Analysis

  • max time kernel
    149s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:34

General

  • Target

    c07366ec993ea8270c89b21b6a32cb2c_JaffaCakes118.html

  • Size

    143KB

  • MD5

    c07366ec993ea8270c89b21b6a32cb2c

  • SHA1

    d33dfe37f7071800ba3e9715970e55f27a663ceb

  • SHA256

    a87cf7bafa201cbf4ab6fac575855b4e84e0e0e32977a61363b9ab888f949e91

  • SHA512

    da44234eef7cb30f1e70e828cc9a9b7df0746337df324afec61f2985bdd89d2d76bef41e4d9456397f64227c937f2aa59b3399c2dd20e7942fe512ef914f2cb2

  • SSDEEP

    3072:SKoQ8rESx7dyfkMY+BES09JXAnyrZalI+YQ:SKoQ8zx7osMYod+X3oI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07366ec993ea8270c89b21b6a32cb2c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee33e9c3a73c378ccfccf1cf0ebb9044

    SHA1

    8965bcf586ec1386075256a96397ee01f0603ee6

    SHA256

    e8234ffd1844a25d597d03ee3ecc6fd7fa621e177298a1fdc41249e20f128cdd

    SHA512

    8b085170f75299c066b2072a3d4c95a6a5ecd4af6e63afd6c530c4594031404f36175493b07c92ed74bce2e63cf9e2fb8d656c70e619da18e97b5d2d4b10d1d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f7352af4295a8516f3f5f2d2c46a5d5

    SHA1

    844ca160ae956909fd26159dcc50abdc8eb247c7

    SHA256

    4b677cfdf08c2f73197ef925cda70fd429519c67d9312de485a57940a620b1b4

    SHA512

    b8c05f5300127da9942f5adb83b4436dd7752261245947096ffc18db830c8356b200a3532946b95bf61123f311b5ba1d94fe2d2a59dcc8a3ce3b650c6c47bffc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b61cb39849fd93ddd91b934f0e965584

    SHA1

    6307020bbeeb810c00011c43641d87f1c51d4e37

    SHA256

    daa6e175e667703ca96e16f3fdd6fda70154ff54450ef574a9c8e8ca0bed8e3a

    SHA512

    b1c23293bce8bbc2b7eee42385baec5abb56902bc289f4d0f3724d42ea1152ee4401e16500e46f111664c4e5eb3fb4b9d32a45288a9e88d133e52169c852ae07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d5d15cb0b639300fc0a505bf9e4b9d6

    SHA1

    ce6f1b47dd557b664fcc998617d18735182316b8

    SHA256

    687f89f2276d86a2c82ef9082e1a16ae893ca07258ba2e8d27cf9f60cb612119

    SHA512

    4cbfc93c61c120a1daeb4a40651710b81d88ac6af3b20fe4e6a5d02ad0e41c47c1501fa666101236dc5de9402ef8dfc364870ae460061e68342dd07bd1b7766c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51f7a57d64e1fd011e5232ac65be2f35

    SHA1

    2a37f2db1e2247cc1f3408258c86575dcb51bda6

    SHA256

    3c3a9caeb2092a2d825187977d3c6bd5d641c4d6ade2165fce150d5c228a4119

    SHA512

    cbe355c33cf93aee579d2c2512839eb89daa4b0ff60388ccd404cf611e513121477e37c0bc1d0f52166bd34c49494821296e7257ac72659180fc7e419266e93f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2f4a3e7b9db901d9e6b24a8d394caa1

    SHA1

    6884c87dadf49f6400edfb0212e8d7a6d08e3718

    SHA256

    1b38136c9d251e907b88964485267ba80ab51f7d69cd87e584b2d8db7d99b877

    SHA512

    db178a0b4d6bc0ea2db0b13579366452b7311865140ca9a01376857d73abf9674f7545cf5cadea54c1fdf24e4363f1ccaf540cc86cc454f5c2ffb096c60fd174

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25bfe5ea6d15d5cb5878e2fb578fcfea

    SHA1

    bda1a933b34305d3a58d83a8f839e6dada4fb41b

    SHA256

    61c10ef7ca40455fe4bf9415c7495ecd02e10c5a1e85ec8793098edb28f11ce1

    SHA512

    f744fd0d4e2cf68891ac88f4fbb50df7fb92e27b0d9fba0f277d24933262a31fa6142e3c0ddd764001e50aff23038fb14b8c103abcf8e29d4379a930841831b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fd62990391c44f48b3132559d6ef1de

    SHA1

    1c791c98a6c005f1b9bbec518e5ac5db02b3c116

    SHA256

    15c82199ff8f41e1a131d2af4fd03963c17d8fcf4941be8522b4262dda2179c3

    SHA512

    242553d733e3cecc99524285dc69db3ca3021abe416c22085ae13581f52d8d5b3b756438036fb77d91b88b318311780f4af68eb7d87c9861392d4e01a5ac9294

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7067703b544cd361efcd5f9444c33cf

    SHA1

    7cf5aa2016862d887e298cdd149d0312108f03c9

    SHA256

    bbcfcfdca2e886a094c6422fb00a40b24e3f9e5014a810e3e0ebac37c0381f23

    SHA512

    84142831ce0efa8ecd353e5da80d238a46cd18e2517cbe680b9ff580f5c8d02b5057161cdb8e006a8a9aefadf6329b3d5b06b56c979fdaebf62efd7c378bea6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c45800b8d1ee320448bbf44106c2b985

