a264c9971277dc5498c38d1468191a01e03157a

    SHA256

    778420b714ba89989afdc6ad1ac18ed3f391b9da96014023b90d7ff130b20335

    SHA512

    529edd073459e547aa81455d9a529a678ae290b1911f0eb16e33fc60c066ada8e765ec96d2a95e3f3976e9bc68a431249ebd0ee61bb92cd908320ddb4d73c800

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e8701655393bbe958c25e95be6ab127

    SHA1

    4cf5f5f3b84c76d4a82e59f659098e15301111eb

    SHA256

    94f9b88f2520da9d6e4b2d355e8be471cb42e99e932cd41e66aed839566f00c8

    SHA512

    96590df4325cb7a03d6b81df21ae1f18fd28782ac5047fcfdd848fbdbc61e9c103a610d1b7a30dcfd221a3c54274dd41ac7412ec53822e1ce080af6991a4d435

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    426691aa05cd719640261c5806daf784

    SHA1

    bb40eaf7f737e1e2165033bbeeef87508b3444ac

    SHA256

    812d04396ffbd04a8a9ba07b641df7d14bef9a02a8a0ba8afb9fd199ea12f6fc

    SHA512

    ac679a3ec703e81a967320456ab51d6c9e94fa0ed3c8b16ae8b4d157a61e60f772c11ea332e81599598a826fb5908653a978e137ebd421e28ab6e325ea9b77fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3103a8caadbe8d31add2a44b04485b5

    SHA1

    01a0d8722695c7d8640b5ad01e46b3c724945f95

    SHA256

    eca6d5dbd5a207a6192feb34f8d09664ed9718e18e4c3213cb22dc81ab98359a

    SHA512

    1683b53669ecda02c813324c21895f1e26757b69c3793af57a38e174e26fd1445247ef49ac5a8702456bd8572fc0a4d39299533ef39a58614cce5d2d7ec77fe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    368c0d201bc0ea91d92f425c6b2816ac

    SHA1

    87c9cad7d6bb6a4946d8398a7d1adffcbc9ae905

    SHA256

    3df5fdcba74761013eaeb34159cc380e1fcd7a66690962f4a8ce55d5b961b082

    SHA512

    fe3a18b16f3d1c2514a88d36cbefe413b56506dcaae47b471010a6591ce8151d50facf03f79bbd7a71fbea72c4da5b5f3bfac42d814d80d601753b7e4c9e34a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9edc7fb746ce41d4a92ca7af6908f5d3

    SHA1

    95b79153742abd41ac69a20003e1f05f297b8801

    SHA256

    bc66d387ea499500d1a3f27cce743f5a7a46b2bb2bda83a762d91d47e471d562

    SHA512

    b89134283bcb867a83c196a09d34e21bc2d5a7aeed3d3da318a75cef35a66d77b97f88d996908a6df977ffa5a1448f3f3217d91caf2c8a185f64c2969bcd75ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    334078bd6dbb1aaefc4a8fc2f9904c22

    SHA1

    a413de15e05b7fc70b0cbf81d02b49a49a229c8a

    SHA256

    0d8ed07fd0589bd25b09c1a6e73f06ef1ea3f958eaffcc4abacb915fb5f20e93

    SHA512

    0df5bac7c43a3ac76c1657785b2f18f9b2d502bae4368af2958001596273687da037e5b64db19a8937fafe6791eac1a6ca572f1169d1a23f0b30547a0e4cac62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f5cab87cae6d7f897137c8a394b363b

    SHA1

    011e915eae8735ecb320d7f586557aef305d1b47

    SHA256

    079889a8f94f50204767693913ae519e4f7de8ebd330f95f61eca3895ed29895

    SHA512

    05b262e584c4edb4ab421cb18d88af869f013f8e4ccd0d8b4f0af08eab0b4542a02b89def7093c5ee9228837a1d93ea07b6cc24f61eaf4d9b887968590e33e46

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5208.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5E99.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit