Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 19:34

General

  • Target

    756c777fc11326e3e7102ebbefa24eec_JaffaCakes118.html

  • Size

    4KB

  • MD5

    756c777fc11326e3e7102ebbefa24eec

  • SHA1

    b551b2457bece62bca39975b228ca2ae7d05e270

  • SHA256

    461f6b912b84c2a90f7082023215789aa0a27e9807bc13ae14a6dd708d4923a0

  • SHA512

    4909dd0744d8027c7d5af91f99481032f0c7e0078f50350d89714f4cc1c66b383c62b920609a9f078800192d7f1164a125f5e4fa6e15159f45f117b140ddeffe

  • SSDEEP

    96:qXLTrZWJ7XMleZE6dK0KXOKo0so6JYregKH0sOgKlsgB2FGgKl:qXLTEyoyBUpYmM2Fu

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\756c777fc11326e3e7102ebbefa24eec_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2e586667eb4be1042cc5d0f0f04cf93c

          SHA1

          a2416290992664a984ced305cc166bbfdb5fe638

          SHA256

          29713f6520dc2d40cd69caeeae44b6711a6bb65065560b5eb1721484bba281a8

          SHA512

          e86c74241f3957f256c23ea8ffc1cd2dc6e257a60a5b6eb0cb603b630cafeafa4fb9a2fdebac00eef612c9894b1ed467e44adb18c2f7cd5a2c0c7ce9f16261b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8280c223e0ac126747abd610a355e873

          SHA1

          9204a1bbf114c9b760182bc14d09087c41315e8c

          SHA256

          3c6be647fb37cc74b7bc8480ead8ec38239bdb4eb5f0f243a7e1c2886142237d

          SHA512

          2144641ac6e1e446d18cf68c2117d4acbae3d37a2f90b51a4738695c25080ab12fde438b8dce98c1a848a8ff1bd9a7b882c2288d59eb6ebc8c1498fc1940dd14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f17bc455ef23ecbe025b286c770ba459

          SHA1

          5fed495627383067ac45fd903caa3085ae7d821e

          SHA256

          f41e6d3790a2529cf20010af6e08f078d6c0fa2df2b40e6b7f6eebccf70f4994

          SHA512

          09b527995ceab2b2a12762bf0c71f5372edfefe043ada81a6ef355d769c483d77615d9e9a1b76d1787e5cdeb45e810bedcbda8a36c948648a5c48a455569698c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cee90fa7316a0973de9d64d74bc02ddd

          SHA1

          45bd1cbd7acd1b848818656cc2b2eb73cbbf3b0c

          SHA256

          7c35f89e1db5616717447f9f4327f80d0000234e8a9166d7cc6252932f144d22

          SHA512

          dd816c40692a54dd63bb5d3f162db28e2fb0ee8f619c2201a038644489e1436f4e32236ad3cad1e5da89b188fd3c7aca11f07606dbd76b2e0256fc44fdb2f597

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca2bb4ac7993783e928dbca6b760e310

          SHA1

          2d171498ec3770d3a405a8dac722b9a783b1ce88

          SHA256

          b229459a7de5dcb235763a1aa1d8e212119801e9ee411382f4bdf58c46b7954f

          SHA512

          fe9d7fec45d9475af50e48c90a653a4754ac726e1046e88ab1d0d4fab09678488704d34cdc956d0db1666a01c213f19b99c21b2b6f8e9efc6087eeb40fc5e34b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          547827d1fd7921bb1dce1010b46186be

          SHA1

          32b50d8efb5241e2951279201c12d5244a7cd577

          SHA256

          4341e0981124ed65f5774a7070a8f39a5699d310a5049297ce456994d630c5ab

          SHA512

          18645a5909f1c42d30b5efdf2ec995c847717dae439bfcb439843fa1f60dcce29b87f482aea5c142d5ef19c9bc7021d6c051e97693660d49c59e743b5cef69e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2124271817d29e61f740295386fda958

          SHA1

          95eb97c939ab65f1f2d77bc0904efbf1472f9827

          SHA256

          8b526208875ed9a29d2c5af2c93b4d1646ddb3d523159b65eb41027668fa670e

          SHA512

          2ee79b9fc01eff5fbda2e4ffecb09d5acaaef4ac055025237c331e5d933ce3327ccc8ce9372137c6cad7a755175f11bc217c3f3aabd2698e60baca7fa64eaf67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c852f6decc4300542a7c0384b6fdfbc

          SHA1

          5cc32d86bf1dbe2ca679fc3e7df7cad2c4b4e237

          SHA256

          77e6135423644d6781d06f5155f5b9162f64648c5dafc914373fb184f563694c

          SHA512

          2af58ca9900a93e8de2f3d38f3fa6c052a6d086b9deaf2f4f909657117428b7db4c33343c785ef36c03bee8dffd48f180c06ff059822cd08b48e6ea7d9ca6855

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f6e1c460535512bb086e00f5d2d2018b

          SHA1

          615b4b50ffb214fc857f34f666771efdcb84edf5

          SHA256

          d6801c24ab2301afe5a6ed21936a62121e43da9cdf8064d63bb92b8927a9b193

          SHA512

          da8e72474c7d8d889c5ae809e71c10f70973b704ccb81ce9b33a5c6aa458c040a25f8ccf192e12d2b3a5da5e9b068e42cdac9dd9482f5501d0505c877fdca52d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5026f2e3ff8fb0d6b959429deb20542d

          SHA1

          7594e6e21741126b5bb98e55e8fbbc4b36ad5561

          SHA256

          9685ef5b117df53b9139f8f024060cf99a6455d3c22ba6171116e6b546098be3

          SHA512

          48e56cee33d6143e31ca961ae4e1d90e7a1857a30aae77a1ec3f84a46220327f1b79c50f8c17974495b622ea2b2e69a40b2bb2bcdbf02ff3906641a93a42533e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9adafda2865598002d8aebc22f96e540

          SHA1

          94779d6c33902bf65cd5b28037968f91765d8d9d

          SHA256

          c4bcc5475239ec92dc394cda6ad359b3565d63abf071fd50af8ae515d758b7e9

          SHA512

          ad19dae9969d08de920ecc61118113a4710cdaad89a9b9ea8c9cdc889d82b618caf2057b7cae03a7e1700dd78a4b9b20c1103784e21bbc95aebd3425513465fb

        • C:\Users\Admin\AppData\Local\Temp\Cab5820.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar58E0.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b