Analysis

  • max time kernel
    121s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:52

General

  • Target

    c07a95d8e6f746525c4725700450d93e_JaffaCakes118.html

  • Size

    18KB

  • MD5

    c07a95d8e6f746525c4725700450d93e

  • SHA1

    3236b1937899205d21417ef146e7c92d16ab3fa1

  • SHA256

    d879986d34bf4bbe3acc5d484f61bbb68e37910de428debd17607b2bee250d13

  • SHA512

    4e25620c5dc118575118a2af3cc672df04fc37728763776fde9954f6f43081b82759fde10fb61986f21d8bd7a953f57d71d87aa483b63db2c1325f0294735cb2

  • SSDEEP

    384:cwLbU1jlHKkjtC3LfEhihdRdBxfJ8xGJ8xPhdXJ8xZJ8xxhy:jUw

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07a95d8e6f746525c4725700450d93e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca5048a5f939b4aa065f521bd6cb4a00

    SHA1

    29ef406a60d600840a5ec09613f1fa0699ed6826

    SHA256

    81e5584b6beff1228e0a003be1560cbc5c869ce55d6128f832d57f5541c4bd06

    SHA512

    47ca35baec6eaf8d9202a45085fd52acde7890db070bdede350765092c3e1291bdfb20aae1dc5d769d1187b1f6aa6dca1ebd61c2e86169a6c20e056f656f5fa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99c18df8acf9b35928e983169bc03748

    SHA1

    270e2cd2725f9b4404323fd9c63ecc5243c772a9

    SHA256

    beb7880e08fd9c05345b0a9f6ebd866a06dfc67c7e5c52c702314ce595bd9c26

    SHA512

    2777b19eb4ad8ba8898fc88224cb57b68ba79247e926c4d5966c05d467d420a555064fe28615ab75432c8acbcff6e06e84192d3be7ba391246da66dbde44d5b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9689542a0841c63735a62e4912bd8a4

    SHA1

    368c548b6c9354af55af9db1934687f0669ec22b

    SHA256

    eb384475dde3e7273a7f2939be2a2ecc4b8b3a7fd9c79969f08a8fc87a33fc65

    SHA512

    429c2b2c5465788924ba053a41c9749e18a19c58ba41ccb5f4cd116bbadf0eb21512459bb5e15eef5b9f72d0640718a6c2b004bb1b03fe675d1d139cbfdd7c61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04d4e7bd9f2e10d48cc0cd72e892761c

    SHA1

    a00eb51f1af47db903178d49fb7b6c8e3df05558

    SHA256

    b6041aeacce65fd91d3930a80b7ac2d4c3c746a8bf182f8c27259054585a9cf0

    SHA512

    62ce9f659776235c0f4c3e073ad6d2feb13dc94d44951450e639ea4266b57f0ebb4091bfc84361337d9ce1e44d7a72ea9fce2a39231aa62448ef6e08894ad8d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    483152ebc69b6c80485e596e2b06dc42

    SHA1

    1e87a590bb66c5d564f3bed79c7dcd58391773a0

    SHA256

    6b98047c1a8915565a053e632e1656854108bfbd50d5b749560115ab52fbaed7

    SHA512

    ff1f5075af8cb10329e18302904a4bc449bc67e681f65ed1722d4da3330c7fa9577276b83e50aa0ee7988165baf50c19a45bf3bb59046e859adc0da64ce48b57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f128e9da023b1c7be4ee8ba0f75e25a

    SHA1

    ac2d518489f69386014f7f8e5a1e869e61d7b038

    SHA256

    c64259b555cdd733b8cc8fcebb26d997969441e6803c882e49d534ab3eacd63d

    SHA512

    fdd1158269ede567937a7fa0d3b8399386e909a2771c85457a3022a587ca9db9a355a2716fda1fdda014148cc6dcafaeb0823548d7ac95e061b2cfc045647afc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4b0ca8f22bf7c2763899aa287777086

    SHA1

    c5df9bba12a95c856a51af9a6cab210b7d87e780

    SHA256

    ee34ef6e29ab0cd4e40bd734acfeef52b957e21c0f9d76599ee10c4da6a630af

    SHA512

    8aa453d880c4c69fac2dd83374a102a4845e0bc6dbaa2de1b675e34f5814d9087540ec258cc1be2253f3d7b80bb425b213df14b9c1087e253b6009dcf3ce8b83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d82c78e911b6226e4f4c9788fca406e

    SHA1

    bfbe641b73a959ba443549ebec341dcb05088016

    SHA256

    c084657c21fdff5284e99d4f412ad254c9fddccc2ccc4bb29e5b1abaab75c858

    SHA512

    8a46c9def5c4e9efc9d8080ca5aadecba4b2806f0459928201c67cf94a99f010a3efa711063bddecac25cd759e1b89b318f733908cc3723895f31fa8b7d176a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dab3732f8cd608279b7862c8ae47e827

    SHA1

    ccfe9b7756385920e8c3cf04b5e9f5d356285005

    SHA256

    6b1a6a7b439b003783dc4789c742b9eb3a67e02ba81222914d0ac85ac5d84c96

    SHA512

    2fc2d6906527fd50a6f07ecaab7b92bc925b8ed4c97311e258cfe23d122bf1a6d8cc1ad06a13892a09f7ce9fad7bb419c24e44704b1d30c991cd2ca46fd4609b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14f3d38a4bb299300987136df2c71be0

