Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:10

General

  • Target

    c082274fab45b76fd7446198f64d4a66_JaffaCakes118.html

  • Size

    83KB

  • MD5

    c082274fab45b76fd7446198f64d4a66

  • SHA1

    87a14b32529ef64ae4233a31c08c81dd61d7cbe9

  • SHA256

    47950558685f31b814c87ed0f8c7378393033e5394b9e11d37b0f42639fb8fe5

  • SHA512

    ebb3118483178fb8a31bc94891f82e9453ede7161401991e749b8d5f8bd2c61c893bc67e2f811f0670024f0abb54e3a97beaff820a9351c4817d38f548619417

  • SSDEEP

    1536:npF4SuDqtClpjIPEWmyP84yiBRzh8aoa6q0Z24rx8lFK:/4SuDqtClpARzKaoa6q0Z24rxgc

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c082274fab45b76fd7446198f64d4a66_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7019df123ca6ac2da700bbd76af00380

          SHA1

          81d333cc94d0c7cbe55234538565bdfc6d335166

          SHA256

          6cc3f350be8f2887dab498cf81550a0b4e6369ef627cae01f021827bbc4b754a

          SHA512

          81132a9f94129f7c56b423014d81550c5da61d296b4f2dd7546d49e8ea24806df3d892ffcc295a077308322d45f48a0e0255814ba1908f1a0f9883965632efae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          026bdc858f5edc7121939d0a6104b483

          SHA1

          3b134ac6abbad5ddc2583a46ec2688d2ee54db6c

          SHA256

          2f17f3dba2cae62a8e6a9e75f1378e706f6b43ddd4bcf4eb83d121711cd69385

          SHA512

          2eedc9748c69cb7d9770dbe0c1c9df382b11a56e6e525ac99982413debd72f79a697c418e8ed6ffe3b39ac92c951aa66a89f2d3b06755b389fe3d92d5233e942

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          92928e5cffeb035c2f9641446410b969

          SHA1

          4bdbdff8b0ca2a9f26fe1bf6767125288ff3a1e4

          SHA256

          517e3d45f60d274a52b315795595d2db77b3d3c812ce08d78d37966539200e9d

          SHA512

          4484d423fb467681cb6e9673f554006463d1145784cc74693d301d293381c4deee05e068559bdc905deaa147dc35897e6c380b15a9b3d9821b4564f4f641ee77

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          baea877de9c0fab17a616e9ed3b296f1

          SHA1

          3357ad8d9d851f049fe3ef63875bea35ce0c7298

          SHA256

          6fbefe4c82542385c1acd81d7cb3957bc7972b45d406df0753035edc70fa3d48

          SHA512

          0a7cf9abbf1e4087dbca1dfcabbe2ebea72a2932c25bb5cecd12c6878774aa38006a213f0ce1ae3ab5598f1296e962e29423a5ad9a71665ebce68fd4992d0947

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fccfbd2ed69360d76c7db492361f8037

          SHA1

          a0e70708315df3c8661d519b1eae6c434d583caa

          SHA256

          932c331a4fd84fabfde8b3b9edf5951d00a3cfb6d3806d3545a769cd0160480d

          SHA512

          913df3dd11e8ba708545eec985c441c45e5806de78b0aaba976bd378fd6a5926ee13a7b9456eeaae44e6c2f70bc71b5402f208878d60f4a1eec47419fb6f0300

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          48218a24831433b35a9d1d113824dc1b

          SHA1

          e2c7f0c4434ce221f7b3faa9991b1a8babc4ea58

          SHA256

          3f593a152d98ecd385e8191cda28ff11462689b375ed4d36268104090c0ad3b6

          SHA512

          a4eae97adc118ce9917f9823d67964e949d612c9dd4ebb9ea7373e07179b68b06f1b0da5504676680cc804525eb0e2beb2b0a856dddf6bef855bdbc329e10ed1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          42967ac17d17bf6d5d039599a84b5e8c

          SHA1

          e77a94d6b41d9b757246b2d2a303bb73325e5637

          SHA256

          463337d93a4d351a006d28382cdd0d23bf8010714adf0483085c808dbaeccc40

          SHA512

          d6f7fac508ba9c19a35221652d627737394300ffb23cf699b2b3a827bfe572707616e85e960a67f86b18b8c125e026bf36d0ff86c6833b26fdfa4b6c8e1cf977

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          de3f2e4f4bf9219128abcd7499e25263

          SHA1

          9c47c552248255b2c6d7a0e05c33ba0ee3803f11

          SHA256

          2b472949232056cb80099d44b28c720d99f8f1578e3eef2f3785886c2299c9fa

          SHA512

          92c8bcb8ca98533b459c136d3eeb3b5e32edc35ba02075bd80136269a1169be32e960760ae7bcc7a0a549df8ac48dbdc61cc3b54e7c4ad3ac270c8a8b9be9d3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          01ebba46bef946460ee98b87d10c3178

