Analysis

  • max time kernel
    67s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:34

General

  • Target

    c07376b197725e19443111e42e8bc266_JaffaCakes118.html

  • Size

    9KB

  • MD5

    c07376b197725e19443111e42e8bc266

  • SHA1

    3153a6829d5d0a98517189f079d16f6ddec35d26

  • SHA256

    956bc65ca5fa5c7320c38214803ba5ba16e606a69e07366a1d7af8de2316c83f

  • SHA512

    8f3b30b211dae55f69f7d630bf2518fb30149ea25b77fdf310347581a1228e9bdc3495e176af8de6fbde9a99576d3578db80a6004e716df8411a419c6ad44152

  • SSDEEP

    96:uzVs+ux7h5LLY1k9o84d12ef7CSTUaGT/kkZzps2k9ZslVHcEZ7ru7f:csz7h5AYS/rknAWPHb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07376b197725e19443111e42e8bc266_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    588e86a80efc3d1d046afa656f94c502

    SHA1

    f18cdbc39cc961863e22381fa46d16bbed4891c2

    SHA256

    2efaaaf1ef5a120950c87ad182ffb2c35de1af5423747a5767ac8fa013301954

    SHA512

    ef8721c64db981c30f2f7508b0c153c65bd132337a403aa19413308d339df3cec2b52053bd5535710c12e4309d0d990f20075ebb4781301f9003d7a61240d1b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad58f3c2c6741925d6f0d7b61ac4fd28

    SHA1

    5bf5228a3804c452527cd23f161e210ede22c27f

    SHA256

    95e3e3addd3c7ff50fa17f1da6555c28c5813dc2762c777e471f93e75899f8f5

    SHA512

    894e56c0d2827bf982439c0a134292eb315ab43816b7dba9623508dae02f0cd389df383db1a98be99fd3732aaaf723e92553dffd3a6384b19d9fd5627a428ffc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14b16bf38ec541ce67e6f4f76b3f1d77

    SHA1

    840a1d3b13b369ed4870f6ebb8b7b9b58d58e285

    SHA256

    842708d9db98a32a31ff88558eed70c8394f0f89ade50fffef2aa3dd5b269e23

    SHA512

    f60a392678ad61328dab85c62c625fbebdf65bbe044702328df56c9497d83edd5878e52be4b74bb091a39e7dc63959d141f25130ac42d3ffc5cabff8b5874c5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef082251f916149e835319326b634d71

    SHA1

    affcfe698db136584449f3d7263c2a24c871b423

    SHA256

    9cad303cc25f80aaed5501b32ae6d39eb1aa5a7581d8a17484c4b5e0939bbc17

    SHA512

    eae643305af3c30aa679433b96e77e53a6d4cb1e480fbd2b7f8b4cc1c526afa7b587367d6d0d56c90fc433af1cf0165ae37bed9f3b43dad0863dcfb0c4f48a52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b6bd185dba0c6afbddb263b3f84c9dd

    SHA1

    d74ac7f5889c7efa054276844d1e73f1387ae482

    SHA256

    8979a3fffc947213f5ed43757925a4e98b6a0207819d1cac5c5bd8a3930612d7

    SHA512

    76d538f53a655bad7c8fc3dfd391c06ac4f1b4915ce767d23e62842480f1283c50bfbe27fea12f72cb54d125e1cdd5ee616c81b875436beea37bf1e7afd44bf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    855cb20ebef50b051daacca50c20de82

    SHA1

    e433d9513e2f61642f03e6c9fb712716fb6c4300

    SHA256

    65f7186cd3f65fbaa3b38a81314d0efd6fedb3e2adaab3a14a2b7ab3fcd3dc7c

    SHA512

    2e5ce8256a567c4da8e0c052be125d8f08107ac6ab5d955453ffa7dea4ce07cc25a893597949c9026b1bf825162b621b0a9f4e2248975edaad228d42896f97f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66698b3b7c8d05db3d261a16fcd78b7f

    SHA1

    a9740a5888262a0b31b8da4aeacf86cec89141a1

    SHA256

    1087c79d83c4d5e49582fb2472a93ece2bb5abcc76a52b00ecbe0fcc4398bbf5

    SHA512

    8300e7befafa354669022eb3b317e061c67c9ead67561ab629eaa49aa7d8217826f7b60c95f7428df18951c826c6cacdd0c886770cf0ec0d94ef63a73b10be60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8aba7ca15a0df81deb6c9ad0536dc40

    SHA1

    0352cc88e28f3eea22b3d805b5589869693c95e9

    SHA256

    d723a257758bb643f9f6e0de029431d8940d310cf3362554de93d848a6665fb9

    SHA512

    1ada6b22b5795c0341fa3f77412f4b5ac3d1eaab2917581a19e71375ca06c7a01a95730a58de2de4752c68675df6109f84e6d14d50635b4d64259f7524b5fd4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96080df18371d8032f5a680a909af341

    SHA1

    8a5759f0d8cbd96e291cc25e63bf5940e130da7f

    SHA256

    6d18440c154c60f6af833a83b214542a6c2e87aac729c31268982dfec5dd20ce

    SHA512

    7c79fdd37e71c4e2f2b976539e9d029d17d59d92443419f10d803f2dc1e489f922677b264da2a0635112386fd412f6c318eae30ce5c6a4f5e51638b286030429

