Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:10

General

  • Target

    c0821f52220f91fe341e81bed3d564dd_JaffaCakes118.html

  • Size

    13KB

  • MD5

    c0821f52220f91fe341e81bed3d564dd

  • SHA1

    0fecb5e74ad1e2ee5e9e2ed6c6801246016747ab

  • SHA256

    de613b028ed6e81704281817cb486179b5fc2413ac884076c76e330199aca221

  • SHA512

    5189880f3243bb001697429bb4b374e4a62ddb678ba0c2960f58bd6a0a7e693ea39297284460ae721bf86708c02480a04c6dbec3ee96067f24fed7882df55483

  • SSDEEP

    384:FLR8QzBX2WPb29yY7OUen4pAVTs6RJ6CBJHq5+5JaYN459k:VtXUeJX4k

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0821f52220f91fe341e81bed3d564dd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2584
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2584 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d5d44bb40a2db7fbd73ed673267661f7

          SHA1

          88e00a944de53f397d50ea14bbb34adf90a121da

          SHA256

          57c1d75045ad9f96a65414300264eaf547d8b2ba5e83740891792ca26118f622

          SHA512

          48913c9bc70c7e668c1234794beaaa3bd055a3d9933555002363380ed9325b6d16fba44ee3d3721de94dc2c594e2581bae60f747026e50859b45889047ad77db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fe106d6c29bc5361a1b5ea91b2e8506a

          SHA1

          c54ebd632e1e2643240cd635c11630020e851727

          SHA256

          ca0161409cf4d2fc47d2d2874ccb3393448203fb931dc4e9425a6aa8ee73292c

          SHA512

          a96bd583c6db26f07562771f0c5b17c843a35857e93772fac4c7721a1fb0db8967a19998adfc1f1e1970692e5ccf655706615a6796ccb3bd32be992d0373c523

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3bd5d7d95b716410058d80d8b59a3f5

          SHA1

          71ddca7a098858c747c115c08c74ec1cdfc988ff

          SHA256

          f22698fa68506ea95ef230655aa92a7aee35c9505827cc05d82c5aa38ff7e8f2

          SHA512

          ac35d8fe2f4ad7416006aaf76f76020d0c4f6e29242a1e42e4b4af9edda35a77253a7c600d2dc61a4b1e1319284383cfec2d802df3c595592a9904be31a64e6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b8c76ccc7e157ce09a9d701dd1a579c6

          SHA1

          7967f6e28a030e64c2893f80f9b194f746631382

          SHA256

          96e8d26f932cf5a9de3b87aa223b7ffbc13450b8cb25a590787dfd9da8a0c2ca

          SHA512

          2776ba31d8d3b041d04c3f30f9f125aca115c6d496297f28367b4b0ec956fd01b89c609e46cae3186f3769a3325e074e41c0a85871ed654e0e0175889fada0b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          271283f1b0400a7a04c16a61f61f97ad

          SHA1

          8fd754587ddb1880922a58f5af5b5825726136e5

          SHA256

          f94c7e9ba2010374d809da6e9049f0c06a050886d6b74da95e06df1bdfa4b4b6

          SHA512

          30e8721a4b5054d9813671e6401ffda199a263373fc5e72def2ca786069b6e6598db7872fb11fb6a2c815884664ab7b3a0e0a84fff9ac5049cb7ab677cd5e7b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9a23309929d954894d97bbc309ee328

          SHA1

          651adf1333897390b93cc2ba9f3b864fbf181e8e

          SHA256

          7f15806d8aad378778b5763a301e759e13c9b8985d979e3a6f84c24b9a473298

          SHA512

          2029f369b7c3f1ef7cd2519ee1cac57eced91851b10e623bbd8731de7aca18757abbccc3d4dc33bdc88070057e4987e4c580125e60a83ab83c5e92ee0df231ea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c5c7c1ae92b454033d33a2330124c97b

          SHA1

          42d076295a684954a1a090ca9eae925f5a6eb1dc

          SHA256

          48375f025c33ce040311b0154e9b5069207b138cf717adcff6ee7b627d91653e

          SHA512

          232dec68814a5187b7f7fa6e10f974d59884547ace6b29e42a7650ce352077612687ff8e3b27fd235ddfa58b4357616e73e85afadb7298032fef1e3fc60ff468

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          104349122670e658f0332b330a9c8b24

