Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29-08-2024 11:20

General

  • Target

    c8b84ed14bc163f395ea2e8c7b2c908f_JaffaCakes118.html

  • Size

    461KB

  • MD5

    c8b84ed14bc163f395ea2e8c7b2c908f

  • SHA1

    35ba5c790bfa2fb16f9b916081a1601e2f04d286

  • SHA256

    4a9d4580209e596b8db48d195d7f7b7d946e4906773b026fd901c6c22246ff87

  • SHA512

    70a7971af5a31119a74d6850ba8babf3722d4146f81811c9565f220af887f9dc358dcf8d98cab7d687818b0c1baf224510093da586cd26b14808e16600ae5229

  • SSDEEP

    6144:SAsMYod+X3oI+YscNsMYod+X3oI+YVnsMYod+X3oI+YLsMYod+X3oI+YQ:75d+X3f5d+X3D5d+X315d+X3+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c8b84ed14bc163f395ea2e8c7b2c908f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1988 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1015d3cb81c16b77264ad42d9a0dc46f

    SHA1

    100f4584473946dbaeafec80771f8a2390d4b950

    SHA256

    d48122e0ebce51e10713f42ca29d33e6d4e4fa3ffa52c0cdce4aa088abfa4256

    SHA512

    18b1597a470bc61478c358b702b07cfb4cc6dd39535a4cad7c746c1d1975345bc036475cec97726fc2ff46d5b600b58aabde69f5279485678f673da85cdc4d1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c7e171be8b4e6a47b0e916924688642

    SHA1

    1f521ab5f329fa5a7fa21c635691b929e8e85bc1

    SHA256

    65e51508353e143f6d88a278744f8be4ead3be43db05f9b52a92873df6748c83

    SHA512

    4098734e089ca3bd6fa1cef6c50c3ed44307ba2de39e33fc40944c77fcd6a65e1fd573851a755dbd87f1076cf741807e98b1b5f565d3c22b30705d3b1a0593ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ccffb5da6048797c850a12cc8710d7f5

    SHA1

    2b501195395d0e55d7c9ac958a601b775394064d

    SHA256

    6c3df8f9086ee1e7fd761c0a7afedb5b6adea13e48011ae71a413a95f43a444e

    SHA512

    6e6fcff980376137d31bc0cb9f2d7a41a22d8dce477e52863ea2ea068cde383cc96d75088f5e74639a38a5507696140303736e2e249f7d38fc87bdda88ae3856

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a82617f844875ae3fd633a936475ac26

    SHA1

    ad423c4ea3badd1a84a0931d58eba5812d25624d

    SHA256

    fffd28ffa433fb8a738851fc128797ff4a3f6da26f33a4e6fe1dd404140fec0f

    SHA512

    7c7896e7c5d0d93526f03599de57d3b3c1ecc96f0928ab5f373364b7343c7ea930c69d9f222b9ec5d547ae4303937cf41931f15029664389db3948455690817a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91d8c03773c79768c7a514fb86717667

    SHA1

    8aa4bc4d2efb024594e031cc80a75f1e3d92dfa3

    SHA256

    48a3c6b01a2abee657ddb00c09315d2160201e2f992d61ff7854cdc486150a3d

    SHA512

    07a752a36bcb472a7418ec88ad0366fdbdf3c072c265a40ece778660135720fe89956b5bca94a681e6ee2484a650af84a7452652324611e43fb49ba50b65035b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d7bee1803e38dfcb7f307c879d8418c

    SHA1

    d3370c888fd551c880977f6d3e1f002f88266907

    SHA256

    9133c9fb9d996a5a143896d32f1269d9c87b2ba0fdcd831079610ebe4b84c529

    SHA512

    efdaa0ac587fbdbc5a377dd9c0ea267d28f340407e3e799fac9b31f7b1780a40f25d65af5bd3e4f376e536df6ed1b20795aa103190d602cef87adc5d2ce92cf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2086d50fa1391fa4bfc91ff266ae7f46

    SHA1

    d69c4808ee10f4acbd6686e4f16c9cae14db62b3

    SHA256

    45ecba64244c52ed8834691fb7ff5bc65e131a5e8f1d3453baa1f04951aa1ea5

    SHA512

    0d0bab9574100a1b5c9857992bb0f99afc1436bb419c2de22f4beb9aaf8b2640fbb4f95e6364cc7f856bd53063088ad02b865721382ae8a642d4e1cebcc6fded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    387b5b32347d3e8d81252afeccf67fd0

    SHA1

    dacaca6a8c3a8996e8350fad6d309180ec977187

    SHA256

    3e860bae75de56eb43e457000c30f37cac17e31defe0fefadb6012e493a0e604

    SHA512

    74e55029d88f51a08b60601d0fe457ff70a81e1aee37bfa3e4fa01d3af89da15c0e0a27087c95397b6a3ca5356bd5910aa32994713204cac7cbf90cb7ac59734

