Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:17

General

  • Target

    c06bc3c30e684e60798d1f2378dc6ee9_JaffaCakes118.html

  • Size

    3KB

  • MD5

    c06bc3c30e684e60798d1f2378dc6ee9

  • SHA1

    5d9c4de620d8bbd643436a85870f693b3e236e0d

  • SHA256

    44ac7d43184d1e698fdd85b713e980a157c3461d32433db3f4fa384c60e119e5

  • SHA512

    745e0c8937cafa3e4b2c991b2f14b5eb291de4db21e12e2c08fa718640ce2eca4fa26309df027e452ba31edd554af17335f39fa73091667b324d942df4588b88

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c06bc3c30e684e60798d1f2378dc6ee9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          687eff9f8bc5d9e3d483db52564fc4a4

          SHA1

          3face11c413357ebdf5b701a9e00c7c3580c5017

          SHA256

          c79d7135a101e4f4e6f994a196534eada22f2c5368f4f9a86d115b960e689ef0

          SHA512

          eafad92b8e5de04e365d3dd90f23f1b773a5463d3b0d39e86f55cce3e871d0dd72214e3ad4ef1ff53e8af942538ea428f6c994e2ff4d10231ee080bcf68190df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          12d145fc2a0b2bb6eea5d50242323240

          SHA1

          0da11fcf272afebac68223bba491161b399f7d2c

          SHA256

          9837dca1dcd74b49ac8c8eae816c1e86f6e34a78e1648cff3b7b2ee5b9475ec7

          SHA512

          69d373118cb4e6471dd27fa373d75f475ab0e7c62846ee7ade159a7467a3942ae54a819421d6424eff14a25468065cfc05230451ea3eeda85165c6f5d049a9a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1e1ab764f4e47e3eda4f2f436dfb3607

          SHA1

          a91e43e7c2c51ecc6507edd5b2ec64cea525ff6f

          SHA256

          8716cfcc3b530f649dbb6af02144e555814df6a8b1565b95a05fda14496ce749

          SHA512

          8d54672c250bcdf31cb48f21dd7ed948d3cb54997eb7956eb3500171f64dda394e747d42147b5bc62105d59a21edfc1b5cbd94eda5bf32e60c178bba42d9e6c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4995312227cccfb61eec6317c45a9d5a

          SHA1

          1b79cf829ca69f3bc5cac7c3f6b6ec03e2ed9e1e

          SHA256

          9a2a8cea4f31dd0ca26820b0af81588d37613a789815a66b50280bc661872adf

          SHA512

          4335a0dac662e6a1865d6fedf51c19218e26c107b0a366d738b333f7fdfd3c3b9e1e928256ad66d3115c84d15b34b2ecd4bc17d4a014ba8adf680a23c2719eca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          025300105857a2f7439a152c1ddbeef4

          SHA1

          a39b7d24dc3f4b01382ba94b52bda4f6a6d75512

          SHA256

          655247b7de0ef2f5b2abb227a95cb71299a61f320cd59f973ece213f2fd9b053

          SHA512

          7b8dd4abcef351aa17cf8e6ee4a8af7daa05ca604fc0d52243b3d88f61ac7277eee2b45ced00988b8da935836b5abb33933862d44405551419223e5db7ab2756

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1fe414a6a4e000334c0019b4812ad3ea

          SHA1

          c38d29084839249aee0d9136a75b29aa9f6dfa1d

          SHA256

          92ea17dbb9337839822a6db7a46886767795abc44351e9f612147e084ca748a7

          SHA512

          61712d09e5132454de66b4b515bec3497d2ed8baa62214486f66aeb8f03d822689996d2acec97b5d27eb677ade723df50d6799a5d4932b48a7cf46d287ea9adf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          69c334c7212009ed7c7c531324d5d862

          SHA1

          995c79f9b37b8a88ad3f4bd6497113f88922eba0

          SHA256

          3e428c03be68e017ffe24bee89e52df52fb06155740e3ac3beaae8b6225f7100

          SHA512

          7ff32f6016c43096579a2f8ab9162920c398598bb9a7ba5c0a9ce05115e125290478fa8ea7c8f526591743ce9724c1ba136cdff7ff95c469d020f233bc86d35f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3dcfa7ebc42f36a6e31b496ace872505

          SHA1

          deeadf70cc1eb2f54c1dc0e84cc5a49192c0d008

          SHA256

          5c01a79b84b30e978dde20536be6f68a920298030ae14b6958bd41f3ed1fc903

          SHA512

          15b7dabf91aba48fa8f647cd6f7adf794e0d743e086812807c12d17d70ca61d690ce10acf786bc95735b8541c50076f91f430cf0d383b408432ed78405315c56

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          daa3a857067475d2bba2ec4a43ff3204

          SHA1

          0fa4bf4928300bc500d413c7add46925e8022252

          SHA256

          e36ba89a0a907e2a86b41db739df4e04f2ddffd1fd022ac9464456e1e0a959fa

          SHA512

          b10572a9ca8f81478ca8c1d1dffdc18a23e7db60afd41b818bd8ca648509411db4722bbac3ded315e89cadfac90ce76642fb62273e3f45cf4b5bd464a5a99ab2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dc0fa51d1be867e89e3214dfe11f9bdf

