Analysis

  • max time kernel
    140s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2024 16:26

General

  • Target

    d4c79e1b77a0920eb8a6589d9f5c66ee_JaffaCakes118.html

  • Size

    6KB

  • MD5

    d4c79e1b77a0920eb8a6589d9f5c66ee

  • SHA1

    d7a3bd1e4ace0952dd3ad447db131ebd8c3a2046

  • SHA256

    e8263a2945617c8c5afff3c6126f8f7db037a6eb02941a6b9e8805564d65aca6

  • SHA512

    3b1c6cc0d2e1f99990846e5dc55b27187a48c5d7d08dc3cda39048b530f2cc53cc4f54ac4df4f36d4369bbf151ed9beec3895561df5bd90c05e825304b97f661

  • SSDEEP

    192:6TKrD89+BIvzjF4OoFUo2VXvzcl7d+s/kCCD:0c8vF4OwnKXP

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4c79e1b77a0920eb8a6589d9f5c66ee_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2724 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cacf0b4f32e763df295ea5272f265b5d

    SHA1

    1179bee788284036e8054944ecf7151c07a48ce6

    SHA256

    0d9370a9f91867850b0747f1647fbbbcca28313ddd12eb100a563f3a829222ee

    SHA512

    a6fbdecb7fa1af2075b7b1047da648cdb1400936d634c2bc7ac277b21e9ac6dc95db6d391e1c460751dec58dc44ad9069f85669dd9780e5d08c5412dfb4bc8c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    047b2730ef7d0721adf9cbf0c8fce1bd

    SHA1

    694fbd863c4e8a24dcbaa72b7e2165a5530eb246

    SHA256

    3107f6ef7bf12e94e5248a511f05c2b138a39d8a1a683810548030898457df4d

    SHA512

    616a455e4e3867aa61677c64bc98ab7ba5afb72607d78938c7229bc2e8f39ec270581bc2e710ab31b48d9891a8d1048ae1ddb0b3cd8448787b0c2069bb214f10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c42fd888577c33cac9267d9ac4d8b46f

    SHA1

    2f0968272786e9e5c12a90a5b1dd5e622ba2b605

    SHA256

    f9b45549c9d4ff15870606997367940eb0245f2f35658832a56163d1ae92e43d

    SHA512

    f8a382d6f4301e77f85643f29337341405bdcbafe90c97b9afb4fd7f096a9465be3048df113b256ccad7a9bf10e2aa3b3e4243b21ce31f02ef11abd1946f09bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ca9555afee73f31792827d22914839a

    SHA1

    88cb8c98b20b57a5f30c9f7320f8e8e957388ee0

    SHA256

    d2ab1e150bd06fe8af6853fcb4823fe476ca717d0da8a16377e534cd53bc3a1c

    SHA512

    c2ad3df63769b19792c6f79f7ccf3bba3d3b8f4440d18d49cae036e3002e1e3ec4af7cc6611ab7480529d86783e3586785bc7cf3b04ed39a5545c5a96862e6dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b80495889d432a6c13cf0ce344834e67

    SHA1

    71c5d328fecafc84e179344b4020c1a51090ee36

    SHA256

    75897a01b216b2efbd9f482223faf5251ea2d655ea76182fa52f389f475d3b04

    SHA512

    280ad29aac8daaebbf13494a9d8291629b2c033d714726a0be9efc51556c09efd5a463c29f248bf0771eb300045f8f225a45763c00e4fda2ef2ea243f4bad71b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2aa69235b44c7f2945912d53d51c355b

    SHA1

    e202f316512814ce102ef50b4a9100a5e6148ea5

    SHA256

    e307cb15408ce4f7bd6133d8c44dc7df1b5dead54e543b265a539507dfa51280

    SHA512

    fcbe379c3f9941bd5599e7604ef9635ea070521d89ddd6df5ec4f0908a4ef9d9fa54c520030a5dd452bcb810f32f8c821117ede1495b30f83b3dc66750a4cce9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fb4b19b73f9bb79f690e4ad473bfc00

