Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 06:56

General

  • Target

    c0302de9110b1e9c497595f03c8cb8ab_JaffaCakes118.html

  • Size

    158KB

  • MD5

    c0302de9110b1e9c497595f03c8cb8ab

  • SHA1

    391315639b46c4f427ad5220456b869a32d044c6

  • SHA256

    5506b60ad03f77d51ed88207458fe6d41af0eb7887fba953bddad69f65cd41d7

  • SHA512

    abaa13b8f920400a68b8f998b9e4d52763db9ae406eaf2fe709cb0220aeff039ff048d6534d843bebab464cc45d4f7c14ea86d99c42fdf35f45999032dde002f

  • SSDEEP

    1536:Sc5/Dvx5hHJlYC3IzuyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXAZ:ScRx5aCNyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0302de9110b1e9c497595f03c8cb8ab_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e9ee5cbf22b6144df4fec7a9e8ad8d2e

          SHA1

          db36900b2f3171c64dde2f8acad4e3bb265a85fb

          SHA256

          d194489968b686025fd10aeec637ee6b6863b4145cf596a1b8d2706207dde0f5

          SHA512

          17e1da7c142ff74e515b29748baba8353b82b6a00f09ca32db8a6530beea90cf203ff52e1b5f8f757cecd12191bbccd38578edda685e4d61a27482f4a5150954

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          161e22a5daa06691189cc3e4e984ab8a

          SHA1

          f9f95a5b21d0e13b204b6cb7db2878d9449adffd

          SHA256

          3ce38d203385afc70056f4119fd19ab0e3b7b1ef278398c628a738999aeb0e06

          SHA512

          9a75a5d0955b3da283222a8d435f6466d120746f37aac2f57f9b1cee69f4bf167635b8fa3071e50b48526837c5a88a4f0b276c47884a4709bbe543aaf57f5205

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ab9dabecb8a344609d708d08b206c408

          SHA1

          9bf656f7342d5cdca2e9484c0e1e235da3819d62

          SHA256

          f1753266b15d520e4afb0fcab18f4c50d2656dba632586c1c885f44a39755ca8

          SHA512

          336ca64e4cf60b003d02d6a78797159d1751d7a2ef00c4af82eeb791e9182f32bb22c83ec8c4160f5781280b89a1e75f067d4ecab4c2bee363217787e2a3a71c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c63d498f2b14d8bf029fd5097c37a65a

          SHA1

          10d835686f2d91a743787767926cf361267220f5

          SHA256

          15322c9667de22b4272d7c54f2576b1c93a363cc0f760088f08b4455039e443e

          SHA512

          a66255b8286fc19cf2dc1774703ecf58cae7e88f2a439ddc0f3f2ae41b7375e44ff60030b45c3ae039838ff0e1449f3c2390637c8f8c3aba4362ec9ac0423f7e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9f32f9126e9d1afebf23f50c7953b51c

          SHA1

          594bb42ce2881aa25b0d49d0d9b10ab1cb6abbc1

          SHA256

          389052c24aad2095f8eeb3a3682eb10823a8ff472be037e8f7b994c1835d089b

          SHA512

          2b6f2fb3eda94d57877cfbff2c13a12aa3020a1a3c909d2e62ed5725ae2e38f572917765203e3995450ee4c38bbdf7ee82ba0895f5edb85a9a929c3c056acc28

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          032e14a5b9cbf8821e3786a184b66bb2

          SHA1

          6342df957cdd722f98134b4925077e3b2d7f6153

          SHA256

          c53070bb7635c80dcab5a8a703e9447244946058e7d655ad8e20a4ca32a3ff7f

          SHA512

          1fadbb10370e9ba3d119ff5ea147cbc7abc10fa7ff317803172f0952d6e7ed2dba109c2edeb4514c6e984079d608eabf30a46b4fb534b275f2f2e333afcf1365

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb07d892a3a7a8d8a8be26eafee71ca2

          SHA1

          9f95967d72f7dc162b97af0b3573551aae5e76cb

          SHA256

          323475888247382dde88e331bec99d0f6588662919238538ee2c713217b4bde1

          SHA512

          f04ba16e03e84076c3033f8337604aa172a3cb51d604fcafaa946d7681dec04b73436c3fa91b7728340e1f3e6ebe140fbb3490b1126885fdaeaeaa2d87199e1a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd4b34a867cb274e533c4be84368d051

          SHA1

          605e39fc281d64e987a72356e598dcb652a62ed2

          SHA256

          965805fc083268e764f53318a9347b1bfc0f5b9ff7fbb36f19499ba0ad778bfb

          SHA512

          db49fbbc0bd98ce4a6d0b6e3b709559a11f8d5ed52940beb354604668539049fe4178f242bd0eaec6b6a039c98f87acc2bb86e1e2b8252405c7deac008c7c323

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          537957359bd78b6ad7304277cbb4a69b

          SHA1

          232ec28086b1d7d6fefe3dc332e42575086ae2dc

          SHA256

          60300ddc248a22f4b2669da574a0fe6a9581432b24255baeeb7ca8833b64c781

          SHA512

          87e85b365794e9f1b5626b023dfab5914d5e4c07b49cb36b1f7344454e61c0cc3c9903f66c843d50659bedf560fe09dd44882505b935936d45855d5d3c4b6354

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          425733635bfdafff74db5db6ac2acd60

