Overview

overview

3

Static

static

1

b4f645847f...8.html

windows7-x64

3

b4f645847f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-11-2024 05:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4f645847fa4964a35e88f45e5300c4f_JaffaCakes118.html

  • Size

    28KB

  • MD5

    b4f645847fa4964a35e88f45e5300c4f

  • SHA1

    b1802cc93771b3bd2956fd879a0aa3f1291cdc23

  • SHA256

    97f48841150e2892cdcf33a208bc51a55f897b9b854dcefadc629e99b0cbc12f

  • SHA512

    3dcc7e324ff5d8c38ae834c8c9d587bb9a95c91dc343d8635cb476cd7158898404e81daa0700368d86b88f6d64622d5bc4b121f2072d9a1f3f0f91bdfe7b4d1d

  • SSDEEP

    384:yZTfMFqaJz/VoUKTCCxuN9zlv93Q5rjT+A:yZTEFP3oUECCxuN999+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4f645847fa4964a35e88f45e5300c4f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfa9cb9729ec31374f16bf196bac2d46

    SHA1

    f89377e1a0233c7f079e84f428ecaab5a07ef5d2

    SHA256

    3e7076d17f66042902a58a7fc3605fe20176f2ee9092cca6a00216a65438b92c

    SHA512

    53d5ac96fd7354a054954282946df3a17283bcbd05e7dafb878b143fa5423d7e9aa10e4fb6e9743338abf0f6a5854dff611bc3a12e98b9ab4f71f6d2d93767cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    912def09a0ee7f72addc48b04dfdb4f3

    SHA1

    92fabacbcdc17c81b488f107525b98c7515c022d

    SHA256

    0b4696c0bbd921758752938a7810095cd9e7272a3461e94c0f90d16cedcf074d

    SHA512

    3a5cf15d0cd7d1f66658a77d456152a502b54d742393c8dd1d2b338c1878c8567d67f16c5bd8edc2e72fab4e701362b1710f5b0218e20d5738e73ecd9b98251a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18807e255a67289940fcaceec3a0e975

    SHA1

    1950414c578829534daae0c9836ca29be849a06c

    SHA256

    1f88fce193af00bf26418d054d947c6517edb1f429fd173226e6b6afa8919d1c

    SHA512

    2dabd6ea93582356204bf0da8d4ed638bc01e80bc17906e83f5c031f24aad22b87823d45c0d142c7b4803d5e45dc9ffcb2d083de294284385ed26ebbad8d4ed1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffca1e7144d9e63fa5e70256204b6fa9

    SHA1

    9c98fdd302bf589c8ff2bd07f7c6eb00e9d64506

    SHA256

    21734d6058159ac1b470cfc5380b6c37def952b8ca493feb573c0ce515ef929b

    SHA512

    7ac7ef253d6a5d014ff484073008eb602698492e5c6b902f5419609cb94795009dc6615194e306b9451e9bbdc5731d30a4b47b993acbfdb200d2f76d81e98f5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9c387b855d33100e868fd73e78691a9

    SHA1

    5aab6cf84efe66524f66c111bb5606dc04bda907

    SHA256

    52524dff659e862ebf7bd9089a98a5cfb07bf2c2b408358debaef54c1bf09a92

    SHA512

    4962c218fc774d64902e228f0cdab298cb4f24c7344c2aa2488cf270c566678744d5fa0ef21b8390052c8e3018e4ef73148be9d092956af40449426c98855361

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fefd2403f4ec0e0bf7666589387a4928

    SHA1

    686ee031fc37eae5cade9f72bf348793469de670

    SHA256

    dd126d147d731ab91bcf5878e272faf76c423d9d12aa307207670c36ae51519c

    SHA512

    063e537b26f89aeadb8a6761b9c90a96f59994cbc642dd2cdc887c0a40369b82fb7ce33b85fcac4150e917024d25fd07f06d313713d6e7b748a00341c504275e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1d8bbe71f81eb05d209bfefe2be747b

    SHA1

    20b231c0ce597759fc0604521cb42b4e2473a871

    SHA256

    8df03db30550d572609b0968980abe44330812a34fc6f77941c8c3c4cbe67cc1

    SHA512

    823c0bd9d36952348ee51dc56f4d2615bcbf9f1eec3f934fca95f1c955959805fdd705ff29124f93d0d1d50c2ef4d717325225baacd08bfc4ae8e6a7e873aa6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e554940d95dc717ce8fd7f4e6a10af9d

    SHA1

    26a5e3bf3446a45b809c028b5829e9b94b012d42

    SHA256

    237e633b7ce36358268298a1ffee9bb0798e05d07fef78d3b20596f28245e2ef

    SHA512

    09bd49f449d3fe735a5d89c029a113794a1513123920b2ead2a9322239be13392ecc9d9b2ab6f7538055cc63f6c0dd9419b5219336a6b74e48011ce30833bbc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa5313f44629f130e9be949532334f8e

    SHA1

    011542b14825e73ba6ca7e55aa132a2938f05a06

    SHA256

    cb8c97abf1ef639d8c7e5f812d399be9011ec3892adb4af9f730637824441895

    SHA512

    f5ab51dbea94a42819c92dce5dd20e21a0b1739dc6697f7418a8640e6b294aee642ae6f577bf967b7ff334451b2dfdb84f147355845111f890ee7a15f1d1f2f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e81371223644542ff7e844b416b3477

    SHA1

    1f4251d7297136abe749c2c19f030a3634569322

    SHA256

    958ec9085e1cedef6e11eab41b1de96fc6ddcf4473132d428e83afff3660c4c7

    SHA512

    5654150621ff962a7b9f4b23e20c98f0595fc1261713a8d95f9b1874908904a50a0b433595ea665cc10df90e7fd1b43f9cf3cd1edc3ceb973f3904fe3cd1214c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    876b3dc860b1ca52731af4481d0a6e5a

    SHA1

    961b8fe50bcd19460f848d72aa8641dee1dbd7fa

    SHA256

    3f171dc1d5898a0fb8f211f57c82bd3fd8cd315ec877336056129afb48a620da

    SHA512

    40b06134d1b91b17171a2e2c8e8359a1e48cd2fb57d354be0aace04d16a71c9a051ca18c15ed5488673d5a4eb6d079bc056bb9ac912f376f4081804bb86e6b16

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFAC5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFB84.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit