Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:17

General

  • Target

    c06b9c56ae9df8e8c63b86766dc2902f_JaffaCakes118.html

  • Size

    27KB

  • MD5

    c06b9c56ae9df8e8c63b86766dc2902f

  • SHA1

    0b27119798eeb5dfa811993cba4865b7f12b6866

  • SHA256

    9a6d201802b9143b437aa9db230e1652ed7c373fe6e86ec3f9eb36bdd832ac7b

  • SHA512

    7ca7779b69f677653dd5047db0581ee953d0f01e4c2d7b3b7bb099efd74fe4b470539d27fa8eb4c84e16a87497d361a4bcb71fbd12ffa83dcb003f1e1fd7e231

  • SSDEEP

    192:uw3ob5nOenQjxn5Q/tUanQiegNn2oxnQOkEntnU8bnQTbnRnQ9eKwm60xoOQl7MP:XQ/2homqLo+opSatIF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c06b9c56ae9df8e8c63b86766dc2902f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5957cdb349561d4c2cba4943133b9faa

          SHA1

          36e42b5cdaa38bb840f0888d764278f701ee2066

          SHA256

          1193c93b6cd04027f98506ea0e338140a016c3605e3cbb510359fba8b4ce6f0a

          SHA512

          ad34aaceb111f105f954b061001369c100ccd5bf18ca224fdd165d10f1a1f8c3ca2053fc09716251b231b7a1f3da2f4624d737f6b2f8064a3d7929ab6d28d79a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3186e1716291634beae817412b65575b

          SHA1

          9d470d622795b0ecee94a89150fabbc0c5a86955

          SHA256

          48f4c503e59deed0461ec65616caf8178ab09f22b417c56d7a1262379fefae95

          SHA512

          21d676432c95ea827eb1fc8a10743d0b8b6a461bffbe1d2fd5f8094d8fd38f9553ce63b85a60153835349a51f45c130b6c0d8a57e83d8419274eef8232683611

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          129fa1ee931508b27a012cb3325658ab

          SHA1

          e90615422ed3768c825d2f453c9fd61dd2780270

          SHA256

          31c567df4c8cabc1c39fd75b064b45b29de62291c9342392cf1f7a52238630fa

          SHA512

          5632b3ed0a11d04851c6943cc7dcd5ffae17d13e185200cf78e8a338f40d75cbf584420769691e315969b4542c33d30a8ce74f1ff67a8debe3955d15549df676

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1ebd366e878619e211286d7f96cfc752

          SHA1

          2656b0457bc95dae76896d126d4c2ed1f5f5a4b7

          SHA256

          8ddf061ea29207d2ccbc211b5f87110a98a5eefcbc90d820a3d8c2c80f813aa5

          SHA512

          3b9fdea2fcb82a4725bea777f089ece597d00dca7d86d12e480a48f3a7ff4eb43adc5fe35443f43b2a60c2ef07b235c4390ffca2669daba5fccfe94805a0f98c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7b0db202f24b059fd90d35760edbcc78

          SHA1

          1ec56eaa7d2ac1c043cdf818f3dfd7980f3fd296

          SHA256

          98a0181c98d54598cedbf2dbd8c5a13c5484f71107882914dfea6fe5c72bb8b4

          SHA512

          c9a33841eb391ae07a8c01624b54983060b40d9ce92824dd6b7cbef36982baeef340022bd1b6058db9e341df8ea206c4c8469b7d692201fa01a7814d7750b8e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ae259decb8fb2cbcb02992149c18ff32

          SHA1

          0c9309a015368c3e97bc4b672e786e38250b1d4c

          SHA256

          ee178221388231ba3ec0666888b2d3a4d13e13dc19e9ed2331787af69008c62e

          SHA512

          f2de1df5eb6a6a410d6d97c40b025d447b8462afa1d44c2b285a3bbcfcf77f769a01375c431d81330953b209e795bad775f54229c7bebae4a536928e7171a754

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7aaea273efc2c7ccbd3901f80c33ff73

          SHA1

          1e0ca342ed3a6b022cf21de39f88bd307699c739

          SHA256

          fd8b86f51a256cee8736192307e7cc2b7a389698fc2dd29e02760846f86cf955

          SHA512

          6844dffde7d70cc09549b4d01842840ea87e2e8bfce74471627bbc15fef246317caa1b81ed68b89f524f8ecbb9ed4d077691eca43ce3f164ae3c01122a6468a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ab8e9d15325510eaf34951ced181e7fe

          SHA1

          b7153d2063c99c5c89000c1994f6bd666f836b90

          SHA256

          7db839e191a3006665f33a5dfa5ab24947f69f5e9f27978101fd2048dc2d191a

          SHA512

          442fd4276386920b87f82799193775de851942450310331f158a7d4b3e0260c08bf22f70db304a1dacdbdad8018d5faa8c3eb69dc91fcbfbffcb8c4d2a279ee2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2db7c57294f2dee260f6596c3079254c

          SHA1

          9c501706471f9508df45109c1a4ee85077425337

          SHA256

          a11614967510525415697eb8e5ae7f2d8d04b2dbddede93bb616d921df6e3761

          SHA512

          fdf8740a78ae319cfa0b1d4333a2c7f0ea2d6451c86d79ad8ad6847258e24d21300998b7bce863ea1c81fe0689eb88d21149a28bb2f86ec3011d2959d478cc0f

        • C:\Users\Admin\AppData\Local\Temp\Cab8114.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar81B3.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b