Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:51

General

  • Target

    c07a660cc6009d7be1bec641bc30bdc0_JaffaCakes118.html

  • Size

    22KB

  • MD5

    c07a660cc6009d7be1bec641bc30bdc0

  • SHA1

    8589cfca1dae841abd0c07e27e3c6c405a738d41

  • SHA256

    4b20b38d5889874051a8de1699be18b17c70dc15577f2051462e28a9bd9d4d13

  • SHA512

    5478de291a4dd2c58d8fb2959a9c2d0d112e3bc89a96850422f4c3451b0175af9368d8a4032a067e2108817edc1edcbc3abe4ba8095faed06e63d2cceb469332

  • SSDEEP

    192:g83GVwYzel5iYzel5+eWnLzyw+U6lt9Xrn4babDgdvJfHVp0Td4/zJnZOGXpsEBh:GDiN59CfDgdvJdtNZOmpTvuZYahR4/n3

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07a660cc6009d7be1bec641bc30bdc0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:852

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4881ddcb3749f10991f63359aa97cc11

    SHA1

    9aefd69fcfa00c21027a94ac825d248b79332d2b

    SHA256

    96d300e0303ec3d461cd74fc6c854e8c32ae39218d2597bb1c917785bcd550a7

    SHA512

    5caee4e75f269b5b73391085705d5e432cec09ac45505aee5a0d36eaf1815b5f49752a3e864227d0ad442250381e40243453bbc671a784b95a3671218011126f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cef96dcdde4efb134bf4ac2dfc8bfaa6

    SHA1

    a0788efd73f4bb087c73bdeb547cbb795a49d764

    SHA256

    d80d05e42d1ddbfce6a3dca3e998d7ad1ec6c1291b50b7a122a37f958a779cb2

    SHA512

    fc2aa045e7bb78ee11cbf068420aa1cfaac089b51f5853966cd2196177a68fca8d86b906c2491c7c5c417b7b228eca408f43a0d2d9aa041607aeff7b13c47bc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9d844635ca3c5b7d64727254dde4103

    SHA1

    28d4689720bcd34b5f61192af29a52d05e0e53d2

    SHA256

    d827a576cb196e08e812ae4b404d34d6ce8f0c123d9bbd26986d71158d83c995

    SHA512

    0eb059fce068091eabcae6fca6fa130d771138fdfe8ed27790df12dde304763c0dea71d668fa7f9dab9c602b2907be14589354faaf4a4232691b46ef912e3f3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c75febf41d9b7a06f7b31b80798621b

    SHA1

    accb7415e63b16bb15a2c12ffbc2edbfe628d92c

    SHA256

    049374a301d7e2eea6ccb50d58400c7923e0d3ebe6bff711b0e1c9a596ff7d99

    SHA512

    fa3dae043cb867b9ebcde8bb5b686740ed7b1e5a518b579445724bb611f6cb47b004b651d3da214b663fe1df16007fe04400a5591274397eb0dff60e52a68b23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74ae2c3becd3c14b6a74cb22b8aa1c25

    SHA1

    5c997cd9eaade9c42f8a827b25d470d175417aef

    SHA256

    2210a52e96077f2684ae39bf38aee28ba68451b61bf6b248bb2b66ec866dc3c6

    SHA512

    c8045fd81e3cccce921de432a954b21aaa7c043353a6241f811d3a01e1556db6e7ddd79ececda3690df1780960479900d6222be77ffbd8bfd4acd30a41a48b04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5371936c4bf09fc1556326ba0e76e084

    SHA1

    f8336bfcff64f707ce1087e511fe253217f9572e

    SHA256

    9fcc6b20395d41b7ea50ddc182acf507d4899b96ea2ed3fe5089da5386841a7e

    SHA512

    288acf9bcbae225aa9daaedab82761969ff4a584f6f848ba04562b6dc6b8780157fdc68c64e49f7e43e293997bed325245cd934bf16d34d2f46f70b46259bda2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f44065fcef14f33c555ec3f6554e49c1

    SHA1

    682cfad5587e835d5a5aeb28ed05eee6305f44f6

    SHA256

    085c3ff80a88f4987b763a50e084ad9c879759489e5f864d722ec7de08f431a1

    SHA512

    90d928309fadec6fe6f8d3e47aa8a7e4de88c2ba5e6428b18d8f1451ebd92d58e544d5d846b501c068532b187cf936f5c4fa88f7796bf1ea0a68b4c53dadb100

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb48182f81e6629885eac70370dad944

    SHA1

    19ec78d1c1b3deb6ac42f8b844bce0079c21a643

    SHA256

    cd0c97ef028bf5291f04412726a4b11d98b5d72c0317f18f16b52c66d4a235d7

    SHA512

    8248157c5b0b2e4f44ed19a6172def207df2366caf61fa4e59b93b8c879bcf3587454cee5f6e39042cd37c7f136ef46f233c0f7a0dbf214cfccbb0d4e617e63b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e49c63343b6b0b209851f50935c162a

    SHA1

    12795ad90e43860f9b4bf08b76a72f0ae131cc0d

    SHA256

    e7bf89ea8b67f3dc226c23eec1c4d25ba1688b5d5a4ee8be24fa6fd778751374

    SHA512

    b5ed165757642223fba92e54008237ddf24f49be0f342c25bd638c187102ee9f61dd177c94660a8b7e3887ec2e5c1199025341f5389e904f04c3bb6e3d53be44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad9d4de06776169cb821be25dc3a4d82

    SHA1

    6fa6eb46f3f1a4065f8bafd576520cd9dc9e77b2

    SHA256

    0ed2e81010e6fc6498463b58ecfb8677d6ba49c202bad04a4a2761aa8c11368b

    SHA512

    ba31986c292eedd25fa73ac64a3429ac0a6b9e8ac686f08789a3ce448146531e93140bff1a2e05e387b2750101182d513296231bf3306ddc25f8e241b45b22fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78f1e6f5797d115d07ca9d100b1d6a55

    SHA1

    100df7278ae36f1684d790a8da3c16e4446661d3

    SHA256

    98a81b0bab4768cd501f3b2652f3d3bd0eb59b0afbf83fdae4cfbf55f4fa86f6

    SHA512

    4200b9140d01355dad2cfd3e72ac76a2c8c9da8e9da4499973eeb5c8ff9258c110201df55e347d414fb7f18cad8bb57ee77b48a0800e8356f747fc1d90ad6057

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a63989cbf75bb167052d10c08963c575

    SHA1

    11f88b730b6d7de645fe5ef9ce0e2c456e27f690

    SHA256

    072dd9e5f688490fcda8d94e9ab182127429208707a73d37f5b885f4ca957990

    SHA512

    3185dc551481d8eeeba8155af1f87933a9041706e5d7c3856fd267faf749eee810940a2a95ecf844dcbbd020823048e8b4105727f1f2e171f6ca66c051610a91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed99b49e4e334dd92b7e8de55916dcc6

    SHA1

    853e84c7025761143d4862c07b18adef081dfb40

    SHA256

    f444fff4f7eec66261873e02d3986f8ece623165c5cec341dceefc95a559924b

    SHA512

    42f930dfb6239168d26ee3e86d50eb7a687a0dd7d6ee1868a26f2f783a67b1e145d2befcd70f112b02ebf09ac567eeda668599dd346f81e9467c509290f77f22

  • C:\Users\Admin\AppData\Local\Temp\CabA7E6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA866.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b