Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 13:55

General

  • Target

    bc0192def031b3ba08b4fbecb2facba0_JaffaCakes118.html

  • Size

    6KB

  • MD5

    bc0192def031b3ba08b4fbecb2facba0

  • SHA1

    0108658195c883988c7439bbb98d64fbba408b97

  • SHA256

    582ac77fc24cf18f00bf0e3f2bc6c2935c1ebfb58df5fec84deec1a9774056d1

  • SHA512

    2989119f62c402eb19f551bfe95cef4b90c2e579e09a395e4a8f82eafb6cbeec860dee8e8812094ad57729604bebbd64c50e66067a491420695e567c03304660

  • SSDEEP

    96:uzVs+ux7pmLLY1k9o84d12ef7CSTU5ZcEZ7ru7f:csz7pmAYS/sb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bc0192def031b3ba08b4fbecb2facba0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3ab8ddefbe67de4b1b667efc173ac053

          SHA1

          7d9ef1e29e0c05ba9958a241bf4e1cb2b813f17b

          SHA256

          761f422f36aa7e661bee1d423797867951e8fe59278b79eb6c80c6af5340de29

          SHA512

          c843bc9e2ae0e6f2e75045265ffa40caf0c68c9134a09cef1d1bd8eaf74f71e14992c4624705383c0aa6599f95b56630ae99e51ed55117a5599e36aeb7de93b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8f19907d6e164a1aca71875a81dddb9a

          SHA1

          cfd560abf6ff3c7b84d2970124042b17c5b5da83

          SHA256

          01e11de373325f3f10dc022c2d8699293a05f9bafa402672a6eb7e2bd8b0310f

          SHA512

          6adacc12bdc3e20234c364a0b4dd0fee341a4cf37568b3f36feb89c47a5d122a8193de81bc13409acb8820065561dd34e1fd2eee98d878ed28d5f09ac66d4d9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73b79873ad249b6155c21102267d5556

          SHA1

          7ed4f775762c0bc7a8ed8027b6dd483a44aa834b

          SHA256

          777546f8342a4eef9f5d99ba1d52263377a541ef47e06268000b854ae7930bcd

          SHA512

          705c9a95c665630d64f7a3011c331e99dd0d7132024cd938b95f0e2b5e35b5993524e1e623862d5cb2013eb8c4be9a90d7e9a21ccc6df62b99450ce905b244da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8554f53feb1f8d5cf6d9b34de2f29848

          SHA1

          3a6a0fcb7f93ad345532df9091447d51155e66d5

          SHA256

          4f64a47032d3ec609ce626c4c9fedf6b291f7e35c542925b6a2ced095d4fbd29

          SHA512

          c2f4a00eb9bad354494b3bae1d865f074961348a94e0c17efdbe0b82e1e3c5205242830f6198af51c086ac5fc1419bc05e968ba78faffe90a73bf3cb2a6cd80c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          75eeba2af52368071aed20eb955fcbca

          SHA1

          de5c5023f49cc59734f9ab5ee4566c9ff8709b2e

          SHA256

          1317d456c391bb6ba2cf5c69e9ef468854ff6775ed70f96ad8f6c30ff5b77ae9

          SHA512

          74a2657a8d60f42ec7a7aa7ea635a5a192c64d7d8c3993063a3a14d84e00905ac3125efc3401185280672e82036b1513d178e24290c01d83882857ea0c90ec15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b403796166097e78e21e5857a7f8a7d6

          SHA1

          c694011b272d37a48ac312aeaa47c05306bb0dbc

          SHA256

          db17e206283636b59fdc82cc2b4d975b65befff527264fd2c1850bcbedd5c8b3

          SHA512

          ac797bfca330f47a6e4f885b101f8f9badcf89a68a787786bd3d3d446e4b419ccdbe5e5a3c082e8812dda048fc202327243eacd68227376458cff2a0a979e510

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6191b3802eeb5f117d547aca0f89e81f

          SHA1

          2a45a50aef4315978f169690061deb5eb5de65a2

          SHA256

          dd2264d6916f3335cfa6f0c31430b905b13c1a686d77a5cae1a290746ef2563a

          SHA512

          6146318499ad4fa098372d3bf7c77f21b75cd3ba8454fb2f71fdb97cdf6336cc6dc459e117d3b902f9476542d2fcaf4650b089a8b16779fb461fb5280657c127

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b7dbeaa0ffc1ca588bbd237a374e084f

          SHA1

          9883210c8ee77aa7ca4bf37e9c9521c6c0269bfc

          SHA256

          48b077d1dc8cc8d734361d3e36b617e8f25e17a03caba7c66f9bd2650be3bd86

          SHA512

          7edff0bec1d35095e99886771b770d8ecfc205ba2782149277836f17fb04c12d902821e04540d4b183d538300b5256087a694ce6a24bb6e8a5c6c782ebbd63d5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          893aa80043bf93bc2645d059ffc0cc17

          SHA1

          44e3569a5efff2572811105051c83f04c9a07738

          SHA256

          71f64282291ace86a7450a5b188273b93a9752cd5d5fd89527da6fd1c13c7d78

          SHA512

          b9a40d7c557f313ea790858f9ef1a4421720a3c73ddafc86227f41f247b2e0bc6e70c6a37f329fe7a6244a76db3d05232065e84d78a571e5d2e354cfaf7f24b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99f5b827f4519a42ff7455364d4f796a

          SHA1

          917a3c40336ad867f5bc91e60caafce7922b323d

          SHA256

          2040f323f6c712c8cdef59377d3c91c6f0fdb12a17b7ee4100032dae20efc8af

          SHA512

          f11330a4497faa8e849b7ffea5385f9d0163bc2fa25df416d1fd1c7daee205577aaa472cf73292fc5321ccb1f5577e866d58669e13b73bbadef95dc2eb1951de

        • C:\Users\Admin\AppData\Local\Temp\Cab600C.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar608D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b