Overview

overview

3

Static

static

1

56b0cb4def...8.html

windows7-x64

3

56b0cb4def...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-10-2024 09:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    56b0cb4def357bf9a88c406624a5ca05_JaffaCakes118.html

  • Size

    30KB

  • MD5

    56b0cb4def357bf9a88c406624a5ca05

  • SHA1

    9d769fa1d1abe13db07522264bffad85a17f6cfc

  • SHA256

    9e1ed64ae37f06673148bd22a579370e861a01d1240f629d824f17a0bfc309be

  • SHA512

    67079fdaed06f68f6fc91ef103266393735eb86d66700fcab56ec8bf3ee8230254cbfd33c0b4e2fe97e021ffb81020b4fcb9e1cd3fca132c9c2e25da9efa1b2f

  • SSDEEP

    384:qu6bKco0lBHsdgtKetixSGKrITH2PB8aIIWuKxWtixS2iMNQaGhzc1DRzs/oHDos:6lz427d2L

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\56b0cb4def357bf9a88c406624a5ca05_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2380 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b136a172d76fbb48d4604fe9060a236

    SHA1

    5a389bb0d8227fbda70e8f6914c72618559f80d9

    SHA256

    139b5b3a791418ed3718e99e097ed47b95e946bde37fcd58132284cf73d66ecd

    SHA512

    5da4e31e9652e0dc1a111bc42add607f58f24e0a5c4803928ef7062e66ddce2f0fbf0f4fde05ee1143c5794f492a2eb740704f24253c59997d47e1fa789ee348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d22abe05f973ca6fc49ac9782f21c16d

    SHA1

    c66500c54910a5f75e02f9ce1f5a49c8bd3d9197

    SHA256

    baab4a62158d0b6e3909760a881e468d8bd21e21db641c205f58ca362fca3321

    SHA512

    14bdadc4dd5054a841fc618c8cd95cdfa8ea6dfeda8b291804c12366d90871aa0ba832ff7ef4316e29b7200c5ee6872d414f7ae4e2f1f56afe5510997656f398

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecc0dade2bdfba7da7be8bbc37b5d7b6

    SHA1

    edd8a9016571f5818ef94a436582f6b8685534e8

    SHA256

    8d3a39b3c2217b226ee5f94c4bf2e93ae6b567695e4fca3ff3ffd82a9b800429

    SHA512

    449645611b359cd87a3e9164a4fe22ffc4fbd86015124c50c63579ff2e211baedf86f1c7ffc190a5b36f368ce707db6cb821b4c4fb098a57827cf9dded4bbf95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f16c9ba84b178dbe8c39caa38a76809c

    SHA1

    126f8cfc200bfdaf40740944fecd9b1a854664c0

    SHA256

    75398c08e38c139def52005e9e6b5eda3a8c7d52dcea26240d56eea79a0a6949

    SHA512

    96073bdcbdfe722a84c3ac7acc3e113119ddfcd7b780a8b477dcc0450bc5c8089ce9d1a1e1f6d6f247a3ec05be50573fb1fb1e4da842ffddc257bbf06e00908a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5d28ae261d9eced2d84d2aa305c72dc

    SHA1

    8eb90bcb714e04aa524e87752497b3ba1d31b7c8

    SHA256

    179c1a0707fa031346a6e163555f1dc616f6a42d4571ef9a798d9569bd50d8a4

    SHA512

    6f6463364466de18c9fac9028816459583883a5fb65bf20deda59d16e28f86c8eb9c42294590982850bffc1d037eabe76fa7f763e14462e59f4f1d7d3fc32dd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afee56df7c050aa5e8a3d885b25e73a9

    SHA1

    09217d042ad335ad6ddd470cc73c1f2170b008ce

    SHA256

    f47af74cae3100a0291a40d5d5ed3a006fb4f709bde81de7c1b7b37d36420443

    SHA512

    66e87a1cb63872b377aabe1df3491aa7ac3fe1ddf00ce71321de2cf8248d828e9b3131d215865fec27c6463fa83d4cbce9d10ac7bff951201260afbbf056a6c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0b9c28e4b051b2fd886c944d4956802

    SHA1

    72fdab1b57ceb42cba8d1f48e89a89286187b28e

    SHA256

    27b36c3cf10f1caa60e3aee291f875766ea7288f1e6da1630334bdd08c1b1b23

    SHA512

    3f7748ada63a692fbf6cee39741003791b7ef75bdb09844c25195431cc4443a9ce79c7394724decdf0113678f229f6e11cd79183ed7b041d3ef134fc6e4d7c5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e04e28765239658d9ec019ef02fc4ee

    SHA1

    186bdfee69ee5693b112f13951cc3853654d82aa

    SHA256

    467a229791a9d3be5f0eedda4b2c94628229e545a0beaa2f0986dfdd61073d14

    SHA512

    a8666849d886b37a75e0470fc797981a7ccc967c2c5933a7b8c5b8ed1273b7d20a17d91afbf00af64fba4d94256eab7f0eabb56278b07d0e7c144bce575ccdff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7e6bbe7891ddb6280718ec2fcda8771

    SHA1

    62132106ea7b2fa48b0842e8478f4a9ca7555866

    SHA256

    89fd969d96f27343c2ba3152a1b8721cfec81afaff17e3df8c35392f9522b3d9

    SHA512

    ee4e5af17dc21634d034b81560231e62dc0f58e29759bce0ccc1343e72f54a830d7a8b8330d6501184c30f47f77cbca886b7fd59545e4d34992ce80c754e98a7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEC0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEC3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit