Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:04

General

  • Target

    c0343e19316e067e4f9b2bdce02a4292_JaffaCakes118.html

  • Size

    460KB

  • MD5

    c0343e19316e067e4f9b2bdce02a4292

  • SHA1

    a214d58e8e7e33f0fab50a2b2ace2fa9eef6ef85

  • SHA256

    7df3e2bf1882d723d54f3449950e82e0c1d7d49f3ebb9aa226b10cd4c1377f56

  • SHA512

    2999f809c844b300588729c7ebc5d151614b8f72df759c13881e1a1683c03dadec7b3a2a7e824d83cb460a1d2df76afcf8b77bd86b1d3dd6cd75877c71b250b8

  • SSDEEP

    6144:SOsMYod+X3oI+YwzQGsMYod+X3oI+YjsMYod+X3oI+YLsMYod+X3oI+YQ:h5d+X3qt5d+X3d5d+X315d+X3+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0343e19316e067e4f9b2bdce02a4292_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3016

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3ac3aa4fb2b45053ee0d1169b51fcb0

          SHA1

          4ee2af1a21bba2ddc8dbbc1ae1fd13a07c7fbe14

          SHA256

          819017e0d1615034c63e7ee5d4a2a4c83c6db3998a62cf6872fd69f42d833a52

          SHA512

          a3d51ba45841f0f1d6a3b4cf818a72398b73077505078df089c27e67161331b77138d4c23f043b777f2222cec7da6730c5cc877375393685750748ca6f7873fb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fb2fa7f6943c381183594f49d46effd4

          SHA1

          71e320b7d42077f83521bec25f98b3881871d656

          SHA256

          a5277ddda42b99bc624c5dc7fe60d2345b3a2c7d972ec1a14c7f7126b494e2a5

          SHA512

          18f73db656d234c4216d9cd60cd7ae91c2c6e335eaeb2e91203078a3a73d9c7c41d9c1893c1327d7f6aeb693a172e8b9e924d08b896bc49258f3716be25de8e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf0513713d6e131a9613a7aeaad3574a

          SHA1

          4b6820bd3aaaf8581aea35d33040ee67309e47a8

          SHA256

          a6b34e586e403abacf2be8e03a17907b85885f779933b5e175bc346d9dfd8d30

          SHA512

          dfe06d10c800c608915b62d7b2da9c247ad6b7a036f86b71db74ad04c06dcc4867020bde1c082a75bc055d13445ac29ec12d6aa8ceb72929d33b910920e5bc5d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8a2b248cfd04a6df7401dfa71fa962f8

          SHA1

          2e5e863b2d080d1cdaf19b52e1a6a91dfc84cf05

          SHA256

          8e46588def738cee68f4834facc07bc071fb0f9a7fbac374a1cf347c30e9d8a2

          SHA512

          fad5abe8d866e3ca443dfffd41f7076f1ac3c425b70cc82e88f562c4f44aeb14f01b0029f52c3547dd871bd3cc2dd2a96c11e976449ed4f5496a32d319201eea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35209461f2f9d3526c100db56fcef841

          SHA1

          a050ad7711b1c596a2b87921efc7b09e1a13c615

          SHA256

          7391b80cc7e242d9465655444902cfc44663f6f021d748b196810420ab7efb2d

          SHA512

          9146bda120dc294263fa933cbdceb1620222a46f56a5c67639aebba39a26c97c14f97684cbc04ba191f8b118b1a4d04c0f328a14ae28453626835aa0916c742e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          590c7aaa8fdc76fe1797b40930861beb

          SHA1

          3136aaaa0ce9fd5ab034cda8b2096ac12b7ef72e

          SHA256

          866fe9466c6492eb3127295b9201079af692cee452d9b5ffdd8925692345adce

          SHA512

          1ff1751d9b49fb68b3f9b64109bb78c3569c2c93c4113ed99505d838055597c35e85d7b0a59ca9357051bfb71765c77071e5273bf9eb305ad55e314d96b4d048

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c66584010afa3b43e419ddf618357279

          SHA1

          4aaaefb753c325b32e5b5f5a83b58e22c441e5aa

          SHA256

          c00098aea594726e2794feaae7fbd2317c8fe8c51d092cf036daf9dceca8515c

          SHA512

          3467ceac19d05f00b8016ba0327c754acdd048a6aa6c27b990d41a275cca1b69b2757986758a5c02a1a821c8a7729fde0515f34fc2ef834fa9deaea095044fd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf66aa8e5b68378ffeb3f47e21d15048

          SHA1

          482751439dd05869a76caac7239efb06e834f1ed

          SHA256

          ca06d866ce4499a40cf27318e71fa69da95eb0aaf0e5224ca5338f4a8cdb2fd4

          SHA512

          3fdf51b2f6c6c677114f738985b40f39acb5a9c625733827f3f3940810f813312c722321b08970453686cb0aa34e3870c812a4267e0279ffc817c2e02542854f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8aed1333eb7af392c6844953ad461715

          SHA1

          37a554125243878b5844d699fa868c42a57fb01b

          SHA256

          b5582cbab2d7c17737cb346eef964eb116fdd412eea681e07604fb48a89be206

          SHA512

          03913d7f0bb899a22aabb1d3e1640d61ae055a0fc61f748b5a62886d0628693b3cf04056f60a60d507c348741e66a8633fc748d85e5c50804df90d36de1b92f4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          558f0175b5cc770670c9868fcdedc047

