Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24-08-2024 10:02

General

  • Target

    be5c174e61f800b3909231bbe7ca223e_JaffaCakes118.html

  • Size

    17KB

  • MD5

    be5c174e61f800b3909231bbe7ca223e

  • SHA1

    be7419b0bb3dfb3ab193b07cb2635664a7ef9f38

  • SHA256

    7b4deeaa05b6c92faf5a0f0f699e922740d868f23ef314b5980fda67b3b79313

  • SHA512

    897d57e21064282f8c84e60e3c22297c17c9f47a11c63d62d75a568967d503cda43417f625ce12a154b08ffca8fdf562be608f8fbf078803cff2034e542064c5

  • SSDEEP

    384:K5RT2OT6/Lzdl+8i0/eUgU9uGvwNUC6LvUIEoq:bzhlU02e90NtLINq

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\be5c174e61f800b3909231bbe7ca223e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2564
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2564 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4c98d53ad22cb4db73aa432c9b3e237e

    SHA1

    ed64c1049e6c204882d9fd462d9eb915826e2de0

    SHA256

    6434b2b7a035fe2179888959356dd7248f45f065f656e26031d89750f5e45f98

    SHA512

    6ad52d2356bd296f007c6bbb6596ec2aaaf9edcc81b9e7fd351ee0f7e3d07ffba755f0d1ecbc782ba8876c5a59f2595f72b82271b09e07226025b21a09929b6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    879e376575f9b9b8344f6e93701ddb23

    SHA1

    3e1afa397feb872fa99937a99500b564ab226050

    SHA256

    65aa986ba28fe8521ed196b9221bee18390566e0bc72f60ff4b4ffe5e6aeb375

    SHA512

    1e83590b3fb056b4fd533f10e67c19d49849cf9c3d9dbf120ef0dab57dc0868e793630461ac7f4600da235f4acead6dd5fb88b0214e8b6540c8f01a1baca0712

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3994871edb9c3bfddaec5cf0d7b92318

    SHA1

    36f2a1d8832fece6b59a56230e66f6c51011665d

    SHA256

    56bbf4f6524cc8472fa432daeb77231cb5a239eb6ad7e7bf32aabefb61fc15ad

    SHA512

    8d0a4a608ffeb78b13b6a43db2beebd3a70ac2c60e4632845afddb6645969f799a4e573df006af56f77ceab1dda76176c15cb510b80db45222187fcfe1392218

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7706b6c4b038bac6407b445f2c121ac4

    SHA1

    a20ca4ab6f46b688733b18f39e7cfb3d3956d7c7

    SHA256

    75a20d6204fb28f8427ce433383400745b5e120e30e93c6891d241705438f910

    SHA512

    ce7e53cda6c41748b0a3172cdb4e49c3ea0f74daf5c94e7cc41f8f47d4ca043fa56891cd4676799316576c008b286a1619a988a751a1bff5f4365dc5e674c5d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7c1effb0967fb020a4aa335388f315d3

    SHA1

    5c0f6060600ebe9524d9e5ee861175db88a81b40

    SHA256

    eef01f77bafd684e5171749e97962fe75aa1a397e4ce034b7e8310afa290b93e

    SHA512

    3acc8ecc198e62480624ade8cdb7dd833b955b8ed69fe292187da1aa3fbd89ab5f1a16086498ecd2b259361eb3b25940be41d64bc43d4338b0477a6710518d38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f12863572b72b4e9004e3720c61f3a0d

    SHA1

    957836775d34a9fc765f5a00198d7a812471cf50

    SHA256

    f8f3db0ea361ce658072d12e3ad4e4b49b9548f488720b67a79b0dd2e6b357ce

    SHA512

    fa8ee73a719e48aa3bb87b42b408affdeeb07ed95654a604691553cd5379e12f7515122f8eaffc26883fe6c412d3467ec9d1ed3ec3ba5c6da5300f3a133b4dd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    22341ef6e689258e62c619edbbe62ac8

    SHA1

    c495d8b82c9f15a9309c5fece6d0248fd5eaa494

    SHA256

    45b49b6df718553c259f008f607e04b8033e9a4fa0a376e8385055f70636cda4

    SHA512

    2f81a68bec59695cfefafe05a0a35b6d1bd84970bc24daf3444055d8870a37d0c4486369cbf1b9a4e0d4c9c994a7b13e5cc7336875a001408169d75e93c9a471

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9b61d09454844c2614099950e33ae490

    SHA1

    563f33001a08989c6ee7c9ab94b3a7ada4ba4b47

    SHA256

    1a67620cdd3a3ce27f8b423c1941e26405f309877bcdf41cd436d3be0de34fd5

    SHA512

    2e22c05ff52cc7154279249d55c81e97d9358bd9a98176ec207dc841129b4b4f10cf712cd8f4df9c834a917c74a2f29b25472bac005749ad6a6a40a6971fe2d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    eb405ecdc8baa56ff50e8952f0256069

    SHA1

    d49deaae28621427ffcef6881c8e73eb2d554f8e

    SHA256

    59b8969b0074235090d79589f8f4c1cfa33122529d7f58d07fc642651d324d77

    SHA512

    c4759bcd5d06b8e5da0d28b5718301be3a16f175d815b49b671dd6a0983886c665a989afbf97a23d6534bd92c61bab30fc35962284c190061d9dc6f1f254b5e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7c6f3f6552ac1d6fe0e7a0fb820fcee2

    SHA1

    dcf8eaa081e78262d3f38b761d4afb691b128cdb

    SHA256

    e0ce0b2eb4524aefe102415ac30c4f90b32ee86d885435307f72b4ac0f0de52a

    SHA512

    8075772b42a8cb8a7d20d6435e4eab6c2517a98bef697e89376d472565813a4c93651151af25aeeef8b2991643547d124a373aafc52b05a6877e6a567e38edf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    692812f0de91438cf43d5ee40bd8eae1

    SHA1

    1487786e96bf13d5837168c11a0e0d9100f8548c

    SHA256

    70468640c49708a3944d21d6870aead630452d9e0923526dda72d954c8a220d7

    SHA512

    e8b009e61f7b2c91d270f8c01df48398a8378f75fee22e5d6242b1eb65cc54a982eb820a4d47181ea8cbc5ef40edb3d99fb4073028430d6a6c233d9b9ebcde6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c7c0931a7453e9b74ef54db89b841675

    SHA1

    905ede3948b11bd15c8976f2a6cda86b2a66577f

    SHA256

    5cb2e8e6da2175b9cb2376107e968fff3b8598f557c4ee38e91c52e320f6467c

    SHA512

    9111a7fcde5fff4daf1002c83b10f0a640a1cb6abd9c74b65ae3e2db171d18f02fd0150e6bc716b3536d70c39e077130d58a06702a20e6c9316dbcec3443e6df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    08c32b20ddb3f5e9248f94e5385f7920

    SHA1

    bb1657b696e8478e213413a7b43eb52b2c423aab

    SHA256

    a690e75bcfb27538f3209d4bec1133592a81c8f205fbee1077d12b37da7548a7

    SHA512

    a6d9b6f8b76c59631722499a168be80fab303160567f4bdf828c7028c7890f5df9c31df1c0da911e21d733cfb1c864f3ec30df924d7af4a166b7fa707ca83140

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d877045e972ee35673da02b8bdf2cd65

    SHA1

    951ed7684166be29c03cd8dcc2afcde54804808e

    SHA256

    bd7c721b305db1d3ed31fc99f2744da38256e93c85b953994476d73619891786

    SHA512

    815f768d3bd984dba45259baf4f2c4426d4bb1025f34deca56f51c3b8edc8b904c23261d629aab9d393f2c25e47772d7769446b5390b32b99bed7be38ef56173

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4dd3597533c14ef580814a0a7b0bbaea

    SHA1

    e4e66f889bcd49bc3732ba5d41ec18e768541da5

    SHA256

    b6df7de359018483d8a10a5863c221aa2d4b94fe1f29efd426d147b35f26d1cf

    SHA512

    9ccf15d881dfed47e2a7b8aca4cec8aa76e8346973919533cc69088b6643c9af95df7294a6e26fb00492cad251c003b5cdf74dabd77c3cded9f80d62542bd3f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d4fff2e063b75057f2c8d00c0ba7c761

    SHA1

    b285dabcf8f3dab2605660283a0fbb5e0180232b

    SHA256

    2ec41c93e261f88ce98d602c057ce2797db33a281dadd2da96161745a2e8c10b

    SHA512

    800dbeecbbbe4cd2d2d55ea5eb960dd418583f41ab6aa0f5ec8475d1d25740beb3ac8506045b334d04f7b5b2f8cca9b6e68cb5a54c49a6152ba55c8243c22dd8

  • C:\Users\Admin\AppData\Local\Temp\CabE302.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE3B1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b