Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    02/08/2024, 05:02

General

  • Target

    83221b14d3f7d611412099e257884393_JaffaCakes118.html

  • Size

    2KB

  • MD5

    83221b14d3f7d611412099e257884393

  • SHA1

    ec25a7f097dffc2b12ccc77ab279dc7bc7aa744a

  • SHA256

    4b87de18c47cb708aa99e2da4c27142430e7abe143420254202652c81aeb076a

  • SHA512

    30b4681de05231bc79810b1b475c64db2d8dd206def90cdc137e599ef5be128bdbad604226acfb0464baba11e9b4092d89e668d87caa654a7c9a240a4ecff24e

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\83221b14d3f7d611412099e257884393_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2248

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a5bd8b4a02ca0b5b8cc3c362e6639a97

          SHA1

          8d61c71e0f04420ed13894f0139cc00cbbb5cc64

          SHA256

          1267debf723fb191d2be951d075d6cfdee57cf859fc73256eaa9f6950bec489c

          SHA512

          a6df5e16c0051f276567bf9ed755184399fdb6263770177b2a978c4608bdc829e2d29558555745dfe689f13df163fb5471cee2a0de2949f5e82ab51e22d7d01d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00407289bc55dfb1055174669b3ede37

          SHA1

          940dd27c339f627fd87947de87e3025834e25746

          SHA256

          42ad4b72d1b6ade756db9958c4c2861ca7e7358c398fd18b60f9740b6a231e51

          SHA512

          f3b6f17e1ae7c0d9493c2dff64a0bea7645cfe2d0b43101b059bb43ad3e7a1a61f5f34dc112c718d048856ad5dfaa4d45916eae7ebf9dc129c26133226d6f6ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          76c7eb408159e3d2b3b2b8b2a5c059fb

          SHA1

          a7318642b8db6a1594668f8f6e363a20c6b4c359

          SHA256

          c47fd48e7da88e3a5c15aeda022bb24b3414da1f2f945cdc2ef8098c3a2591d8

          SHA512

          29f5a864076bdea6fce5e65bdeaec9810023d676b3468916782dd579a303acbc8b9d764fb588ed26b28af85c61de1eb7929d865279fd139e960ddea2a499766e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94d614c2afba2c8897a461f48a1ca7c5

          SHA1

          41bad85df33077007f1d9cfe8cfc58f1d1084647

          SHA256

          becb5cc3b04847f82494475a40006cc4387e7cf4b89c182836da432f374bbf63

          SHA512

          48e54b8d4f09a299bcdc6b20de65a841ff37119f8d23460b9964791c05a937f5b48bf682066bf38f8522683b951e1306e4dc8559401df8f042d9f0de6c04bc83

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2c6e95b4507de96aed8ca58ee701130a

          SHA1

          f8ea0af50d95f5728b9842403bf53f8eb5473cfc

          SHA256

          5a3a788ead5502d64f036017bc791f3134b088325c3fa0b5c6d222603b098a39

          SHA512

          083ede077c820ca75c841a7901bb6d539889ded33f1cd659d44419b2af80ec4a0ef7520f07b4e461e192bc3a12401bcc77da61fc6644d84c27473769d3400052

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          28550f5f9477cb01c792a68e303c5e01

          SHA1

          6ae5184c2e0f7a3dc3497f698b84641b1b770533

          SHA256

          8f21b66ac42cb5cc76b6225a05d427b85f2157aee6db285c768a1327ec2e1aac

          SHA512

          86ffb2af62f3110ed387005deff8fb6fc6e8c45b5d700597d05c13d4b19f2a4efa92ecf970437a53f30468d495d69f295363bcee7178b674b0248363905a862d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a9dafec1d2659f5b4e2a4e80a833a144

          SHA1

          185bdab37e2cd45c2ff2a33fa9ba3343dc3dd203

          SHA256

          f0cd08674918036477d2d86116a047298acdcbeb5b47d48644dc146e2f7407e2

          SHA512

          59452414bd5abb9f7ae6c69e66485480eeff49979fd951ad701285dac56ab9fe7d7ee4f5b581941d078d96f974fd21bd8100e1d2f9fc8b69c598f557ad461a50

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          28a99af0563528e6c512f1e366ad48bc

          SHA1

          7964302bc62aa32207cc8224ea785f6f51cd5e4d

          SHA256

          831b3da9ba0b25966009f969fa4308ff6a6d33e5b77bca415d96d13bb9f1dcf5

          SHA512

          2e02bebdd62096131b830d2a7053d57a52e90fb0e4d10a0d2db3e6b76eda4468800e03f08b4bb630a59185a303862ae4969a1b9231eca5fc61002a43334e5b99

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f1becf8162f69005a1182ff808dde37e

          SHA1

          2a8a29a35b67846260f530821a676ad9190e355e

          SHA256

          48f1b1b0f4548cfdda6db6a43b35024f56074c34f92155c855ecb62d1d7131f7

          SHA512

          bce0b5340e4928a161ae08bf69cbfd67e9b882a8548a5e5f28b3ecce90335171fc9ac1d8d59b6c46785a0fe54bcd8e6fd91cecba0b9ac5cf6ef17e232ddc5bae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          31f635f9940ee28f5c17a898e997b17b