          SHA1

          941dbe6eb5efd4943c816a239c535d4692e610bb

          SHA256

          424ad4889e5766d3759755b62e4eaf83b33ac95a907fbb9033c05b6ce26e7d47

          SHA512

          1645a500873881b727dd70e0a26a63a22c2381f35d92c0e98547e2c4126dbe75aa5a8a97d318e8a3fc3150e09a8a1f6d375d28b5ed0ff50f282bb04b9f6fc341

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          68a3abd09ee8829c4482c6b71f1acdaf

          SHA1

          f89ddb3d549fe9d64289ff02f533aa115c8e8b93

          SHA256

          e5c45a5377010372d402e35771f36038e254d489cb8fef4e3044eaefaffc8af3

          SHA512

          62a48ebd294dfb8a9bb436a07d23ecc1e11e4ac6b36316912ff340679ebd669d32072eced9d6e018843707bd6a3ec09c4379cbf3a72db692045dc187fe0f1c91

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          68c2c121b4e5f56d28780a2fe095e989

          SHA1

          cc0057e58c3f200dbc15193c7b679ecfd92ab6fa

          SHA256

          f12284d2bd31e965f7c438d4e2c87656e32ca8c6230e6bd2a33bd50f984018c6

          SHA512

          02715588c31f4206ea591ee3faaa4e645d8940a3ec30a60fe4287484693d195af4a4e2a08fae0bf0a21968b7e9337b6487953465192c5b97d9fa7cd857d5230f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4725a25ada455f590939dc1e2a114095

          SHA1

          c8197ecb63c5759afcc4048eb29d840601158019

          SHA256

          3d1e067f8d4f9bd5d834a97ff28aeb29edaae685c268a562ac5ca175501ec52d

          SHA512

          5713460925d3c415f4be0d9e112f864da3284ed036d8bae77b46637ef78f592d5ad8a5c8702dd074a5d9929cce111aa912825e2be87a9234325889d1ef1eef03

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d7321fde6874731d48c64fc842ec8b36

          SHA1

          f232976c2e9cd90bc39327d0be2ec2d5e015019e

          SHA256

          8b57b98c95c8c3ff083d829416f6d5c7b7bfd9de8509ef9cb77bb186ec67c6bc

          SHA512

          6fa9a5ef520649cbe8b69926cddd1ec5e1892d507cbdc9e5afe84ad20b92f15eb319619f71aa58e25342c06e1f39c4ca78c5f7683838cae5856a572701f90f97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c0480867211c42896c7d2ba887faf97c

          SHA1

          7a92cedb0938bf97805b4df77ee8e1b25a71e03d

          SHA256

          17d1997b340fc519dfe30cf21581eab84bc69b8acba243dac1008280401357af

          SHA512

          bdb751bad39b5c04f518bac96267ad9084f7520c65a08d16e78e0a840c6628a7f465635a81d8ebe86fef1c638d2154281c359dd6e262529b8f4f278bd537a770

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a7a9bbfce1b2e81bd38bc0469f4fceaf

          SHA1

          112037cb1c46da2bfbf69853e44e45fac1a51ac1

          SHA256

          807db4d3292e2280dc28f4f5b720875c1a8290a874a1578170a95de4a2163423

          SHA512

          dfb4dd0763aa46dffe3cec19e02cab672bb23f3d2bc541ed8aa0f1cba43b35c608df217db817398836d0955606982933aa8c50a4ace63a74ae5a8fe5de8af191

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6c4a6b6772f687cb80231f8df73b9c5d

          SHA1

          57f5e49e8361173a7840fa2da97f710b7418debb

          SHA256

          fbf398467b1c3d1b5ba2573d0d24cf0f44c21b39bfff987c3dd4cbaf0f6e4f1a

          SHA512

          632b4b45050a3ffceeba61d3d8dc11acdcf2a17da2b5bc7a54c2131820b961adb0c17b492dc94be591ce47b37347ceabd269e911485d25d11753f11fb7079286

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1318015f01ddaa8e9b99aca58dbd33a2

          SHA1

          98aef55fef09142bacd9731976376fa3c6653cc1

          SHA256

          d1f661ac3226c3e60732ce95b4ddd6027db6a00ebd575ef308ee189ddd42d2f8

          SHA512

          cafd30d065faa38f0f914b6b950603c038e6068f806774966c8dffea427a7b2cd6f8b132c182ed80cb8161cb7659916cd63cb7f36b8ca24938232a4c1eb0979a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          80e45687af1f76643bf5d46e42de71db

          SHA1

          17e12ceb8f0d04cb8d293a2914eb85824f7dc458

          SHA256

          12549257ee193ed95c271f9da7047f1684182abc533e1808f6ff7c8f75e576b1

          SHA512

          39caad57b1976157714d890af5eba286cc955166c43209a355945e1bbc7d7a5b3e1efd1689b82fc3c3ca6d051dba931695ccaffc6b64bfaff52409d68954c6ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cf61b2bf518aa20dcb4d61d9772b5940

          SHA1

          ae839951326f706c070016c4079ee5a7f1953bdf

          SHA256

          2d2ba4ab1ab5333f5cd3702e2e91e3f26123170f66b8889e922ce6123443ae59

          SHA512

          e3fba6c898edd0d51905bea4a02915c9cd34d3a3dad29a57b50308dd389f04e1f5dd917de56c883a00e9fce72537d3c546d6b52717245bafbaa3f54fbc6e1b9e

        • C:\Users\Admin\AppData\Local\Temp\Cab75DD.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar768D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b