Analysis

  • max time kernel
    67s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:16

General

  • Target

    c06b7a579545e34a1238db25d57aa1ea_JaffaCakes118.html

  • Size

    3KB

  • MD5

    c06b7a579545e34a1238db25d57aa1ea

  • SHA1

    1f1ccae07fb11e0cd00d86f9a82d70396f688d8f

  • SHA256

    5e7a9812bdc29a161480980d20173dfbaa75c696db9ddbb6de86e2dc9077f959

  • SHA512

    b9cb69ac8b980febdfdd83e7e08ea3ac8fd3486ef5b7215de5897c3edbccb923412199bd31fafb0424a7fe96d3ef5a1412b56c7b49274f4326afd1e87a626276

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c06b7a579545e34a1238db25d57aa1ea_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:560

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eb9dc33633a8cd6d5ba515a3e0f9fc6c

          SHA1

          0721177f88350eb8046240df1f00d01568179d5b

          SHA256

          fb8857ffcb478bc902b2876cdd999b010879ae1a900e64f17f8d57da246cc4c3

          SHA512

          ad7a9cd6dd35654ef9de05dde2592d34935d12a794a2ccced97111002a9e15b13a8ddd607890cfe131b9051efa6cc3727f7ca8b0a9cc881e7fedab6b88a07fa1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          83c76d18193470d2d35433a2b6087e64

          SHA1

          4066cbf83ec7a44df23d79d200090a3bd98211c5

          SHA256

          40c710b1db21b4b7d2b0b3af639adce2fa9513eb2ac0918b915b83f157808a7d

          SHA512

          73ae1cf16de9fe6fe0bd6d421e5ec3bccbbdc06e3b86cd3bff439e0e1d3853eb84f358a3950102a16bb7a99d65e846fc9abdb2a8313a782ff161917e48b3792a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a320a93945a5e2b90d4affa049de734b

          SHA1

          73217629d13db49c94af93cb7c2a388f37c2f089

          SHA256

          64096b1b67559d4e62c21333895ca8cca6278c855515166da92749371cf80956

          SHA512

          119156962007e6c8558bbdcaa0e4f7efe4ae7d98bdecc8213007c1c1af6a23e7f6496811febf12da58d9db0bbfdd76a9fedbbfbe7d70ed4bb12e6d0fd0598679

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b38acb959c8aa1490dff2a30ca1f30e9

          SHA1

          85c044c053a17ba14f60cce83a39dd9edf72a28d

          SHA256

          a4327f77525f3be39b4e46e6787b684be510e8c8aab3d7f2409cab198d03555f

          SHA512

          f41888a865494c52493dee3785b5d8478a8c3f536bb2b73d3ead3f7b7a290499e49a927077d3df9cd5e276cc91e4995f950d85070b617439dee075124a39f7b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          04ed55754c52440cff987179002f3aef

          SHA1

          84b5bcbc0aac0188f1694fe5e9d219065d6f656e

          SHA256

          294019ce1ac25efe96badf6a648e2f0e0f59cbc22d4ded1a039e7c08e16aea44

          SHA512

          33fb2ed6c983e4d8d210bf51cfdf52aacc19c2b96981f7582461e778218cae93c83a9ff8356697199bfc4a548cf1a78faa30f08acc2ee916b00c05db2e28a4d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6db570a7fbf2f80a852d04eec4817d61

          SHA1

          ffc6431cb3b1fc5e0f3249ae237e4ad4093ca650

          SHA256

          5c6740a5032e88078bfe385220a92901071f9da17751fa591e416184feb28656

          SHA512

          cb018a647207b642ff55910cae6bd61a86f4c080956d06d588e4ddcc40433609c3ad3726a8b03b970676e100649b54ceff7f7e9c58a0524627f2aa8fa4fb8762

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ae65bc3df04fe7c7810118d134bf4a6e

          SHA1

          38213e83513ed93da8afadadc8f1e3128b32dd1f

          SHA256

          320ead7f4f3a8debe64dad02227537c95bce2d4a5db1eb513705016cae1ca72f

          SHA512

          7f41d464e1918520391fc1bd3c532466613ee24cd78f21c7b5ba7dac065f7bda18a7e06af204c6e2ef95f47ba3080adb0cefcdfcff762d90d56ba219a3c3f32b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e3d40ecd6260d4509145f45aff6b8686

          SHA1

          e14081b7b3bea2c3b68c60e4f07eacea25e7b4c0

          SHA256

          a23ec16291383bbb055601a42688c03889a556ab2c562c20fdd94764ac01ef24

          SHA512

          55b5fbe3788b73209f46bef306a51143d0a2733dd993f1445fc6ae0770f5f6345b9c1f630bf0b39ab47c1e23084d1c72b870f623959991d6dccd16f2f915b2c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a5e8bb65babb1f5893765fc258767ed7

          SHA1

          9ca8acf142dc9f9ceb5ff32e86a91e08e157e65b

          SHA256

          af16022ce0f6fc8b0cd043e61e3a32f2c607dd616c039ac016ad02f34e4de739

          SHA512

          23f34c3604a46fd88390ed0e84475e20be818f38ed0cd152c31abe69506cbaa7d889862fa1d9f08da6ca6516afa8b5549cedb979716186bfd5da7329e3097f47