    SHA1

    9bb872c9d56453c35d3297e5a8524944dd2bef67

    SHA256

    44634ff9da00b7d8865b21c72b97133962395302a9cda730b1e5763c3b7ec429

    SHA512

    886f343a86ad5d0b7768007122af456343f656a9cac5ce33f621fcca626c5bd0dd462ec185944c241ad9c7f150620ae11979437283b9156c239a6046d07d8929

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf1a8dccfc2ea293dbc7569aad885df9

    SHA1

    45e9677179312a609210e3449f0312995af73429

    SHA256

    b19716e6171b310eca94d0f22868a355b40feb625fe17c4b3bada300e425cdca

    SHA512

    f880aef1e510fb0b4a26a366441dc90762c989e92295dc5919a8d24355a431b63bba3473af7c1685931db4d58ce85e80d15f432935f19abc36f05f8500a5f592

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a174b842521845e9dbe903f3173a0ad

    SHA1

    5c2c32129f8d9099a501c443bf7d2b269391f503

    SHA256

    b62150bcbd8117eeebc9717a32177ef4baf1d807ca86560b25434d4db35a2b91

    SHA512

    6369557bcf624c3d889cfc2e7d4d609ccfe6af481d724e1f649450a9f82a7655742f5d35cdc0c43ec1e1f3e30bf8a5943671540260fc9c7cd0c5c730041df33d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74748de91b344f3c16994f4e262c321e

    SHA1

    c8efaf28b1693901f5eaf6f4b9140661d85d1d0b

    SHA256

    4d1ead1672458c2c55d17bae418f2abbe66ad88e255d3d37ed9d271b0041c565

    SHA512

    124526f53063be0638f9bb427b6f2e6d32a13abdd196c52219cbec7db8ec07ec8c8c324f107b26d1e94b9b960f972aa77ccfe4a6b3743e1841fd94e521abf1ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d75619d24786508e881a91df38ffe587

    SHA1

    bc9041e03927323bccfadb51b4ca7b8640ee4ca1

    SHA256

    199ca2861e75e6c74360fdeb2d113b16e5e485d9be3766d618a5f3405035edc5

    SHA512

    04f0f9e4a16ce534ef7b16e2e7743c1199ed10a64c3cfe42caa8504f1bde1fdef27123a1c99bcb3336ab200d37186f22a9287d28e5a0dbee38752da8cc3e1504

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b122530d62161a8f72e4c3d33c99a62e

    SHA1

    5171811d503262e20f4ca7eda93092d76df9dc57

    SHA256

    f65a8cf5728265e615b14164511128d76ae69f6eadcf1794d5fbffa4c4a54a76

    SHA512

    d09a14f309aec1bc7a6d4ed2b4a63c6985667d073167713083ccad58a8c7e76cdbb9e4599b0d405b58e0e26d293faa5e380c9cae68db042305c570068836abd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad13526be4c203d380281d3feae0a7c4

    SHA1

    eb77e5e5ae73111f46ffadb2d7ebc06405a1a556

    SHA256

    c119686a71a7850947f76b08b3d5101074aaebfe1e6d0b306120ccb850f85b31

    SHA512

    3a161e5ed328b717a4ee5f578b2f7c342a6e4e94588e5ef9b7a562f6bc12eb03c9b31c019a596ca27f1b14da6454e7f25dad3df1e52fe07cc70514c4ed994bc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90920260627ad985ff736003154a48a1

    SHA1

    0981829ac8505fa670d97227cb17272d01e8f30e

    SHA256

    80786728432228b1362e6a613f9c9294eceeabee7300f9b79bfebc9932e62518

    SHA512

    df9596c0a9cbe69d8cb46c068384b7267ce6d0696d1588c64dd968b5bfc6468da20889280cc82b3925e0bb51ef6b37b2d03afbd5309730d4946b7cf02c3c8620

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f0905b0e9d0ef6e3c6934de9a2703f7

    SHA1

    adfccc8e55e74e361135ac4151b8157324c633ba

    SHA256

    00ff83c97de9547f6c7b6871e5022775cb5794e76ad22e304a5f6db6472feed2

    SHA512

    9b89104f2c1298d40ae995c96dd98563a66610213ace49dc4efa17e837b0071a84314cba6a8bfd8eaff9d47a311fc3ede73aab0b3ba29047ef0071057f1a24e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3bef6126a5fa874a9b23493d81906d4

    SHA1

    16ae7d7b2cd9d520a8fe0e7c464463d30ff8c8c7

    SHA256

    aeb8c158f8a619ec45f7f82aa552620ff46a7e2639587d8a15f1d3dd284b2476

    SHA512

    ebd8dffceca992ac2952faf12e0dee5768636d3e5ca24df0c0986b361b89f377f9bc7b024acf1ee0b06fa8a1cac11ede313f22d2b96d8fdd4d5ed09af6b34de3

  • C:\Users\Admin\AppData\Local\Temp\Cab4C3D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4CED.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b