          SHA1

          2e6ddce27b1b0ce4f296d147f5d1a0d3fa8631fb

          SHA256

          83b1598268694c658a68243483082ff807ae3d25253d7a439dd890338fb89747

          SHA512

          575c31d6535671b17a7294f35e85d45d0aeb8dd70ed6de7fffbc2b16d50f3a32d3ddf237c8cb0b2f1263d5e42506c101e13627916c3ad15cc7262bdbb30f14d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d5efdc50c49bf9fbd9432f17a3a9572e

          SHA1

          7bf772cfb49e0d15533f642652026c8b78e5e8c9

          SHA256

          24ddd9ceeec2ac7cff59f745f5b17df6738180d933d88fbff1747adfb583da1e

          SHA512

          d3399370bbf24c0fb5c85ffeb03f6d49d33f6cadb4227dc4c56738ba98f66465570f2dbdae506414e83ee9b45b117b8c47ed2f2c002417855a7bd71dbc9b2abf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4b2029f82256ab1d39759ca73e3b1316

          SHA1

          9039a180af0db319de41ae5deeb7a5a407f43644

          SHA256

          2ea88e3bd6ba09779ce8d5365f6c206b05f62e4f3e7969807faa0b8be99c3470

          SHA512

          c7d5832c48bfe252b95148f2b9deb490d72449e3659b6d80bdef9c55fe94eeee36b66b67b3f908252afcc187a46280fefd445a22d9468c50931e2130f33a2ab0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0d88012b6ed30f25363c42026daab806

          SHA1

          6b13d64302eaaa11eedc7652bc8b8b1a50d8696a

          SHA256

          d2fb70537376f00bf152ac1ab4acc4afcbf573be6edd4f4970e47b32e43c36a6

          SHA512

          518aa3c0fc9ea0b4fab31d2c7047293f9fb23e0623053fc587d378960ba87fef6fbaeb1f40d7762e08feadff8d948d2a04faa0df3b9e637649eb3afce30fe2a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f59f53907f11f3296a880bc485c5f07c

          SHA1

          79a94f8c67d38e8b3bb160c107cf55e5249a76e7

          SHA256

          5edc1ff5cf498e2ac82ff6da2f6372beec07c0e6cbe97ba8c9e9e9b535744cf9

          SHA512

          660b8ddf77f3cd16de8e7c9965e770c8afa6fc1ff09593ba7cc635e3699f5dbfa44b75a9879b8313fdd7b343ffa976b3c66ee54739ae149879a2fb94613ed7cf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a60314068f0225db1a5b24d7c304ea1f

          SHA1

          1a37defba4835e4ed641a9b4711e2de148e2a490

          SHA256

          67f3e03cfb8511e2bbb0e77c1f2baa8cbc333d0be7369364f43739682ffd7ea0

          SHA512

          251b1c2a3708ea59be153c7e73e06b013db60f7bb8e854b30128a15aa311a7bfff93bc80286cc48144a7f3c8ccce4c3bf5387ba7dbd3d8a1918c9427f51612ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8754f83c6ecf546d8b55cbcb763d8caa

          SHA1

          4ff259f0a23cbef3a87431016f19eb693b22a040

          SHA256

          0a0e7001c767b9e1ffad494a4f8167fa9cc2c03248b4af768179096436d4b759

          SHA512

          7f69080aa9431d7cf3fa192c4d8e1eb68ccb66c23829fb9698f5c31f5f0c6fdca81e8cbaeec0ceea4d600d70842a04d549027e9fafc22b61480416f409b3f55d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7733f74ba8b8fb53d217e410b0b39c76

          SHA1

          59155727c1b4413191e54c89cc2fdbc3c1a6ca90

          SHA256

          58f77381600279b0fcde6f1a5d9c5dd612f9b30bafc1a9e04c56980e58d13589

          SHA512

          3dc08a1fdfc49a75123b9ba1b121021270c69cfcdc6d049bacf8b01923ff76c2931e70d3a5d8c3ae52029a101966a5ca6d02f4ae793198ce9109f1d5e4c27d60

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          205f418de22cc1b5d67d8080f4cca318

          SHA1

          b5eebe14d060bac8f15bd6a6e65938f8fd32500e

          SHA256

          c9bec5c5835afffb4643b426c3ef559dd604a04bec4ce10a0084a6c6d3ac3ca7

          SHA512

          d02a7dc6fd816d4838b2a9fa1d0143470d9862286065b5880ee58894f414edf5608d4f3069d50e1263f17126a8ddee6a6873d39bcb2b6fc123d959d71a4cfcde

        • C:\Users\Admin\AppData\Local\Temp\Cab9E83.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar9EA5.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b