Analysis

  • max time kernel
    138s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-09-2024 21:38

General

  • Target

    ea04337601f43e5692d6fa3b27327ee7_JaffaCakes118.html

  • Size

    14KB

  • MD5

    ea04337601f43e5692d6fa3b27327ee7

  • SHA1

    45680f18ebf0dcaefd60e59e4ef1930f422eaa4e

  • SHA256

    8e794d0ff7bf1ac24552bd0a1171a5e4fa7ccaddfa2e467b9d887564a122bf5f

  • SHA512

    83b2045abe9a5cbffa6278fd4df0873f02ce5a49c2dfc149cf8c297461bbbdc549d78b9344a3e100d0e3d6e07f9d4702cca505bbacea35236b138363b7497e2a

  • SSDEEP

    192:C9ren8VwgJMfGAHLwlLuuH8YhzVg5H49MXj9QU4pwxrDPEQd0lLXalc0DI:LfGAHguo8E5GY9MBQdWd0lDaZ0

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea04337601f43e5692d6fa3b27327ee7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06091bf382c4a33c61fd50cc41450a6e

    SHA1

    31445680a26623f3d0decc0a7fc3839de5ecc391

    SHA256

    0535bd703f7944bd1be138d8ae6b86d45323c99f1040cb7bf4cf09cd747018f1

    SHA512

    9884e7f1f81ff36518194a407912a87e89bb16ea19ddde7341f6564c6d2e7585fbd4cca546cbea01443aedbba45ee84ef8a97cb28d5c25dcd809d028c647d6cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efcff9fbe78444147400924629a6c4f0

    SHA1

    fcbf0cbfbb16b4eea99f62b4c2616ea2c022fdca

    SHA256

    5541463b7321e83ce0f47f2c1b03af77c229164aa4e44205b82781230249ea6b

    SHA512

    32ed1ef12fbb01d84d85d7b91cbdb5e102431db7e6600968e4ffa8c776acc6a8b31db75094fdfb7a9ff1c831b7077d4f3cb899b0e06c369c22626762fc6bbf46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fceec867c4f7319b3fab9302c9086b6

    SHA1

    0a98a675290325be7fd715c90208bc2ce00e6f64

    SHA256

    c7e4b44b469e31c7d38bdefb888798a3bc932263b0ea7a8a396d2984a31feb3a

    SHA512

    211337c75394a5c85329bb2307929ef979092fabfd5e9d9ec012898bedc12a01a976e0f0e84e3dcc59611cc6574c6829dfb1a8d158f3be9ba57de7cbb0857524

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    560e0e6b86ee4c4edc651adc1bb21fa0

    SHA1

    9231215b3b280c7ac16e400ce54c464a6d6a78e1

    SHA256

    ba57744dfe5ee6544910d62d01d17602d8583d202191d83728eafd974d498c3e

    SHA512

    f1ba1ff19a01b0897ce6ee4ba4d70cd4defa0ba28abfe2e150f8694872e8137a956f04737fd3d2e5ed37c5238789ebf9bc9312535f8038c36bd9fbf0ea30f2d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dc8c5c22883feb692a03b286b0f219b

    SHA1

    af3d040978e26e3e42dde2ba051db34fa42807bc

    SHA256

    ede7d62f9b62bce31ebf3d13abdd92f3cb8118f91a425fed0f3b12b5933f471d

    SHA512

    6a3a1c4e9672f557daf0fd2cd3152d4633de728f2335276bf83946203d04c762eebc56883c960636d0a95a18de062bb09e539b07b827860ea86d8d01066f7b55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7551ee1d2e681f1d756c8405afaa4f0a

    SHA1

    9cc5661ef8564a53582127e91ee085f17696c600

    SHA256

    c29d5fbfac0d642897290a94d1c043367e12a17d37d93f6eff546d0dd6c2104a

    SHA512

    097f10f3108c9d5daa181634b788f0b284a980bdfa85053cbfe3608d45652a1ab02adaed5d7e1bd13f76bbb268b2d4a50844d83de29ff701b10714b88e404ca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a4925769bac28c8dddde51c961edcff

    SHA1

    64354037b0583c244665722106a5a3ce6755691f

    SHA256

    a91eb63047cff20ffe5e921ce043096e210d6c66b18e917f70a2f427d2019190

    SHA512

    530cede024240d936b0ee688d4a33ef05ed9ea9824a61dcd02a0f19656634f66cef79c16e686a85eb85db0455b26cfd94d27c45ca492addb0a0bef3140b9476c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d469077920207f33f100a8871730a0c

    SHA1

    52003a02284a3207e0806e0be7dcefd84f4f2a60

    SHA256

    96a0ef9f0365f1b0aaf7bb7c47e1d4803ba52483478c47b4f222fee5a8663c16

    SHA512

    90f8a173bd31fdd3dcffceb154c77bd6f5489e9b245af6b0715ea5511acae5826bdfcc55b925e456e7fad699c665fa938d424521b9f0a109eb5fc71aae8b02e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e148f03662e61c0d0207dc488116bfc2

    SHA1

    6d5864667cff4996c127378f8e2b24faa5af809f

    SHA256

    88872b12ad4da98b59a4f036a26ddcddeb695b205f87b3d14fc171536034dae9

    SHA512

    b6edab16685cb692b995a8dc45c08ad079f6dc1a783dce2c50fb5ad068dc0bcf02ccd92b7cedfa385c8821ec6e112c2a379af0153e707aa8ce491ce6cefb3dcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a0bc272c45c1164e79dadf5acaa831b

    SHA1

    299023243c64c867893b4fe25020234383b8e237

    SHA256

    449a3625cfdd93d571fce6be90b11104c9bfe39ee5f4d93b073dfbea4a2d851e

    SHA512

    2bdb32eccf7fb69f4e5b6b6f5cef724468097137e1f9146576b8742d2dc4f7e94bbbf1a62684e1fdc2e59bfe5e6de6d740573c0a09b44818f6baa81a794444d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f287e646ce384bc8a198ec3cf8c69430

    SHA1

    f4e732b6d021b5437f58f751529ee0227894d81c

    SHA256

    338b22294a9757ce58f2f7fa589bb0d8deda97bc78d61e59f15889eaa20983e6

    SHA512

    ff21c28443315c7731f89bde42ce3dd41a7d3127a447bfb19260b21e0203d765451d784c83be7e1851e3bf1eafb0875afb1fcd3662c823aff08119636cae3102

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36033851056d46fe800ef23ca51d2c4b

    SHA1

    15828fcf619fc8b65666e994d66b9ec8d72c63c6

    SHA256

    9547eab6465d0fd984d565c3607d801e1a55318955303e97a44066389732c56b

    SHA512

    6c381497c56475a7361d337f7ca48f5601fa2ca95739e2f758a6978a919afc7a87414b985f464a03f732219c91d4a9e3476e78de2ec7c8405d3472c34820b5d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1b3deb9ab122584ed91036d20669872

    SHA1

    cbe863749004c0563b682a5548081cb01758b920

    SHA256

    d96ed8d371dab1f0561767a59e5ad3fe4b77752e10b77a555684b6dfe1200288

    SHA512

    cdeb1048c66176bfbe311d700308a8ff8418a30ec83e05779a566f7d7dd5832b6e11bae086b6130f2570bb146e6d6e6bb66a72a1e83f1fdf66124a5bccf8dc09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b4fe5d96c24e372efb6e654f8ef5fa1

    SHA1

    8c2a14d3a6d5035cfc4d6941e07981333238489e

    SHA256

    49699bd3615fc682f2843be0b5689a660068234cbcc213905ce6e4ce724825eb

    SHA512

    21a76d1fbc92b5d231b42c2563ed2d0801823dec596667da603f841ca1581b02c73ec169cd7b160a654958a73c831edefa1f620635c7cef6351e578882891627

  • C:\Users\Admin\AppData\Local\Temp\Cab762A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar762D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b