          SHA1

          d2257324303942036b2db946d423ce0e3545e804

          SHA256

          cd2ca5cf7028935d5cde071669200f5953353fa8410084c5dfd845b3fa207884

          SHA512

          4446b8f0395d825e05585d08d4135e8335a523461c3effafc31fc288cf973f0e1041808c829e7ea3b152b06fb7838e9d2a50257a852da500919e59ca3bf0308f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5c534f4070d4dc485efb89e16daf395a

          SHA1

          8441f89c571fd29029895a79daef911f8aa10d4a

          SHA256

          c769b86a4fbc4fe5418166ccc4d6fbb1fe70b7893a85228881fdf7ed2530be1f

          SHA512

          c98c768104a1caa2b7f17ddcf0283ecc6ea376f1db7a9b246a762d76204ed28def561721ddc88878038564a331a3f0a462b25ec0aa8ee24d800da2c88907e999

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4173cd4146f94769d786056662b79bc4

          SHA1

          b214744cadbe0bd315637c769b7ee28099be8f02

          SHA256

          413baee30d643045de3d73be7e3babaf2a8aa8ac21b3376dbd403e8964906191

          SHA512

          6183ed6ad9c50d8ff8d7d7767b3a72053e421a9fc5f21b3b9c9f5b8569231976c33576d846b4750ffaa1a4d1e439786e8c310257cea297e69bc3090becc43ca3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fbdd16cae6971c9f6ce8d94aad0194b9

          SHA1

          2d0ce532bfd6ed4be0b3036be525ab41087001fe

          SHA256

          7fb1cd4b8a5a11dd622f90167f7ff9e2c13fb2e852bdb9cfd3b729305028f6a8

          SHA512

          32563080013246844061bf9caa3b83a19b4badbbd0e041a9d9c820a9513da48148343d7f373321a38b716b0a832dbeeac38258c194e356857be9a23afb6b6dec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb7cee14101478019bd801657967f880

          SHA1

          3d999d4578e24cf1c9d359c29fa170e4c135078b

          SHA256

          d7ed000399c9fc9ab9bd74335505a5e4bf8a14541b165886ded972021e947203

          SHA512

          67a12a691b6bf567914cc0fe1baa18fe3ceee1b9f6d1c3191a6a35693983fbc065a8c052bfa42e40152bd524b37fe5522ee8e78685fa68dfcef99c74882fce96

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e399cb8820bff468e122308980ffe7f4

          SHA1

          37de66ed8ef0c57d923ba5e63840719c11e0b6bc

          SHA256

          095c41c2a09e6e419810e56baff2439bd6964a6120283fc7e4352986c7115e51

          SHA512

          1b1c4da3ca65ac612a2f7eb525565d1b9a6e91f0d5cc97a4403d52e0caa3860ac8be1494289d4de1e4c8e75a980e5983b4cb1c2ca007dafb3a43af1a04f32eb4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b0d04a0cbffd06c9cc0a0a9445c368ea

          SHA1

          796c7712f8372c3e3c6001891ad93b6a65ecd23e

          SHA256

          a3e67db788cc2ea9b6b1fdbf26d88ea17650243a6bd9fc43c0d87461261df5ce

          SHA512

          e41e2b8a75ea55bf06c1aaaeceb657d326eea9f9a4b4d896df4bbaf78713168592b62bd213b1ceaa7930237470a0c7574c5f4fb62b173457e324bcdb486cef29

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3e8f379f43450b70921d6156751524a

          SHA1

          e2f3e9275d1ea009791b8bac69a95654f8b4fe6b

          SHA256

          c0a99752f3512af9949cd434195b09cf3d800c4090b16e89e6d38bfc6ff756be

          SHA512

          7ce486fa8d0a0b8779d33790b868519141ba8e7b738b4fdfd492960f49aae1b7b91b2f924c385816b4964fae57dc1feeaf62608bd1cc9ac026ff92c634f9c939

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          394c26358bd68068a34120933a015a40

          SHA1

          08adf2ac093b6727673224ac4fd03d8e0667546d

          SHA256

          f3e2d344dd2f48ec33ec143bf763d8d5f6dd81fa626fa7dbc2aeae0c5abea0d3

          SHA512

          7537720364923af7fb9d079366d00fd55224dfdf1ddc410bebbe8d63ab155c63826082956854b6c7876d7d5145481b5bdef432328347438a354472989dda3fa8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          60a4ac34c9a25fb0dae4c2ce43edae4a

          SHA1

          cd0b610c2a6046a5bbd7846946fecdf3fc7ddc07

          SHA256

          9ca80b2347e23cf43f25f5d48eec3c223243d5655627e26fa5945d90dabf2d1a

          SHA512

          1f56ac1fc63a427bf5dd6069026b6daafaa42734832c244e910e4cb1dcd02d9cff55b17d12fe1d303d5f9e9d2c2f36dc2746445c0d0620a328523018c9c3cbb7

        • C:\Users\Admin\AppData\Local\Temp\CabE2B4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarE363.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b