Analysis

  • max time kernel
    136s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:36

General

  • Target

    eac565af424b68bbbcdb0988aef9c77f_JaffaCakes118.html

  • Size

    3KB

  • MD5

    eac565af424b68bbbcdb0988aef9c77f

  • SHA1

    5a8fd62c34a70948cbf48db91990158e31a7d26c

  • SHA256

    aa931738dd36da0707d75c147eea530496a405bb92686bf4ee10e398d7fbc536

  • SHA512

    45b16b6d4ea40f353f6e2c386f5da154365eae82e184cee05c259e808a98a7b6fc190842e66a6a8de130c817182b40ab394e7f4b28231693797f42017e18cf60

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eac565af424b68bbbcdb0988aef9c77f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2504
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2504 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e056f56f0b46795439bf8fca30748bf5

    SHA1

    27a948c5360517839533a81c8533bdcb72cdb5d9

    SHA256

    4cd63cdc0659a85edd99c6d91b72800c7e272d60115b95e319a9f389bb0a01b9

    SHA512

    9b1fe390d3aaff9fd0c19aa6cdb4f99d896256b2efa2a31a3b3de256cbfa65387baf2dcc624ca0f2b42179d89b1a2c6b19a733b80524c64b68f18fa17e9b97f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d4aa74499f2e849706d3764b171eba8

    SHA1

    9803f1e31330c3ea5d8b583407a943d023e48e2b

    SHA256

    701078cb4163edbac537977b28ec6f890438bd25c05891f435db4282dbceec4b

    SHA512

    3a66b09577271a4678b6b11fe1b9696f1fa0b61461e0743c336a408f653dfbde028aae78173fbd00fb5c26b32a6c848cd32114054b289e10563719d469732623

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdd8018cf24f75ef9e89f21c753d604e

    SHA1

    c6bd112d381c68f2daefde6076d15f913e48a2ea

    SHA256

    8425945d28cae129d39c7377f6c011ee2d8053d99e1875c50261205617b078b0

    SHA512

    3848dbf38e4a10829569a8259af976595ab9c8c0e1cac23593def0b52b5734a3c8af927b65e4f7b8c15ceef2670bac2d432e526ded042960940d3a8447dde7ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5f5f0129bb6f032d10135f074caa92c

    SHA1

    8ca95c89f3042b6cc04a041126a54aa563151e81

    SHA256

    b14bcd9369639ad7aa5e9b7cde72edf856501df3a2ff93d6118fbdde14f97cb9

    SHA512

    5339e9ae1ba0b280da81d1d2476cedd6d8f78a5fc332498f015113fc505dcc5432ee00e6c5ce7800803bb7bbd3afc59686fb2ca69c412367c945586f630ec1d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b1528ede901f96905e1212d18896eb2

    SHA1

    c52888a7c0590798b8dbffc1e047fe7c93afda3a

    SHA256

    010c45e0f6be704915cb4a85ea9c0f3bf7092a4a477fd3cdf8ff5e0b1b49f9b1

    SHA512

    cc5bb0bb319342e60f9cdf12b70ca8578825f1b7bd9b087e7f2f382c5ac0bc8a405e5aab9d6d0b464b7f15db68999fa35a4e6126b2bd710d5ef8e3fefd0d7e92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a461d4abc62350b1fcb0e39ee0d737f0

    SHA1

    6863ccb5cfe182b0d3755752375c082e08c4c252

    SHA256

    90a170a0e3c83245d3041b16c78c72611b3dbe66221b808970e17a376af50201

    SHA512

    a7cbe786ebe7fb73f597ce2046a17f20cc9b1bc4575e92021553c28c57a79956143ce7b9583401bec31077b74ec3ca17838e8509dc7b6eef4e49cecd3213bfee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd3ed6513218907fcfc37f7d4c40b020

    SHA1

    2bdfd6f2d0533ec10840d76e9ea29e0fca789ff6

    SHA256

    67d566cb1bd2f046edd38dd3397e73c8ffe0a8acad22b5f5f73c946de1eeff68

    SHA512

    39356fef5713290059bc80d701d4af1b6075f9ec702b8075d5feedaa1647dbcd2b73f8fc5a9e68c60fe1688e1fb7fb3165a9ec9f91cc2764886722290a90eb22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ab89ed1caefecb7898ffc2bf43c6c5b

    SHA1

    a94f1f58eef51dd8c9f87fc388e7228d457de12a

    SHA256

    f89f5a7265346c3650bff30bb017a538d6b8e64d6eeeb8dad01366b1298450a4

    SHA512

    7b7f5825c9706428ef44624f03caf5f69b78b6d92fe4e71e775973ee22992c57861d5b2d238cfb237b52fb170cfa3af2405cd2ef84139c81970fa2ccefe6dfc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbaaf1aecdbfd88b098c265e15913fb7

