Overview

overview

10

Static

static

1

JaffaCakes...1.html

windows7-x64

10

JaffaCakes...1.html

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2025 17:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_ea510997ca1bfcb1cf122f451fdcea81.html

  • Size

    168KB

  • MD5

    ea510997ca1bfcb1cf122f451fdcea81

  • SHA1

    c6e9eefe6f3d525cfe1f10bc4d0f61d18a1d7893

  • SHA256

    cd2e888b16b1451e0191da857ee8a3a5edc6250a87abfa96e105b63b5df901a9

  • SHA512

    c1cfe30be6959fd781e7c4139aaf11ffe3b4dfd35c20d93b1687cc348f8c145f762e9a066c3b3578496b240729d60e3edeaed31d1f3c01bed22fc1c87837544a

  • SSDEEP

    3072:FhYGwB1eoPGGz7Np1C+4/aAXt8py4sJIT+NbVsac4x6+F4MAABn2hWByGObuWP+Y:DPPoPbp1C+4/aAXt86Vs4bAA8YQ

Score
10/10
googlediscoveryphishing

Malware Config

Signatures

  • Detected google phishing page
    phishinggoogle
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ea510997ca1bfcb1cf122f451fdcea81.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    d2fd3e604a8007cd1fe667dc218a64f6

    SHA1

    045b61a185671c239fe42b9a416949be6bfb9ff6

    SHA256

    26f9d197005d3f74cf6c0231e3599cbe99576354c18a1a899084e022541931b7

    SHA512

    0c143ce270fcbb06fae243296be291f2bc4b462130dc816d1d49c6c7df60509ea8f8445ded376eb0dcdde9967e039c1105f862f9c5048e8ed456288f5e764b81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ea6912c71e7de60f68eae8e765efa8d

    SHA1

    b2d69ad00693a037c83ee412ace23bde9349dd2a

    SHA256

    773dc56c0b06c7f2de94cd9d2e1bf0981262e23fbfb9c77f8052c2ee159f448d

    SHA512

    4e88a5e007377d94a7489e7c76bec6aa24551c20eed253430ae5f3914be6de9c49419631a98d4aa6f891ba4e28ffb16a62af10ea28ebe1830cf4f3787831b6ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b8ef441a3b33e7adbcd6e7029af0ca2

    SHA1

    b9aefb463d9216641a5ac6cf93170bb4bd72a625

    SHA256

    a3ec6925f973a27a5055c6fd408aae1b4f1593a2a2b95186d16096fd3fd88425

    SHA512

    723d9e3620c4551e9d760f3b5baf88fcf264bc9885ad6870fe1713dcbb41fd288c32773196fea26003400d167dd15c1d97d2b03d594f67ba72ec8241a79633d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6c5aa9729d107cf6a0c56ac2a86a856

    SHA1

    b4738eae6d1c9471decd1271ec413af4ce28dc2c

    SHA256

    9994d8109ac999df99dd2c2f77636bff96915bf29fa152a4c02287ec2ed37871

    SHA512

    6aa955178e21bce6f522739d5932c0d2b299078c8b45ba3a3e485e7db74b95b21e88c30ce92fc5f387bd3bfdcdce5f6cabae95ce373817e388098ff9200e4062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0be07facf0b813cf5dd8b8242465417f

    SHA1

    95a598c0d0493472ff1628d5d84814b3733cf0fb

    SHA256

    e9bbf6cfc290a505e691b0576456e350cedc4731d4219cd46583838f909c3b9c

    SHA512

    c2916b0efefbf4a1f3a0f0d7e46013e7d83d06cafdddaf6595431b5e6789ae5d1a8fc685754fa7b8a5119d89bf027c70ea525e264654468cc3bb6b8cc5ee3435

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02e858146c2e7dfc31818aaa792b1695

    SHA1

    58588e871beaf8a14b38bb35a42f4d9655c9cac4

    SHA256

    32cb7a4086606db1a821ddcbe7cb2d05bc57afc121e04f80b2578cacb66ba94d

    SHA512

    5e714342102c9a1d650decc738df120f749c4614333e8b5047b7e0c2601e8386a4fdb08e4e8eeee066823df4d7e252512b42edcc1a00e8a2789935589ead32ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfd78d69b4d59e87bca775ce993d6c21

