Analysis

  • max time kernel
    122s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2024 14:40

General

  • Target

    d4969470e59caab2543756f8fe063abf_JaffaCakes118.html

  • Size

    111B

  • MD5

    d4969470e59caab2543756f8fe063abf

  • SHA1

    9df4c3285db27e29a07769881f26689b10d1d6fb

  • SHA256

    deb143d617f3ad28247e1259b6fef309817dcb7663c5384ee06188a4c7b4f58e

  • SHA512

    6372709a57caacc7ca3509c9f511fe469834f08f4ecd6f03f00c6e2f6ae3b88e2ee3cafa273a1574c46761d9977f67bb058953abe65aff023f7b1ae5dfc77387

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4969470e59caab2543756f8fe063abf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75858ec4fdab5b7f00c5f3bb8ae9223b

    SHA1

    82c04cdd1f628fd0b886e81cec3bb9af3e0afa8b

    SHA256

    b0a8b4c1e9385386522480512f645b515a00e65ef420714a6d863b4254bc442c

    SHA512

    09cd3143ece9d5b65c4e1161f6394870663d0bf74718e0b582f108aecb0b17cfd0f477725008dfafd53a7543a3b2bb321ac7ecf85a60d3c77a42810f4c97600d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a0b566707355d2795017b9e83ea8e12

    SHA1

    6e3be1734472e64c609849c1d73b835a9e6fc53d

    SHA256

    f958f298efc05365e122622aa5f9a5adedcbb4b4b46039f8c4b2c1eae875632e

    SHA512

    5c3a58207c9ac5eacc091a7cd5769d3f269649a6d9bc3c32a9bf7f4d9355661363e3a893f76f25815711b3d79f27419e6b3a54ed5a6f3b05effa56b6f274227f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc285aef5a26fd79f999f76709f1b65e

    SHA1

    1c1a808dbfca00f1e7beafb5b48491d475960ca1

    SHA256

    57e07841a3f261fa9d573024fa72dc1f51bbe83878373c24acce022b9e61012b

    SHA512

    f215853c87cdb05e3bcf90630482e6dfc0faccd7ecf063aa9dd86057fce4cd445c6ed62d71a65311ce00c65e2716e211b2cd1b4e96840a1ce4827d938d473d20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e192ab04471c328a202db223ff5b801

    SHA1

    a445fb2329e1ee7a694f09389f806b259ebcb30c

    SHA256

    4135bf3017d72980ecb6c67af90e617f4ccdd2ab64a3f82aed78ecad9a9c7a97

    SHA512

    e4c38ef1788e5e90cc60f03ab5e261d05caa7057c28eab4897cde24ef7b292b4799542abe139de7b0b30478a0dec4c1d44f87984f5c56347688c1bace646c2bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4477657a1dca24973580cb1ff0dc1974

    SHA1

    6aef8375b7d176e69087e71217b17ec730729983

    SHA256

    031a8c09362c4797372660470d5d87180caf68de4c0342bc07c464ba362a0cfc

    SHA512

    9987ea64b21993676dda7c3d7677141385e63f8f0f0f93a32b35b65510d30652a5b216ab5fa5ef0dd65efb5de25318db1f60e74370a04d6a0528a8b988aab491

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e132915852f166dfd4bddefcd88564db

    SHA1

    e9b826ad8fcefcfd80fa78dbdaa9e3f6c2668f9d

    SHA256

    2c7507d2aaaefd742dcf782282783e35f9a5a79e099f6eb21c77da4f72e6a496

    SHA512

    a783682c2c8b15d6fc98c19e523600d99633fa2bd9b2493d29775129e958bfd815065139429dbf38964973fa133b04a0faa6b588c2348b3768ab030159319832

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2450cb7a54be8ebd55bbddbdc051df10

    SHA1

    e2e385646c22981c2c70a6a8757b497cfcd69916

    SHA256

    4852e5bd8cb2f58ed2ce77af884ef029e308211bafa507e37ce65dd13c688c82

    SHA512

    825ed8b70698c42e4eba81edfc649c068c198ee4adb09806920a3d56dc485c2f2c0173c4945b5b5916f576b4cacbf924c5b62b1d26c2b45218764dd979c89052

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    742f49958cc021560c6e8f74bad38c2e

    SHA1

    7d657ff760ebe82738f26f15c688a28fc3567787

    SHA256

    07cc5eab146a09be28acec732cc0663dba34d33ac8943c28c68bf3df2753644f

    SHA512

    4b13486899f031d8a8d7145852ff1f4ce113485e495691f82a5c4b645bfabfb8f10a8d37aa916b7201e75f395e79c4bcbb0b4860d2d3cf4c9f01a385775dde0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c8f2ef34ea2667d1b7c028d5942e040

