Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:51

General

  • Target

    c07a6860f62eef4ddd9d758864277204_JaffaCakes118.html

  • Size

    3KB

  • MD5

    c07a6860f62eef4ddd9d758864277204

  • SHA1

    1ae58e36a263406a0e745e9fa105347f360935d0

  • SHA256

    cbb1c738a5b72ef49dee175b8545a6a5cc49acd233dfb09828ccc20d31a38cd1

  • SHA512

    a74f7faf1e3d054149b59ff36206f9867eae28d0d0d94085543c1a2c2482215efd807e1caf6564b890110a4b2bac178f45c700bcd3103b27e2bb6f886a6f3c1a

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07a6860f62eef4ddd9d758864277204_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a7499acc2e3ee58f75adbfb195fcb61

    SHA1

    1faa4c3caf71b4866d2844d19d307f15a0895e09

    SHA256

    462a4f56b2bb2ce9a3f14989860561eec741b8693628000a885851a69b85d35c

    SHA512

    43183b0253ae8e9f76727eaeb5c120a406ab41d1f319f277a34d5e682d5974670411ee803413e3250f1e159fc2e4e3e06c24a4604bde1aea621661158a672ed5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3da833103494a572f8c564b359f0e26e

    SHA1

    a64ca21536120fc3ab38b7fc414a9eb733098f32

    SHA256

    cf18e63b3c631e738b5da3b88bf241a730f7046858843da1e5451b433810ffa7

    SHA512

    84c10c7919bd0aeb2f59f9228fd18ad2fd0061c6c1aacbeb9b2ea7f2a03109d87d869352c23adbce9314ebc2abf53c033adc96123b28dd1f38d476805c9b2355

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33504a797e22c391bc98b00fc1310337

    SHA1

    45260ad14e2e489a228476d1ea45fd9794eb0e09

    SHA256

    c10874869c8d129c4f596943a3f897f9732a427af7613d69657cb10f1e5caf2e

    SHA512

    0bf623084f211f98ed8e36d518e9f7b132e4994c48f0d2ff56f14c106cffa644aea65084252df36f894dfd46c73a14ee00137e4f2129fcb24c0a3cee0e15c353

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60ce2c47f8368cadfb3f3bc20fec3694

    SHA1

    c209fe6a36c26cb41bb35c2257150b00e06860a2

    SHA256

    a34d2fce788219a8b98f39cc5ee8fb23476983609e7c2e8a233d35babe5b7937

    SHA512

    9fb2959cdceb567f04260925da1e58432a8394f9b263820c1927719c1e803958fbcbe23127e074a6f1b90ae6d7a48a4d0b341ded7db7bdf2d02fe1f05f1031e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    336136b02f69b0d850313df2f8b0d714

    SHA1

    f3e3dcde803af7302c7b9a90ebd237a59e3afd3d

    SHA256

    1830650aa6e6fea4d3819ebfe6d1453f5e3cbaf83197362625a521dd63442d60

    SHA512

    ee21fdb737d83f1f385de69ac24ef16f37e698b9aa144ff112f17a2f22c260883bf1b578a1585e356d4c974be709e8feb8b49c44f507d625c8e5dcd538415619

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    519fd65b2cb9f1584a35cb7d5aa7ef16

    SHA1

    ae240931204f8edb97c21046704deb71e442c10f

    SHA256

    0022e6ddd1854ed1075a79ea6455f23758fa0e9506932120b481504607d9f877

    SHA512

    c2c7b09d876b66ef3a98cb4e36c937b40902eb7126913b2415cb5eeeb9e15e82c574149d6bc66d2d72bf6900fff625e17403284ff216170a59f0f0f2c6a5d229

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b940ffc7660967f77d4c41ec69c0b8b7

    SHA1

    ba2e8aa434d22cb894282eddacf2feddb18e32f1

    SHA256

    ef25fce37ea51633da3607f0aea2c2fb66296c1badea8f8e3935de07aa776be1

    SHA512

    aa2dd4b395b9b66ac68ba0cc41da5f507bd92e526af1d0f86c430259c4b58981098076c819e9a858a0cdf3c8e24ab7379c4643485db3ef4bc87428c84d70892c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4402faf4624e48fad9744f065acc693d

    SHA1

    da6f6ade368077aac0a9ba09413cd26f9393366c

    SHA256

    276a63c3d0913e51a039c6dcf66263e2c6276f120efe6aa1f74af71769ad36f1

    SHA512

    35cf903bd19c4ee1216c70cf48605e66da9b491d9b728f1fc620aedb8b56ec04f4197225651b1c9a2e4ec6fb96c2e52e472ecc59e130aa049612e43332f14873

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ac745997887b13900b586a340bfca55

    SHA1

    996514f46a0f430b5daf73c97cbe64cc0e93d345

    SHA256

    6e5680dda9fb06354809a04808ea1548a303ec44e190b97896bbf4637a45eb13

    SHA512

    2e145c29fdee433005f124256a1344f4bfef74f761c994b9c19ecbaddbf9e94dab9f0dea155c382fa5951e52156c92f541e61e2ba771ff416502c4795f4cb1a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47a08663e65b23046d15ac6e7e284907

    SHA1

    c3412f32224f8b5059f2515bd2191d7c8e21ea2d

    SHA256

    08833527ca676982d8c2150147c9e96e706f2a403041217cc908bc5b5079b817

    SHA512

    347226eebd0f8ee72fe60387e4d6fd0a4e5c7cb9a65ee16544da7dc667f99c9ac5c349c026f69ab9814c9304354dc2cbe75ed1d6bc200da89d145df041185b97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66c364ca84af967d0075d7a0fb363f7a

    SHA1

    96616d9255540b843f108b3797a5739dc77d1387

    SHA256

    b6957d5f7222484b50ac64a8126e4690d12a5ea01ea3dcb347d0767e8b475355

    SHA512

    211965b992678bc11c8f425d9c681616a1781b78f8397152ee10494f014ccd4fb09aab01878f69d156f623091f2cceb4ef605270f4cb1a2ca22f8e2e281dbc21

  • C:\Users\Admin\AppData\Local\Temp\CabFFE4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b