          SHA1

          94fa3238dd5d7af7c15cd14823943e22f77edfc8

          SHA256

          dc0023e1d9b091cd302ab1b2857e003f630e53569600a9dc9f3c0dc0d0631016

          SHA512

          90118ae8ccd591dabfedbc5a62644190de2a938fce5441f3d99bc21717582f51ad9e32e3cae24dc479170fcf7083192598e4d0f220fda51217c4ab1fec0aba6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          899684eff2ea0e2b726947d962ba59f8

          SHA1

          558f2f49926ed93266237aa59d295965662039f5

          SHA256

          c9bfd57aadd21fbef2c9e140f6d6796abd50e0667efcaa13934df44cad2b6f8e

          SHA512

          c4a646dc894f4ae52f1e9882c1329b4ba9d04e31f1c2fcfddeeb8ad292b6331dc06417d87e99e36752e98b2ef917b75dac210e6773b7fc791a4a823142c88a2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cbfddff22e23075adffdd98633a19c24

          SHA1

          a8bca5d1affa434a27ca6a70cf7770119ae01d02

          SHA256

          41f842c3852660b2cfa40678371d863cd59ffeb1d02bf0836c3f2a8289bdce26

          SHA512

          424fdb5b4b3d4a5615c909e4dd7a7ddae3791fef9faf1cb417234845c6ac611c3030bcd32b64999626f550d07a35f1a7e845048b7dfd4d3e3de1e4fd8d445a3c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c5a44814aafc5c983d1be7d2ed253229

          SHA1

          b1cde736eb713e701ce4d5f1b60b5411221575b6

          SHA256

          3703d67ca3c4e2425be3521ba29358e235905c7d54eff540d08f23bc0fc19de1

          SHA512

          ada1490de4f7dc569adde864ec2dce9a86d711c06fdab45605eeb211cbd98cfd2999380f0de4928f7a7b60d8fe69533113dde88f4b4a9678e2e526a931214da5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          02958af6e8c097ce96ecc29529247884

          SHA1

          9a7f9e0d82591665b1791ac63b35685e91972f34

          SHA256

          055842038cd636c6d041a31ba81b05f27fe7cc3d3fc79a0d2afe36e6255967a4

          SHA512

          ba75cb2acf6b53b552e6a9116c222e4291b1221a7f5c6146f6c3929d03c581f8a5adadcb258be552b89430b842cadf054d713c7ea4014378bb15c40e5c14d36a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          71e1cc4f09072de2f8317c785f88c879

          SHA1

          f2eb7ae064bd92c9f79d60d8fc70ee15daa48cdb

          SHA256

          ae10a822d9f843d7bb217f2388d56b07587295af131f747d88e7ebb312e320d3

          SHA512

          c5393e840356407ea1ba8a7166741baccebf0f6ae0dc2cbb24b91b6d7a1baddb8bd59a92811df988660db5d848b6a883b1bafbcde50c3487a0aefa8cb1d54f3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          914dd9aea5c393cd60a81f294a8fcd27

          SHA1

          0d7dff452e345e12cae80ae24d0b55273c2fdce1

          SHA256

          8ee264f2e1457ea6e2d7bfa39bd6edc4beca9a3da195d201ee3d0f93d90bb71b

          SHA512

          a294ec540b587dea646745c89345ad4ac0fe95076386fbac1024dd54c7a373d8bc5db8bda8352d5616816ca56368bc721730e93d81d1c97e41d6b894b44de2b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6f05d2e7979e24811a914c408c62e880

          SHA1

          5750879214dfe5090be0360d4ba72bd5470bf232

          SHA256

          aa13024802a3a1851d55f01db12199ea207f332603aa93e1752f6e8240427cdf

          SHA512

          da6af03709d03d7969f8e61277f49fbd0ce8a6891a2b78b16fef7187b108c483498894decaf80cf6fbf6e5e3e54e3fcb62d0da1acf6ad805c9f0389ef3fd14c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          819bb82751dd3a232eb7b04d0be14d58

          SHA1

          93f4498d0c72f0645736edfbc6f062169881c7d8

          SHA256

          555c592eb89d222502a746f448aaa54e5441ee646adf8b459e513b02a3d948d0

          SHA512

          2b99d27ab43f9c4451ddb30fcafa26412feab26566feb5adcc7a19135e97135bf27f9ec6177a7cd51c0807011039a2e1a2393652930d80df6406c82cb6f1a949

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q98GZSGI\firstnavigation[1].htm

          Filesize

          114B

          MD5

          e89f75f918dbdcee28604d4e09dd71d7

          SHA1

          f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

          SHA256

          6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

          SHA512

          8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\custom[1].htm

          Filesize

          151B

          MD5

          e15bd0b171210de47eb3548e2b1bb9b2

          SHA1

          279af9135b4839035f98b51d1f90f195679a02fa

          SHA256

          363d0555b48b3c16b27e627e2cf80a759297f3e9aa7d49b6ee12356650894531

          SHA512

          7d1da50123fa76c43e70b87afc7189276b34718dacb024a286037354fdabff1d343e8d68deca94c46738e52f7f848e5912ec29f4bd32a88c43f8993da986b85e

        • C:\Users\Admin\AppData\Local\Temp\Cab250F.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar2521.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b