Overview

overview

7

Static

static

3

JaffaCakes...77.exe

windows7-x64

3

JaffaCakes...77.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

3

StartPage/$R0.html

windows10-2004-x64

4

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

3

StartPage/...e.html

windows10-2004-x64

4

StartPage/...k.html

windows7-x64

3

StartPage/...k.html

windows10-2004-x64

4

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

4

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

3

StartPage/...x.html

windows10-2004-x64

4

install_fl...er.exe

windows7-x64

7

install_fl...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2025, 04:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/$R0.html

  • Size

    7KB

  • MD5

    bdc5a933dd11a46ba1881a7446bdd2c6

  • SHA1

    03547b50e393b564fb7494027fe3a364018e1985

  • SHA256

    2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22

  • SHA512

    17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d

  • SSDEEP

    192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\$R0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2904 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eddd8ad69062604369a4f544884e13d1

    SHA1

    beb3c4b0ffc6b12066ec055d2fc198abb927d639

    SHA256

    6d9078563eeb9964f049a4a5a2d6976d286dd74799d134136d871b1b7d223f6b

    SHA512

    4879c2163f111975d0e9a30e6a10076e4f3435bfcc27446b02fbbf4fcdc4f6eff8073e8719f118d6356b7ae5c976552347fa30566aafa0f52b5633ea23302a52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f30bd20c530959bb6639bc0db6412bcd

    SHA1

    69cdbe44efa85e683079ffaf08961ae24dc60546

    SHA256

    a8d9ee667fe9f615138152f7ba2d17bfdc868772d19967fe741718a0aa662742

    SHA512

    5d71538839a3e7f2151381dcf7908f565c0fdcd3f7f5aee9480a99f0dc73dc7bdf9d5909b98c3bd90685bcce7a59e1f4967d9fa67b219dc3be9eb565dea9325c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    651597667e156a29e14e10f33d57264e

    SHA1

    890b044c03b3e29c46ba7607a8bf2301f6d1f3e7

    SHA256

    2d2105a9ff906a77d7d45c11303b7bf5a1b69d2618b98a653188ac2f9cf64ba7

    SHA512

    32b48301120d225bbf7c436681f686a769fad373f01b6206e6670d0136c345c7b3b6d77722f35fbfba721a6cc31787fff7eec34d93c2cfb868d6e79355267c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0dbaf7c9606904e77cd31d4a655021e

    SHA1

    b89544591e7190174dce1b9a7729d337d70edc85

    SHA256

    bc71927067c3bdd871e2f3f3136c41bc692a295900039d8261f086626db14cb9

    SHA512

    a28db204ce8ad8c3f42c9e899cfd78304ef1fd646bfba69c7c793817b2b5fe525372d9127819c0cc272f14c64cb8c5a968124c3d5614dc418ebe9a587ed277e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6460ec6d63eb38c5ec4bb17e3c28eb3a

    SHA1

    6443a4ff17909c516fe191d889dc677af15aecfc

    SHA256

    acb033b16220eb130d84d6bb454f4bfca57b20301a194ed47d5df809b95e6fee

    SHA512

    eaeba4e960fe4e461137bbdd78bddd5c6e22d4c09c4f939f6cac12e69f3238cbef263aa7f15039ebbbe49d0f6c2272afeff351c579db2471732c907f6f407210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ce4bb35313b278f95e8de4d1f4cfad6

    SHA1

    c70f10f36c78e406de6d96b1f47c644ac9f3a2bd

    SHA256

    1657481fb6e92261d2ce56f0debb86fe72c75ac85f269cf0df6509a715882e68

    SHA512

    780294ec73720db7f355eb7a0bf4076a0749122e8b77104eb95701910f5c654a0ae90afa77a5107f1b15ea2860cf70aa4449a82ad3478f0f61148571f0654f29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10ef989075d136ef6c14f12f1b5b7c99

    SHA1

    44ab31953ae73eb2fab13d9ec9809e1d320ead3a

    SHA256

    1665b16d5aa9e60b44959644690216f2d848a6d5a29c1749109518d3c2cf4455

    SHA512

    f472165319dfb7e0002975d21525df35602c89316bb3c8429f203afd775ddf7b04247f2876970542d6608b272eaefaad62610049f7535c9da22132088ce78dbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54f0290468d62e99b7667a845b36dbae

    SHA1

    ee2c708a366344f7b9a4ffbd5095145782a90dac

    SHA256

    4b61fdc121c0f9d667ea420202680fa10e44a42da89bc3857e5588a83b21cfdf

    SHA512

    b6265e7584e009755656b8f98309d92605cfc561ab89607e7573045a2ac4e6b71539c71fd83c54fad5b14467caa6c6b598e14eb911ec7c38473507f670fa4cc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    008a65b4452a362ec9ab3cba090c08b5

