Analysis

  • max time kernel
    94s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:10

General

  • Target

    c082217176503a0b4b86a6c9353f5139_JaffaCakes118.html

  • Size

    26KB

  • MD5

    c082217176503a0b4b86a6c9353f5139

  • SHA1

    b7804d86bf626b450542f3a281aa2d4bbaea91be

  • SHA256

    f36de63629e24c37a71b3a34bcf4a62f622cbda93520d9544f8f02b296eaaf6c

  • SHA512

    f3ee51c59ecb67363a25b45aa618f6aa08fe00899c20200371de29cc28b22461c4c3a1c3f8a73371f64036001d4ff5b8338f4d2d280be791aaaa28a4918b4557

  • SSDEEP

    768:SDb74ex802rCvC3CCCBC+CzC2yEoaoUonoZoOOCOPOpOgOv5dDdB5RPR:Sm0o2CFUvm65Bt

Score
4/10

Malware Config

Signatures

  • Detected phishing page
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c082217176503a0b4b86a6c9353f5139_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:376 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2320

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9c15693795ee95c777c9da9af6d02550

          SHA1

          9d63502312fa36a744c5cb5e25ac8e5e7e36d993

          SHA256

          ef4bfbef104c3f384ab9b73ff83bd1cb79d7b4486e6031212257355fd6989530

          SHA512

          b76cc64479163e970cfb4d4d84bc1cc71e47e7aeb2dc43022bada0dfb0bc78bc1c02d1709b736fa37b9e3ec279a6e3f5f7fdc89ba09552045e1a96b6626168d4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          46400aea89055256ebd001e8e49775f5

          SHA1

          7efe98d287db75f3e70588ec5c53c13c3c92e8ef

          SHA256

          cb154770ab3a38320fec33db1b5ebcb92e9ffce732591403d255c32f447fba96

          SHA512

          376e941eb17767b1f590112555405f21b04dd56d5b9e0a8ec9a59d28b9c6d5db29dd8889f9b8c181128823d75741571919b2d588bcb865902a3114663329c3ed

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          53e98e7cc08f76ff801fefc7f2a8f361

          SHA1

          3d888eadb2f19470e8ae75381567bab8091514d6

          SHA256

          8be0441180a0ede19c2fdb50c2b44d79dc90d667c091021f0fea4ce9e80199f9

          SHA512

          e1ebadad97670028abfe945a41aade7853e3178732bfb39297c2d8444e8e0212b2221fcd572d3ec71daf60eb5f88fb32ab82d0377e433b724a4d2abe4f0869bb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          684a6e2c6eda4eda88811fbfabdbcb25

          SHA1

          6710e7234cd681f237dda1bcee89c46bfdd4659f

          SHA256

          a67468024c152e47f5d24e117addb5da575afcac2d2c54969619b59f3ea461bd

          SHA512

          49a0e62b214d5b6273a8990b27e95e8e45dcbd6efb42abdb2de6ed44f1402316697fe57c118de9b2b55219896967f3fcd77d1d95e86853b6cecd46f8a97b4f3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a344fcc665c8aeae0398008e407368df

          SHA1

          3a856e1d93c62c8e8ac9fdd35bab92c086a2a210

          SHA256

          55d34193e2ab162bf8e8d673368c58bb211767aa2ee01ea6529b85bcf70d18c3

          SHA512

          5d3ff6f4d6a3075bbd3080f500e799bd308dd004bb097b42d8ba43eb95a08a8becc3322d63ae3a83ffccb70f950261b752dda3d47e670cbb5bb52c2e5d73e952

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b09e2f3425f3e054b53f9f07012a2b3f

          SHA1

          54db1ab50af218faf70401f8e68da90c5cca2f2a

          SHA256

          7174222cddc6b94aee57338b023e727f2760930cec8ee362653ca19e0a402ee1

          SHA512

          09c5a3ab366a1958a240baf02be884fdec078952205c4551dd2737f5aea3f69e777f0dba5a85b3413f27794eaa9e9a5207e7d34948cd5becea11103804b4b1ec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          92ac426c65762e85dee61e2dcee0b4fa

          SHA1

          b34f02004c89ebbc013e8f8ee69d33a44982b6c3

          SHA256

          eeca950fcda90d38579b5d94327cc282791c581d15826e9f4ff23ef1955bf998

          SHA512

          af8b85dd1b552ca1b3ed16ca31db5ca50be22e629e3764bb8e01bafd8e2adc2223ae271e4ad5364ba401cff767a5be0a4b8bc4ccc0500fb88e175ad9f314162e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2d4810b5fb516701a8d7b54ca58fa743

          SHA1

          4403acb49d80bd74965b73fc0f835245e2c4f66c

          SHA256

          32431e3bb8b794aa8c2bb680b92c87f2b2171849a8b0a4733d0000ec5db1b0e2

          SHA512

          3367a4d757897bf0d2f25db097f97c0fdce11ffcd1f8eb767958bb7718c92774e3cb7041a2b00b9fe40e9b78855d78a3cdf0494d7ef7404baaab9d17b50b971b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5eb4cfd226b4602caaddf1f665de6727

          SHA1

          06d280483ca206b118fbe55f2d768707dab88b3d

          SHA256

          b9daf81c7da4286fd99439043695ac046e6ce2474d67ea513393455585c3fe86

          SHA512

          d1d9a4c85d015526ecbe1b32b812de79df8dffbd111ed4554c8e436123779709ecaaa1cf56a6d7eeebf392b7d186d8e63c6434e946370b2c1b82d30b6c234e8a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3af485b3c7b7cd5932693cb906bf6095

          SHA1

          eedf6ccb43bbe9901dfa392e244540d4bfb682a1

          SHA256

          a5f61bc8798d766bd3e789ce20f459f8ad62b8d32b6de17427ef28d158153fae

          SHA512

          bb81cffba95a277a442eef7506b11a6e2fb3d6b91b441db1a4ba66674121a657c1b2277b9a65694b07f8c87ea7a620f44f0649ec59f0abad7e5059af62b20725

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a8359be775ebbc91f944f3a43bfcf032

          SHA1

          0fab461d3c452e6be31c2a22f35bd3b845b71990

          SHA256

          6d4da20df972c14a0d9b7c50b4963fdc134529a5d2b81ccc169573c71060684f

          SHA512

          27f458053db8812f276a3df35d788e091445710569e5b91263e7c7f4737f48d07fbe5f4517ffce24144a89e643644bec59382a764c3a844d83b381e954439f84

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ba76e74a1098fda87d110a068f197991

          SHA1

          00b8afd773a2071ab1c1b68726bfd023fc7afcab

          SHA256

          af21921abe5430373f619f2e136b2947cfa2fe74ba1557d2033a8692960c9411

          SHA512

          5428b40f2a343b14f36b734c6d67e2027df63f44c41a6bb594a440cdc735aefab37263719d219dc2af7f733d9ef87fb379cfada8b876143f6b7dee33be0dcd82

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          32783e0a0f82f94d4abd0acdda074cf4

          SHA1

          d131613ae8aa917f39fb8efe85b2606d17d3fd22

          SHA256

          fe9d513ccf45457c8caacbc1d1a573b183b5bba97a97328db5f5575f6be05d8d

          SHA512

          857aab678c66cb3169c1965dc1431e6efa175e68727011b9505f50b8aa29451d700e0b91a8bf816d5e648cc9f2986bc3a1ced9a2932bb43222fccf3758039a48

        • C:\Users\Admin\AppData\Local\Temp\Cab86CE.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar86CF.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b