Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 11:43

General

  • Target

    de437bbd1800df8ecfaae62706960441_JaffaCakes118.html

  • Size

    2KB

  • MD5

    de437bbd1800df8ecfaae62706960441

  • SHA1

    2bc3366d66a88ee1d505132e94a734e1cdcb7cb1

  • SHA256

    7fdc55e140ad6cef078201495647518a8bb301f6690a9ec9f2fff694250c2522

  • SHA512

    c41e22c4c955c777f2425061487850ba1996974f8672af016bea913dc8104dcbffa0b1f16f14ec1cfec643d029d4e84b90cce4240117b8329056805f45edefdc

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de437bbd1800df8ecfaae62706960441_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:320

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f4012978b50a1bae98d793e17364f4b8

          SHA1

          e5af6de70a6554c495cf903d10618623d64a272a

          SHA256

          f540c78ddfa8189e48ba028b668ef06d1c6b510949805b82e4ae20575e098acb

          SHA512

          b226c901d650ee695c828fcddea7603bc85ad83460976d47b53c3dfa641ef82159326408b66169feac614bda34709b32afdec866b6e18df4d3496114428d0a2e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fd292e5a7268d3bf253eb829767a7175

          SHA1

          c69b70353b6fdbaae0169e5a11d96d2184ee9f0d

          SHA256

          9eeea38c51cb32eacb57fdbd26c4292dbd6a63d5898d2745b948969ba8c0ced3

          SHA512

          4f070908c2b4730e7314b55a58b5eaf39ff791385872c4a9239f62a9bf4d889c130af9e633048ce7a220d9c49f2474104fc6432aadb3e208e26693271dceb5ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          745aac0974444a95f389e31866d79e17

          SHA1

          a650947848a7dd6fc148d09433d4e425349dc861

          SHA256

          b076786942f0148c1cf7c6cc362ee4b8b63d0d2db0e807c47354bbaa6d693aa3

          SHA512

          af74919b8828560eba6006f0d16e557a0de7d603697e731b111756acfec82a63ff3356a35607a97d4886b3253e9a035d6d0b06a47c96677ca90238ec296a63d2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          81509607cace3271bb74205d35839ca7

          SHA1

          f589395a78e6fec1c2eea2891e2fbbc3d67d0f7c

          SHA256

          19625c9570ebdf3b21062f8c94415c97b488ded6a3c0d74ad58dd17048f44d41

          SHA512

          1b32f97989c33bcda0dbd186df086bc8de9ecdbe2066b2b24f496dc7ce47c2fa038f2c8259892b850b22729502989c026c76d5c611b4c5a9f01b48b9081c60ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6592f252a01fa7e1d32a5573037c01e8

          SHA1

          901250196714a44a93ec5c24a7240047321ccb40

          SHA256

          91939029e0d6a778c67dd7d36ebb08d138b16eb072f05dfe7c1752826c7ed30a

          SHA512

          76e5bbcb39dae39bce4aadd1080ea2bae1d7541884392438c52d1790f94a9c8fbdc00fe4d886cbdc5aaa59eba495988319c6e47e3b29af2072fea93bac76052f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          42d2224652516f06b5af81f6e4a616f8

          SHA1

          38c8f1904b6d4216cda1951b699721834a81f4e3

          SHA256

          704f542de8ac97e3902b6195206bb10d8e562edf5b3c0da19f55d66cf51cfec4

          SHA512

          acdc8cee2fa72ba291fdbe36fe4f0e5dfc9c303c9f58baf4f36bfb8b1ef1c0d745155ef4a172559b70953eba58bf82600d92644f61cfbc8617bddad9dc3f95c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a527b36c592ee45b97bb00b8fc7a64a

          SHA1

          ad1cb2d4c56fb0aa25a32523df4c5b041db6429e

          SHA256

          9f2b84b8decb277c932aa2dd184aa5fd77c8fd0809ac7c83ef905da3555a206f

          SHA512

          080e5fb968f6276051aff4f8a9c8b56b315b2a437e76019553f4191ed2cc73453feef40ca8fc24203df08bfdc9d5608ea8e641c3e3ddf6dc717153bfe50ad3b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf9ddb4d23676875a33f79df59394717

          SHA1

          f9b35c1e68d403d4d92cbf3532dd4c32f8457d4b

          SHA256

          7790013bb58a32933f9bf9b490fccd80c8b07e631b7eda75e23cd3bc5c3b42e3

          SHA512

          c19d8b5ea612e13109a47da88db656d34ba6a189f54cd2c3a1f9861a5bbb93c9d7a377fbe6b531d199df786f6f6bef28a0eb7a8e785476f8cabbb51046e9af09

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          90f3b5c248563d38bec961edabcc3092

