Overview

overview

3

Static

static

1

826b4486d5...8.html

windows7-x64

3

826b4486d5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    31-10-2024 08:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    826b4486d5dbb131bdba2581f33427c5_JaffaCakes118.html

  • Size

    9KB

  • MD5

    826b4486d5dbb131bdba2581f33427c5

  • SHA1

    63754f4ff03daa602f083d369d6f70415055159f

  • SHA256

    ba9ffe7652b692bdd8b01f65b3dbcd76288c4cce349b11fbfd330a6fc7c9b8f4

  • SHA512

    b5f041de32a04bec6dc3ead197bb3380ba99f64991512aa1a8b56d35a7c72ca73e22c6d5d9c7eb20de4eb951eea77802dff1154eb9368874033ab6e74c13a9cc

  • SSDEEP

    192:SVsEUJRDJyjXIRKDvo/nymbJY/Tm779UzSjN6jT:SiEUDUFI0A9UOo

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\826b4486d5dbb131bdba2581f33427c5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4d21f2d32f21e9eeeee04fee8232e23

    SHA1

    900d63628792809914a2eeef62db7f3370ab3d13

    SHA256

    f7c6ed5c0fb25b1823cc9fbfe7a5ed74abdc9d8e8bee9cea251914fffc42436b

    SHA512

    a9569e37b607fb768b14ff01b14ce9265033e038f6fc1976b3e64214e6b402e3bed3f267556f4a6f50cef9eb4c6cc735581fc50e38480f1b926a699f462caf9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eaf187bbc928a606413940dec6fb0815

    SHA1

    c963dfee228d6b9ab66e2b2dea2e81765ee5317e

    SHA256

    0b65f8f52374f890753110e0af16e37c3c9284ec80aac031c47e897ed00651b0

    SHA512

    7158cc25f3f2bfc2e4fafba1e59658678dd5520b54c4760845b60497108fd2a01a28b3afb096f938d12f9c2fc000b6c1cb9fca92cc86ac1e7e2c2f415ffddfe5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    102b6aeff9e9f22ce812a43b440e1800

    SHA1

    aef54785c60962fa94b7f5c316311b1ecde160b6

    SHA256

    9178c3c05e433dd09a2f601bdc8db57d7d24b4d194cb7b8c1655bcc61a14ffd3

    SHA512

    2a57196c4324fe6f44af370fb82c436730b8facb1de95fc166f57a505732d2b57f4a744337e6c7fa91c362e5cd5d32aa0cb74f3c84704c390290b334b4d5eb6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8f2e5ad57646830907ec528321eb48f

    SHA1

    b612b44d5ab09d4a73868021bb2ca165d1e8fe65

    SHA256

    c93ae6ddf6409289a59cb917ef0cc67cc39d98fe1f6a3ae32cfbe2e3342e8ebf

    SHA512

    4fafa595cc5944b520423c3f4248f130d1bddf1d2d657d29a86feb83465093e85c5f8839fcfe898037537fe021dfd715e0b1aaf665c41da03ff34d76eefecae3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    792754141bdc9b686985108bf4f2f0e2

    SHA1

    1ce76b95227c1e26de52a9dd93dcaf6f4200a23a

    SHA256

    6f4c492b9eba28686861f6f177cc099311ae01056f94e660419284c576728b7d

    SHA512

    6dcfc5506e372ebce2efe31015223a85fc6570f0a11f9b747bc578d587029c4d45f16d8e0c085b46bf37f49973e75fdeefc93033a9e2757b504a60f8f1624c51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b30f7aa4a3160c070786b230c9cfe7da

    SHA1

    9e94c54a2b75640ec3648056f84a9397cbaa8f09

    SHA256

    eadd448021a428cf0ecf2eacece9e46c415b1ea765dcd23521337f8d0ef331e5

    SHA512

    267ebc49e9fe53f7996d2bebf928f472a97990dda7663bff43cd2feef88996cb87ba1475c7e009fb43a1ac73ccfdac3f35edc00c4f5325facef2820501719bea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fd6c1bfa064b76cd4e94e524e882ab0

    SHA1

    e0fc2d293d4a535d7c02db919e8645024a27ecc0

    SHA256

    ad514f86963c0835eeb4b8b35c2bb9049750d57feac5753ba6fca25035e137f0

    SHA512

    c79b01421e787fb82427553f39751aa2e4231c16aefde6c363501345d663d6d760b6c780c945b800ff5204c43adfbd0089948df71d73f39021dbd949d8e601e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e966bc94463c93a883d51e3fb39c835

    SHA1

    e9c1ff315dcfc1bfd1ede2127492f4ffa658c80b

    SHA256

    d1753a39243a40e42631cde4a250826810d51eb7ee93ba3600f60a7f64318c36

    SHA512

    cf5a707f47b3c7e4639d895c13526854eb7bc5fe65234c8240e273c2e62c909b15299682811389bb001b4660dce68adb9f664edffadccb50287170fcc01885d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    832b2ada3ff5e6a11b6e8ee8016836a5

    SHA1

    cf31cd5c6dfe4431818e4cdfad70652156163de7

    SHA256

    25cc346a6fb61e9f95ee6c4e507981e04b777e389f0e349a6f8a53b007fa9af2

    SHA512

    8dde629f5f389cac57abec02460ea9ec3ca247211c82ce40afde9ee0a96a4e99c9e12de25b1bb6a37800ab18fc1410355ed53c57872ae228b731f54580328016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6098.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar60AA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit