Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 12:12

General

  • Target

    c0b920439d2149fe772588b0cdf03258_JaffaCakes118.html

  • Size

    68KB

  • MD5

    c0b920439d2149fe772588b0cdf03258

  • SHA1

    1b54d15fe8965e20910a32829c7675e72eb40c77

  • SHA256

    b3c165557b31677bb7e5d4b0eb9cfad573e3ecaeafd4580d576910c385108a7d

  • SHA512

    f2c16cb40a642a6002ec18d0894219b49129b681479b222fc725e019ae7f56e28063de157bcc990e45cdc678fecc2d57cebe90b2fc5877cd791d4435c4d3ef6d

  • SSDEEP

    768:Ji9gcMiR3sI2PDDnX0g6+I6cFZoTyv1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8X:JDQFuTcNen0tbrga94hcuNnQC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c0b920439d2149fe772588b0cdf03258_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          26405388ae23daabbd8b17536fd4d9cc

          SHA1

          13650b92f32eb4ff58e71736f409bbe69c523a5e

          SHA256

          02aa560b3376ec2f3690b63db0ccbca23affd9b8f18872ed95b6efb33325d5ed

          SHA512

          547acac03d4df1af0feb9784330c917f8e46e45b61a6466a3a594a28225b5b3aafec34e8fe28c1d937260b482afa6aaa13cc709152e7dbc1f5b112dbd0ea329e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          34eae41e2343380c2215e857c149d30b

          SHA1

          f4a8d08f3a68932fd5c67ccaaf104e8530fc2849

          SHA256

          f61ed45d4a5874edd5dca0c53ff6f0783e302ffd3ee5d612fe83e7816772a6c9

          SHA512

          877ecf22872916418c76fa20006cc050754ff1ea530e60c0e20c0a0b4bff884bb9eadf0a1018b15fa78d933601b4247f89c536de05c448d450ec1b338a5debf8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5771ff80c56b4180d9f6e3b7578931f6

          SHA1

          c73e2290e62c4537dc7ca74c190a89a76e6d45dc

          SHA256

          a1c421a519206ec1048d3b6ed2edad5c77c14880a4744eff90f37f64d306c717

          SHA512

          88b4ea41c9ad743ddd04c33a7ac8e1f73f15d1b45ff16d5c46cded64a017e6d1048c8e3baee5b664ad99e66cb1ab8ad5ccdea06461912f6d888b7c92a127ef92

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2795c6b568c75b47d6a8ede0517a5bd9

          SHA1

          e023c6c05b225e7200142de8b50c766fdcaec9de

          SHA256

          d5978ee97e2af21e096411cbaf841903ba2aa33071d753ff89a62faa15ca7dd1

          SHA512

          27656ca042170fdb94ed8c4d078580fa99c267d9184bbe5f1082d2e117e6e560c9a1cb8cd155ecf84cefe7901b8b1376ab5db71cc708f507e7b6cf47265c53df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9956f0fbfe0880394079dbb5715d0eea

          SHA1

          bf83899e8e12a16c0375fe1d8b052ecfca418008

          SHA256

          6fbb6a0451ccbec801edf12b95b9d88807f5455fe5fe37bcfb5ac94d701b750a

          SHA512

          4328655c68a0e72048bd12d1d10bbfa2c9e9030975a88da820af0f3a855717d8a69e2acf35e51a9248226ebf93820efedfe0998fe451b26d851ca30470fdc4c8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16745eb0ae71fd60d3cd5581745a777e

          SHA1

          1fe220d6c251a237367f49e3c710a79b367add3c

          SHA256

          7b5535d2e73df3aa8f11bca4c0edee853963f36c9c5a1fe72df7d43ccdc33106

          SHA512

          7232ae7f0b75cd458caba1e515f032b07bcb4fb9556a666183207b9b5e6681f7f67d9a8f00d07ffd55c7545d493a7051c7d0350eb8ecb077e5f2caf63aedbb08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          da8dedd4cf907f4e5a081a15cad6390e

          SHA1

          36226e7ecd461566c9913e4ced64158758f7d674

          SHA256

          204a0d4a08a9a239f078c2545417e8a0b46737f9a28a8f684fc56c8bd4199e8a

          SHA512

          1c885a067344b7977d4bc549de51c5204aa67ce61d60502564a5f3f370f9b9eb29dfa38b841d700011e9adad6d40edce68b8ffe2fd29f9828c5666732e7efb2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a8d18eb9507f87c967c58a2246e884b5

          SHA1

          f3a7c417df059abb3e24b91d5497911169c60bb8

          SHA256

          f59c5dac267fd03710552dfe03fde2c9a7195c080b322e976f677a64ba52757d

          SHA512

          b76b15a214a6bc49f9f169a050adf02168bd59bfbe6a140035d68b681a062286662f488df8eb2a47adfc4d5980aea038f64228bc883d300edc2bf9df87b77f8f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16b5e06a2498d11f4aa3b172a9644359

          SHA1

          08e350d988c09f6518a2dda42742a8d85a2037ab

          SHA256

          0131d9f37ad99207eceeec0a4c7e57068f59b9cebd763eefa3887176ad779861

          SHA512

          0319628a831472c69d2973b05f2406d08dc67fbeb28d35ad01209a1395e43bc4316858f782d9e309a73026b5899b95feef9ff9e357318b24397b8e93aa03bca4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eeade1eab0fdb50453a40c4fe140374f