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99c28140b7f68366990a27cd66fed418

          SHA1

          bdad82023ebec2bb8501433164e4fa5b84c10e7f

          SHA256

          ca2f1ae777fe6c7e6be1bf2eaaa7e99b6a4adf22b4d79c69c0ffccf5b64c6ff3

          SHA512

          c5f54ccbaf49a8601d9c9d1127e716fd30988decb42a7aecc02f6a2580c81af61b179a7b79812263be1e26b37c51ebfff5ec796d57cdde5d6f3fcb6dd0fe783b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          524623161e38fc9ed8f34e5e20e5a952

          SHA1

          2c931a0925cb60c63a28fb8e41cdb340d3a943fb

          SHA256

          3d7b357e34912c9a0cf17cdce8cc276e04a9cdc4f013a8f7d79b3180f27ef904

          SHA512

          2c9fffeaff78a0b008a1d9577f895ad69ba3e13ee0c8a9baebcaa9ad53341db9b9938ad70bc59b8ae529c9d5a3708a432e80f58613b3de802e9ea638104accc4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5430f5e7b786762792c08aec652c7453

          SHA1

          01294be68a6fb931259ac99f337acaf9d283ec76

          SHA256

          3972874a159c03ab7335cfc068453399dd07565d40500c921da6dcdf71c6c3aa

          SHA512

          e9a0cc75e2c0e282f1443f626c01f7f8df267fd0435774db7f4416c03f2c3205808c50b3b5283bd51b349f80c2c75a1110ea2a747623a3bdc9f8f3fed7f544f5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45f4ae59d96529e45962f5e4b0f90527

          SHA1

          305e77daa73d5afb135bd24ade8fe7b6588a00e9

          SHA256

          2637e4d3261fdee6f5ee9497831be723fe6e034ecdfbd7c34012e92c2e2dafcb

          SHA512

          f8c6e99d5e43fc13d2fdc59b429af68ddafd2d94cc04691dcc54c21e557a4ffed2259e026074a73cba7b6c8b99bb80b4f4908bb2e45eb4e82f243377d9bc2db6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6ceaee1913c591715c14d826e8e6fd16

          SHA1

          c78cf4877a09fea9001c98c6dce82027a2d13ffd

          SHA256

          0f1a9869c1125203af37a0ccc292162fd522a3b29ce7308cecf896ad97771566

          SHA512

          8f737c7a7a10a5268308b7780b40df403044e0145c58b9e56e3a1f30348b12f0446e0626f4de05feee23363e632e787dd76d4da5179b3e363173af4aa662a82f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e84f1c1a2febe2415790ae4d7c819d60

          SHA1

          743ee5ac3558bee9f7b34164ee9288b56fa46116

          SHA256

          cd568add26c28e4525bce5b94b7b11da851fb268913f1441f6574e94832788ab

          SHA512

          eabcb58cae45cd79c705744e7e4feafea1c58ebc0f45931a907ff78a4485a8d8844f6eedf2107544f7c1c3c085c6f134bbfecf39937d3489ab51b9b416547eca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4b670c781e4e57c27cefade9892be398

          SHA1

          46be09e4636b7623335f9f595e5d53d09f0fb3f1

          SHA256

          bf0cd6770f6ae5f794e2a73791186106dc30dfa3730dbeda275c902efd7b1a48

          SHA512

          abedfd6a1e19c6183c2037dfb03600a082007fa412d93b74fe1e67b7afb30fac7845cedeaeaa0da068999ca9cacdf8f33a26eefc8e46c04352ecba3afc25724d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dcc950b4868e300b0b4068f0316dd95f

          SHA1

          921c160a234bd7238c72fc2a4b53248da9f0b7d3

          SHA256

          3162c163f707e5994069f661574adb856c73dc2c39dcb6802a19cf60262b73a7

          SHA512

          9212de19144cea56ad02bb8b0b13939ec73aa79a38e48ea3e982dec769149933e6b85b2b6429e1d88f00569b57c935cb4851c9b7f7ae27ca9eeec0d4affa52d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          438627f159e75a0b756f3b2b2bb4712b

          SHA1

          5a997bf061f0ca686f098f31fbbf157b432da29b

          SHA256

          d6702d59bf96717a8158bf7eddd1b86639ff1b08c6142ee90204b06ed6255fcd

          SHA512

          f4ae9639723f168ba5d6a85d4992c230320d5193fa6a968dd6da3466ed34dd85b706dd137019b966b49355a2061705691b70d65d8c6a014cf2bf48fcdb80e2d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          433d55048432648866e79398b9fc7448

          SHA1

          22b2e52fac0a1caebb75e08d398872834caf43eb

          SHA256

          6b41519165b9b67a84dbb5a49905b07a332cadb36ab144c1d6de23c25098e357

          SHA512

          91f0cf44449f933fbe71547fb329e530fd22b7438571d6c2b74102880ae2c4e74ccb77a0f12ce937d5b1003fec413d3780731a93fc55300ac289900377de7461

        • C:\Users\Admin\AppData\Local\Temp\CabE321.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarE392.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b