Analysis

  • max time kernel
    144s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2024 16:58

General

  • Target

    686db6be46a85e30dc0077f26cb42f0a_JaffaCakes118.html

  • Size

    29KB

  • MD5

    686db6be46a85e30dc0077f26cb42f0a

  • SHA1

    8277b2d1e5fc704eb8f358e143451a9de7f761fb

  • SHA256

    30f7e915153c4fad450d72a432b72c264d922bf64850da24c77fbfa18e0e0a3b

  • SHA512

    d8fb93adc19764116e1dd186c85f275d5d27a52ac85a5aaafaa2904fc05af8124eb926a2e8973ebebd99b3dec29c98caab49cc8f3dacbecec96bd64466608543

  • SSDEEP

    384:iYDZvulXZxRZ68ErRZ68ErRZ68ErRZ68Ei:iYDZvWG

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\686db6be46a85e30dc0077f26cb42f0a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:588
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:588 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5babe85bbc4741eb279ff7f6a7cd62b

    SHA1

    42aa055fbf4c30677fc889cb105ba9e420d12ad5

    SHA256

    56e53e12a1b459076b9237102eae3758a257e5fec7c59ff3548103c021f231af

    SHA512

    06fce68ea4772e9dcbd7ff23b4954388e24326dfe4aecf235f14ff45206f667ee08e8472c920fde725b7b24ac00fbf8d6a3a66c4eb620c130e2d550d9dfb34c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3589a395d1a194fafa13e35cd856153c

    SHA1

    aacfc594cf94315c34ce5f1f74789b1d9b3630ad

    SHA256

    e532bbd06ee80746ce6b7b3aae9dc8490893000cc628f2a38eb2115fc76bbab0

    SHA512

    d8a27a4fadd152c7eaf8bbc3a51898b06248c2f005c329e4b93a6949e0e76fa96d9a672ee725f6eafcd50db17c4abc8c7987a9e1b2f10aa854932ebcedc73d38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f0e0eb639fa24267f86854d23a6d32e

    SHA1

    7635b167ec848097f56a90d438b60fc0bbf217b8

    SHA256

    2e4bb41d84ae3dfc9ed086eaacd5cb1a6766c80708dff6d350c8f895f7f6c241

    SHA512

    ef5bf237f068ab6097e25acbbecf9c9ac8458f839735d9cbbd31db01582c1222308db81db995e45d288b86adc108d71933103fc0a1aec1ff9da3dea3494a85b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    011bcd86bbf3197ed1bdf14c92e9edac

    SHA1

    1619fc20d111d9fa4c7e86640a8ff026b3709f41

    SHA256

    8abbf459900651abb306f9f145829c1c88a62559785bbb7194925685850fa07d

    SHA512

    0ae6d5e32463cb9d78db846d3b1d310d470067fa3296b3528a0c5d7136dd57fe3d52ed75db09115260265cffb92209936f8028d925a1e770e283a6efff9d10c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aee9a2fd10844d2e05b9f870cc6fe26d

    SHA1

    0dbe646c9510942ff06a904f7d3bad7625975e78

    SHA256

    ee9e6f52537ef78429338047e5c859470409150a2193a822e2508878e297a2f8

    SHA512

    d67bd343b0cc9205fb582f3c84ef35c71e461f331dc8c04d685d6cf5ff084936f51ed736477be9659ec70f6407139bf74594f189755cd1fba543549afdd3e62e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00bf54582f4b6e61b175742a5c33f41c

    SHA1

    1e1dd2650d837059f8bf25273fb094769d3da602

    SHA256

    645fcbda0fb0a6e32b5ef79c25c853e70f63bef3975c17ecb446d19082ee27f7

    SHA512

    acd4ec36d40adb65466547b2bf189d7fc84c71f91b7e7490d6fcb97abd01d36fee66f4d559310f2061702a0dea4dc0128bbcbf2a816fc4ded7004547b08ee2cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    535e42f4fe05d7269ab6e41781a359fd

    SHA1

    7c41af7bf1916eac91d34914c8e275bc8384b357

    SHA256

    6dc5055f3ea9a2a26387b56555c05c3061c21ab03aaac244cfbc2d9ae6d71c9f

    SHA512

    64a57470d6b6198644bc6d4f03a3e3f2828237ab2abb6764670dd21ace0222136701f831ec13e1c513b0cf21e4764a19d0da0e36b38e8c43d8f300a707fbd3e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b76834de5315f084eb9547175386a00

    SHA1

    7831c8fad9c81281a7fb73d603be74f39d1d3f23

    SHA256

    88ed69c81ad1224555a305102e78a8e2ce8c3d5af3c1d53d0f8aede64e0a25ad

    SHA512

    d62b754adb59c7484ebd7e5a2804241f0774a44f6935914c292c6b5831ff029886bb87c56aebdcd98c49d19e4e2b523df6cfd653e10e8a212f02f052fd941cf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d234be54e2d132b2883719b3e66918ec

    SHA1

    6471dababfc825daec4888c00e090840cd77a76a

    SHA256

    0bde1293268b9b559f73800165bc9053af65611af7e9317cd0cb2c1b49e4a23f

    SHA512

    39806ff9e0ba50968a2f0367d9f405835294206cdf45c64f0869b4bdb5823e7a9c4e0791d479333d01b832c5ab236c01117a534ce6dea8898b268f8d1c2cda2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26e338eb1a287a778727eafa4ccf6d59

    SHA1

    9292db37d889dbf6d721232880f1c15f2f3138bc

    SHA256

    88725a5c75198cd1e73aa054cbbe4c2a689ca61085a832479c99c7cf52028ab0

    SHA512

    5c8a035a3144885eecfd348fd116b5f081a0b73e212ac04d5adbbb65abf5722ae389d0852197ff937fa351caa2ce6eaa37d6e55c041b04b4ef29e795449a053d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    261ebefb22edf6a05c9000614d8d63da

    SHA1

    faad7a34cb59cdaaf5bf41a5298698b6fb4aef33

    SHA256

    5e0dbf0ee58fdcbf88ede07373b31d811344e1b7a5c9f130f8e9b0ce01295b75

    SHA512

    97106418bc15c9409409884548ad26f799abbe0a3d1425c0e57c69f56da2a01053a7e54fb892e0d45b6adf56ef8a09b1e2d56aafcc67a5b7338608eea8d6d46b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b553c87a8945170704bd94267098e7a

    SHA1

    3dbabaacf14a8a6fd16c5b8192cccc2e005f1da2

    SHA256

    ea674dd0cd19c4df7f38afaa42d963f1a64e36a2af283aacb78cebd19d0bd1d5

    SHA512

    4d72619c5bcb83217567043e640d475c43b305521cc858bc4fd69de92be20dc1e10b60621bb7fa3922fbce172d5d0f654c71ef15d3ff8dbf277f84b01f504fa2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6709ef98af1e50012c6e831029f3b55a

    SHA1

    704c12aad1bd0c030b160d7f78ee04e978785bd4

    SHA256

    9decbbb11269ed9481f29a50c5e73acfb7f84a794366d369711b5d103d5f23ef

    SHA512

    c4a4b494b0a0b780c438dbe04f1ac1957bebccf038c31a39ca4a4922dac262b513e9dbee5b4d60ebd9eb064c1377380e7ae8552402a4289ffce2979f8ed0a70d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7468b0d1050e9a82572d43e80ea488eb

    SHA1

    8af9d9b7d959daad83b64efb8fd8a4a4c38f1545

    SHA256

    acb3365e354feacfcae006b4643c5776ba47c75d71332ef168a06c2571459699

    SHA512

    4677f6762fa5eef8876a2bc0799e545c11a91e2b1cd8d12532cd05015f4b735053053aae04707d7556de0ed9d84d2aae9ce7a29a87d989732710cb92cbcf85b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    258e35614fbb807c5913fdf78a281dea

    SHA1

    86d3e7278f51469648c5949e3718fc8e89f63da4

    SHA256

    b11762c4026c592324df8c431f6e246c2fbb4f3fcdfd5b47a319759137268756

    SHA512

    9a3b4854fc99efca5e024dd62b4ae6866a8297a649c5c948d7f63c3be856621d1dc7dea50521d08b90211ef26d6fc9a27822bd6b59461c30d63fe59e6e350e2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5f935bc28a77acdf57b321681fc9815

    SHA1

    d62ea4a4bb2835a5e30213a8f5205bbfc753116c

    SHA256

    a991a599db669e5514b778a4a25ddbb46f27d014a02b49f2c4b8e333b1f88421

    SHA512

    a00a1e62c8310eef971bd221e80a65f1ece0a32d36f6e94a685b8016be559f5d6a2ed9b8b3760a7f994dc844df1003214432c692732a605c9c5c9124c1d4491f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfcd65d2e80c69c2c1a6b28f2dcacabf

    SHA1

    743fcbaca3ae9760eb53bde7e2769055381075fa

    SHA256

    09f8326645b34461dc2d8a34f17ca3d37f547bb03cb05c128e88a184fc79d618

    SHA512

    111713caa4a9767ad0e5c582e5b7d1aa85cc4ee488005a45a670b47db71290ee3696b8087245e5408afd61cee822d8524e9818dbdd48af661c4eab6576a65888

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    814c97cf7b723f531878446b972b9664

    SHA1

    c4ea25092c8a27768eedbf86013e7ddf3fe27cc8

    SHA256

    995abefe38f221a85689969e86a5b4b5e93320f9b74bba963fa8fc7008a13336

    SHA512

    b42549a4b795f6864dd40a2894410266e944dd72cccd9080f7f2eb84e5ac554fca0f1eebd40431fbe2ce4ab6d5e80b9bdac5052e449b84ba378d8dfa053abb0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4337afd5f07e9065811c742b1c8b98de

    SHA1

    81f395b390bc98738eb53200998ce38375db1e6e

    SHA256

    9fa6cecd17e206e215c862f168966f8dadff8b1b2b1f4b26e1e371a427c88ab4

    SHA512

    1ce86d1f074f9de300cc7aa35e2f52589d3faa44ad4d235046634cc9c161d2992cfc203c784b482135b9e8c3a23f60a85f6eb0e64fbe73a7cb7b86275442d2df

  • C:\Users\Admin\AppData\Local\Temp\Cab828A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar829D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b