    SHA1

    9cf54246de60706dd08e82581bb733c81f7adc5e

    SHA256

    dafc160f0f0a279067dae3e8db02bef0e9576b9c5492071d488f08ccff98a0f0

    SHA512

    f650ad45126d9d510fcf063c07af805a9263256d1f4df9446227e5c169defd7ce09dc47139b18e211bfa54a3e2351efc9648a590fe7ec751b594fa9c0f220f02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2100b1fdf485b74358d72f2172707422

    SHA1

    5814e3373285af47807feb4caf36755c2f83f99b

    SHA256

    651a738f4707b3c1c68e7baf6c0fba2c2017a79cc2b9004152035bd7d1bb6c28

    SHA512

    7cd28fa70614288a027070409238f4c7fa860a673f4ec9ddb14afb9c2717b5229368383ebc1cf0e190d4221efb6dfb207fe31a9b003b9815b901ce663140e4c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    403fd28a680491e3af0626d43ec1a5c8

    SHA1

    6434f915a0ef1b1f0b26d7f46435064638c1144f

    SHA256

    db39d602283951955bd72624dadc65ee1d8bc98918dd54472e50c93236c9182a

    SHA512

    63517b80ff5243ebbcebb55223f36179d3c854a35d115f5e83a5d9f3304efe89d03adef18cd4f6b60ebc8302ed07a41c599f8906092c569c4f35b4e29519535e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc8516ba2453e664313e4bf1599960b9

    SHA1

    b1d0a27040dd9433722a7a42d4a0c2f6075d7a4a

    SHA256

    bc7d7bf4e031c3655f606c58b1512e7f9977661196c5e9b079457174fa8bfbba

    SHA512

    e533df64b28b42622e341fe1caa1d7d67f6e0b490910e505832a63f3e08f94be33e540e2cbbc2b070d4a1175112c1ecd7e5c75157a43ad8bda4aa496259de89a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d0a4abd986d79d70d930f612cf76d09

    SHA1

    a051d29a2c167553f588832a88ea810fb5737d86

    SHA256

    ca29563f1e7c7229e702d794d0609bef3303be75df9b39160fa3ab004b51a5a6

    SHA512

    a20142d8c7805d1a2aa95fc1b881d0a98f5afec16ee205eacba42e2beedcaa41ed4219b042f6df700a2da0c2bbeab876805d9bda2863e47100e671d699ff364a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3efb12e9c79f750182c3d80c37a9f20

    SHA1

    9464ee134804962fb439f81f50231dce8cffd5fd

    SHA256

    76fbe8305d55a1e32201f68afea146463db93ac2594ce295a484bdfb19440990

    SHA512

    61377a0adc7ced58ce6dfbf59012081d4097c81371e7d74dec7c9012e37434c0769221659881c8aa6c483bfc8c1d19a59af44ef901862d92b66898eb952dbca2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f133cb8039ce0dd9475e3fbe2b62a3cd

    SHA1

    473adf66b6b50114ad24e51ad5ae0b119a8ea125

    SHA256

    1d2d8555c5f8b7467da78329664c3eb4ebd760528040db4167dba47be37d01e2

    SHA512

    43271b635a1d2bc890ea894b52aec6d68528bfedeb6369c8b2c612baff32f768c56b0a413214811bab47194acc7f8ea760b059dfd20868d6c687678803fcc42d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4bb4bb7254b5298c74abf869cd101bf9

    SHA1

    65ffac0b11354feee8bc7417a02fb6a27a755d8b

    SHA256

    bc47d01dd7bb5f61da6399e93367d9428edc5389f47b56f6e63139843b65a724

    SHA512

    a34b3597f5a04f361b45ad9a635658d181b6a7f87d84983c5e1f5a27ef8b77fd5b3082fd604f573c32aa98ff39f2d570a7ba0c86961de06a604221373e245c23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ad6a0160d5468059733b12e06df74c3

    SHA1

    525c300c10e5bfb5ce2307ff40fb0649fa7b3253

    SHA256

    1ba0338df14a649b14427dbc3d524936223034a8a392d9d99c57422ee04a715d

    SHA512

    2d0765d9e6df92a757aef4bcc90bcd4c7b0bb5c61f19a81d37d05c98a8fc54b0ecee30753b2b7dbf3ce3e05b7a9ea3da71f34fb95036e6902b54ff553aaea954

  • C:\Users\Admin\AppData\Local\Temp\CabBF5A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBFDD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b