Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 10:15

General

  • Target

    da20488680d887ba51f3e7607868d8f7_JaffaCakes118.html

  • Size

    736B

  • MD5

    da20488680d887ba51f3e7607868d8f7

  • SHA1

    7ac1f79133b062fff7ebec3cd00b85e82eb011b3

  • SHA256

    8b7e5e7d2b81d5c69a01393f42e1a9925e6e612cdcacaf395378c6e1ff74e200

  • SHA512

    2d3227580ce6ba5fc79cd22a3dda254ccff04c7f4f7681a26ce9c6044934e4ea49a99f0bb19e631484e8487e4e60ce790b3559e0730e7bdeafac7b8a173e275a

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da20488680d887ba51f3e7607868d8f7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2444 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    773f5131e96fc0a6e5d052c7129af8b1

    SHA1

    320d180aff2e47ba413e46e411a94d8ab95bdc4e

    SHA256

    7fc9c5c9c53bafb4bd18b99579b047b71034319539866c681c9a1ca05ee21bae

    SHA512

    3e77fa08409c7ea072f888efba8414ba6ddd3cb261e5ab8feda87a9b7c56951bdaa1519441de8e0b82fbf910a41f62f5d487943224a88bfd81d7ccb3427e921e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd56972b0e0fbe425ca0df749448e542

    SHA1

    1edc31db7d3cf47dd9da0778f2fd5957413359f5

    SHA256

    e14c51e451c9faff31767c74c3afbca9867a2c2c9959022b4acbce2015eae3a3

    SHA512

    c9ab3a0409cc54eb0180ce9745740d15b0b82895028c9291715c2b596d220972c5ff3f2ddedb2434234c801d47e4b1f63bec10ebd2ea1efa62c23b60bc6b1605

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a44a1dbb54dd052508f991e687e53820

    SHA1

    fdb768d6c96d782931a36b9d2381672f470ca604

    SHA256

    8123ddc1900fe365cc0963912980713c41c959cb20a9e11c633cf3e58023e6d8

    SHA512

    89476686025bedbe3cd270f800bbf4c7e847f042cd600583cccba9c6655b965b7dd95a35bba51a16b10089a93ceaf05ee1eb3c9dbaf29b04d65354a9ef53daad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83bee7ad1319c19f017208b5f4baffec

    SHA1

    6c61d68810dd39b7effdeb73df002240c418b291

    SHA256

    f9714b8fb74beebbd8ee82725b4fbdd118f161feb9c0e8be8823b5851dd8a414

    SHA512

    3675cf9a0f0e2f7d962b5ab0a1a9d61d9c57f965866b0640979e721bb2968e6ba92a0db62888b7fc850358e7a7c278275564a9beb3d08815d150ea7f952938c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cb4d8d868d5946ea40c0c6faa263b08

    SHA1

    c73a925dee5914e2f66f2e46139772c866dc643d

    SHA256

    2e3f6c76a8ffbe717675a18811baf6f1dcabded220bf8bd9f67861bb6526da36

    SHA512

    34820e14da0c62252e05786fed5352742a81de5f614456d0be0075185253cb5aa0d612dd21c8654d3b6a1dfa76a8be38b4e4d1eaaf36a0a81b2820cac8f9aeb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac650520b427656d1dfa310090a00fba

    SHA1

    54e3a1cdc096a0c860dca7d846711dad5144384f

    SHA256

    75ec5345c79695b6ad5a4ce96331e1aae37368e71cd067d75a27a4a1e56a1b43

    SHA512

    aa59d7f1d9f5083604851c889b6c5b2f49b505e3818b2efdf5e432cb75db91a78e2a28e666a7aeb83973582cd2e1ac16e33f28d2e39f0843975e608fdf516e61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e3ad45470f275b908f62b7724a84307

    SHA1

    264d8d2fac63cf4f211af56fba6fcccb246b356d

    SHA256

    9dd3a9a8111e8cebeac7c750f9f9687472fac2ae4fa26b54e833698f24055a7d

    SHA512

    ea7dabde669a612482f407fc8dd59d9e7f63e0c1a6903fd8e53a72cb798a04c38e26f8673702735554ef0f14dea14066b4d6886d6bb9ffea1e061ae7d2f606d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c5bb9193e5ce2e27152790f519dc604

    SHA1

    925ace76d4136fa013cc9a18bec3fda29af40e9d

    SHA256

    40d51ee2d725c8bf184b507e2c1f94ec419f446493f3a09d8fe03396be9e2508

    SHA512

    158c0f8343842dcc1c0111290e177ca96e2d2b2fa7da8411caab1d0b906c065bb750b59129370184cca438501180f138bb1e3b65d26a2bdca6603fb6679107fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9259237ad73d10b0876479961fe8069e

    SHA1

    6e4dc2690a87380aead26c3244a1bdc52f652843

    SHA256

    2374a66acdb8804c98c2b8c57cfd1ec5edc683c70a16480d0434291d33241fbb

    SHA512

    b41da3e746c2677adab867c0c0eb56fbbbffad501eaa540a18a7d790d50897785076cdcd5aabfd88f964091ba92c3c6036d1558e86f8c6975c7882ceb2dc7440

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97dd934bc9473a5527c54f1356aec041

    SHA1

    168b1e32aef79cd01ad13dfa3542f66fd6bd8fa9

    SHA256

    07177d19418cd575c0e663a488c3c5d582720ba9046dc46aede2d45c367f74ca

    SHA512

    eefbb7313638022a9e8ae64ea6b470f38c69ec2d8cfb6d00393e5ad68248719cfd27761177dc2932e7ca68d4c7df5b7fd87306a182c8f50423a570ee4ca8b57e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa4b1b615ea5ef90f8101af20103258d

    SHA1

    33410956701be90e1fa5fc1fa74526f1bf652e5b

    SHA256

    ecca8d75671e6bb6ef8df5a550177bf480c0fd31051082520ca9fb477f37bde5

    SHA512

    1e4f888279411bd9dd704f2cfa509bf44fa809e9a9e35d585cf8dd1f82d188452472e52a437f841e56466291d0e5a15e0f6f5c4e0bcb56e1bcc21b9603af5c61

  • C:\Users\Admin\AppData\Local\Temp\CabCED6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarCF47.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b