    SHA1

    8053e7a87776a588f7a3aeaadb61c9ff85b5487c

    SHA256

    3205f69ec7c63c5f481d1622f7ea86305fcb2b31c16496ad3c8c1afa1a6237c2

    SHA512

    2be215d3ea8431de69c165a36f122843be24f1eebdc58b211c29565d2ccaa2a2984ca82ff6f37f53ca71e6676a581bcf011090215fbb14bae8a3ec2eb608271e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5ebfbc1101aded087080c58575d9a14

    SHA1

    124a1d115990352801da49c8a4a90ddbbd94f2bd

    SHA256

    aaac08317ec4fa84f5a4ee478ed19e1dd99caf7b8f7c04fbd912ce048c61682c

    SHA512

    d7f67cbe2e4ca7d8edfc950bfe587eb8056fcdc1ae692ef2abd501543dd5df64c2b317f943ae3f76f2da90b19ff448e821a16776e9734d163429b8f53a5e34b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8055e5086390901473283884fcedfc08

    SHA1

    b0f99e218b1ad0121389c7d014b31f11dacc5341

    SHA256

    28257956ac8e20c189836d877a400151432e1ecedb05ee2b59159ea1a817d4b3

    SHA512

    995f43e67650ffc6eae26f765215c0763a8ef4a227ff7830b3a3554f9af059c690c48f85ec8953e31d0e0ede6b4b028f5f73a22a30ba05beedb2126e7cb11788

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3f9b420e124ca5cb7e0e8230d99cb1a

    SHA1

    bcf7a9a061b18addbb76d50bdd481ab3369bd619

    SHA256

    b93909c0beba4c91090e7ff9ad084413f9b23d828ff106def2b6646cb6cf5900

    SHA512

    982ab7ef205806542c82ace8e18e885fe659f9c678fdf4ac61d8267f667fd47a3cae440c46b89be46b425f59a9fe28afb50db82c939774aa0a07c72d3a99d1e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb0f9a9ea36d73e0605b9b2bfabc3a45

    SHA1

    99f375c7f073d2876e11087e15a9e580d0e191ab

    SHA256

    c37b41fe7d24886043bc946ac93fdab6f1a6bcaa5f8ce10ea739a4074b7c88c3

    SHA512

    2b8fc2e6b4c701c01887538dba801904207acf02a46f380f07c03539682b9794d95d0d2d13986276763dc10fb1431b55a5fbadf0f26887c4d2d3aaa51acd0f23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d76c6b754d545a6121c527af01db7c6b

    SHA1

    1bca2b945ea3332d6174832d8059f27b7d02951b

    SHA256

    12530f80fd541e1781633daa41ef6d4791507d83a47f4bc178c19aae83f52010

    SHA512

    c7f537b09293bbed5f5372fc3a62feec17f2421e7f0337c12375caf8a750adce51e1def4a48a9daee21b4e681ad0eab00a31c98b036a3da48614c4682c109f26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ef702e9e534676e55ac96fb4efc19a7

    SHA1

    453ed67a8baa152e4e69ef667c673a9c5501107f

    SHA256

    e0415dcfb7a42b096e7d3561c6848be7677aa430cdfcb6b89bd614d12e55a045

    SHA512

    9c4ee43b7788e25dd31ada8ef5803f183a4675a2226d7e8781e4730c482ddd819fa9b6d8a05ed97c729254614a7920b15c289bb403771af6e9889ae3bd1cf3fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b591b3876b50fde4c83246d4ea3b4c78

    SHA1

    aa8573dd095fade039e5308f228496601456bcc2

    SHA256

    a156256f73e7a937be3b28b346011cdf5fac95af22e902ae9ad83e94c1fac888

    SHA512

    10c7b116ade6e5b8bbdb100e272c0667998b1b52851fc551f159b6c0f17857001476915410399f36be682db67c647dbf9fbfcbca127467a98ee866f8537bad75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ca091dc8ab86d8247f9c8612efa64ad

    SHA1

    17759b44b93f1f2c3d75f26602aa061b2e18777b

    SHA256

    e622ce86549530ae56cb10b06ab0477469f11895419cdf0c314f42184b9ed874

    SHA512

    87384b539fc31fbe6d3a3fc76677572c35bb2b63eb30f362fe6faced7e6787249bc9f2ad8876e75a2938dcf47ac58e5419781baa212fcc4bfb125bdea94310ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa22b98bbfe740f86d0e3e237d5690fd

    SHA1

    e41ab2713dd71e992ba2f7646ca72264c3f1f7a5

    SHA256

    de37c965885f9b13733207baadeeb04878f7a584203c9fa2632b9fc54a08fcc0

    SHA512

    b622a4c2295272d0e6bdbfec9a859ff90cbbdc93a7fe663c48da7adff7f3c263d8ac4e6ac1cf9bd6789019c1c76cb1a7fe2516c8505329f4066cc4f5ed7241dd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9A6C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B6F.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit