Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:04

General

  • Target

    c033d6f0afdfe87d391a1d943523b29d_JaffaCakes118.html

  • Size

    69KB

  • MD5

    c033d6f0afdfe87d391a1d943523b29d

  • SHA1

    5cb9784bf5f331bd5ca9536212600d3fbd7c6d35

  • SHA256

    56742080566d4450b971970cd8fb9df22fc2d6a1cf7ce9fd63b8f88f81a2a885

  • SHA512

    81daa52b9ce3a45c193fa685f3bfa19b89e9e64a3b6fd86d18495a5017149143f7973ae0114aa22f56f8a3c2afd3e9c347d678b157fc37a69f9baa4cd312573d

  • SSDEEP

    1536:J1u353u0Ay73DTvNen0tbrga90hcJNnspv:Jg9pDTvNUq0hcJZo

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c033d6f0afdfe87d391a1d943523b29d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4cdae99dabe37c40c7c9db6a5c31405e

          SHA1

          42578475d9d79585784148689c803d208ddd4a68

          SHA256

          c09ea50bbdc0b1fc2bfce26beaa9657b305335791a92902c9f8b46a5e50d96f4

          SHA512

          d88e1f380d4c1d48107d33c103cff7e30ed41ae36b6de6e3ae295c125def64550451695ae750cdfc32c034c1e7a7d358bf498f1a967060bbdd0e82fe81005c0d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5eacf0b27afbb79fcad9686c7f4de44c

          SHA1

          567fabcb160a302087bd71b3a9c62fa634e1c030

          SHA256

          f030d9248c08d921b3cc524f4b64bf6cb5517924a715be85aedaccd9ca5ba964

          SHA512

          46875d926a29c2802990a66141ca12d7c6ad88e91686b2fcbe1adeb367340f85fab48a042d4da9aa47c8c5c5185b19785f128a490a58fca4f2f01cf0fb64f32f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cf210f851f483439a226b17621513b12

          SHA1

          43bbc175b0bf89aec7886017a0eefab352734ccc

          SHA256

          ded95f0166b0fba0c0c4ba13653b3805bb5992aaf62546744b16cea6cd1961e1

          SHA512

          270bfda9f5072709b663e6d12460e350042b19d7e0a076091cfa5c90cd91a4aaaa960c6690a3a24569ee56164ce3c3189a779d155407bc75b86a5ad9cf3c6578

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          17c043b97791355a02c14488b0e23c30

          SHA1

          4681b2fdb0e91d949feb18d738c252885853c2aa

          SHA256

          0991e994913ece9f88a4821c2be6baaa88e1d1f87d3e74ca03a1475c19f6bffc

          SHA512

          16f93d21f18408b16d80654c9bd526a501e5144c5950f470d7a3361fab9c22813a08eda96a06db6c89d7fba7589420d543f074d2ff6c618ab797ce53c9ff6fa5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9567d736ff5799428c402f42d1675afb

          SHA1

          a7d25b7f5b2fa5d76c9b4ab83b5166ebae414181

          SHA256

          633eac1df1afbfaf06c48d3dda14b352eb3dfcaa8e2b9af6d7f5550026e77aec

          SHA512

          ecfb4c8a80047d67ba96387f2c6adc034f59b3505b9e1a4f6228a52dd881a50e5a825fb470f4d8f47332e443da2bb7dace518c746819f9149c01dd24f4ed98a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fb6077e3c90df514022f8f80baf21957

          SHA1

          b5357295373e4bb1d1e13afcfe76cca1593fb5bc

          SHA256

          04847d68bf39df9a2f89b8585c31a76a38f623a14f603326e3c6842051881674

          SHA512

          4d95dc45c69126ee2ee1229c0c8cf24c6dd1f69b36c971b81be3d607931cde264cf5524375000cf5706424e1e0cce13694633ba0be96bd5abf6ab04de80438f0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9ec993a436de91925634491f308503f0

          SHA1

          db688cb1b4030a523da9629491ea6521521ccdab

          SHA256

          80a6fa3a56bf14293d0105425a706564440a2ee130cd08106bb3576654c98451

          SHA512

          06795a14c2f61a51de0a402d9919976cbeecd51c0b56830e7f421fd760449c2983182234866b2916d8d022b4c5f12c7db2e2eaae323b423c3609dbfd1fa83bd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b7ea042195dd03c421656f9b3356ff21

