Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 17:58

General

  • Target

    d4ecc880e7da0fb8389d85ef11aa22d4_JaffaCakes118.html

  • Size

    950B

  • MD5

    d4ecc880e7da0fb8389d85ef11aa22d4

  • SHA1

    6d8d2525a2848a728e5dddd131f17a60616f23c5

  • SHA256

    02c54f6d7ce7c4110edc53af7689dc5cbd26ef68e91d0e11718a23a3acaf2950

  • SHA512

    7fc28fe9c215aa34670581e39797dade8144b6406fd9b4d9f7665b225374267a12f79bc9609b2f4961c974ff1a53962c52f454cc71dd07c8f395b867cf52b576

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4ecc880e7da0fb8389d85ef11aa22d4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fbfbc945b2abb59c1c3e7b42a1a10a2b

          SHA1

          d48932fa8cba4ec01c3f8339654534aa9f8637cd

          SHA256

          0ca9cc75a55d10ff39d8a04abb53a4d4f50104c07e30027b809fb14b38e58e42

          SHA512

          0a7496280889eea6959ec0d1fa56b2d7f3f35daeca266b110da164e3a8ea34810e7edccfdec77d6439729116498f30b00581f60da74d9b9a8e224f913e4e5fd4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          76bbb2925f748d655e3e76d0a3f21a28

          SHA1

          2e409a475d6833dc826dde29c58815d8a0d262d2

          SHA256

          061f28053a3afc8eba56eb791c11c30f0a72c8b6ddc4ea80d8191834956d9756

          SHA512

          56546cdd40adbd3cec32427984a0eb1b22fbc20a5485ef86bd55676c5f65bbbc9188fdc7e35109312c4ff4f2a48859e0997923e85d266063129f5b55b84dac58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5fd0c0d29007c0387499d23256d2adde

          SHA1

          bd8387240d924cafeb2e4437f73005d91d4fc84b

          SHA256

          8ce9350282f3e9d58e5824d7175d7bc48d8d83c196d80def67c1263b705a0fff

          SHA512

          62ba0d7732c98ed77e62467a2b73a06969cfbbb99234f12e6a5da729970f2ffbdb09b308ff045d64ac37715ed2a70c7d16d5266b830eb901dd2a65384aebc9c9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0012b89410e27c4878e58651249502ea

          SHA1

          fbe331f60d1724c257891c64ce21f2ed0b35e012

          SHA256

          7ebdeaa1125a1d8f3d71c30963f0ba39a452d43457ffd3d0470f6fc1e6ed3d87

          SHA512

          46953ebecc154902e54fc056933aa87fc49aebcb3d3cddb70e80fce7df68e60252e3d6d4e4cddba0d0b4006a4af60b65b3f468720eb662e78c280f3f4077b887

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5c9c1dcb4d95d781b90b28c89c92b086

          SHA1

          c10c12e1d01355c437be584ab9ccf1df398ae183

          SHA256

          2041298065f5342a0003d6bac63ac24bd96c86097ac6c99a950c71100cffe23f

          SHA512

          b01f0e05e12e9f784e5eaf5efbb8df8957eaffa0716ac4986ea05d51c7009094c8351cd5736cf918dab5f2ecf25880148c4ae6dbaf6762e7e9bad8266c56f97a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          84a6c332527daf69fddedf156a06ae32

          SHA1

          7108ca658b246c62bb2d261707faa5114fbb903f

          SHA256

          a438a89be313628151d088c7c645a027279543d42b7b8d48ccda03123312a2d7

          SHA512

          9285a2968257349ec0a5ca0a55ad481fbb48d052a10570058c7a816229696bb78410dbcbe9f779427746946f2f2815ff00cb4711b91f3e655832cb7d9d1cc5d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c8e79cd7853e4b5b075bcb6592a8f3ef

          SHA1

          203438029e8be185c3264b04c89c97633abad4e9

          SHA256

          dfb56438b6ddc327301883af914e993d4840ae33baae7c6f59ad272241895d8e

          SHA512

          3e4d97583f8895abb8f13a218cb498338a0de34baa6eaa44e05c24101e6dbd0af17fb208d6cd2ca82e23944a07312133a0a5172492c1c3833b926bb1874609a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2f73c75f3e3418c824f3b9dfc36a89e8

          SHA1

          6347267c9c3335f616f4bcdb9ddd423eaed47fd5

          SHA256

          02a01b964bf21bd0031bf96a4083380e18cf6b840198c225961279967e8b0e73

          SHA512

          5e6db4edbc9443040ee217d0f25ed7c31ca6e0c5e27297aee3ba3bfa5c7f04605b1777d4fd00f8dd89f12913801fe5d359221a36e30a51a8e2fa7b0ad2ea0065

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b35f41debecbe5598f6d8c7f1e9d1545

          SHA1

          ecb387c2dd42b190cf64caf14fa6950db6dc3912

          SHA256

          f3cd161c164ce3a37bdf8b1626951472711fb445b681cea1fe3825bcf82a3f97

          SHA512

          dc901b9775cff6781380720e6e480d831ea18243154cecde09805412ae8dea6a9e3f9a2b099b0596c3d3de3022ca452b45cac38fbb41c3eb9a36e91d4584af2c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4f5aa79ee0049aaed43b1c993c3628c1

