Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 22:55

General

  • Target

    b12e14c4a384fb1e266d08d591d176a2_JaffaCakes118.html

  • Size

    98KB

  • MD5

    b12e14c4a384fb1e266d08d591d176a2

  • SHA1

    6c2280dcfe64712bfdc9cf95739905df779955c3

  • SHA256

    9da4204eb72a65b80af857b45dc87cd75ea52ed144b5df91ab4ed6751bb94baf

  • SHA512

    3e126113571e324d848db0279e22697ace0e4d14dfa32d3e2162c64f477229635fde7bca01bbe2757f1bdce073c1bda9c9025cf471ffe621e891c4e943f09161

  • SSDEEP

    1536:KWvLQZqovXD/XMGA8FeYk9xbckcnn8Cx3XzkQN2mXbuj/f6h5JisF:JovXD/XMGA8FeP5cz8CNzLrXdJvF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b12e14c4a384fb1e266d08d591d176a2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    faf804ada6d3a64ac69631dbdcfbadce

    SHA1

    3e98f1a5c0d3c62c44abc304036ef07732a743f9

    SHA256

    dd9b90c64a5fb3153a3344f6534a28a76e4a7f4d51750a2d719e600d9f37dd05

    SHA512

    3a7874e05e4639b70a60ed86582cf4812dfd5b45e21725d3a46fa11706e02a3925d005fe5c424b6b1485d2e7455db3a84f34c34ce4d41ded289b5c7007979a30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d26ce4616c53d1cde4dee5dc6cc0673

    SHA1

    88f2289fbb9d4ba2a54339675e3fbc2b789dd9a1

    SHA256

    6fb84a12fd14ed28f8ff5a0c5f887b18935cbc9f762006b044bddae3b10956f3

    SHA512

    f6ff23baa4979b5124a7eac8d7523fb5c9b3afd79ba72291690cc7f0da35287fed125ec64d59c279603e1fc07a0f591b6b52348f399a899df15ef5e65b916141

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c7fe5b299bc40d1a359eb5f42e349fc

    SHA1

    d9aa175111b12cb65c5b0b101f492a0c888264c1

    SHA256

    9099e86691c3fbf9b9d870d1766fd202905d9f39ee2892afa530096fdc873447

    SHA512

    257184d42c9f94b9d9e60d8b85ab77e2190c2eaa8a11f6096bc6bd8c631fda038e96e2db7c04effe93c6cd2de348b4cfab194ed4a2eecd3a4bfe09d6e1aab7ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e95e93f93229dae2c09c7ea476f991ce

    SHA1

    b3814842cc273bc9992911310af173d22a9b0386

    SHA256

    1b8553a2aee747f43fd0b972d3c55417abc2e7cb7d1a579c4c1f0416471ef6af

    SHA512

    a3fcf2a416674391c3c34b4e246b96e33a4ac79f3aafddc8cab44c4768e7f0a335a678074b4d3032567530a2a6360a744a94418691a22ec5141e6b31cd3b6fad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f71c4b348ae171eb20c419193433ed5e

    SHA1

    3e643f5edd8dbe479c729b43abaf8a71a1abfb6e

    SHA256

    3b8216d489beaff8ed9c7d331a775559b038df051d358a0af686c2b6e64b15d2

    SHA512

    d155aac7052a9377122e276ee4a6e2d1f047d1fed7ec429cdb98a1f6f9e23da2ce8bcf86965061062f34b7df6cb2ba78e5c5f6f795046d7ad82f9f625694dfe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b29310082a0fb9998d5fd890b2a1bf7d

    SHA1

    9c5ee389617e7308bdb534ba7a4857b8ecb4f39d

    SHA256

    3b07e9aa63bc8fa79d35ca22e63c6832814cc97313662d3f9ea2d4da7706d1da

    SHA512

    ca4da066df1877c809dd76c8226be708320ff9b49aadf78b7fa6417306b7b109f8808790935f70bd8451197cd4ff9fbe5579079aece574af1d9e45f4a2ad25e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c8a85871d69d8f87c3a45550483fdb2

    SHA1

    2c3d7d0fefb74f0a9d0462926bf482689d2b83fd

    SHA256

    325dbfe509be5e5c6d755e4d63107e33841608cc64ffe7605b09eb4689e071c9

    SHA512

    f684edbf969b98ca1cdf37b12ae82f394dd3f5d5cc71190c3a65ac15cb82aab0c06f7c9335f01a2e9ec8af83737d25eea3b9d00e28e51f7e1f81ece4541b25e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eccb58d7f5660c276f50d1f6c175a966

