Analysis

  • max time kernel
    142s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 06:55

General

  • Target

    c02fd14fb9ddf559ddd0e3724ca8a59f_JaffaCakes118.html

  • Size

    34KB

  • MD5

    c02fd14fb9ddf559ddd0e3724ca8a59f

  • SHA1

    45a806fc29f4f3084de6ff435483e5f9edd25513

  • SHA256

    e8fc5cbf369bd32708c65d28b959d6240c3ae6f2ed264ea5fdc2e703fb2a1c5c

  • SHA512

    6ee564140a0ee1ca5ac6a78398c84f22cb27b823a9181b84c0b80d1b3a5e76ab0a8c8d1e5026b1a3626db8b413e1a33cd3b40e847c1fab99da59ce1dd47495d6

  • SSDEEP

    768:RANesyrC7BXQwA00sqrdikZzHZl2t2sf3tAfYGdLFOA+:RANesyrqXQwA00sqJiUZaf3CfTdLH+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c02fd14fb9ddf559ddd0e3724ca8a59f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3044 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7965c6f26fd96907a47ce129bdd97819

          SHA1

          7a71b70b35e6bfc23019dce3336ca2ffdffece31

          SHA256

          a448f90468dc7ef30fb6bff8a2163cab05c07de24563c8f07f3d4a826151ec69

          SHA512

          ffd18fb5d927aa34ddc1504c031dbc9ebaefaabdf9f46605b94778fdfe712d37396c7b7f14b274f3dbf74ee396841576f69eb6566fd69f8c0d61ac8769317f9b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          36a3a8bfed1bcbf4ab9c8877549c4ef5

          SHA1

          e08d1a08a1999f030ba373525051c83f4448ed41

          SHA256

          1018471b6c4a31591eb7ae624cb0d5a2c39f7e098bc6d1e88a2ac189af08f796

          SHA512

          547957825038631fa551645ec1bb17199ad58b7a93afefef0aab586730f3b545b3271df3929cd7f491887f0b3ff70cdc93449cfa7b7496189a611778eaef914e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45f6c10c068eeedaba7a1ec56807bccb

          SHA1

          c3244d632e248945126d1580e011e2ae0a929c4a

          SHA256

          2a5dfab44d8ee011ffe1c5e4dcf39381c40ce39e34a9532ec2fd84fb0e61bb6f

          SHA512

          6d3f127c44825782720b23d408fe0e782ceab2f9e0ba00c6a4c6210b81e9438217560b55873715a168933c5b2e6019460d7b429b6d378eae0b423b7b67fe9e08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          23f3aba62cd5d5831aaff969f842a706

          SHA1

          73a4af7a39dd19c9a36267a9526a70e285d2fe93

          SHA256

          9802478f6a280173c365da61296d20bcc3795775e3dd312535f9ac7d54daffab

          SHA512

          7f24288c493b4ef3c64ab15302b4c8597c2e0c224eaf75fd357421d7288864ba7f5347e066765c06e5cf708a0ce4e5bf2840c2159c64cbf903ffd5581b7b7647

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3299b7b286f5f34097c9ef38ae1daad3

          SHA1

          53f1684895c42e6861f04b4183db1521cc0ce871

          SHA256

          51125d2aa975140196e4650534b2681018ad9ccad50379377c964d85aa99bdb8

          SHA512

          5fdd98948b85002948f9ae87852cdc049677f79be2f8647b8b2ba48577d2fb209b900c737201b27965a919458e6daffa22450007ab9961603ebb146ff1a36ce7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fbad89e4bae760573fee5e56386db7ad

          SHA1

          6fbd487d185b8c3cd9a5a909224be8c8b59d5061

          SHA256

          6fcbeac9df81ba151b51728cffa43b9fe573fb59db4876378949e545cdba564d

          SHA512

          8a4af2c2ec26900e96d496b5138fa2a66a09d4b5a6564969a61eab672c738bd221556186013f2b24fd1cac5d718b3a7953c3bf6742465fe4a1d6234d4d3e26e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7e254e708c6e263f71b9d555af6adcd3

          SHA1

          281b3e64ed9c34cf596cdef277cced85baf925eb

          SHA256

          52a199fdb6f1094f782a55f60433fdda27d174e986a2a13389b4b2b4b002a265

          SHA512

          039f5c78a8360c6c39fdf41ba9846f721368d88e2eebb4264bb14d683c879b357ee4fd12b323ca6fe69ce871d9237d340d7de5bf40fcc278a0fb261d819ff28a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          59aeec7fb33ca27979557a7628e4e537

          SHA1

          506376b691cf7d67b099b1a1103133d13f95f6cf

          SHA256

          ec3b43e4e9ce350c5306e439f576d5603a7539741ba74352a89a8a021c0712d2

          SHA512

          88ab43988f59095d5f46f8c588d9f21f07ce830414eddb559953947c03c7d22f56c8b8348044caff0b5f0ef800cfc2f925baea8966e94a26d86455c6bbf40d26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a86cfc6b9ee08ca6d8b90126abc54e5

          SHA1

          f5e7a597126a0aac46fd499e72f4d95ff6ccefdb

          SHA256

          bd1104c5d3d067574be2dc1ea4307a9c121d5c3fe332db8ac7ded111d91dfe82

          SHA512

          a24ac12cfe8e3734f962be0fa9391634ad9127977bb952badde4ad20bcd6abd1748288f1caddfee9a6673935c6456fb5b3fc33cb4408e5bdae45d0cc18f639bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          43d03f9e1cb18a87915d2be84ef28a39