          SHA1

          7973224a4f1d0d7fca8ae52d71a199e7427d53be

          SHA256

          817d6f31f55b50c9ebd8a18e5dfdad9c8fb9bc5611261bf33b1415bc8d2bb36b

          SHA512

          84a0c6a3a2d1f4b91cbcc2879085d15d33082218c56d291812cbc93df18c14c8367914848be16d989298f0c1a25f3cd7b22c31330b4b2582a41da1e14e2da58d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b842f96cbfd93b743e03ad5c8e59e83d

          SHA1

          35366f2ef0b5c6d8af7123f5d1bfadfe5e538ca4

          SHA256

          c091e55abdcd893c3803ed5c7647e1b84b046757143a50b8cc42123e3dd9b80f

          SHA512

          5810ec55c280480d45c9a8b3c962437ef9843136b56fb7546d5e61ec24791f74758cd97c88bee847c121b7ad35358bc5e5d116eb48fab25b11a9f7f95e069de4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cea488aa079f2d83be465f0d7e1319f2

          SHA1

          d0a25eef9dfbc5eed2bf8f15504837d3f841860c

          SHA256

          10a3add0594c814ef79cb676000befc578d9e8b07a636371bef5782e1a85a08b

          SHA512

          71b8401dc9a154e787fa783993b86ef7b10cb11bc3c1fc0ccf7fd1d46d6eab7ada55121f1af48f138683a4bf739e8eff170c5db471893c48f043dd04109541cf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a60e80ea927f27af8f4f9502331a764e

          SHA1

          d28bd8ec677f09fee3f226cf71678135da42f889

          SHA256

          6f851aef8f30fc7561301e15950269f975b45c61a3acdf1eb74e8d1a495b092d

          SHA512

          ba5d6fa6d8c7b217f719f2ad1ffb14e0030bbea5cbaeb4979f6bd56e1807982d4c7d69a50ba2e67f8815c9c3f7fbdb98deae9a6d29a1e0ac74a58853a88c607d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7d63370080285f4e270d5892db06dce6

          SHA1

          8d2e6e816519ddda6cb5f5d909bfdf6514ece16a

          SHA256

          de2b81ad9ca17b2fb0aecab4ed72065cfdd4271247cf627d2ba506a8ad647a49

          SHA512

          39c9e04647cf562ffad5bc9162d51f174aebf2ac5c3f3516d0ceb758d9f4ee3ad8f52ba5458338964e83a850875056184dfc06717124e3e2eb8c81eb9a30cc99

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1f2bbb989b89c78dc163b4ea3bab4720

          SHA1

          d26e4092f25fba02abe7e1f5e348008526a76754

          SHA256

          180c49683ee25f039ba2c97c05a64f8464e203aabba9f722560e64d2757ece3b

          SHA512

          4988a8a57a391779c4dec07867747557fe9af522133387054ae4ec0077441cc38ee213cfbb6ac2b3d6eeabf55aa7e91a8f1083d35a8315bf2a89848c095ed8b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ae51893479a233ba28a0272570fa5ab

          SHA1

          089e3118861d5958076f61596927617a782846ae

          SHA256

          c9cf0262cb4ddd789be9c048b34936407c347679fff8004cf04cade5853e7fc6

          SHA512

          d4a4ee856750589b839d875f1da0d0b84aa3c22c3443a85516019b72e896b0794e8bcd84a122b24c1625cd01f06c09e8e20da993d2729f4c3f012a4d9a442958

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6e718859f2fe6b3c8d3c2f283e397d06

          SHA1

          4c946955de0bb5dcb0c0d1d8631f7ab25badd99b

          SHA256

          13ee4e06e0b6bd572ef78e4c3fb0df2a34b45fee775a06590b639cdfc743686f

          SHA512

          ced70d0dfdbe8ceb349ab48da68db7fe20a8a15fd05e4c99ee40dcb730b321764c1b649926b96cf9b44401f8da1796852f831c81136dc7405450d0b8d7e62ad3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          98ba5d7af9becd5c2c57ad2a4a8be5db

          SHA1

          da0a20268d3ee0c81e2b4687b9cf9c5ca593d55e

          SHA256

          416082a56a77b5ab8beb4c137ba99a853e195d0d159bf235e0e0e8d82f65f5e0

          SHA512

          7b0721391c21c6906580d9492f99b4bda04fcef94ba33bc0de922216bd6b3122fa4b05181c802d32e34bbe27510a1efdb033a1ac2328f0132a9cc4bc02e4db3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bc4a7b7f53e9dea513d879d41566bc20

          SHA1

          7e593fca47496ef7f290037a59604f4e5e0104a8

          SHA256

          370a51d4bb2d88bd693667575f1b1bc79dae9e86116d104667e3466a203ec1ea

          SHA512

          6eac5888cfe0adca84b2b711f9b8451e2530762e57ad47f0870ef98bbe73cde9ae6655d2e7b7db2749c0ec24d83c653a4100f0580d310d5aed927c791753a739

        • C:\Users\Admin\AppData\Local\Temp\CabC93B.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarCC1B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b