Overview

overview

3

Static

static

1

b4f173e08f...8.html

windows7-x64

3

b4f173e08f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-11-2024 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4f173e08f561f1abaaf53a105fe38dc_JaffaCakes118.html

  • Size

    12KB

  • MD5

    b4f173e08f561f1abaaf53a105fe38dc

  • SHA1

    cbe91219452b943884c5b54e7377e4e31c166c0d

  • SHA256

    bc3cead64a87dbf0106ca253f219617d077efc5d3cc3a3d5dd75acfb3e730ed7

  • SHA512

    b173bdccc585bc04475180e69fe418ccc3b8da50658c8bd52f877379552ca684e79602fec338da05d3b4c408e1c02d1c04e55fa068e4d65e09b8fb62bd48cb68

  • SSDEEP

    384:srlIcbVpjns/gcLBkZcnY1DA70BLOXguLZ:Fgfa0ExLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b4f173e08f561f1abaaf53a105fe38dc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0642e6741240376f954212772839251f

    SHA1

    03ccfbeb37611d521fc84e0fd74388cf1532bc47

    SHA256

    6f2ae60a53db5f535babea93c750e8be4ab1e04c5f86cec7f00a8760f0bc0d85

    SHA512

    7e5a384979bbc900176e2d957e75b555e3a09c703f8fb703c9f3b95653580dca68889a4c9b9ca5bbaefe79d2eb7f64610272c331e3fe9d8de68473c5faff00a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f2b749108ede7acfea395971e5b89c3

    SHA1

    2c77a61650aa9f42010543993a68c46c946bfeff

    SHA256

    cd4d520dfa0dc6dcb0582d9e46a6416148051f48a9f980f8376e21c3b59d4cff

    SHA512

    df96a32b9ba68b25a62d0541e06e79a77f793378fd43d4a8d890a699eb182a2516581de8674d21a44d4aa3388f8cf41e538a4e230fc9d13d43912816318d56f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4e5033e62ef35b32edc4ac5cf4bd22c

    SHA1

    06f9b703e4ab5f823849d13340841d0eab108a8c

    SHA256

    aec1048c56bc413a4a85f6c3ddd96b5d5641b7b94c0302e3122ecf0841c93113

    SHA512

    c73a06c891d7cf4b6653c9e515627e14745d5e2fa1141d82160c8003e48edba3bd54bb5b1ffdb0735fc8b9b96bc5e01748a1e49b8a002acfd0ec8d6570673f0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52abf37e0a8453f0c6e7ddd77cdd2db0

    SHA1

    6af37a9a5d2687e69046657073cd30ab2491756f

    SHA256

    f1f1970c175e9049cf45e6a0e68d0d7251c94c301841ea5393951e24ab7bd691

    SHA512

    17e43dda72590df2cfb9aed351cfa04fa3b3065bbd0afe8d5473ba215ac1b855c2a5c1ec7f8e4234590d7ee566e1a42c2fc1f12a74bf3d328015a156b787ea8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d87db1fd3e427d46e7c20296cc9d12a

    SHA1

    44e8255a33ce4580dd1d1eeb3cc89282222182b5

    SHA256

    f135857fb7bcea7f2aabf0aede7e2adf12dc9c79fbd92c8f99a7a805349814c9

    SHA512

    823b3e2e3020ebde0ddbe430d8fcf59b603e481544a1f694fd4a14d447dc6c0e3dfc791dcaecc2e6b6e95051c5271cbc1bc753cf315dbeb580c5e0cdba606adb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc212395990b3a53ec45c6031cb7608a

    SHA1

    bef28c253e7878e7c4b007eb521f494ab084dfad

    SHA256

    bfeafc62bc9915747fa6a522a6d311ccbed117dcc48da6baa95ebca6fdc2b73e

    SHA512

    59c5ae78644e0515afb92097b1ae94b9b1d8a3833579696b6c884bf5842b27132ea7deebccb79481eda9a6e269cf76f8f3a07301528bed2883fdcd9bfdb32740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18c7c98ec103c6f2460b7b6d52beb158

    SHA1

    2e016688ff55a0582bd763e051950ee0b27e3880

    SHA256

    bb63aa767d0ca5b4b75641861c4006eba15df881cccd6d8b09a42201222b2204

    SHA512

    b8c842acaec6a70775cb482d590ceb0ea19e880353773b77ef87b8648fb87cd126d922ff8a47365c5e6b21649800e5c9484de6bdad33f816ee0512a934cfa82f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bfa1495688f2135cb1aac305ea8408a

    SHA1

    f5c5ebc210d68c8b18fd3eaf43b7a9341a48e5b1

    SHA256

    48c93f89b2e52c9bdbef680ce90a4b24a99757f2f91885f62eabecbb1bf43fac

    SHA512

    e5afae6b75565ae8079ae392754f5f0c69292a6e25f032b38e42321e911299cde15a15846feaee34ced2a7670db6aadaaa66a4f496b401888193aebdcb402cc5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDA4A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDAAB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit