Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26-07-2024 23:50

General

  • Target

    764209fd06803623a948ec991c165d74_JaffaCakes118.html

  • Size

    2KB

  • MD5

    764209fd06803623a948ec991c165d74

  • SHA1

    f8ee911cc9f9bd9d3ffd4547603669db345eed1c

  • SHA256

    488e84b3a85ed3d203b205a471c7b9f3b48b834ff0a6bf2f7bc3ab91e667e7fc

  • SHA512

    dbf693c08e8ab43df8510c68942b2bf8e28d28d3765c838d46a6564620806922f2d5eaeff45d0a85128e9a7ff616b5ee9a85745b1e4108ec42c025992513a452

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\764209fd06803623a948ec991c165d74_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8be398a23211813070ba09d1dd97527d

    SHA1

    aa85e8f76d6f9041d979d1b165fd08f21d8a2804

    SHA256

    ccbcfb067dab080d0484b03711b9ec91818f0408e8f2971abeefb8682d0e3c7b

    SHA512

    17c472eb8d878f13bc9d23e63ae221ff61b84550d1aac4afbb28d62e846d2a5164480815b521f2c298764573daf54d4ed70124166ea1274e77c078ec61548845

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b72b64175f4f72b49b58c2ba3485f50

    SHA1

    bcfd780b57fcb58216a0be991bdb29738aaef133

    SHA256

    e7b8998315505e411482154c50e9e47012fb7de812905c2b7230808801927e91

    SHA512

    b421a69606588656e29de19839c690e205459a2e1ebae05fa2c3857d2712a0d23b762748c7910507adb21befe291952b5125effa8f14afe0941f9b24c8926676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    add5109227f2f2b918c074bbfa1b536c

    SHA1

    e40aebe8ff57a0da8fb8e4b079b3c38b9f68b9f0

    SHA256

    71d72b5f9362d02fa6c22501dad969f4088fe5471094caf25976b803f952d0eb

    SHA512

    d70441a10eee86a82090161e447214c8707d0476d6971090552b9ef6a1ad8f7dc25669ef9dd4f3a8ad6472e3807f6025eaf26024be61bd4ea9e84403f1c8d779

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0169977cb00acb9c809c4c9c387e5e34

    SHA1

    5faa4fa57ac5147552d8de8c8b9a03f7a055127e

    SHA256

    98fe214533348e65c9575e7e555565fa6ebfa1ea8c133ddc3493b42c421bfdae

    SHA512

    39cfb3323a6d6835f4ef46d90ed57b568e7c4a659b6f8bc8340789903e613ef895020867d2d09db814b8565ab922fcddd6201371fe5770252825b8070eca2a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    835ef849d7ef71bde45a9b1d84b58467

    SHA1

    03133332d731918712b9ca362c48a9a2858f9de1

    SHA256

    a7881702245337d3a12842e12c4e618aa5a0f06e11da1e4817a317458cba5cd2

    SHA512

    45c8f822b2e57aacdcb6825c9874b6eee9b39da7350eb377ad4e907be3018e214a1895369f9f237d3d025de2d6c4b6961f148ae5c005a15e84a62cfab2b7b9e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f33bbc6a3d449c185c87154021b02ff

    SHA1

    b11165a62687747087f734a7b43ae777dc77916a

    SHA256

    28b51fd93137d6295ac4aab0b6502d3e2d51d4a74a3084875fcd25ffbc2b6a36

    SHA512

    de644501b2263108aedbf8a44f481d4a99f88a6541fe488ac948895c6553c04671f83f6abdad8fefb398c0dcd97fc03c7502f9c97e96cef03d35dc8614c7d7cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    346e3423fe7f5f4fa0654c5caf3f61b7

    SHA1

    7c99ea1963865423a7e5da2074b7de6c5aa60dbc

    SHA256

    19f557097c4944fa7646c6e26321b04685381271cb5254f63787e384c45e92e9

    SHA512

    b381be12ae5ab68ac1613efefa0932cdb1bed20f668c1a9dec55ea2d33740b2580dd3601b6ca264cee6929b9a2e1203ccab8d578d19f17dd2aede7543af276a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d09b32a94e1bcf6ea6cfaa082d01a32a

    SHA1

    67dd0ad618aac2460458ffdbc40ea7d2a79e32e1

    SHA256

    b097f0413682bcae4c0ab70cbcabaaea4699814c7a9088f53128eaf19a0de0ba

    SHA512

    58323c391f0979123278f514c991940b01e1c84424f6572b7ea56ff19b7665187f74881d99ae9eae0b91076cedf5bbbfeee483f2f3078a3b5e5d57db15e25cb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f06204795419989f64f42e40d3e8ccc

    SHA1

    f96a88aa7778f82d4726aa77bf7739cf6a8ca9c6

    SHA256

    096ea09b868d7d401c6547c6c8c0b1ec86f4d07d257f84c754e77c74954c50ff

    SHA512

    a7957745d01b5ae4f666c78355659d2c71ce66bd7b5cdaf5c82905603a25078e128cb4f3846cc69dfe30ecab5753cac9a0da28326f0dd9e9c0496c2564d7b26a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72fc79588b1b0b96d3dc42590e371d40

    SHA1

    f689018673b8496327b33535ab2015c0ebe84d50

    SHA256

    153fc2cbd5d094ed931bcdbd63620fb7b7b8825270dbe8463b833e0250fd388b

    SHA512

    2657a46a6331d93b7eecfe270e24c5051cf2d50a251cb4b7e4aa4cd5c962b2381a8fa57d5e101e0063603a55856e516f4cdef11cadeb60c061a8a93c8629c605

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f16be605bcfc1d81528fab79d37cdac6

    SHA1

    c280a149fedda137e7e237e27c860e28f113c163

    SHA256

    46037d439bee0a3b7996c81dac57688390be75e4d902232932b34d7947813132

    SHA512

    0dd15ddbcc7d2421e229d262d0cce0354737ee641b167e7883b090f46d1b224a0fac3520e665d9e5663e9534ef0a833f453a99d79a42a690d1da38b67a37c7ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df6a3b595bb7b09230403e478963b389

    SHA1

    51bfc747d6e9013a73bb3977865c183c6766be83

    SHA256

    9568853480fa791551428ef1b2675c26561480e3ee0bbe7ad3415ce036c154d0

    SHA512

    ac17a5386294c8f31b507ee480bf77992461645fdc9dbf28444144545a008fdd6077081c3250644951d9036ad99f19cfd57845391e97feb58e87d7a4db72e428

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02b6dcb6112edf3a63ac354598025500

    SHA1

    8e58c6291121a1089a01bd63d1cd5b78fe22715a

    SHA256

    c06ce4a94bce330f5aeeaa3e96c08151ecb44ef40254ef3e0d3c7f6214f89372

    SHA512

    fac873ece3fb420b02ab2ae635de391a9e6b6d92f0a0b28dd16f850c9b9308b82567dab8a9dad5991a9ac35e971e9f034f92c9a6970509abe03b994579d455c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77463d0f9dbc7b6af433b6f351d45074

    SHA1

    71ac89d64739c78fe65f5622b60903bf893a6692

    SHA256

    01b15df4b0baee629c20abbf969db841f71a38a416817dd5826269bbed5e283f

    SHA512

    99acf18d441f14131a9c8a9ccadf2616ca2fe6083572dbfae83bcb2d2ffedb6a56fb86caf4de83c15df5d9a26f072d1bfddec62e430f6eaee1e284a3f9433626

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aceff5de159c54e40bd3e7424633321a

    SHA1

    66a3a55318b33403da054a8eda0b8c149b2fc435

    SHA256

    d5861b36978d31495ee243b5b33269871ca3711edbde1c25510a74fbd6417c6f

    SHA512

    3cfa4590535731a8ab5422caac618463dbe21a4ebe0f7fd9c0f9457012dbc86e075634a7a3ca5f8c0fd1538b0ee9277d10219c457d4c78ebccc23e17852fec65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27514d7b34a1d88f174b5df996d1892e

    SHA1

    38518480f5878c1ac884a0dc1373131f21663c04

    SHA256

    becd503766c0c26d66cee1ba22b91ade5f81f33cec9ef0d40bb0482966b6cbe4

    SHA512

    312bdb078f3af7737513231a167f82f306a057df26c71db6a23537e4038063b1beeaa8a0f34d368f412626847582c48ffd5ed46dcfdbe4a64612116e0fda854b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c29f0fa2a9afb0408a95c1ce4651ab6c

    SHA1

    91c2dae5f0b602bac341cf489ef3d76587a7a23a

    SHA256

    6396699ab34a8655731043956bef42770e5ecb8636aeb13b13f5380dc4064fcd

    SHA512

    a21e86373f94f014a262fd9e7a2960cc789eca37e0b10000628068fcfd87ae6a2aa0fae4b0a7da20bf725b8c824ad65696478ace28b04697560ea149c70af0b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bddfcc03f93836a08ed8a38ddde34155

    SHA1

    65792ae8cb34edcabc9f3f9cb9eac2dbc67f9ae8

    SHA256

    59ffe916f5a40c54de26cb51d692dbe15d3a11d543b9b7322ea921b6a8bf20b9

    SHA512

    12171124c738dc86a0465909e8c75ee298892492a78e2087a209ae5ff759332ad12961443705f3fa1aa33be90e65252fefa168793e8e0a52b675f63673b452a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b6cae74721585f3dd95d2f3ab7541ea

    SHA1

    ddadb8778f2b88216741677b6e321cee2d6b2deb

    SHA256

    5aa53b792792e97c16a8788409f974f17d917e583813c05df129563f481339b0

    SHA512

    c77e730499bcecf5b3da31f97b928ff86ee4faa308128758c7bbfdde3c277b3d8c1822f240aa77f5cc18365ccf8fe515521dfcba3c0a4f330c597c841d9b072b

  • C:\Users\Admin\AppData\Local\Temp\CabDCCB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarDD99.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b