          SHA1

          e1659d21094323e06f64c7023a56564a64de9d19

          SHA256

          1c15ff72336ae21e5ee4a4be5cfb8a34121f043f0f0e7f9530b7b2c8dad60163

          SHA512

          213dab0ac8c96afa88aebf6e3b8c73ec34dab0e43cc629edd5321afcc1b08c0dda1555c3ceb939abff3bd01e8e744ce43638eb71154f0200e3b4be7b41db40fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          213432ba17ab8d5d8220ee798355824c

          SHA1

          4422441571c99e052527dd90b746ae35fa12c5a7

          SHA256

          90329962387d8bcff7bc73485c71dd62fe68d5e1c2b3dce74ed146b5b74a8b6f

          SHA512

          2ccf8dcf2f9c104473b689f3fe3c3c4fd2fc84fe7ef2cee353ea3ac04caf340d50844b667357c656a9de9e5ce20c59fcb20736f30615432b5e045d020b494d02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          89fc88c4af7ce0e6406a4c2e041f5dc8

          SHA1

          fc332ab92347829e98244f827e058df483788138

          SHA256

          900767a3efac42bfa925e79b2713f012046f7da94e1d0a4847e3922635b8f085

          SHA512

          249457f87e542957a93e3055b6998223dc2060f9d5cbaf9ee470a6b6034d298a9a4fe75f711a927e32cc0d6e0c00d2878d5584948def8812199108193eeeb59e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7910a47af0da2c4a5aac45a597a3f82b

          SHA1

          0ca54632daa73b35f78264ac6f49969182b9cdc7

          SHA256

          0b027412a28662926604cd26a6becf44621407ca3a955add08a12acdf4a8b65e

          SHA512

          fbb133958ac97d9c89378eb66eb7b0dc68544b3e43d26772edc7eddcf7af2efe218e6d2ccb6057da42f31cd0895fe3de7648b02353bd64bef0c708d6a43c32e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          200794cf8d8f2e80dc1641155486c910

          SHA1

          044dd40ebaa0a0173796e15aa8d4d42ca396e0c5

          SHA256

          9c4fbe296cb018888f922adfc50d7e1ccf7eb763cb220952d402be7e6f223636

          SHA512

          cac9e02aba1e9eb2a9825c52e854b9390c5fce86431b00d5c6fcc31804987ca08473ea7ae0f93638374d98b4847fc430da04da66a132f1850d6f643e154cc31d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          26bd2ca363e4bbf9dfed76b88079c6af

          SHA1

          78cdbcea7b47cb23d15d496427202d050d973c3c

          SHA256

          a9b0d913b9a9f34ae60c830405299cf0c8c930e00d871b6be44688d392fdf793

          SHA512

          8b8780570d2d2e935d130b93b63b73efb37d4bf30913ebb2aaef0dba1e02faddd6b0490badf83ec0c53255cf732d6cd97a9834d7cdc7552ace6dbf5463984381

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6a4fadf57fadbdf4f68664dca067f8fe

          SHA1

          8b674522020dddb2d461f7150d3f82bf2af3e53b

          SHA256

          44eae974391eb1cab13e48c22329dde8df19970886af6d2e114c7d11b005826b

          SHA512

          8ccd3766197d588f3be9b6433b6d631289f31b359d3c9ee0c3c66851468555dd8e4bb5bcd4bf1c496215a104c5a886a3cb0d1834c4683673e0464c1dc385b05d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5bfc1548bb1f43e620bf54d2690dac78

          SHA1

          1249d0ba31da7abb3138319ff18d4c000ff11131

          SHA256

          591af0a0f4667c2b16816c85bf60d758f05cd40bb6589b35d7c0d71b592da029

          SHA512

          efa5796278a55475de3d9a7a4ab3c3f08b295043e7de31ce0d315e5c4ade777c2b0bb194677eb46fcbec2725edc0ae5b9abe4748482b2e1a1cbfc336819a9736

        • C:\Users\Admin\AppData\Local\Temp\CabB4B2.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarB4C5.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b