Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:09

General

  • Target

    c0820d661431eea0f4ecde5b98eac6fa_JaffaCakes118.html

  • Size

    18KB

  • MD5

    c0820d661431eea0f4ecde5b98eac6fa

  • SHA1

    419734c08fdad5d85c209a6e714b3e7348c10629

  • SHA256

    69452e0fc6d1f545193db539f6a8faeb987d0b26df4afd544c768492fbefcfda

  • SHA512

    9cda164e76b5079b1b710731561603130cce2f41627900078f565b208faacc8531505b467f37f0a200ffeaa7f9f7ce4475d35b81db6a6aa072b21f9f0adf974c

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI14tzUnjBhzF82qDB8:SIMd0I5nvHBsvzexDB8

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0820d661431eea0f4ecde5b98eac6fa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0cc27ac12f9b4a9d211337a2ea748ad6

          SHA1

          c67e933a6a36aa7032739e6f83bbf441cf1749ae

          SHA256

          f76338012d9eb4ab52f8d724c8a6f469f5b1cf01a6cfe05ae43ff6e2e2620641

          SHA512

          2a4e79f85c759bb81a7d9a11a01ded32705d0e7e1ea8b20497d014670f190249d8f92c9977141bba02afaeded2e5b92fc11a0d78fda27ee3344088570630d08a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          219043060de26e3e92536c11b0ba01a5

          SHA1

          8bf3fda454c335eddf1f4b64ffb13e4b70027aec

          SHA256

          c44eb55cca79a6b2878aa8c7c6218099a85a72e73049c794bf38467ef4481aa0

          SHA512

          511097ad1317876004ed593e4cc245d8ab9d97544d5d48401fea0f691fefcd70686a24f599f74d30a003bec8680240e21d8bdc54d702a3e9038d0d4292b3ee3d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aadff441a2b39c281065ea6e9401e09a

          SHA1

          e25f173044a63d9cd458f00814a1ee86eff4036b

          SHA256

          52d9f470b05fefd70fa1ae83141c97fe3ec834b07098f7d7bd3bc40df6661582

          SHA512

          4f9fd11d4adfe56741b56c71a280e838d88bac47a0047127ba8590c382578af66de30def0e9cf1d48352d3e2a09627bfbcb2716d84ebfc6b112cbf9b86220471

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3ba3f6c512c34fd535a63250d9d250ad

          SHA1

          63e0c1a43eb7498e2a9a5c06b6f31d015351505f

          SHA256

          83e7090272f03c5a5b549fd075d5a4c15ac483cbd01ae5f055c2a3b80f9b1970

          SHA512

          ed972e2dd788c656f9e32ae237332921545cd18417f53ccea702bcc33dc349138b1f3e0aadca1d8c697e59eef30c8c685c2e511bac720afe1c3e1d09089b1b6f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e10dad8803f03d028a9075d37f530ae3

          SHA1

          7a357d318b3db19752f4670b3dd7483e3d21df52

          SHA256

          becb27fd92445e5f29ec3dfe2417f735bb3564e2575bc89c911046af680d3712

          SHA512

          11adad498c1be60a6c8f9635438c5a8bf6480df75cb1c44acc2448986a1923e1e711b14434d51c4e84fcf73d45ef77a41b20fd8ddf69754555a4826acecbfc46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2e0db01e36451db5dd0c2b484d0ccd3a

          SHA1

          24af097e1d3afb0a7bd2ce8e66f4c32bb9669f62

          SHA256

          66c2b8ab1b3c57fd45055999cefae9da7e3db1562e6e4bedccb7688bb0d6c284

          SHA512

          362eb4203621ae06c74b256f165d42f104f39fab24a4153362ce261287588dafe334fb07e56857b4d5f08e76b1256e93a71cf6183d6ca7f851c8ba55a7a79287

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e83b7de5fd7d85e6e51a3d1d9d95ed62

          SHA1

          ba9f9fddeab7aed5f86415a9d027cc974b191655

          SHA256

          ff215e082ca403ecd2dce0285f7b0f0b2bbed7b4dfe7498ff7e2adf1aa636e3a

          SHA512

          4871f31c714348a1f55fb7490ade11612354888aa8b8c6f0de518752c8e336da052fdde632a76d797403b6ac0a5ac0dfc6cb45345f0a98980f28514b1e71b6dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          70308f792e6ff026fc9261b476d78f98

          SHA1

          6a459b520b5d3b504bab191665e717b1bcc67f1f

          SHA256

          d73dba2d2462eee8d463b559ec242112236a732ac7cabbf7a521fca89855c4b7

          SHA512

          dd4a1a8ec18ccb4b3afda46cd64dd360e49cacf4ea4442c293c52cf25ce511338895d7f956353a82147eddda40d2b24076c2be4244a9ba30a7e5c8aaffbf559b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7e2a6cd2d5950b5b0ae4664081103ed2

          SHA1

          74a9c98b3dcd3f0d8dd3be2f67d011ded5619e9b

          SHA256

          6ee4a2381ecfb0abdd2c6db6b3d461bdc98ab4712a1ee93168671aa818330aab

          SHA512

          859a72401c98f5449ceb5e6c2e48395f5d99615d6d2984267dd6ac6f686a76521a07658ef317e8c7f6adfad4ac544425a08b3e8a30e0bc32f522062bad95163c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c752cf40b2b5b641a5fcac7d1d03400a

          SHA1

          f4e97115f520d8f1b90e4787df80b83d5d627a03

          SHA256

          b921cbfc7011d2f525f16de57cb1357af01d55444b29e9620adf87cedf66b6b9

          SHA512

          508b147977eaf0b1a07caf2e127108b45cbeb9691e458f5c0b9460091abec82fdda6554a8c4a09c4a2f96bb47c45bb19dff2606ed915cc63da5c0ca57f94ebf6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e4088e465e8e421ea07bb99cdb564844

          SHA1

          a16a34af16fb9eb00d233d4f34d643b1ea3b8d3e

          SHA256

          f5ab6177c52a41cfa7c5193584c8916772fbfead0d68df95f24f443cca74754f

          SHA512

          2022277acd0662b71317f96c2befc54074961a010daa4c24b74315c70f5b2f086f3b240c37923cfb0dc7c8b7a1a030d2308a96119c1627a39923c124f66fbd94

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          14d0685abe3e4b0d1104f7097745f349

          SHA1

          42dc328fd46f83d2ebe7e090fd2501f9e39a4fdf

          SHA256

          3c0aebe2da6d6eb21a667d9032dccd16f67fb35518cb78ecc15d7e985672d952

          SHA512

          12801abe858237d3b019689cb78df9f4fe50b8175fdb5f3a9713a45d04a889c0530c84557c922b3d133b08ffb162b9c87fd7bce581d036ebb8f9ade039a1032f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4cfb6b38a4fe2e39a9fa166e3b026fa2

          SHA1

          b2256db7d801ac86884f193a60b54e6c9ae2762c

          SHA256

          2282b07e01a6b7b75862fd490603b7ebeb17bb19c2728886c6322912211a08a5

          SHA512

          454d1898487b753492d998f106a6d1a30c9a117e08be29f2ae82c43a759d94a55a1680ca1b36f095de9e6d4d2252a017a03f2d5cbb6735db904feff625eefdc3

        • C:\Users\Admin\AppData\Local\Temp\Cab937.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar94A.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b