Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:04

General

  • Target

    c0341ea930702bae3870d8cf1181fe43_JaffaCakes118.html

  • Size

    172KB

  • MD5

    c0341ea930702bae3870d8cf1181fe43

  • SHA1

    da5759579c0b7d16af81afdc2cf338809a480bf2

  • SHA256

    16ff7fb2cfbfdade6dbee00c6b06f0d552b25be3469a2e37c91c2d7f6c53ded9

  • SHA512

    7c96bccc69e5f15a46a250c1f46002c36a85bb0a6ff0b0a1f6616e47801f08da21b073bab4a65137df882a14a22604500d4bccc7d231bae4fa8c522a717f8e73

  • SSDEEP

    3072:SxpqoofN0CQQQHYk/oc1z49fY9qTzPyTPa/JFlFiENQ//aLOLZnNX1WyfkMY+BEu:SzqoofN0CQQQHYk/oc1z49fY9qTzPyT9

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0341ea930702bae3870d8cf1181fe43_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d2b4609ea6fb2ae7e0dd381a05c13d49

          SHA1

          0772b4d8c8413b6f3d20fdb76151318c4646faee

          SHA256

          14912ba42d058a11301e95a3b14ed9d3e0c37e5f3c9da853ec925e0882902d2e

          SHA512

          72c33037600c209c52ea8e140464ecca31be97ef1e797f273ed98b75d4225edef587856f3a70d9b7fd87f2cb6495de1e0acc6c1e01e2160820845de242ceddf9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3a78043ea5e99d4733d343a3a62555dc

          SHA1

          82722c518be27e67d487b6242c91e86d67a11cda

          SHA256

          d25c99b6444cc2350ff1a319a8f8ec408ab1adffca3d96bf5495c013326b1d9c

          SHA512

          79ffe8ce777e795ace6e8f136d18ce20ce46937d11b29ab12c30a33e17bf746d1e5d3aebf2753a795d729ffcff71f6de761d48476e6640164e0d1feddcea2da7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8d9be14a12c06e48d9299e41087c3049

          SHA1

          ed1a59870bf5e0a113bea8cc5d059a813d458de4

          SHA256

          147044ce9a2a34355f5840bb6457aff97488990b53d311af21df0008ec25fc0b

          SHA512

          d9367eaa12d79a6809dda13f10ceb4bb0a0f297372545f0a2f052c6fc4d4a3ff0dd09441cb8851cd32b5fd0f5d31abbc43bffc4d8d2a324f4d5bc602efb4df16

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca9196015efa4f3849a2fbbbb0329729

          SHA1

          0f8eb6b2a6585a8f1d1a5fb076908ac29675eb48

          SHA256

          a7a1307a1a830e78ba8800e57dd59a6816654d0c99e387f3bfa66270fa895196

          SHA512

          b618fa873c105a561758db8921793967182a1796536369c8f7d6af83ee9dbdb2cc4e3e7f6b4a2600c45ca056913ebe9b9dae173ca710b157c9e4ca0dbaf0d2bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df6e9efeebccda03fbacb2fddc105948

          SHA1

          57d27b5058654b55241662f1e515dfaa2166cd09

          SHA256

          597ca21d48da179362123a0c8e4b4aa0ff62ae246ed37e513fad87742d951dbc

          SHA512

          b816e561f1fe09119d761266b0a3f224fe9c8897b6965283fd8bcf82df0767e29a3fd4541396b1f0f5f5478f7164cdf97b26b3520258f90c34a29de2ba12796b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          883c8505e5727088a04edd0e62232c32

          SHA1

          5ab7ddc0af32baf4e306ff3b31074c8a96662043

          SHA256

          66d5fa750bf2919c6cf175391fd3c27de432204a4f30e2768cacff9542becd5b

          SHA512

          81f586cd0535888e61ff55cb36f1696b87f7b83769ccce2765dd5043612235d69a13c2b6ea24e10d31d2751cd23610eb016e74a26f2ab458df746d082545d1f8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          918000c0f3c82f0554c1cb8483914744

          SHA1

          83b11eec4e20618b0967473e5b6d272a2f30d8c1

          SHA256

          867a5197c6b7e553dd8754a5a612f283b1259aef6406e509a02be97358405e61

          SHA512

          ccb5b719746cf011b043f8872202d837a6fba41bdf9bcf44369b0afdc8361d07fb77d6f9374026545ef8fe2c69fa13e39aa023b5083f4c912e33340f95aaf612

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a73e1a22c8909025fe3732380b0e8858

          SHA1

          a7d0933405db7c835068ba16bdc397cbd7db0d30

          SHA256

          0783ea3e769cd69fe3df83bb60d479b082d9cba8037e977ee8b23bb7c7ea7619

          SHA512

          73f32637ecf286343a804f2c465561cff90114a5e5a2b762043c330e0c3f6da43980a813967a2064b9a0edf6d07bba425b8336e55dad8a3f0a6ad487137371f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c73bd51bfad7a56317cc714225782fa5

          SHA1

          f2325f854f5ca092901482cd8bbd9bbead19c5d8

          SHA256

          daf483bcd59f12ce42b4f0142ab55e5ddccd54d320dd7662e5003ecae6a424e9

          SHA512

          46e5359a4c5765c8d38885d07b8c03d2078dbacd7f62720188a851e389ec9836d6fab91471072cbed3f173da43acad5fc9ef15e48b5c6499b2c41d74d3ae3818

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          60a53292ca60f0fee5d4f310e801d6eb

          SHA1

          bb15faf2fb3ce575581de0300453bf9eb19431c5

          SHA256

          ca00da80270210e5f31d430f8a9e129f73ff0af373aaf0dc1fe6f5755ba93581

          SHA512

          f8fa2106a29156811cef082e8d43ea8b8484891a86679b2cba9f218815de695958cb3368ae6b6843f200cf0dd09fd9cc09124f19c718560c3e8137e415a65d14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9c357022938dc2879d0e01ec4e36773d

          SHA1

          fe35890fa23f38a8786480f7f6cbbaaf27ec7366

          SHA256

          cffdc50b58120f8752de6da218e30b159f680b2ef389b84fb3f1db62d9100a60

          SHA512

          925654ffa3af8dc435fb3ca1290bccc74d7419e876b7fa0965fc4a46567aecc41ec65bf6b0e01f6b3ab6d1087c98c7ef45c50d0c407d4a22828c5c7912ccc59c

        • C:\Users\Admin\AppData\Local\Temp\Cab6B92.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6C31.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b