Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 06:55

General

  • Target

    c02fe925c376f9243031a8cc13354375_JaffaCakes118.html

  • Size

    196KB

  • MD5

    c02fe925c376f9243031a8cc13354375

  • SHA1

    02fdf83795726f6a6162863bd04a456068841fee

  • SHA256

    d95f4c140501532a6fbaea8ff800242cfff739cf1b695d41591316f67720d462

  • SHA512

    bf9e3d40c9605c93b5b3a967e3e545ffe3dfd202bfc09644fd24172bcae0b5e15debfbc6d0a348b36381e91d070f164898c6217c53d2aa7dd42c18ccd0b10910

  • SSDEEP

    3072:edc3f2yfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:zsMYod+X3oI+YS1tA8

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c02fe925c376f9243031a8cc13354375_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b66ccd5e29970188613eeea286064938

          SHA1

          6e76b14eccd88be7655b04c3a4a4f41c8a8f4389

          SHA256

          b4a1586f50d3e92f397a2b932565f047e2edf4716a9dbb39c024e26974f83c89

          SHA512

          790c49c365e897468da5418c3f9590d6345d4dd7a86a5bc8ab6dac5a3164cffe20563d2b6b41f8d19756aa60a55e3fb1c5dcd8dd6fe0b413d027a9ac142ac291

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          51bbc0c9c4af83f43078e9d982d8224d

          SHA1

          7cca02a0e5475003e263392db5147d952afc25b3

          SHA256

          af4f3e289f23edb72746cd03bf1909edcaf953b4d2cba00248112a13bc68d158

          SHA512

          0cc933668e9dd847401c89ce312c848fea5af2c9deea15c3ea388dc72efce6e4dae234c95ac4733f63a4bd651190d3950ef5f33d3017485374eb3e2c9eb73174

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f9ce66185523c1f8c63545d6bf1b6a9d

          SHA1

          02a68952f888facd113651050fea93e3e76699f6

          SHA256

          c7f3270c4c71ba001c31b86700fa3e4dcd2dfeb04e98fcde5c302ddeda54ce83

          SHA512

          ff9d2a692696e2529a59bc7e55c38aa71b66e67a93b8f325231aa9502a111b89f0c541c3a5ca46e2f31c954e1cd7270081508d550977caf4c2ec4b76ca94fc19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b6ca1eeb87ebf98e425ea750997cef56

          SHA1

          19426d561e5afed5bc38c76acfd0732bef9c6ef5

          SHA256

          f9690f470e31513f1513dbd7c02dd8d5fb38e61633390058ec6fd5b946185a0a

          SHA512

          c1118d5e167ca70033221d20aa2d4aef543c0e895a4196d31e3dd3ac57b297127678b2dbde0b0d62a8b4bb06e064838f5644e1b0bc8513717adfd4461cfa15ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          416729a7dd11902e6ded0c0d8d3e9c82

          SHA1

          f74c87bb4962840a3328522478143d7722b8fd7f

          SHA256

          fe53862d720a9d7c25401284ac37167d32f49866c06c035a0ba9d0a72d6f3045

          SHA512

          fcf5ea38937b7d4fab2a1ebcab6d03196a8c5cbc8e682e8a3ef389bd05e1c58f12a1207dd94f237a112169bb432e765b9d74a7edcc895cb302a6cad2f81f4eef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          abc2842afa5b4265e94d7a09822e9ed9

          SHA1

          6f1d61331555b20e7a9164fbcc9cb138bda06654

          SHA256

          6c65ce395a85a83e8237671f5368d55fe93b438c60c146cd92ed6a82ab370c82

          SHA512

          f7cf69c5185867383e521b0730b85d8b23c4b64b4511fc545d19154cddb2db9885bc0c6a5e3a09a66dce051894719e08ebdf4ad075d2c8419f6cd25b5ff5a352

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          803c3fa2fa80edafe943ef306f60852f

          SHA1

          90aa081050ee9ea1e5a386bd5da097c4c8ee9549

          SHA256

          d3cf98b8e4cae96ffed92d1872d411090873127022e99bcc8820903a973cc292

          SHA512

          7f70e6ccafc4c6dabd691c60ac678c429e179ac78218325b0b6f9fe5899b8b31ffe23002dbe443ee951129b2cdf23706539edf5e7b7b38461097038636ee421a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          425963d1f59d6eca4529ee9e2e1936b5

          SHA1

          db27fd31e04e0b97a3c15f0a0de885e4b1b5d9d8

          SHA256

          db979c0ef7876cc39758c907c0bcb7b951147178c1db1c4ad61c9810ff9e243d

          SHA512

          fac26a755702dc10e11cb7aed80661bc4174dc4e160472dadaa6218293265a91cf5c7fecbf90214c7daf8d6cabbbc48ca431a1f8714e133690e66a662c10cfa7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6bc06ec41b272b3430501aa0f838fdf6

          SHA1

          e609c2106f32e36e9b3a316da8a60449c8b8ed86

          SHA256

          255f6d41589cce409d5a7a063a0dba54c17d82ae4453affd4f8f5f8189f10579

          SHA512

          34f95eb48060b3ba661eeea689eef17a1af3e73b1161c5f9b197afb93151d6a4f3ab079ea67683fffb9e16a07be5abad0d2bbd08c6b0e76116c961059984e26e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8659418821925e8a0ea4eb6cf4f2eeb1