          SHA1

          50075d7768e44dfdc711d72404d5abfaadec118b

          SHA256

          0b7563c97b2c1481baaa531e359ec183d587a35fa00e16730185361d32daab4f

          SHA512

          4d2f11612ad176483721c836126ab00b24993cda247ee62acad790d71b3ffdeb99bc47ae844486a8b10ef1fb2cfdb7fdeac1a1d374e2b03b4b55e0abeacb2f24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0057cf1639813ffa74c013eb227d96ae

          SHA1

          b6360eda09a709f0fcbfce99d15538eb6b9e51a9

          SHA256

          133d350eaaa13008980e306552dc1707b62819b3c20f6aa491936e1c45f24beb

          SHA512

          ff19871c11a69df95dd80dc0cbce062d2d01956378226e91e6df93f4741b65e18437dd2eec7be66e8f7e4dc46c3e1c9ac148b605675c4921f63337da78cd26ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e3d1944a5f3bd96abba64eb1ad1398c8

          SHA1

          e9846de7c8c3b10301c03a3b7025cf2439634187

          SHA256

          bd56ab44ffe234ac27525e653a6b191aab363eaf9b1b751ee12924b8b2f440b9

          SHA512

          f981ab6f225444fb4e66f55a97cf6be2d59d2232eb8f398507e2d2533cff68f663abced6fef7c797a0fbfed5b585c874c2b97e82efd2e60f7e280a231bb1cc9f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dcbe058feacb34e996e98fa420dbdacb

          SHA1

          88fb0736838c3f5e8a8eaee3c90dae953ed4c8e8

          SHA256

          f489a91fea1a37f458f9987e84975a35714bdfe118056963db2f022911e4b27b

          SHA512

          4b6f3a4352ed6ebd675b7f4d434d8bc471602b0b2154906022e103bdb73376b8b64f2fd1fe1fca883cdf12077296a99d476ec7e081d112df9b729ce6980ea728

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          567802b8ca41a4819171642f1ec86a5e

          SHA1

          01745602c4d72e48461d70af40347efab845a0f0

          SHA256

          6d6250e30affe28fe21462200c76a18ddb39f91a54aa8eddd5237d8a1320a7c7

          SHA512

          7817e9244d340be692443525f891dfa7d5afe8f64f3023890eb95cdc60d6501c42c1d1ac297bd975fdcabc115744e83bee6b11deabb370faabc920aafc2df9a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0c3c7f3ae3e387d9982ddf2d33fa750a

          SHA1

          295f29ee9da7eb3feb585dbe94634b80495718a6

          SHA256

          92378562332c7b4d414b51275fab602f25c4c7e92947d3f274199791c6e2def9

          SHA512

          37795c1d2661e8fab0e07019eeed46ecc468fe6e4ef2efb7c3a39e1d84111c4fc5a5cd77bf6df3edb81528e9519acb1537782d475a1285dbde71ee68b26749f3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7fef3fd1acecacf05b65ba8285403605

          SHA1

          cd232583a0dfdc90f2d15c1abb3cdee92eb08b46

          SHA256

          7676186df241c4f2c47d5cf91bb396f40ea15a0a96d897004685269daa54c3c1

          SHA512

          136523c9c6494cecb009c2dac6736788b6b6deb6440a4ce57dd213fac424481cf4b50cc205a6c89ab93aeb29c634dbf61576eeba0068d8e0aeb2a2278fbddad9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          848123a8e2ebb5566e3604662bee7419

          SHA1

          e10b1abf4ae8973a986f2da8f2e5d93d51aa6501

          SHA256

          149308ccf49b4524ae00577e5791ca5d8f687f9861149798dfee553bee18f429

          SHA512

          0fa1f700228c274113e0068a739f7751218f37d410202059f7f3abe2ff6a1b99cc350f56348e17cbc6732e0fda3ba16d6fbf222d7caee7fbcf3d435766b79ca1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e3544eb123193b975d147ce442243bca

          SHA1

          49382eb8181bc90fc2caf85f46614ce06aee4404

          SHA256

          610174d4bfa31e2d52c96651206dbb7bf1b461882ce9c65e1ed863cd7233dc1d

          SHA512

          bafd34d248f9806ab24ac57d2c262a64f175ca7b19f9afea043b319c2e0b9648ffdb08b863b7e2cdd4bcdefdecf8965144fd1b0ade0177c58d9e4654c01ced8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27d80b686aecb4100e2c63786eaeb5ae

          SHA1

          35b05e357429f9179a63292cfa6b144145885e4c

          SHA256

          12114dbd11a02a0c7e55d5dd436b7a2952416ca18e01163d5edf622abe7a4002

          SHA512

          3a03cd1812d639e89a578ba8d28b52cd6c5b1b54c70b9c2a09eb35b32c226839ec7c06e756ec964e5c67e3d72b9f3e4ac2e2ba517714a3bbbc4791793983dafa

        • C:\Users\Admin\AppData\Local\Temp\Cab68D4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6944.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b