Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:09

General

  • Target

    c081b715fdaca7d8e746ce18d500b887_JaffaCakes118.html

  • Size

    167KB

  • MD5

    c081b715fdaca7d8e746ce18d500b887

  • SHA1

    9b7fca05b295697dc703b593c77b59c376d033bd

  • SHA256

    51b84b839b04d5aa5e12a8bba3f6ec512b206438fd6fd0eee3e80fa86ceff5c2

  • SHA512

    f416e07cd4449b71b60b8eb701c012a763c3716574281e715da1f8fa37b38e657b4a2b28b2011aa6f55672eb1376f05e09b6f557980b3c8e0199f8b663537772

  • SSDEEP

    3072:Sv7xgVrQcqj0gYs2yfkMY+BES09JXAnyrZalI+YQ:Sv7mqj0gnzsMYod+X3oI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c081b715fdaca7d8e746ce18d500b887_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:836 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d5c4b0ff1c81220fe8f5d537eac6666d

          SHA1

          7bca32d968e652651277e665203402fbc6c8a3e7

          SHA256

          ba8d6a2024434474bbf8299f64dbc3f5c49ac87daee2114be676aaf452f3e0d8

          SHA512

          dd5db72811e748de0f483b8167ad49b6b68e1fb881915aa1ca940a33be02fb454984c1753fc1f0ed87c2074857607ef43384a5fa31350f9c3462d68d38e23e62

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          500e433fbc1130455f2fe92ab8fd30aa

          SHA1

          280017227aeeb60ffe1418fdbe2d60b0c6ea4bf9

          SHA256

          1dcd710baf4e38af980e99ae74d745a69987b46088f2ac0f6b54043b0b38d6e7

          SHA512

          edd58e030ad418bd6387b6e73ddb1faba52ac64f7597303fc81d386a4939da8e1320263b45ff255580c4cc7d01ffc8abf1b1783188b8f1f41a8b771e05f2a6b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          051ebdcc8a4711d21eba6093d26b49e6

          SHA1

          5f616fadb165044816578c9e78e7582f06b92631

          SHA256

          780ada75b2cff35e245a6564bdc11202b7b8ef3d0498dfe469766d011720d787

          SHA512

          ec6545a6b211a7e2d25e9de0c9ff4629ad29147c8456c5b187058aa6b39e83cc90ab715a08c1e2be592d78ca1ac5f10d1a273bf73feb92a69b54c1d0be989059

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66484bd812708baa77d4b7b7df028e37

          SHA1

          03686cf5a6aa13601757929fc16e52d2a487e409

          SHA256

          c6d448023fd997b70549fa6697607f4b5cc8a741a77fc127700da7025f254f69

          SHA512

          ed9be7a50ca1c750fc3ea7acfbc4e6acfcafbe8b581fa5f954ee56b1a3b620be3b3426d1ba1eb9343c0b470211708b0147e9655fae817318b4a620400abe47ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc2784d26c2327bd347f4239ffe64283

          SHA1

          a2982ae7188ec64e252115ff3b18e333447dbdfa

          SHA256

          e58c7142714c330b27d360711cfe4d54646b08ace3b5b341f17193f7ebe42648

          SHA512

          d7fd2c265548c0818d3641c149dee23f7b7f8a9bd43d13b835a2a3aa59692e967a57bbaa8f6c8b92535b95a4df109e034c590fa3f943d09266e7323e09c6e617

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c21687ccc95d2aa087628db93f6c0f07

          SHA1

          db1eb2a2391e4d38bfcb0feb995efb7874a6ca43

          SHA256

          d23f45870bd8e0abc8ce8642f05db8fcf00bfec00eb1a0a3085599fdec1b5932

          SHA512

          0d98de3fcd654a6f4fb1c151aa8a14e92bd0a919f387e65875b85bd850a8f30d491dbeed0588ac5c4fc09e6473665673831df1dcfe54f7f3191fe43181c0bbc1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d27b7656340f7876ae31afa982e5b2b3

          SHA1

          09db7d3aca6c478c39751d478e9086fa564d7493

          SHA256

          6256216c498645629e9c035d0b55c1d8c28a4afeae41d06474d7834e88a811fa

          SHA512

          9b3506baed4ebe009727f89c781e9c216de0e5ca2443b1d0178a5ee8e04aa5e3d992e806855be536d1e7d936a896ec58cbaa1e05a374ea630ef6a995b13d51f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9996323c2d30f27d6792b2be57347868

          SHA1

          8b0b078a76c7d3f966c2dbd4a4212b42e8269fc1

          SHA256

          e07a7cf2bb293427672302750756a7b1a1fe198949b623c477c3bd5c654598e3

          SHA512

          7f5587509da56066f889c34bc0fa0e29d5908b00548ac014ebd7caacdbc9afb0ad7fa98e47b01f4efb1a48204c5826d62f932f57427c9adf7cc699f7b3a54f7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d74a42c55258a7c1face2dd3339b18ea

          SHA1

          c2f1a5aa1665f1691b32fa7f82f06eb0ccfc6ffd

          SHA256

          5cbfa8df7e9d9a38127425ef93ce0e4730c8872021b76571a9916660531928a3

          SHA512

          e91a909871290e3805cf72ecfdc81179c6c988ff6792f25247d33fc9fb1f50be1b9244d2feabb8e95dc11ad165adc27840366b47579511fc79299df6274dc4ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00ecb7b3b566b4b6247808798c4cc48a

          SHA1

          901ce4ed201b6161c845910e93a34a40ba87603a

          SHA256

          9f330de03d5f71431556e65b87eb6c182f98ca46a6fb0228b525ba75342ad4aa

          SHA512

          d290c65d953e7c64b4892a1792d01cb6241fff1e70fb319b89f84619183bf7adcf829395bb560f765c501b69090ad5f8b318f7ae080bd31fae0a5abe86c219ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a411de1fd53781988724758e4183ed08

          SHA1

          f034a7dd79a753b3e43042e5459f4bfab11edfaa

          SHA256

          65aa8288ddb12447e6adf137e66b87e6afa398556251dbdf678047c0cee68e45

          SHA512

          6862011bf473b507b01bca4ef7337647a59257f6dbc13346a5a6c4cb33511a05a1568844f6663d75dbadeb8e4466e6fce9140e4202fd34b5d96e1fba47de1920

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e72cd7f878b125eb5b27fd6785c7117c

          SHA1

          855109c0d43fed66077f3ae2d6f21133eeffbb48

          SHA256

          7155c7e488eb0b2b4b6827a8adff06a647bb4872a82863871e7d85e52ddcf927

          SHA512

          47e65660fa5a14f455eae328fb433dad197b9d4fa46c219049e6afb52bbe1b64de32a1a028ae831bafe75c50eb763463f9e37f5b0277b54afb76221031c879a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e2f2e993bc44e970b8055b3d463ad85d

          SHA1

          6ec9c39ff3e85b1fb62a8abbc629559cb9ea441a

          SHA256

          360540cc8b8afc8e6f04bb3d2886cbc50dd1067a6784d1f22d18f820b224e6ec

          SHA512

          670ef405869662209d8949325ab4bd7e1a6dbce932c010f5845824dfbf9b1ea29d35aecc1d38a4617ffa3882b68413fc3f872af6b3c6750180f23b6c47ea6002

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2524bc5e5deadde3928306dc2c758bc1

          SHA1

          7232bf31d5a3a201e58ba8d30bd41fc4f2d53991

          SHA256

          1d5dd8f6359b4e607fbcd4133815c81cd38bef74fee0f70bbd130920d810dea0

          SHA512

          b63ed02e8e1079a9c97b9e20d590f35e788307e09230593cc5399225da116accb09a9ebfeb9a12f7522d56ae601a3a9c2383dede49c02fc701377970002d1b8f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4fac6763f58c00237439e88e31ba01f2

          SHA1

          4ff9f8976c80adb6476ee264c211a64c3e2a62bf

          SHA256

          72ea6991f59faff478898abe5939a6302d64924e4c8b6228fa2523ed31514719

          SHA512

          ea124b2a867c222bf3dfef9892be63d0df53d95d1e42165149fbab660633ba9d9d95f0e5624fa20e9cc7e8141f4e766bc7f597a08aecb15ddf5ef912c80c4dd3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1fe6fa09084cac4e1951315caef4e571

          SHA1

          9dc2845df5357aad19b58c933d1695486c3dd88a

          SHA256

          ab369917fc55b5020f39038d7664e3ecf3d8dccd6898c325ed02f3d83c8e1a83

          SHA512

          5a540e3fe0f52d728d8302debfc1b943eec5ce4f2f356c04b596895629eb7d0734eab64b04710dea3420e94a1752fbd1f9711756aac0c567fd8c5c9671be4b1a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a70181ec6a6b14f764d3bad4e3a31acd

          SHA1

          931da73ec2a0cf22c9e8c25d0be9d77ecfb7bd3f

          SHA256

          d270d87d8d162f85fc66d40524f6cbf1f659cf397e2f46d71199637e86624c8a

          SHA512

          14ed96ce08e995f4eb848d71c624d3e1fc699d88c1e93e8f9f82b3fc07b8d0c209c4b01832206961100b052af0cec83d7490d2af5f6d41b31d67e11a57cca2f9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          53bc17b3d83e80dc0d1193b3619db5e4

          SHA1

          388aef143e0f878fedbb62ae87156fae9275f8e8

          SHA256

          f3b5a1f682c755cad32f0ca003228fc3f007cd5bef442113078d426ceddded4c

          SHA512

          3958e0d82493fe56f88eec6c0821d2d81192075d0aaab730dc95e95c5378999fa9eeec8c05ded1968ad6a14a837ee8f7acfd655f35d3c47e3b598ec30c45e548

        • C:\Users\Admin\AppData\Local\Temp\CabDDC5.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarDE54.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b