          SHA1

          ea3d0956e82b7e92db1d039c3dfa136d020182ba

          SHA256

          1b8a7237ab5d99ce1ac22e3f2071973bc6482157fc838258c0641b97712b0fa1

          SHA512

          d2eeb7dd3ea4b0f6ee27f3f08c3929d7c6c1cba046270f543e689954b1d9b7070e834101141bbe14d5d5bcde035ef6742b0395d07d5e2703c69cbea7f36b48da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          69f720e1a4c30e885c2a19caec197101

          SHA1

          2806c5a6bb2b7d6c3bc4ddcabb602fa914b05704

          SHA256

          2d329fb1d7b98b8699b82b0c4a8742e17c2e6e9f6124de8af73f4f4017b39ea5

          SHA512

          d406e1079b3da3c2b2f1d483031ae8dcef3aa13e316891733e2bfd2d86d85248817f40aa491bf66f53ad662393efa97de231ba27fa9b53d2a1657ddc6d159d97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5ae96deb40706f1531c4850adc9e56d7

          SHA1

          12140d1dc1e4e617a08dbac85442f9628ed0b38f

          SHA256

          6a2e8eb5498aa875ea3fdbf257e3af90038e6ed20dcb7afed35ad23f8bd99cca

          SHA512

          7a6df7ec568f7273c5e57bf038b83552dc2e584f8f6e5d7d418245d0b16c7a596dafd60581a889c2aed550d4926310f283f3670d9b76c5c5b022ac19003645da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dcb789a67a342d8a3aece70c878cafa0

          SHA1

          c84efa3fb34580d78be933d7c627625975ffcdf5

          SHA256

          dc2e7236392c07c19387c7b88290b9e34566ba407ab98ee492375f2fa150b343

          SHA512

          c957274b813a40c44f72bccf6be92e737622588d3fa1380a6390cfa34e12ee88626a0a63c45579e3ee7b61b8f4d2926dc12c1372041cbe634265749dd921684e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c4d4d91b44216e52d1c65757142163c2

          SHA1

          cfac1248951d596d55f9f01aaab804dd5098fe77

          SHA256

          923c3e2a5f6f66693858deb46a642e3237f230430b08c8e0e3c8678e411d43a3

          SHA512

          4097b6dd2703ddf4d5acd2bfe127898bd98f6e0478b82d2f0c5468abaa4c8ad125426eab1edb40d51a056beca06464889affb154f266b068615d417692c17009

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a6ad76260abed130ba0988d2d0ecffa1

          SHA1

          98c34274f09c8f631d5aba4964da2d7cff1fadfa

          SHA256

          200eb593cafffd62652f8a6b2a767aa72e402486dece9cd33e871268cbd2a87e

          SHA512

          90891bf435e8da9b0e5a0cffa8834ecf1c738dbcff006c6ff62171092ca23cf577bf210dc8ded3cdf26ec62719072210560ff93c6ff25b7f6add5296da6445c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c07b13b3081a9ec6ac6bf4391dcf1ea6

          SHA1

          b0e13e1406f91b009f26f78a915e809e3e25c332

          SHA256

          7a4cce71a951554caba411e91c8c82a22493949be1df6e02f4de9607417821d8

          SHA512

          67f7844e7b86b94847ee2a58b871b48ce6e4743b1ce71a22ba955af79eded0fcdc3f2f0fccf22b27e7483fb14c3aa8acd6e07feb2b6a2dcb0ae39ff3ab328daa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4acbd8cb12a5ac83fcdcb9c15af2b56f

          SHA1

          bc744820762d66f7bd35181b5cbb4bfdff09c047

          SHA256

          21efcad08013c578aa6c62bc1ea0ba97b290cfe287c2d002b273d74b71dcf076

          SHA512

          11163e39e7b7deaa9d7a04ca4fd7c3ca8311f07a7197f698b2bcac65c12c29ae66e04e3a1b9f7553c0b197936f7c9e2cb9e401167c600115d9ed40103e6f9b62

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          105d0abd7721cd4bb4e82fc12e4a64d5

          SHA1

          cb08b720a0e0c9e479be7888ce10505fa83a56f6

          SHA256

          e6042d798c2bd75b0bc61952f1ffe5f85210bc9856190dbc552e48ffce62c7d6

          SHA512

          468088bb01615571deaa81ea5d72e2746dbb18fd8ccb8648f52d3b94f89436fa0022d5798acf5412b56d2a1ff5e57f74dab2b5cfd87f148452917eb90a87767a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6bf014f3476a74767f02dc072dfa8bc1

          SHA1

          05ed6bd2f96a48194cbb6fe3a0d108e51d661267

          SHA256

          a6325927589144ec9450b582069642c475dc41792cdf002b45f662b69df2a1a9

          SHA512

          180477af0c61af1e7a8f83b0921f41f76557a60f334285d81ef5aede493bf5406682531653dd8d2c55d2910d3625138ad5e9abf2072da90b88ab9730fa3977b9

        • C:\Users\Admin\AppData\Local\Temp\Cab63E4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6483.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b