Analysis

  • max time kernel
    141s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24-08-2024 19:41

General

  • Target

    bf472e2b04e1b46ed2d6b83ee0ce8c3d_JaffaCakes118.html

  • Size

    11KB

  • MD5

    bf472e2b04e1b46ed2d6b83ee0ce8c3d

  • SHA1

    614bf5b0511a3f3aaad44e6821c8b2afb78819fd

  • SHA256

    252a6e3216bfd3403382c13ba472608bd771e75ac64afeb5e86932e4b2829835

  • SHA512

    ce0ca016601ef11b4b45eb69c57319008db653ba1e0a106aa41fb03187bc8e27fa064401974fa5d9742baf58aef27f5f43c041f1c12fb16b8bd323fa30d9d89c

  • SSDEEP

    192:FbbDoKm06D54dJnJRfLAqIzfjDPeBrZEV6QHxxRm+3x7K+JxHQWNMpHSa71OydvY:Fb/oKm06D5EnJRfLdIzffPeBlK6QRx80

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bf472e2b04e1b46ed2d6b83ee0ce8c3d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:900 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e192abc97be9f2d59657ea0bc727dce7

    SHA1

    fcd96ba3fc5eff5f6883d2e315d786419d9d5acd

    SHA256

    a41ca31845da500722d3648abdec8b68ec638847e06c535bef906919dd8c1425

    SHA512

    bce2a777476dab480951279c46ee2bf242d69bb1e23a02dcb661c1a3d9149203ae6af6b2eca77360c449891e7299e0a753346fe5b0e1b43d5b034c895ef20da2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31712fc5959b2af05645fe451688e0bd

    SHA1

    c745477e0ace5a45a1ba58c0d355b28fc8f55428

    SHA256

    2123ea002d4c5fc39748c13ebdfdb812878f2940c99d35d1bc85c56aa1cd0569

    SHA512

    7899ebb775e2f8b30eff0c702092cfdbf1c739889f6326650ee8f9015d45a7199d8199e504f422494c57cbce3f7b0723d1ad9426241d15e69c0503312b6418b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    810fd34f7bc2a1d50a47e53d44327488

    SHA1

    9927f31ff99388dacba52f1511819d60b6bb1b83

    SHA256

    b52209d06f506c51b4c2c09135a8f02fd7fa9786d200554568405a2bd47feb79

    SHA512

    36b25dc14d72e4cdced66d3f1b036f589bfceaa1b8588b6a1ad83556323cc672792bdfab92c4fcdb6a5fca023b8668c6d06534548ff608cafaf1900a1e606220

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0f30b7fe447e862601f606ce365a0f4

    SHA1

    242f60fb47221c6b77215e072e2a192957b96be8

    SHA256

    f46ae3e8e5eae9a2dbf55dbd079c82712ee71e311d822e18b1fee29ee66132fc

    SHA512

    cc3f14f31ddbe619daa4850a94ab971d7260f12bc0672562e1a4b301a3486eaf39412fb49a392cafece14d113e119a554a5fa4e20ebcaf869d5bfb42fad284bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    219c11c0df31ccfd70add5a3eb4a3af1

    SHA1

    abbc60450436c1f2152bbf134dc06be35b9238cf

    SHA256

    21bd1adff3feb42861db2fb8325a6aeca17b8fbb33afd19669ffc414483efe86

    SHA512

    b64946f412621f9738768f3222325db0236db2e54985e6dcbf40135c8e0a4d44be4e8206e14772a93cd2e4e932dd07011608e237017e9f6f8c8a63ccca621b5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74daa1fa5783667df192010f0e81c25f

    SHA1

    fbf34e6872c4f41e4419fe868660346e9fddb354

    SHA256

    ec298db7fd37369ee0e8f51fa2d2d199c27419e79b201dcc75fda5d0b5cdcdf8

    SHA512

    5e87f258df1b0e8317d676ae317d44ab0fbffe37d1be5d1155834566e59456331da51410dfa0ee7113b36e2050908a1ba5f1f557231e9a866f676238da0264ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    932cae3792d7ca637da43634c7941401

    SHA1

    ceac84f4df98ed718841dacac1d8254de5b74bf5

    SHA256

    9daa7956973478082b49d121cdf8f0a37c19665caaedf5259c9e59d7c3f64688

    SHA512

    1ec725814ee80d83b93083927ac2640638cef2ffba33cb536961058bdce0d7318411ae09a2e65662af3bacfdd4e739c2bc7021eba9cd043a71663b33e16617e5

  • C:\Users\Admin\AppData\Local\Temp\CabDD19.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarDD3B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b