Analysis

  • max time kernel
    134s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 13:28

General

  • Target

    da71e40bfa5b77617ead3d7eef5d5a59_JaffaCakes118.html

  • Size

    652KB

  • MD5

    da71e40bfa5b77617ead3d7eef5d5a59

  • SHA1

    a52b5c822934a8484e1f8bb87b870f7b8ccca50f

  • SHA256

    f26b8de1e38e9c0adee77f6684915ab8f8cbe84cbd15bbe8cb08bf655b04e24a

  • SHA512

    9314aa86a3fb74764944433a2d87fe3fd8fff1d1764757c27be1ae1cc195f985e8708762fba20823f7f1e62983bdc02119fd72d7fbc6f49f5cd44ed3803992c2

  • SSDEEP

    6144:YsMYod+X3oI+YBsMYod+X3oI+YisMYod+X3oI+YazIqksMYod+X3oI+YasMYod+e:m5d+X3n5d+X3G5d+X3YK5d+X3W5d+X3+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da71e40bfa5b77617ead3d7eef5d5a59_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6f9e52a7d9740a0dc5df90b26f23d4f8

          SHA1

          16ca074c1aa7399260fe508cea291f2650f5aaf4

          SHA256

          d811f9551d2645816cd8584a0c4d9d9f7b6d87f756344d2e50067ae5b081a367

          SHA512

          7ce108ccb08b8efa3e833e9338e34a24d7f7f1678a11ec1b903db350fa7d7d4ff1203d0d72499126ed5d8cc1bbc9f85267739d1ce05548aa357e56ecb3b1e4ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          069f799d2187f2d3fa14fd9256387708

          SHA1

          ab1ecc3181fe7e3902a9c57333fdbcce33192c5f

          SHA256

          caf979ab17963a5e172ea4d4327f7aa96f1101cd113a9e9d6670e4ae920c2a11

          SHA512

          ce2997d6baec00736a62e18b2277db65ce4c237e4eb820fe18b0e88affb66744ec7735a1f8880aff1d6b00fa5bcba1c9531b1c2da022553711227e5a62577e76

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ea839269daa9e59a6c83456e61560677

          SHA1

          2980601b50a35d9c4179ef165802e71e7aa87977

          SHA256

          0f5bd49ed1eceb0f6279e161f524cb70a93f5657d40eb23d9049bf940fb90eb7

          SHA512

          e6a067abcd2b9df844312297265079d699cfbe01dcd967f34f84846935a5d4f79e33c9e612acf88ee3f2f543e0acad2ffe8d3ecfb39b7f0f381d71fd08dc13de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35b26aa7a533e9aa9f12ddff225db677

          SHA1

          a500516f0a7076ed05c720b9d3b8abd6c73b4d37

          SHA256

          c5057010b339135245f19e3642b7df2ab6557480fc6b4f45ddc513a0bf201839

          SHA512

          613062fabaa43c60c946594c1af9be0ced7ae7cb674a7d9cb0b595b159bd6b7f19d6748ea81fead56e0b6da45645e126a4a39804378c8a7e97b9a04b3d1c67c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7eec4afbf37d0f1035968902b2fa930c

          SHA1

          f40cf498dcc095f4a2edec6963ca08499a8a89d5

          SHA256

          75dbbc66a8176d2f87d9dd2f7de580f895f608e84134dcb51669f80d48be7353

          SHA512

          b7e819682601ba7a11fcd5f369bf26c5d4191c9dd63965d6f3cb505113c9fa9ae507d26271a40ef8d9ca1520bc95c880a1d5f7c7e15a74747e7b1f7fbb01a4b8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0c4fb8def6245bb911ee5c4a19ba349

          SHA1

          b36ff4de7f41dcf0371f09b7c4299aaacf014b88

          SHA256

          3377f40c94f6825f243f518dac11cb0c9eb45809789dd9493340d4a40b8dc1af

          SHA512

          59e0b43dd2aa929b07496b184afc4858aa49d93e6a5bc26b8967dba86dae12c3ebe31bfb14dd62a849edf6b232554e9eee9b1a7ddea364452fa27ba1369c4fb6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a2d06107ba830a910a32a226d94c67b0

          SHA1

          0065ed435cf1fb83daef893c958324a6bcbf4f58

          SHA256

          30f8e736bfcd924cdde9e3185d123892c22ae9ccd1828557e96fc7f58189359d

          SHA512

          f6558650708dba1bd4aaa31fbca1855c14875c6557c38af5ef2b478f33bed77aaf02efb664bbc49592da7117394c4402db2ebc48535a80682512746cadeefed2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dbca2b91ffe09cb11bc09bd382792aac

          SHA1

          1639f0e7c41c6f77f462c908f1563ade308da411

          SHA256

          2495e687d6fe98a03bfd6d234f7b3fb677b2ea573519d725a9106ce2b9d82c32

          SHA512

          c991371810e6f0f7c99c53f8d403c3fc2392aefe19d16f8a010336c5570b5a921374eb7b61be542c66c9c3cb4e1089f3c201a1dae003e7f7dcc67182a83b7248

        • C:\Users\Admin\AppData\Local\Temp\CabE82D.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarEAD2.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b