    SHA1

    c3a4565604829bccd2f9e2162c5a7ad46f564147

    SHA256

    510481bb278e73457e056c1433f45791ac046e44a3c139bdf90759cde89efe04

    SHA512

    ec20b94b13764155f0bccb29d2e4fbcc26371201da042cb1edd8ab8321fb475dd68ca9ac1be8a2f0d754e8a88a447570512c552d5df9202134bf83ef1867c6b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9a13180958093955b3931f582de2bda

    SHA1

    2ab117773a704efb8b543ebe62bc5d0945264952

    SHA256

    43af75c181d046f56a2cca0e85d68aacb99913777b6832de1eb5f2408852e911

    SHA512

    b68db3847fae2a102760e397d94d2903d339ca86a394aa7b1ca4758916a6219c812ee172fef2291e5f2f4f8e5e8ab74f1c11a3cf77c7a4d2536de9d747363ef4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21ba671ca973b3fd5ce8464b7670d331

    SHA1

    123ec9ded6575fa7d3ba634e049534102b091aaa

    SHA256

    368f814079e12100f3407af82d77779beab73c16506ee1b91e87f1e3f4dabc5e

    SHA512

    bcf08a3b7c9c3673f215599a8136c61afb3e9fe0143a1b0bb446eb6dffd4a7ee06ecc1387c28643ef6ed3eba81ed176149915a15a503bff274f2c1c4c92bef3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4aae9e0ad1be0d30c4aa2f2a0ac63f0

    SHA1

    363c6f15dae31841d0b2c629a9561f0eff54c0a8

    SHA256

    71b65994e8755f0f59f706fa00d6cb30d5bcc1d1116d12534d7d3cc892579d62

    SHA512

    c6ec0273a1c77c8d80cecd83fb3f53bf66ac68de4479f77d7df9cddf2af35a8e4483a033f17f666c89d99b3759a6f52cebd203c9a49a96fcd6a905af5487cce0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bdb51eb05a8bf428376f187727e003a

    SHA1

    7835ce9a7b8f9e8b21b62ed224712326b11f321c

    SHA256

    475a0a83ed61a727d27f375bbb0876a4ca10e848f64e1c41f7773eb8de583a36

    SHA512

    bd8af9f253573779775d1f16d0b0737d5e37686c698b9d4ea3cfb46ee377503fa3a2f61cd36eafefbc8a326d0b34c873844fd2e76849813bd18960e85812e23f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    641cbab393c91fcb544fe34726caa715

    SHA1

    41ada41b844a66780ed8f345c2a563714f727c70

    SHA256

    df8278819f28a6806372dca5ddc263ad47c76e55c667a650c50605cd6f48842d

    SHA512

    86e1902183b30f972163e0427b014f1c60e26b18e4b027e6c40bb39224c0f6dd73530bacebde78cc126f9bf0af1969d119b74264bb892c1b4c6de53f9d5da4e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e1cf7277e7882319e4c24218022d5ee

    SHA1

    ef2f29153a46828a31f0f6359a3506b9cd48844b

    SHA256

    e1e038af0e6749e7e6bf5695d9b19b01af2d6891280c4d796f6c60537667964c

    SHA512

    239dfca30b1e3ec11f2d25f1b8cc33b113c63ce56c088493f9579549fd6c59686caf2dcf070bb15293c3bfd8ef295180a98e092e3df90396c26699b31307a1c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af5f9e550c7b471d4138b5d6c1c738c7

    SHA1

    7faf5147ab613985832ca3c6f9c37a81a1e70426

    SHA256

    5d7f5b227fedb42bfe8555b8a9a6d0dd5e3228f613048be5539756f37513ff97

    SHA512

    489a201b68c9125429d48d283f569b48db603c5a275300c3ea791b84e7a8bdc7d2ec5416e234414cf7f2ccb3a636ca01be9ee2fbc86e61be7ff8f34ca2a9b7d7

  • C:\Users\Admin\AppData\Local\Temp\Cab1E8A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar21C9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b