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb8bc4204a5bd9b5e7107c417e944b6c

    SHA1

    ebf86e51a922d2d6c04a30eb8be4f1d80a994381

    SHA256

    25966de3d39dc790a6986cef106e310a1205405e9ae20f37da6abc0adb7a6397

    SHA512

    b895a16e7f0a601319cbefbec9d2b1cbedee3d27b79ea1d1aa36acae434098a6a619d9533cd11fa0df199975253099431abf1c1b3eb29b227bd9569985d8140b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4aaa3a1e23b950c5d0230ad789c4f8a

    SHA1

    d3c8e23a98fcff69b74e487b7038195411e5799a

    SHA256

    61326a861827ee98c686b1f04d48332ff8741eed328907ec5c525220ff6a2a5d

    SHA512

    f31dbc8a65439e70277f98caeb09923991d56bdebbafad162486318d387824052ecad771641b95b37273257921679cfb525b22d0622cb5082868c7c764a58983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b86a874f3d34ccc2dfe6367f69e5670c

    SHA1

    de7e5e454a62069609315afd6ae65ef8952755e9

    SHA256

    0c223f5f05d80748002d1814677706a9d94e89fc88f772d5a0d5ec8f02820c35

    SHA512

    29d60e2ea3c2c836e67d6c966f8a55b71cec442563e217528cbd1f368930bb45a6eb80034abfcb7a9a06b84294c237c8d54e512e21414c96729ad84879d524c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    671213a4b51f55b0d359352789b0498a

    SHA1

    7b4ccaddd70e24200a37a05507cf8ebaf5ffecc5

    SHA256

    a8f256582571b4f404dfe72cb0909d8e39388b2a9b2f994b1f51a4ebdd616740

    SHA512

    67a48416d1d2735163eea65c27735ac4652a21819fc257e8521b9264d1fadbf19de85ff57637a459f7490f13a10e1ee01d305937a758deeb33a17138bcb393bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51b671286cb9f13220ff55e0d5976d9e

    SHA1

    e7f3aef1976cd107f741d31284d264d5ba56adc2

    SHA256

    7152498a737c3783156d0a0aeaf91f490225f6227a522f2ddbdeaf02918c34d9

    SHA512

    c3e656991da6255cb7e5c992661e143a6222ac9578227a86f7269dac352bddb97022009ceb89b788a350b5f569c34e4109439a4cc451c5d88e3a0fecc6f33ce2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d14ad6ed883f3c9b18389e72943f8016

    SHA1

    9e4679634dfb6faebfbe9910922db48a18e38f22

    SHA256

    8a308e8505175ae8ca66c4d249126275095ee62c816baa3839a1cd6c9863a0ab

    SHA512

    cb341bf227252b47d05bf0a522767de430b445d5d524f47fd9a36d42f9fde21fecd23af0959de70035742ea6e2f02d2fcf9810c291baefd2d4542dc9f19ba984

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57a9135b611be3fa0ac4d3afa17dd055

    SHA1

    cc894c0d9f10392738e8a895e600d4181ba563ac

    SHA256

    e473904d8011d8465e85676d7dd9ba241cff0ca22616583f3ffeccb55e2588f1

    SHA512

    6723d1f2f132d019d64eec3152c7a03cc75e885a4f6c21ae6c209a01a3633c5edc035a403865283ec40a4a05c0a7d555c8f4e427bf7d560ed7e37e7f998ab119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ef0078b4a11d7b1b3096e05f3ed9c21

    SHA1

    8c211dea2be3d8b945ec4ca04b810c14cc990080

    SHA256

    72df18a93f1ef33199240ac006690924e39ec51b7a6375ee228c970cdc26af21

    SHA512

    e5aedd3d6e6e7628b7c6bb333073298f53942d085f857e5516f9061d2733417a6145ba35b8b8906f894a3edb8f2f32b64508e3ba3e41ccb60a39c09daf3dc8cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    547e0e587d45d510f8dd36dadcfa61be

    SHA1

    b25e31d6aaa785f3c121fcdb3ee63c8d7931299a

    SHA256

    bbf5dda21662e362fcc33cc906bacd2781f989cd78c08064d11952c520309e85

    SHA512

    0447cb392afcc2f393322422b493880d745bb6e0733e05c44c44dbb0a811291c1fd4eb149913be1df2b8904087260c148a05e0bdef18f40127ed8cde214f80df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2d27e094103595058c65c90421a2911

    SHA1

    42e6058e0c20f418602b835a5aafd2a116a0d8e1

    SHA256

    076c560f97b2ccce57e5e9eadbfc2fef2f63f2a23cfbaf562b73709ba0627f7d

    SHA512

    d95ec20daa31d3af9550638630f3dfe7eaf8b9deae921a8ca30c265dc2dc08572cbc5eae9746290e198294ec7ff0607462c6b2a5cf9040307a6354e60546c183

  • C:\Users\Admin\AppData\Local\Temp\Cab16DC.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar179C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b