    SHA1

    5a416bf0e04e5688ade25b573d72edd5b0b75b05

    SHA256

    0929cca0882c0102e3b3862902bbdb0b970be2d39038fe1e0822e1c4ebef55d8

    SHA512

    944dbcb7582899a5f2c3411ccf954badfb31933ef68cc8161a2ef129ed45d59fd2e5b75e0e6910be3ef738a10daa4308a089f6f7ab4fdb32f3b0aab92acda165

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b767861699feb4f9b99102d879a5ce4b

    SHA1

    72863de68c01ea2544bd60990cbea56cd0bee878

    SHA256

    5ff486de8d0926b00f88eb70f6af82f34cf4efba69e274517dce486004485297

    SHA512

    547fb724505dd17a00a01aade30d3965dd9ad2a45236ab760f6cf4ef91781aca9f9b757857c4b093d3d5f582e3ec4f9235a23a1edb242a2aaf098b8b5dd837e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37602fa3a3984d2ae6de120602fd230a

    SHA1

    26250267c36898b9a280fb93b2ef08af65964765

    SHA256

    fa6b5131150fad8abfe5afdeeab75247b3e9a10cd863dd9bfad935f515ab5792

    SHA512

    e4ac66f0a7db7c9153da649615e89a13399ce24bc319e3ccb42dbc55c920cf535a66f56d531e81aa7c21c30a25af12f66388a9af6d9ba6989e8a3483d25a9a7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68f15346b0834417db3df27f2c8621b2

    SHA1

    0c4efe3bd981ebc8cd5fee25ecf49c51096fe988

    SHA256

    ea4197c3080243b9ea4a761e58673727ed4714b880e4199ba734d8fb9701c62b

    SHA512

    74b903f3598139ce75c1610dfccf94191ad7368d7895808b91217651c7c66a936891bfae498d515bc5d6d0169f03976957446f5e5c405b8d37c6abbb0590b4c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f7cddebe1b048bc0d3f4e622a349ae9

    SHA1

    a3507197623f8a9571b8f709f3d0e01c2835adb2

    SHA256

    95746c46a7f55d9128b3221b4617a1c72ce447b55c32e27c0682e56e26010f78

    SHA512

    6058950844a274c701ea2aaa3e1b0061d612670aee100fb2f21bf374462e474a2c72ff3961b7baecd4cdb34121287706d93c676e31fabbb5627dca95c36b283e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f86474cc25fc3aed2fe9521cf6afc4a0

    SHA1

    81db4cbc16895661ddd5cf62deb5f02bcf104c49

    SHA256

    7b481c99720fd8d3f68f4e30d0169614730438eeefb73ce72f2eaf58629ff214

    SHA512

    9d057a09caf3d551dabc1bb6f64a161eb5cffdfb8e7ee54cfd112143bd6b49e21b612a6bfa9860888b56adb60dabd5dd8393b7e7ddedb08969f8c84ac5c182c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba7f3e781c4b0711a16867fa92b03096

    SHA1

    4612f5dbcff6752d6457dcf651197ff966321bce

    SHA256

    c5de055c7c05aa61bbc4967d52c887a14dc8242f8f9335331ec67e1e572bb2dc

    SHA512

    f7ae4432c97b10b58d8f63a23327729d7ef88ca4f2bbdeb2d87da1eacb55baab9b6bafd685a35f56e2f157c2f94b58b99a9f7bc21c0e1d6a33054f8b004dd83e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fbf4b396d9751ee9a7c0a8f09d85f8c

    SHA1

    cca87f4e728edd1f62ab7e7b46886bef3f5db0f0

    SHA256

    2079f52d68ab21a606f56392dd60107766cd3e84a4b8bf2ea14676d0e4fa410f

    SHA512

    2b188620757d9e4ec3ed5c16d772bf4c0cc6ec26e86c8782fb40201e37897f65a9cadb1af13986a40ab3569cbb3b5aa2abfa33663bab1f73404cfdabb9eae386

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    962420fc2851aea662a211237e82088a

    SHA1

    7af466699c269f3159546ca27172a2eb5eab8321

    SHA256

    99c622f75e9da03cd729995567cd04bd451490355a812bc0be60b4af9fc7e2d8

    SHA512

    27793465edba1d8019cd35d3f3a73a85110b98a6633c4e72a6e38b4a2d7e46fd59db3c9d9761c7bf682c00b030b749f8ea1e9dc91b51ef2df4d640a1e4849e26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54e5d1532da29183f2240fc26898127c

    SHA1

    b00a76442cc2e7f95b09acb6acd66c29a365c86c

    SHA256

    42075b7e525077935a363475e472a8629b92452a63de5be17a275e348444546d

    SHA512

    6bed9920b25fb437cd438066dc0929892a59832b356750248918e27a58cc86c06291807b768ab7ecc3c0e0b8156fc1122b65d7b0c587334ac25a40d4d0d2d425

  • C:\Users\Admin\AppData\Local\Temp\Cab4BA3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4BA4.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b