          SHA1

          61859234b8efd32816d73f829f28035b0d606e9c

          SHA256

          4cac418be4986bff29f7b8b025eec4f4052c2063438ff180d112871bfcea8a39

          SHA512

          d9f5103c58ae62414379fd821724eed02b188a28dd9cae4ac4f44401aa0da7a29bef6808838d04ef2ebfd97de19ea1acdf9bb6ad82e3bd90364d4775ec5334c8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          01622655d0809e8a0151b0bfaf2e91dc

          SHA1

          51f33cc0fd15c9143b516eb997e0eb282d36e8c3

          SHA256

          a90970fe1bade78f9e9027a1dd189be8b58f93514efb8447e6a3760080573a3d

          SHA512

          0775357ddb492d1a3ee9c50d9add3893471a2b336b193a91685d3ccea66d99d2137dadf5fd2e36f1654d856d762e0712a514f18b11e8f4e93d4efd7dbfc66f17

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3624d1f002bdd1f7b557b6525c1fc0e7

          SHA1

          5d66c661dea338c85afeeb15a8ff00dfc19d887f

          SHA256

          4682001f6d035befa26ebadae5cc3337b033906d8a3494ce894a22c05342a698

          SHA512

          0dfa3762371986db9c8721ca02836831766f35a41549d775f2f1377332a6cba9f24126f5899ee9a55c5a9dffaff1671d12f250fc9cf2e8d66f3a45c5dc5f19ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          34d47eba9f7da11c177f63daac2702a8

          SHA1

          739efda82e1cda9e00f4da5010b92106c3916ca3

          SHA256

          939d308b4f9dd9edd225ea6a7605f20a3ca700f3eaba7e03b668b95fcfe20e79

          SHA512

          36cea4ef6ffccaf465af56e1a03fe3eee8c327ea97faf0f83e390882f256c86b9378e5955fbcfe47d65c43d0ea2bb4cbbc27f52f00a18f8ac7c2f62248e9ffbf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          52878421ccd2a5580f38d559586ab08e

          SHA1

          d3af58e5e531c1b0fb881a1dc754a73fa73a554f

          SHA256

          287cc48281432306f06162a8d9adcf198bdc76c15cf527fde951c6011c57b000

          SHA512

          78b98972128da5c7d5fc6f56988b2230c9147df82a17c0194c1777b8f36957d36ad3b58449c07c9bf0ccbaba26a0d142220eb6956017695b61ed9a9b0725cd95

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b95988a3b5990e12697fc034464ee3c

          SHA1

          63d21bd0e5f7ff9d6813af8af6132ebee1467a21

          SHA256

          c2aadfab258156b3bbddf52e661e63a5d098e8a3321768e903ad55cbf11c2e2c

          SHA512

          614f73a18a65bda95492a66293fdfd697650e3a16bc38e66db6d282b8c3bfab1026870251ed541670bd0fd0aa93636da0edf946ac6b678fcfac31e2b146da07f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5f6844b2f1b7fa6003d41fe026558721

          SHA1

          ee98d9e821247ca7ea4c77a0cea274b8fa2c91c9

          SHA256

          cfebb05793028f633b42346885a76f2bc6999247031b815281d1a9f2258437ca

          SHA512

          dc2a0d51dfa0e7f9d2cdf555e247d66ff899f404b164ff6c1a1eac6b3615e1e7653fab813740301e7400f8ac2d471d9413f8f291d888056276611d81a4ddbb5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          97e0ddb4199984367fa390eac23bd6f8

          SHA1

          899fadbbd895c57c57adecbaf531f2590f30877b

          SHA256

          39a9c08ed14f8297c215da44daa4aa3684976466e470e6385a2474390d26880d

          SHA512

          3c4f28fc551d67af32812eab5c1339ffcd19fc0be74a7f0ffda2216f8029106cb6989f67fd5757c315bc07996c629d4c519932f55c016e15481c9cbe12666ac2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5fd285f35aaae336e713ffb7049734e9

          SHA1

          03e41808948144105484019f76cf12050192ded2

          SHA256

          7e81ca19a6c31f0641909c4271e386979d1b6b52e8a0ea38f3acdfa6f8ce59f5

          SHA512

          2b367ff6d1819bfce1416872ab72c68b5293b41c8e9eb43965a21e508e145b00fd4d908bf3018cbaa32565d4ecb44842a184ce6077b4187796de7f4f90c75a06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          17e6da8f989ac11e5b169fae64db943a

          SHA1

          295b3d953ab9d6fed8c72691a7bacfaf7c4171ad

          SHA256

          916b8222a8e41677241b2e898e564896ae68f8dc8e138cd1dbf38d653a13c474

          SHA512

          1a8d37a9cc244d09c065ae0e2dc083efab51dc91cadb2e0a278ff8d0f2d7a7b4d45f15abefd27dc2a725aed71e1742a71217b513e3569f00eac67bb70592b569

        • C:\Users\Admin\AppData\Local\Temp\Cab8DA2.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar8E13.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b