    SHA1

    59c3ca5672560be1ae844f214cd6a4ba60d167b6

    SHA256

    9e246dc7e6fec45d55bc79abb889eb9375637927eed47114ba24ea5f60b4a4f0

    SHA512

    7a53a08ffddaf7ef2041c94f1ece9d3dcd35d0cca96498b4e291d428927e7d2e1b48612b12f1abef0db96a870e3aafd571b53cf38e403b4b045547d4586537fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e03a0c788402895d873650d5c3512b03

    SHA1

    6a347131976595569e1e50735d953b1e9626f787

    SHA256

    d0b37ab1600f33d74e5b4ba5865db7849dfcd09976ce9f77532fe4736b0d2cdb

    SHA512

    7db54cdaf7759a6a5781c2ac39de9767f15af4f3e9f5bb3eb83f079a4b6c86e49ce85cc84b106d122a24ddddbf9b91e8758254a9cdf1a02e2ad4f090f1eecc40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b7311d7d773b5fdfc878b36ebed0de8

    SHA1

    0b8dc7544130ecd2d938ff28a42ab19d77c897ac

    SHA256

    4928216ba3b39601e8db8a2594c7d80ee74fe2c5a36632def5239a65270dd061

    SHA512

    c0ba02ca2f082a1461e0ca1f5a85f05021033397677b75ca2fa5bb31ff068189bebb14cab92330043ba8a9527a2de631e271b7057b05e513283e3000c2499d2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45159dd8071c260471b0b2e4ec539b1c

    SHA1

    18517bf87004c72112c4b1d6897674e1bc6753c4

    SHA256

    f4691bb08ed7cd13da621a7ac47df1963f1c3bc6f4bdd1c008c8a66c99c100c4

    SHA512

    da04f013b6514f0f84c86c31610dc633eefab6f1e31a7daf40adcf71ee07f91391bea92cf1d0e5843d0e64402748abc78c8bde710a24225f55eb684037e4fdc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    751d62b618dd890506e271057f99149a

    SHA1

    7c00d598b63360cbcbaf6316b0dbf7414778c467

    SHA256

    6e78eab0c4182f19c61a959948a1668bbd637d13367ea090fb2a1c6d923b1655

    SHA512

    0f9fe5a63e8bb84d756f3a847962ca3af632d5cbfa59f67941d9e190252956d318d2a4cb6fcc3c1ec8290005c41f211fb4e3d7ba06ea56e2504655a47016f914

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    306e20344ecbb32bfdd4928fe3e06b23

    SHA1

    ed8fc3e13a0af34ec3c91c88dd45dbbd81d1431d

    SHA256

    60b298b2b41ebe2e8bc64b15b4bc9b0bbf5c90b24f62911bbd3fbaed16b5aa4e

    SHA512

    56beb5fc84b27682476500997f397f59d80c3777e28019c6c4e12d28c7acefe87ed7056f05468aa41866e4de416834450133ee719611d8a8275574dbabc0e374

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f0a87cae5595849560e1e72d4b9615b

    SHA1

    5d14e41b51c6eca2148ea993a502f2b348d21f4d

    SHA256

    8529a18d96916cf383af0fe528f07d66559e20b36744703a4d8a66308be232ae

    SHA512

    03f7cd94eeda5ad20f62cd7a1a5559c8e04641a038fd5014463487cb73e403b32a27aa574bae10df8081e1f8b781c138d2a0c1df32310fca72dbd9d5813342d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5362b065a2c8444eb554d64794221b79

    SHA1

    6808006a76fdcce13d9ba726c0ba02e1fdc4eb3b

    SHA256

    72ce960d321f57e87fd9f026e0743b37612d2919917f2c3bf4b46edbbc72aa9b

    SHA512

    b7310163e83334a1808a8a79745661f07020fc993a8d7ae2baf280483e8a218f36e3affddd3930b90b64a69cdd4ee017eb2bf53e5f5bb968ed1d377a8b17365a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c2050dcc8423ab1856447f63fc4097b

    SHA1

    613c605c2504091f0f999ac94c6b4e4dfb14c40e

    SHA256

    54c2f2f54aa16fe9678fed5aee8a2c1ecb2cd6326379b77f19c7bf8ffedbed39

    SHA512

    5601afce2de53a20076c0b158aa7bf3585a6eefdb907351436b6e915fe0f5291c8d190406599123aa737b6998d53fdbad683824d282767513638d5316f45320f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0ee27d9d26f549b8e35ac8bc276a5a0

    SHA1

    7dc4ed9efc65fb432b517523827050566559bc0c

    SHA256

    6a9c73361eb873c5413306a3d3722c71368cf43c3fda6e79baead4ddbaa2ea26

    SHA512

    6e4024a423749fa1271538f01492ca48fd7454986f706b43a2da6a9b1cac54f34e0b083defb1eedd1e58fc4ef57232437274a227b3f4a07c01b482370eac54b8

  • C:\Users\Admin\AppData\Local\Temp\Cab70EE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar71FB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b