    SHA1

    22504f145f92beb95a981d2f174c53b2ea00b77e

    SHA256

    74d169771532da4f4cacd1636d1622e03c73f7406285787a4f612066dce08a34

    SHA512

    0ce4d9ce1a0e1b50918ebf396f282f7fa4be517fbbfd0fbd15f63a169a5c85c4efef76a0e506ea1ccedb72d6214823bc7dc4421903460778ffcaac1cacdb5d4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    995c3bd5050170fd06689ac8c22b7ec1

    SHA1

    170eec5f077b6e7352df7aadd8b0aa25c9ce20fe

    SHA256

    4970de04e965c23467eadd94b0eb24112ab8080dc74ee4374aba45ce6791ca31

    SHA512

    1a9e38d1d143e3f8d8e9dd2543f8b155f682261cb46431d0151750107e39b69660c7c4600ad32c0a80ab2a388c99be8b70a9225ef951f9322bcbc4f998fc2bfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1722cd0ee8195ddbab2369f2128aaaf5

    SHA1

    e1cc93f2527ddc41aa3566e0da7fdabcab0735df

    SHA256

    dfe654b85f412617967b4a787714ed18e078aac8d4988fac91d7b2c1430bff85

    SHA512

    1ad6e0c28ce1682121303698809f00f615be7426efeac817edabdbbb69df6975795ef37735a4817eca337606947ca4dc95fdd3882dce5391ee3107e02334f16e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    130a441a9af46285039985e66bb01cbc

    SHA1

    9262634ec7a68e90211b580db986aa7269d0ea08

    SHA256

    648d660b288d0a36e937acbcbd70936a754f46c4e4208a589a5ff31d4b0d8419

    SHA512

    65605bdea988964af2b2905bc10c851d52ebd9917a074c1f20615bece0ac82cd8bd1496db85c0f9efbfcc98f7a639baabe5b96adef08aac86eb20c847581adaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c320778f79fba4121d48928ce725053

    SHA1

    839fc6e4b28ee48d55656ea5d6222c7c3a735143

    SHA256

    fd1b7609ef8e50dd047de511c84c914dfe474fcef528b098fd1efe21b5f7ff1a

    SHA512

    3d0d904362dd44e224b71cc402754fd675634c379c9235639362ff7532936a8267054158633b69db51d7e5a5ba4feb3a367376e15c6bc2854ed200c70dd98732

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2bbc9a69b87bbae542507954f306b8f

    SHA1

    faab2b62cdc021d221b515614597889c7f435165

    SHA256

    c173f378a64149aaa326ff676d3577dbf75dce49edff90131fc283255c00989e

    SHA512

    13db4eb034548d204f4f3ba8e1881b0f60af1d0da2195e9eaf65cc248a2ff34dc5477b2ab9ab8ced3f3e7aeb22a6a1ebbba5c5d1da88e4435e62380a6bd558c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ee937f2668c423f646417df222079ec

    SHA1

    5684567caca43976adf126b45706dbcbb499431a

    SHA256

    927d4efe0d736a880829717abe7616b3c3cffbea42514db8f2cfed647079a084

    SHA512

    7187cd3f1618b7dad879d7a0f445c30503351b06bdb2dba32427350bf113018c545fd138322be9b20d376c74133a2a9585e71e85b5782854d40b37fa16ed49fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea8eb9cf7dca6805fc4d8c5d332cdd2d

    SHA1

    02184974f0320a2c85cea4e81b5e4675bdc09635

    SHA256

    4c305aa608af53916da4f50f0f096844db162ace394477294062f4617677cefc

    SHA512

    c241286447387d1fa0bd6bf3a8970cead1c8490a7c3f748209e30f44775b10bde2b262d196756601aea0f5614ac294c6ee5487f8baad17db0e589f22fb5fe39e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    779ebda5fa7397f1e6b6c1251dfbc8d6