    SHA1

    95fddf7dd3e301c97d808c1d5c0be16042364ea7

    SHA256

    16e40616b7748694b5ddf02efd91d3102427be66f04266ce0c5efc5aac991a24

    SHA512

    33ffb2c045c2a3dfe1a3e4876180eee00ea4e1c41bb1f4d7ac80046898a206deaec0dac2117df56aead11ee353acc060c28043acc3e2c368ee0820a7d23c0854

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31289b59b30598535b0431745c2c9a6c

    SHA1

    162a11f4112d2e6e791f758aa1a1de34d1f94482

    SHA256

    7789618f10cc24201c8ff68793e688cac6ea03614b986a729489e3c9637cee9d

    SHA512

    c3d8d4fad1aa8bcc2e4d14abe582b541990f21d18e8bec63a5d545017bc818de3b06e0ddf2d90c3962e29740aae4f50fbc1461b4d9076639e70b5dcff9ca1328

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    035ef8d49f568ea834ef102b0613f95f

    SHA1

    b802886689e95c96f2c443cfba5ceff5f894d2b9

    SHA256

    fc03fc7418caa5e4a5fde0638694f8176dff15b6c946b4b965222cbee4fae7cd

    SHA512

    9c8ffd1930ce2ba9aa5d429ceb5cf38adabbe0cfd087934e4fb0ce707dc94ec85ae880a1e17818f5839b591572921a7f04e4fe7b118622e07fccac76ccc268a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d71b5637ae16292dea80e6812057efd5

    SHA1

    192a82ebed1bd7f9ef40cddca9120f4f83d5f2cf

    SHA256

    2e86bb10139e6ee8a7c7deb59470f7f8a001c2fa3cc9a6a64982bc3830b2bbce

    SHA512

    1cdf2cffaa41c163afae1415f533613d637e4c429e5bc42e7b069c7b7c38e65e44f1bfb9d202de9db2f957b6a2be7cee52742ee0e8cc475529755c39ce2ec760

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4df9f74dfaf7195fee23957b9b9b197d

    SHA1

    f566bfe44b5bc9221dcd68ee7e34ee655fbbe8ba

    SHA256

    2131968fe4098a529b1a8ec0ee9d89dca7f84fc5eebd5c57920c6a13317fabd3

    SHA512

    82fd4b0f7ff115d7ce50c1df1c0a5a454c660cd32fd6fa641ba9f1c73a5389bcbe8e45165f2e5e95ade730b2d457cdc1479b5848c7788547135ddf46da1222c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39b3ae49b0893f9445aae40664a00a7f

    SHA1

    428fab357e1d5c56690e0e94fe2c3d04d272fb83

    SHA256

    348e355e75604af2f5a432366e27ea069f7868e51477ad9543d5e73c6452248e

    SHA512

    9ba9f18caf3436b2bd52475a8d870619f3d4282adfa3cff028b80b8358d82ee8d2705ff6516e84a270078c90f685750183dd9baefc51e0a36edce85421c26b21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77c1dd46ddbaae42b2c44a414514f8ce

    SHA1

    0e9fe15f3447678e36a8bdc3f28e9e65123fdce7

    SHA256

    835bd153363622b6a1760a34a41d694aec6f8cc9efac2438ed4205b91aa60319

    SHA512

    8f62e4aeea296e68ff01ee3838d47f03aebb8bbbc30cd4febf59bc5ba534cb470216baffa339e8aeae59591499732a12db6f96f89406dbee5236e772075a51f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca9fb227c3bd07acfadce5dab5cdca74

    SHA1

    2e32c7a81dbca64db958996282b7467c519ea58e

    SHA256

    073f48cee2f491c6b644bbbbe3606156a9440ef159ece3b307035218e8d785af

    SHA512

    8426c3ee1820763fc3a149cdde776fc21abab68cf52c2e53be3324aa6b6f8accdf6983a16049c4f847239f418f113c1a862786df84b0ea7341d303fe39fc071f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb0cdb11a94f52abdf48f4b4bfce995a

    SHA1

    cae17f76e0332c23d381cd05a467af57d5a2ceb6

    SHA256

    909b8fc66c04658c43ad7d5227e5b79cbaf3097ddb47311b3af6039af5a48dc2

    SHA512

    c3e74118cef10bff4978875e8a41d99cfcd96310690e37edb22361b45cff0cc16f1e19cdb0322701914c2af51cffbc40aa2c1327b33f2b3965fdcb7484fea14c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36a4f602ff52054c14ea5265c683dbb1

    SHA1

    56ee9a3094d23de6d901f52f2e21187088acad80

    SHA256

    d6ea88d5dad424fd3407a74e6c78963831124f391bfa98183dfa505ac2f56c15

    SHA512

    e43ec285c687c81e9253a12e7f9b1ee69af4454400c612361ffd13cba3485729d75066656931277f50c9cf02957ad8a025be6d1c7412957902fb7eb006e9283c

  • C:\Users\Admin\AppData\Local\Temp\Cab8B80.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar8C10.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b