          SHA1

          3ab6a2b1d584ba764e53814592b42c79ff72c6b8

          SHA256

          78a04abfcb24030cf9d0e2ceab7a3da3c27474cb88fe2f2420bcc14a82deb61a

          SHA512

          d3e6c760168e96819cf44dd1181c87606bb0553be2e06648ae58bd49c952b293bb7b04d6b66b34f87c182004f21237092683b4ca58c25526dda83fc6ec222779

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2e1746c754a871137d4e1a6b6d386d76

          SHA1

          6a967086b5dd8438ab339043f6ea3eb6bbc1ef31

          SHA256

          b1309ce345ee9ca10abf5c74ad021939ad1c70ec38901c0e3a4ba761496fa380

          SHA512

          8a5ef2b2149464267b60406e18fdcdd3aae11c66de6c6a5f216aa1723715dca8003f95d2e2f9d1d3f325e309eefac16b6d4f27f8a872a26aac2c71d181a28d8d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c7a9673b3327b21289e2db49aabd3301

          SHA1

          c9f32ef7c2d9bd198dea1897f469f61d5a17ac09

          SHA256

          bb160941dad9ebf786b4284277f481a6d9a089e2124b3bc87ea4f19a4e9a0eb3

          SHA512

          73f86b7a4ffa9f75504a331ac20096f0ea5f72eb4bffff6bf31d141716da6902778fda3abd564780727e17f34aa6217c952cea8e07e70f31e51b31cf204012f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6162df7772354723774525563960261a

          SHA1

          a4f6fbac27f7aaa01b45229a49508dadb6927aef

          SHA256

          a5fc99d818c60ceade0a8d0a6551298abad7f7a59fa1bd0c79054a299a91ccfa

          SHA512

          74bc94aecb4db19da8631ca663cbd31a1aad614e06565b0001ff4eda2763ba0cdaafa297bbf4b161bb1014d32ecea2ee9e7fa60a2c998181b50dbbf2deb8336d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c686e812c807012443bf9bac912747d

          SHA1

          4fa9eb9aeac021ab15a38ae96d1830b0c45d5def

          SHA256

          e53f52e5a27670a18d8f6cdc02239bc9704fb7932cbf81d3b6ab3efdb8319cfe

          SHA512

          c71b730e5d058f0bf2c476e72e544e86548a88cf3e9a35d4e04ad5fc9bbf43b7396bdc393c764e7a7014ed9a78efec4ac77dda5d9136729c1356755e1b62d9f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          42ac93a46230a4089d8f733e91f462ac

          SHA1

          6ccbd27e7270fb25cff3ce7fb41f4bedc93b80ff

          SHA256

          2f0a2fe7e651edad8f38499444c31aacfe29ebfd48463602a4bd75a7e7c0494b

          SHA512

          7a5542b6d864be03c8d4209746ed571de1252480b592d152f7da7a8c7ae7bc124a733357e31ca45c71e0094930054a680c41ab21f29fe02be1bc628e8a31d36b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7697e72bde6db8d8e3faa1ad76c64567

          SHA1

          311f68f77df7eb15ce8f6f8d37cbb91f74587281

          SHA256

          594d542c88d64a1005eb776c683ed06f852478dc0c5a64d0c6e5e63d966ebf27

          SHA512

          de0b0a7fbdf9bd9ad1dd50b691bb6c3e26e204549800e456f2e47e86696b14bdf6c9baf64202f0f44f74b4149e2ff11292473d3277919df91a822201884bd683

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3d696006b24fcb16d2c45a1a8314a888

          SHA1

          a75346e1ffb70c21a88ee96fa72959a220736924

          SHA256

          3c4212118f54ae2a19ade1e57bd00b3573c1c2397085ae77d0561aa10082717c

          SHA512

          e769cc53ab0aba47af7f726332e84e867b103b504e42db1a6f639ecc89234c6b6787006136b88a324d22f91979d40687767648fcd455a055fc1eeaebee78dd52

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d038f7617707b64335fa976e0c8f0568

          SHA1

          496546928ef31d62c4bbea39c36268c4cae08abf

          SHA256

          6831ed310e47484ecc0f5651a77261298da9a0bd31df3ca7d743153583bde4d2

          SHA512

          d4e5d1ef915cf85c6c4506d1f91244f33699686744862050e60fe8d8fca5b36e631a620eab2f752537c9eeb62ace0f0898387a3718918959991967580db149ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          210e2e8f89177f77de92faa25abf0f9f

          SHA1

          5ecf63c87fb9849789c4c771dc63acb5fdbd47c7

          SHA256

          d1c2d83f01e9df572d2e0e526d65ddeb1755638777397ab56871ad520edd7254

          SHA512

          391acef791e7db7a9eebd4912c92caadf7a66e865ba92a4e1faadda773dddd2ee4045d8d82a565ef9e5baff77ded43adc59ac4fff17d2e0abf5cc51aaee7767a

        • C:\Users\Admin\AppData\Local\Temp\CabCA23.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarCAC4.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b