    SHA1

    c9fb0167b7538b1c15ee340c1c5def6e8f2483ab

    SHA256

    28e63c2649de60ef46061d5efff1dd9a881d378f91ee0b2b2e7cd3922e2b14a2

    SHA512

    2139e33429ebcb8d767277140106a42dd0054502afe9d02da173612425c40f6f978642d769213377dcf217ee7843605d4064eac3bc20f0d3feeb43a13a85cf23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2eb69730c8e62f6c6e5a2c40bec01841

    SHA1

    0dc79a7cbbca2c3b40f2af7352b82f55bac8fdb7

    SHA256

    f8cbe792618264af18ab1282e601804af9f25a16c417171c267c078aa257092f

    SHA512

    be9603b14ad77663ee41968dc556a6caf01718be7054a079b7a11bc12c92b8c74673d8eea340fdfc8f7ecf0fe6b172fdbdce741b34096d161d4e9ef71dc33836

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    6522c3352dcc4b6ff7b1606236328c8f

    SHA1

    8294adb6c178bac4fef4e2bcfca2e1f9cc9e9447

    SHA256

    0b5a872ff1e97eebac2992620f1601fdb1688dea91219f56819bca83482645f4

    SHA512

    357b3eb311d92f72229518d1b7d536f790cba6c85e884b09f523e842f6a2fff7758ab60729900ef80ec5c0a999d1a71754341e3bc1f32e87cbe17a1559bb7dde

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\NHVCFNXP\www.google[1].xml
    Filesize

    95B

    MD5

    a67e0d63906fed861ad28d781558b427

    SHA1

    843a5247eb6b1936d3c5182c03e1b362974a12cb

    SHA256

    ebeeb6147c97cf08487d6a638d3ed1eef1f6442c5dcdd1d8b91e44a0adbc9950

    SHA512

    25660504f7d402b8c4677b391474e904768b88a3f262429f574bdfc020f127272235b93e99e8dffaaa43fd0ccf531c11ded633aa623811f7d490546e4e994540

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AS91FDNI\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AS91FDNI\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    2a64803c4545d283d7a51e71f82a64a0

    SHA1

    d1e190bc4ab6a900cddff5891650f5ddc390e9db

    SHA256

    0a5518064275c2fba33ba69c84f584819aafdc9faa0ce3689c8687fc41f58ed1

    SHA512

    82bd924261272ed025d4938d7e7d5ccd9c6ebfa571b1b6816bf56341ebb70ef9faee807d83ba491a2ddea86e795780ce097fce4957d432d3b44497f5e6e16576

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8GI6B9B\cb=gapi[1].js
    Filesize

    58KB

    MD5

    b103bb58d9e7cecaa60bdf377d328918

    SHA1

    0f094c307bceef833a64f408d2f749a10f79de44

    SHA256

    81dcd274347bd909cf132d3c8bcc9924e41921c33eca07fd6fe5e2a59ca4f5b7

    SHA512

    b1a4fa329b76df7c861771e1dc36749155895dff623cd916811f2af8c95f3bcf9fe75a3b9a56833f066a227444982ff4883459e24f7eead79b521c2ffdcaa844

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKZ95V4R\plusone[1].js
    Filesize

    62KB

    MD5

    2e4a448a27b8a58d75f607c7bdcca6f2

    SHA1

    31cf764c6c2240148eaaa2b9816e1219a273d0bc

    SHA256

    d3696859f3485d8aa6f8a4d0054d64fc1ee614e57725221dd1c97b930f02bc3e

    SHA512

    09ca4d8b6a0fc653490921befcb3d752e150ac9abf24d1fdd49c9453fe2baf969b76433a45121451ef642ea3f73f9c62871cdde5e07976ffdc03ee5200e4d35a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKZ95V4R\recaptcha__en[1].js
    Filesize

    547KB

    MD5

    19ddac3be88eda2c8263c5d52fa7f6bd

    SHA1

    c81720778f57c56244c72ce6ef402bb4de5f9619

    SHA256

    b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

    SHA512

    393015b8c7f14d5d4bdb9cceed7cd1477a7db07bc7c40bae7d0a48a2adfa7d56f9d1c3e4ec05c92fde152e72ffa6b75d8bf724e1f63f9bc21421125667afb05c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAEB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAED.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit