Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 06:55

General

  • Target

    c02fe31e4546f7610641ce77a96ba3ee_JaffaCakes118.html

  • Size

    76KB

  • MD5

    c02fe31e4546f7610641ce77a96ba3ee

  • SHA1

    69eb9db088e4d11aaecf50990478b7969fe810ff

  • SHA256

    262d7bbc6753cdf310a0fdce5c1eb9917ec1e66dc39afc7e8a7476f22f84935a

  • SHA512

    18964015dc4287cb135c2ab1ed7f457e6d216b729f60998224006f3e9a7c8e57d32deba58b2d76446d9f034bac33bbb34c3c39d2b0b268e4e745b1910c86928e

  • SSDEEP

    768:XgOriWNcaSoagG/XQDJRAh7YVC9IWONec/LjGa/2ZyGJ9b6VfXVURAtNdBcpS29S:4/5XQDJRAF9IWONeCuZyg9GURArdBcpW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c02fe31e4546f7610641ce77a96ba3ee_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:624 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9652512c1b7370304fca4af00dc95bcd

          SHA1

          2b939e789e560e04065e3f3d460bd91eb700f687

          SHA256

          81f4fcff34a5ae6c8a418738ba0c4900de2ed773517068c187102d298ca3f3c6

          SHA512

          a8e9806ee75c6f19185569f00d932e5d36ad3e237504d297cb30d4c7fdf155771ba4908f9cfc064c0fdd14ff45ef6f67c68157a08830c2311f637ac79966f7c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3c515e0c2d336d0b681fdb9270934761

          SHA1

          953b3d96adf474c6b733b29653e7d3f2e83b4c50

          SHA256

          7c20cca89c3b7209966486a91a9a98d1679861bde9d63827a793026cbf56681a

          SHA512

          ed78a4e733c045b70e60011349dece95b487df668a454c6738743d0a84a34a04ba4f8039836242b9437dcaa595c171e2d5c94ff71f8fb5cd87734f9f243e8439

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e596bd2d5424d63570a4c342acba5ec4

          SHA1

          20bab7f8dc683af9c7b19479c69ab38dfb1aa920

          SHA256

          0bfa983dd8f2654cc9711a537842707c65999f9f107d4714cd03f791fbcad45b

          SHA512

          302804bcb2e7fc9e12b19102fe2ec6a1922cd3d9dcd844231c1cff8158ea533d2385061dcac5bad06f2f09876badbadf061c40c9f6943b4b83675c71ababf4be

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ad22786233d590145f27a6e9a054bb3b

          SHA1

          e387621a45b27c7e786d8597e0108dc5356d42d1

          SHA256

          bc169ea84dd04049a7a4cbeca8b1d861977af1380b7c529faf7904950a30531a

          SHA512

          aadfe8db14989015d763d1f3ed7555cc52baca6ec3e51723f03e2031f0f8bcc539fe9f32dfc1364e2517902d3020b69c50e702f13663c2ab2254a4f4052b4e92

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1600e5b8ea624dac9441af842989d428

          SHA1

          6c0323ff6cf88790bf1482d1989084feb452126e

          SHA256

          79c458b5b3f0a573b690d4905c95468ed83670bbe2be87edbd8caf439ddf21c6

          SHA512

          61262d8d9e1b0102b931d8385e1e0af35abf010ebfe59c073408206daf99a1b22e2d8b86a0120f1f4df4562537d7b993fcf3be3e84229534986db7a162d1727b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3063b39ede2cf0ae088f695d9d84a357

          SHA1

          0e63797e4152b61bf09fcd5fcb0c1a048ade625d

          SHA256

          2ead8869e25cf2edeef9c318b9c53a8277207a4d8d3f96a3354a3b2bff526e82

          SHA512

          d407c6b2df9fe002b17c2ce31d42bc5eb95ad9088fdab51d719bfe3c73d183cbb6bca6161f70145cf8d5f23a124f2dcc56e295fe4c9c6b7fdfdd19d6c6fb505f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4c95acef2f2f419d4cc0163a5e2277e7

          SHA1

          2fb7622609b51a341ab2bf043694438acb13a90b

          SHA256

          eab21e16595f8519c97e66f0c374907e33deb949dac5e1f68de149998d774753

          SHA512

          22ef311ef54f5fc994974007ff5fa99a641607d3149fd6e7231032de50884f581f7235e73cc8fd5f8e340425c9592d172a8bce95ad3a71396d7b049282046db1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1bbff9086ada6ec0dedc8efc93d35ac9

          SHA1

          f87c1c3b5d4947a888516f62620dfddf4c6a3c52

          SHA256

          6e1cb59edd53051e704cd79ebfa4e63766456a6e989bb692ca06fb53f117a269

          SHA512

          d9aed70e01a2c174449531f5563b9c467b8f4bc3806a685fcb1f675069a93a31e5021092e1aab7dd25f6db337f68ace652db6211c2afcae85583012e5b08f815

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00454c757b0ec1ebaa6e293bdc6db94e

          SHA1

          e56515a8c43c687f839c26f9a4865e677419229c

          SHA256

          cd021df0f83a7da80d006c4bc4ad7dc59c8bc7d0b1ebf7b1431784e301ac525c

          SHA512

          d04af8ce4135d2bd2a08b2e2f301605f09e3625bb1295d783d5f64a6f1d93267953e6d46c7475a1233c9391103d84524433dcbdbe0ff81694efb2da870ef2ff2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          10b9a760be534f644117361c648eb09e

          SHA1

          59ec69d5f41eaf08c1eae3d65f3a4cf2240a13a4

          SHA256

          303641c93dcc9cf30e175cd58fee1f9df2195332466f043725257d09cab2b7ec

          SHA512

          8d2598f43fd02c050b7d50de843675db6a56a647002e7d368ac4e9fc9a7ce173a98bb7ee03f1295fecaee4ac0f02131616dfbc68c63c62e5ed7f10e50320533f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eceb253b77567046a47bc0ac8bf2ef98

          SHA1

          c8240931dee8e5afa27aed57f9dd7f06872517eb

          SHA256

          5568513bf731b09564d2b9e29fe003ae19278d7993e148d3a7dc2558022a477f

          SHA512

          e388dbe483b0404c7164797ce96ed7a9f5ec892f0f356cf410a48518104f64113c0cb52de9acc186bf44e697835d50747aef383d9043dbbcd4b0964218943b4f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          563ef060eb330d878fe32b493c9ee96b

          SHA1

          1d9789993337743787cb5fc5fc4cc5163837fce1

          SHA256

          e0b0948a7f5db4159631cc3a2b03b5f3cccc40d951c704a58e5bb2379e1e3db7

          SHA512

          c66f64862e63eabcea400549733738d3c343e79e1eb91f3fbb83c1375fa362c31241a64b9fa744d19996a4f96ca1d635a091168e66f8e5e439d640ea317e6034

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e0514a1751ae5820d32da7113a8f23b4

          SHA1

          bcd173263c904a80294fae5c5cff245bfb8bae56

          SHA256

          20101d464af83e74294df25054a32a72d34dd3add134c41f584134a1f1c2f2b6

          SHA512

          bc95606db0d0bfadd5f484ab8feb7e0479e790a5a2ecff7ec400672ee433dd69cc1a28237dee0f23d31bf4482e47b6ac0cc49502c10854c90f2d63edf58dd7a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1070bd7a0779e0eb9774a7ece0a8d4c8

          SHA1

          7a81c1a3934d30806d735df910c031db64e4c9a7

          SHA256

          0bc8fdf84268ce119ae8a3215c55855b51ba6f54e26dc31ba4f3b43f10613038

          SHA512

          a1cf55a5c30193cdb6356d5303bd0e5f80804ec768e835d37063b19612eebd2f4be307771e2a34d0e1ff7f4ab11fdbb93b0a3f53d2551cdf48c0972f47ad05f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8319af4368a9772e169d5fe415af3dd1

          SHA1

          c2de21c9b4931f779bb6ee258ed000ef01dce706

          SHA256

          11001620c2edbec85d145fdbb7565de4f8b23f4ac3549c456859584fce10bee0

          SHA512

          ff5380d0aa669924328e460d1780c58ccef2b59f311aea24a4926adcf8e3976b6a45a697a2aa6827d774fc13f3bbb4b05f7eb060f3f21a196065ccf1027c82b0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8382f6e31107a7c1e29c3a6458597110

          SHA1

          6812c9ba1e6db78de91a65cadcd524b463e855c8

          SHA256

          fd968afe36e8b951407be344c8ef1ecead2835f0ae1b9c2d65d83965a41cdc10

          SHA512

          072aebf89cb4e30b993768a31a97e0061373ea5c8066ddbb7bc5a83e5e46bd5753deb83c45a19f10dac255fba1c5c292fa1e050623f0eb10151de77db4f1a1b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27a627b04045c9f80269ba91c69dca19

          SHA1

          00f2bf6d60ffab15230c5e3f42494ec5d84125e8

          SHA256

          4f60c44933852a759954523f8ba11f0b8a0a360abff49f4de63f3cc5e21a4861

          SHA512

          53c670c2c1c81a7e62c5869c13953aa3bf9033497c785413136fd16d07bd36fd710d20e94fb3b5cdbb0012be89f6b81cf1a5ffc7d1586fd401d7ab7fe157dae4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e10f5bdd7eedf6eb69656fb15f864046

          SHA1

          900cc6338b750dcf40a4aac76fb88b72bb531ac8

          SHA256

          1658b91f7e21796d85a23f4efaa0cb34ecb420f577c11049b3c623d9ea4ca606

          SHA512

          12f47193f4ec1afc1111d766fd5abbc94974c9bc23c6aeb6039b98721d11f9b909a0979e3d367e51edb0b41ea370b0f23832a79f98b7da338b64074382892726

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a43938fbac9ca349058cf296c9781c5

          SHA1

          c7d1c1e19294016e35e316ff49a8b23906a17dbc

          SHA256

          04e621c737997f3a9d4e128d7cc8a32982ad01e51887a07e4e691c3b91df53f6

          SHA512

          96c9884d3dcef3f3057fc162b1920d80717ce2f1a4085927b29bce7830854c982b9756f24a22abc4d3b0a48653a3e6a96d2210c554fcc63d6b4fbc0c8dc75e53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6b84b3527c099b378e57f4a5d9fbf832

          SHA1

          44b85ed3823ecfc3fe02b48256784a89e7824571

          SHA256

          09453ac6d935859236369875e21fe5be0f5bfc39b6781241cffd1c65775fe9c9

          SHA512

          b7370f91ca4240855bd9af25840282cf39214e214059a5a0fa025f80752086b7d0d06961d878e1adfbcf63483ca481f9c5697415e46f71647b95909ac49808d6

        • C:\Users\Admin\AppData\Local\Temp\Cab60E7.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar60E9.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b