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40e0f6064bbf3ca65673d3bf0443bddf

    SHA1

    b5bcd15cc376c5252a256dba0c0ee9e506ab6d00

    SHA256

    38dbe36728b0771ca3aa0077787e1e4c68f6e5ad431f294c2079404f8d46b952

    SHA512

    26b5b770253fb19d17159eb412985996d0d58725c8157fb3abe879d0cbbc273f10287c987d4bac26b183e2277701183bffd832383b9bb49f39f65ba5ada15c62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a874fa782d3ef2c6a7e55348857b7a99

    SHA1

    f59ffa34cb6026c54899ec94fc4fab76c36c40c9

    SHA256

    5d044d246a45833042e22749c23164a315e0458be5d7abb997a7b1a35e39abd9

    SHA512

    1f6fe9b52b884baa47bc0082c1a5747bb62f2fe068f7d452032067ad450ce4066ef5cb3a7c4047609fd8e8490b728f69b5dfc47b2031ebeb37bde89d25b71603

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    892e41d5aef34d4b473b9d07dfe958bf

    SHA1

    3085212803b5686410b10f4042c53898db21ec78

    SHA256

    185323231b33df5a48979a73e6e505a40e57f003ac5b316947fc81d154ea9d79

    SHA512

    889f10477dcdddb94ba98d02458fcce5e13b4266bf8b09d2719df8e6a89fbe714e179661f4df63c5ca96da0097a14348d2f6c26d6845679b921ba8be5fafc7f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dafabd8ff7e1cdb906cd0abcbf1defe

    SHA1

    cf122fec8b2ea8966f249d45f6e424417e380b85

    SHA256

    ed6d2418403e2c332915ccbb83e3cb6563543737d776835079e07adc6768bcc6

    SHA512

    15bab6e234c0a222df6f995f283d43a55606e5fb1711045195234c363960402430caa431c6ed49950dff6a1c6b44e1066e56e2bc383f492f849298a0c590d02c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8517a6ee6396ae9d659604232617664a

    SHA1

    398b9725e4e91888a57005040672fa502121df27

    SHA256

    9120d024e276ff77f3245c3cb77e4f8a6352a17d92ff0eaed312d0a3c0a4d721

    SHA512

    bcd1a27007ff42259cd82646f7204ed65d844c998856295180c73540bb78df3af31485bd7903039edf2ac21012b421db67e195bb9fe069a74ede02ee35234342

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc376148834a54611f291b0b5bf9ef32

    SHA1

    eb1ac9c5c7af38fdbbf35ee655ae8d91791dfabe

    SHA256

    ca8310d98a6233368dc72b3dceb0090728155ac237d072e94e0672013eb334fe

    SHA512

    f88f24829108aa226f41587683814bad4a72f1b903dad2514bd6aafbc0f3e6311b6f23b6c4e671e20a1d48af658bec929657edd712d3ca4d2061bd6a216804e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8489346d2ec22e3c9e6b89ef0a867d56

    SHA1

    93084b35c57648dd557989f648fef0470f6c0e6e

    SHA256

    a33144dd807f48697896ffe6ff66f3de2da855149e333a369aef42916df346c8

    SHA512

    4649f077921bbb1da5573069ee5207499bbc26f82ec9fc897de105bcfcc4985a81f9054699c225b25051a484cbfe101b7dd75da35431f6443f7d77e0de44b785

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07311a4a29a09c3f733676eb3c45ef74

    SHA1

    e5b84c91d4bb27aaa59c311f946f1b216d443a35

    SHA256

    d45dd46ed1aa80ffd99d98486812de3ef1ea17d6e6dd7eab0634f6d9fbbe2285

    SHA512

    4183d8e5a6ab6600b589764dc351db231319d466ef6b7b920c00bef96ad40fb69c72886161620f98d3ffb90c5e660d457ec324b523686596acf82d6f9f8713d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c321148796c882a7670495193867a6e9

    SHA1

    262e97f492d54dec3300b4a3561a8af0751896ae

    SHA256

    7db15b3ce82d76efd61bb5fb8fb96411a1af09f4f1ed19096adaa681ee0ff290

    SHA512

    61590362fb4b2b828ceb29c9bb1b332544e5da6e5b24fefee5494bde0771c7889d44fdcff303c9e8a39de43c39131a9c04a94a7544ef7429eef2921624cdc929

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c96b4ff5d4e64a8c1301f26f44786ac2

    SHA1

    b601c0be6f6525b3f08d21d4e6c92cb19f9cbfe6

    SHA256

    81383f12f8c5e8332f3a9541d62f606526bbc066f2d983af823d260046fb92aa

    SHA512

    78960edc928fc6ee91717b7b93b9edbf475572b9cf575f1310c55eb470ed029f48d1efc3bde532727e83bfe35e562e4b5b99530bd28eb1fc26e78b606fa0c2ed

  • C:\Users\Admin\AppData\Local\Temp\Cab394B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3A29.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b