          SHA1

          5336af37148240f2d5e7191890a40f1542bd28ef

          SHA256

          19487feedf1bfebf65452f70c4b19bb97823d5fed5259b5555ce67e8567699e8

          SHA512

          ebc0c93966c14f71f2ae748cbb2ea30013c98be19f5da1c0e8ab7cfc3f7b72e9278327696e6b7fd46b25343e58168d3ea3e18f9adbc43a6d35437083dca7e638

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          44fd1de4cd21881896001bdd3555da2a

          SHA1

          2f1f5e5ac2fe68e95380073012e27093aa359607

          SHA256

          6c3d1f85e037e018ead935b39e249a716fc6055503c728faf191ecf3e91423fb

          SHA512

          e149f1d535957746d4b5c50c2766909635074a40c6d12ad2ada6fe0a4021cbc53cdc7c18f6bb1e1bb81f4d61e2593811a06660ac90e4fd7090e2e8a460eeed5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2f0b373bdde98ff5d4caba98f9b3e5e2

          SHA1

          6042f6358074e57b727c2bebecb7800d4590e158

          SHA256

          754bab624b405c042d3b5a817b31a47bfcb010037641616de3871f058725152e

          SHA512

          a946e8db5db0f2b5e60a6793526e49781764bb58541316110a9baa673ece7322478059734b63e93ab9b2115e0d97985b03c48b34fab1ca479bd396be7a28db50

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1080618e3a88984bdc52a1fd0371c472

          SHA1

          c23bf61d1376490f63326b30d7afd5200a6ee4c4

          SHA256

          a255af2583b9f233913eb8b55e120a25a5d42dbc885b0ea1189d80d53edc9b3f

          SHA512

          67c035a56e5237571faa38bd20b1d657108279cea9ec337296317718b6cfac2d372f083f35717ca5934a2ac8286d2f51037657d602761c9aeaae8cb62ca8fab8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          12262aa72ce40d7ff8b501d181ab6303

          SHA1

          6698a933d66acb2c3a0b9e102077822d6967082e

          SHA256

          a64e96e0b4ab6762c036d2d75f2de70564ad36d414926cefcc0df97abc764fba

          SHA512

          a8784b0014aa476d19e661ab863816d1b4062b8fdee7a2c0a6384ebdd4bddf9fcd6fe51220d1d9aba2dbc7d59744ea52bfdaaa310a3ce0a13f4d5cfb55957e62

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          38176a125a2253572eb185e7fdb56566

          SHA1

          2c1cf6bcabd278fd89e5cb3e69dbf0fcdda9a513

          SHA256

          61d6e4037e431884f7949848a2597db8c43e22038dfd4252b544a4b533c11a07

          SHA512

          d7ce1d0e94d6ec58d43e2935d0156a6158f6a163fd76a87754b80c33e9c7bb5fea6c5b3c597aeaafe21395d7c37def683a72455d68e1ae283609af174fd85191

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73434057483f02d4f290dd92a5577170

          SHA1

          e1ed4b9e4f103e663161e9944302ec3d45a98b65

          SHA256

          673cb6db53ab7ab60126f55fa25ee28719418146a177e4469b46d148e9ca3157

          SHA512

          30d7970a1c115b610830d1e5070ccb9aab96f12d4e8533b49be3e6553f8ffb8e1aebd2058fb75803da636399e29f4e001a365720cac5cddbcd294d4103f0da12

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8da9b0a17e77c16457f4a4ffa424611e

          SHA1

          8157a28dc2101423050574c4557d6028b7d9fcef

          SHA256

          4f277decd2e1d941e63fe1874bc3b42367635fe4b7452c85714a5321c01c26f4

          SHA512

          65f79147e5da7bbff9efe0d5474e5e85efebf1b977cce1d2160e70e6f93b96fd42bf94b79bb06e092108a64f5401a9688259590ebee7b8aba56591d38f206b0f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86e090f77005acb562c1585fbcdf67aa

          SHA1

          2217902e5451bfc286256b064a758975e7d5ee9b

          SHA256

          33650057d01f7e890b13f1f9e755a9552d29cda5e724959bc3f210e347171245

          SHA512

          f1fef8711d1f909ab8b9f1a95fa4035d135a08e794344fdb49b226fbc2ed0abf606a9e3da7555377ff0ac9ee43eeb21608b40fc0f44ae2a8907ef3442b58c37d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          96e02897b404fc72381cb46b02d233e9

          SHA1

          0f841830c53e2efd37ac958e2bbe4ced17ee94b6

          SHA256

          26bbd8724ea487c245646fdcfb30b781a5282115fe2b17490e99f84ba2155614

          SHA512

          cabc520706e59dff3c7f9ccee26ab0334ce08b1a94de02c5ede87e0866030613ac5eb950cc8b06a46fbb40f97ec90347e60c1e36e878be4cb181dc1d8acb1dad

        • C:\Users\Admin\AppData\Local\Temp\CabFB12.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarFB15.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b