Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:05

General

  • Target

    c0344c5e8664aafd0bb5830e22d7741f_JaffaCakes118.html

  • Size

    6KB

  • MD5

    c0344c5e8664aafd0bb5830e22d7741f

  • SHA1

    e86516e2bc27bd0a465d0ee47cde697cba0ee34e

  • SHA256

    92faf9ab58295adc925806834a6a1822df814e221c5e9efc3b6f8773c2c138df

  • SHA512

    e34a77e443d7bd7f482173521ddc1a7eedc3908d5f872c59261c7056cbec10fb17e3b54d3ebf9a2d828b32eb75ef9bf6c9008b2c42334635ad37a78b8850133b

  • SSDEEP

    96:uzVs+ux7lFLLY1k9o84d12ef7CSTU6tMoRS0ocEZ7ru7f:csz7lFAYS/9MoCb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0344c5e8664aafd0bb5830e22d7741f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2760

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bc49c3744128fc30281827a101f63386

          SHA1

          3b4c9c4614a55fd31993b1aada28c653b660600e

          SHA256

          417583fcefaaf87622638154b7dc572a7a2c7dbfbd57ee702cfbccee4d455ca1

          SHA512

          54e2df8ef8f10fc1162bd00ce5e1619a4652a30f120560489461072ef85e21639837d08e9a51ee10e70ffb24ea40d877d11e05c44bc4271a9b9d5189af00daa5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9c26c8d464c4ed6b149be8e3f7d5568

          SHA1

          2a60607ba970ec9939b4a0759a2663e0671ce9ff

          SHA256

          244a782c9a419e05e31a8aced9079f4eccbbeae3ce6a1faa6e064ec3e7dbbd51

          SHA512

          b9ed7889a297074d7f7f6828fe6b93d0b6dcf562735356d5ccf39de4d5d28daa1419a1095bbdc3140164071c03293108713a4c13e78c495bb99ec2cd5c7102bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94dc1db143f4d68a3b8a2e1ebe4c6db0

          SHA1

          2e0d4512a1d2e8d958872c48ad8e73dc33225dcd

          SHA256

          0d13bc12b9b22da516f9f5a4f9fd82aec0258694824970a591425682c0acf6ba

          SHA512

          edb37afec375ee421a1767e1cbb0c0e134d42909645b390134b96afacc0b9bd68e47fa4255e3dd1e6620c2c5e3075ecae38e9dc5502d6c550621c5437f0cd29e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          568c589bad461e7615caa2c9b11ac979

          SHA1

          51195249d24ccc730e1b06e49bc3bd02cafc0838

          SHA256

          6f0bace645b43c30dcdcb59aee4c8786d08bf07adae388fdf1bf301b542e69b0

          SHA512

          4741ac5120fc51e8669666eed5698ae3f8345cf3d20f8c402285e63408be8819ab29765db5c88fb3759ebb879d4bafd5bb69e4ccd92388eca40e2a922479e5e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99a5ee5ac01bf89dfc759337910d2b06

          SHA1

          0c60231d6bfcc49b2bc118e0b066c3a0bc137042

          SHA256

          79d92e6607c3ebaae8cc0f6a67d77a11caa9e3f6d339c83e828630a83dafe266

          SHA512

          de324fc30075a7b8df702f4047afa2baab24f9fc760945e773c3c93672c7293c5ee928509272afc0c21ced843d612c4b7a81bf8a2c1eb8dce7e9cc7d0bb20afb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c21163223c6b2a46e2a34406b36c28e3

          SHA1

          26524cec69e97ed568110ee67f4a0139409f8122

          SHA256

          fa7d44b0b66def68e5cdff5562ecbb57e48220d26d0493b3edf47a5f2e8dc0f3

          SHA512

          086e420d3683851e8cdb7d9e0b698b64bc00451c612ea7a33ef88a74de03ddc2781d9b98953efd146da9bcbff8bfb7cb50d55751a31a9fbae933057a8f9fc64b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a826b467dc38c63eefc5f4117d0965e1

          SHA1

          ae4a632f9461495844cc52c7e9bfc35f837646fa

          SHA256

          35db209a6c6b5097d2903b92eec3ea8e33ad00782ab5ae99f573a5da7b466aac

          SHA512

          c35ec24551a822b2e72700d3921d14428632b49adafb0cfc36883f3ed3fdbce1014e6f65bf34c16757636bbf7bc18f648cb8761844335f3551f0b565db738bad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          af5372e554fbf1c9f4b832393976cde0

          SHA1

          75ca498a58b7d272bc6783c8cbcfaeade2b8ad45

          SHA256

          9408bd1c632fada973166180c28165e5b8563a84f2c69725070b6dd0663ddb0f

          SHA512

          98b45c1e77657a2dae05634d4065dbcc816b0465d7b26d95a27527bbc96bfca18a80f46db258b4a43597b115c92a29b343e8c5511dd983a26cfd06238e9a1a60

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c1ef06409a9d2ae5fc45971e3b6cb08f

          SHA1

          9300fd6486f368adfeb6b0f2da3c9f1bcab425c0

          SHA256

          66bb411538982f8634e492dbcc1225c3b3c51edf818a1f990f11f571ed48c3cf

          SHA512

          f54cb9bc9b988075d0f9e1b4238db538ea34705dc34bade58cb1efec6be110b76db6941d2e35f06a0934ea72da9eda7e37ebe3591fbf857e51db0e6c42183bee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7ac59eaf5685e6bb51581c89fdfdfba4

          SHA1

          b6dd182b2d0e2630c235f8fd174d7540cd12f62c

          SHA256

          f8bde590db080654c004bf51b816cb31c63ebb020ae7a0f88034ad6548043728

          SHA512

          33ac328be4d4b83324e140350c45718f757dea50e74ae46b2a22729b73465804a60502326a1b2b6e09af12cadd8039c3fb82ab9c7e61b1c0c90e6649e4f66428

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0316d85eda098d3dcf672f39a034e5a3

          SHA1

          f1e51ac704a11f202ca0661abec518bab5d4dc7c

          SHA256

          514f317491b2a8a2f052cbe3eaef3e1e023d90477c32f6fbc6940defea9675ed

          SHA512

          ccdf6e042428bdb2144bfb8a494c4625870ee7f8ced74590958a727c0ba393793e23c5f3cd926498d51353451b539ea3edcc0eb7541c9727e1de93c1f4593de5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73a8869c6146f04207acedb78dbf9b03

          SHA1

          03cbb3d9bfa2a50590434bd64412e5e3d555fd96

          SHA256

          94c9b2c65ea980307097c432af2d673f8e3a6b512a3c29016ef5e40e58efa668

          SHA512

          65b522aab60cefa19c40c70f29d0237e12db86507c1a77f221f8e7debbb40787e6d01fbb4d39a21b0b25e5f7cc149ec5a642838a1c1c78c5f2c65da954ab73aa

        • C:\Users\Admin\AppData\Local\Temp\Cab5E88.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar5EF8.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b