          SHA1

          c8d949aa67e38048b568750fd12e1c39f22854e2

          SHA256

          ae1d09a784c3ca142a504a2926c052a0cbc3f56a8578072cd726357cd7ba3ea8

          SHA512

          39bcf0f9e28f9e8b5f83ae32af368d32ac4a9e2e48a4181515df690ab76f478b6019472639b52bc9cf3d9e50daedffaec8436e37d679c9eca73250f9f547ffe6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          602c30152ee4a1c57f347a78391067e8

          SHA1

          f8a7cf4fcd85358cb07ced1e9ff33419b6512276

          SHA256

          e44bdc389ed9981ecd85aca1205c6e9b65b2316427717a2424df8c216bc0a500

          SHA512

          a0e1a41679504836b0fb38709ad95f2adb8677a370fd495126b7390c330515447fb3f810d197d851af6be707d8ecd90dc728055263c2af7da869adb7bc614fb3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b21cfdc2bd37e1ae1853d0efc75b013a

          SHA1

          2010e7f9192e84909877a8dd9404e1a03a31b0ac

          SHA256

          cc8557f58220304c49fc722c00909b2e6c512a82a02b9cd20802d9ca3faf74cc

          SHA512

          7aea9349ac2ffcc3475ae0ec7e5bbc734adc1529eec92e104bca516cc973af6f7c950992123d6cfa26e3642982fd8d5d9191c3eb30265c5b39af79dafa98c56e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6800cd00f78dbe9fc895327d884a01b0

          SHA1

          4bf010ea3c99aef20eb71966f257615e44040c0f

          SHA256

          63a7f12b6a293708efbf0f141b8a23ce9d0a66999168db776e992770ddb66416

          SHA512

          32f92abd644297075f3fc3a6052ba4326c0bf4abbba9435ed8daf71174e340be6ef04e9c5e316804e69152231b0fc9ae8f5ec1ae3e10e9844a222a3b609f2610

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6e8322bb760784e76693126a49704e5a

          SHA1

          38f0533808c0bfe4bd9b7df94fec61f1a007d3dd

          SHA256

          4186335595b33ef84cfda6d504d3b20fecd87be9c553a86cc9f1ea02d56e71b2

          SHA512

          b2c522c49e002f761f4c1f61bfb6357be696bab6c220c4317c2e12e36e94165c130f9bd5a6611a8642b0d1278d3ff03c077a56bb60766a13927bd08ed7fa135b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d99a3c7a8d6c95f30fbb39f05f977acf

          SHA1

          22d80631413ad0214b01b3427cd06a18ca6b14d5

          SHA256

          896124ec980f2cadfc8186a9ee11ef3d68103e3d1674c3ac68fc16cf0e288bd3

          SHA512

          6c41e18ac0ecc9a9baba1c4586ccca9d185507a5e9c613ddd2a9313cd49a0da9a4ec62a4ab5ca97ad50efb8c62d512e11544613fc1ed679407ae9bf3c26be602

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a85c71a6c3c048e5cd5879a6eb0de40a

          SHA1

          6704dbb66d53a30fdc159722c6d8d5808735d47d

          SHA256

          69ec3d0d3eaa425602c765f3b637c1ba8f70d3c2658d54a305dba87cd9f64db4

          SHA512

          fd709d0739caa18674e692850bb59cc94fcefd96f18ce7f987fbdad1c68bd8de6aeb795263c2cfade3ab3add88436818890ef4b006352683d33838cc84601738

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45cb72392e6d8c4bd6d8cc2d1e6006cf

          SHA1

          ab6b569cc804e81e886fafd39eb3b6d3dd942ca8

          SHA256

          343ad04ed25c169eb1331578337b1a9be508616e87028c813e2ae6e7d8ae4698

          SHA512

          e9e0eea721e8c8cf31425aaa7b1065233f17cf8c4b44eca472580ff140d6def0c60e286226c3815720423a54e0e42a728d125870a5c23f8267133d0498f2d802

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ad1e3217a3a36bff3b9ee7abb4410d3

          SHA1

          3157955d6db831ead85c5742fe958ec01c7fbc15

          SHA256

          1cbe187ff4496885786166ce3c27bd56b0042e9b5521e3de9c58ccb16df4e919

          SHA512

          a6894a7feec0395cbe4530d3175174ee39d6883caad3b984b88017bb2866949f073c9cdd9ebc90a77679939f8478afb128682a7eb1f4084521d5e9fd38ef9f50

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          71c98958afec561c808cf2683bb095be

          SHA1

          7ee1bf049ae644232a4c4dc7cacad6ac4cf1807c

          SHA256

          40595d2dfdd1c1dd80b876ec0ffcdd2bd196f0591a091ea7060ee3ef671d8ece

          SHA512

          54dc578b1a7bdd9f32e4b45c350a17a8587c38fe6403ed0e8af82c7f377ec709f664cb289b2038a112b203db29886347da02ef4a8ac64aa5a7e417053e5e953d

        • C:\Users\Admin\AppData\Local\Temp\Cab4C8D.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar4D4C.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b