Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-09-2024 07:24

General

  • Target

    fbc99be507eaaf6600619e418a808d36_JaffaCakes118.html

  • Size

    9KB

  • MD5

    fbc99be507eaaf6600619e418a808d36

  • SHA1

    5fb9d1e859779d47f03692ac97b29d9ce4c954f5

  • SHA256

    189f2096c7afdc8459b05e2966f6abff5d8deb16c7d5ec7c20bf19cc7546fb23

  • SHA512

    bbc55c0d83ca46091dd275dbec08ceb5c1cecce466af2a84276486d60578f0ee00bf29bfdd4feb00803bb67d782bababef8eeed202d3b148766dc24f4f018e22

  • SSDEEP

    192:mw9rmu2XAbUD32T7Zk+Vs17TsSH7ALvp6pzpgOp2SpNxpzp+apTpzpTprpjpjpTE:mFXD3iFVy4Sc7gBxxpRhxphxR5xhR5h8

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fbc99be507eaaf6600619e418a808d36_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23675f3785569cb5d34acd73c33b1437

    SHA1

    300773c4f58622f1d7deee2e588bb867f09287fa

    SHA256

    c767372025cad6c0857f01c30cc8b8cdca6e279d2b8b63ea3c14341398e62ba5

    SHA512

    fd3bfa4f270ec6d668cc2eb63746aee86983943208d3d687b596262c5ff9c87bb1f3ff4cd1351cdbaf6f6c8a2a8ce8ed1aa49ef16ec3a707c2186b8007f9a6c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06e07ba4240b16769215dd26f3c0f27a

    SHA1

    374dba821b2780cc026fa9a7399d1cf663f1a96e

    SHA256

    3ec231dabc87ca5727e577236357de5f48fe29a8cf2b56ed4a4db57306c84ab3

    SHA512

    b5da51288104fe285201ca3a384281fd4b5ec266e97ecccfa06f82c21853fce343fd3dff849f25379a07603ca9705527d694783bcaa066ad62c48ebc5fd2df34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e8d35bd836d398cee3fd2bec3d952db

    SHA1

    d1a3a10549bc98363fc8bbf8f6ed8068bcd7aea2

    SHA256

    e68e5e7f61e6be8fe14ec5589bf57f2790fa8845f2f03e7301fb2c8a52015095

    SHA512

    672812b1ee0010bf79009e5a24ee8155d4330fccd43382c7bdd8c55e903635ffadd66a2e4299868c986d0c45fe8f88b55dddb9324400b6de240d0faf59b1f03b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a81fa7c48e0f3292ab4aea4e022b61f5

    SHA1

    47804517539be4ecb616d485436397cbd4d4db77

    SHA256

    42c39686487864d1ba81ae5487b0d5eb8520d73c9e613d6f1ffa837a48152c03

    SHA512

    4d8469b5f6d7570c517f92024aa474b0679a18a4490098f820b8a37b7936e89ebad908362aba23611f0fe22ef1d0a8ba84554e72be02357fb7d009bb87e98fe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2ec7c1d61719fd3ba5b5493164c6755

    SHA1

    dba2bd800720682da6da55fd3d881d11db6a0a8c

    SHA256

    becd9cc1318f09be74fd5434b5a08bcbd5453c4312cd21b3afacbf48014422ee

    SHA512

    078931d5845cf6a2bae4195ea069920191ce60980a030d5f03026c479ccc0c9230e7d97bcecdb3d26a3d7a09c0054bbbb901b56085c45a770b1553011e4110b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8023ab73389b9d045c01c0ef77ae71c

    SHA1

    5c7296c079f7d6d72741109b0d03a03e8c1f0f9e

    SHA256

    9a5db71671cc27683a396e61aae7ab8cfc61a1f7c89e716b2c0eeff41d58eac8

    SHA512

    b30cdb71be929565d5a619897b7ca4b2328328289f78f773af18f65dbb99bf75ad0a80cba31bea773d32c8c5dcd2c156453cafe11b7705d77564faa47b5b83a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    190a08156c76f8cb5e8a19a781b0c4d2

    SHA1

    2af5f4d6c49c8e8db9982af4b25b04dd167bf427

    SHA256

    74945a96df3d63c9b05398aaf427fa9f92b0b3c528d1041b9d820adc11b483d0

    SHA512

    a1005544cfd0c968c7d0a7fed5bd4b31640f337450d4f594ce99953d59c2f467f9857876b929d9bcc973a1e59dac3da68a8bc909b5814e389d33073c9a291c31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d3f89dbd48a15e84a42829e4c4a33bd

    SHA1

    848142bb5929a692717fb194c8ddad028dcd731f

    SHA256

    d2c40e7f276c620ed5c876d30c7ed5d73219245247f00cbce1f2268ceda7c1f6

    SHA512

    f664b9a85c55f043a5886bfd23049a01d9e774c57c5cedf3bdf7523c8cfe0548a34c95562b4bc649ecf897ffe5e67f509d2b7401e929bec674707284bbc6e941

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8e36e1b40ab1724137183d878a43dba

    SHA1

    f4e54a9ed669d2c32e9a1b659b05f210962cebfe

    SHA256

    3c5a29265c190268bea2d5a1a585c337b0735585502eab2e343dabe70f0fbbbe

    SHA512

    b0c0a2a9be75a1dc35caefd7250e9e8fea08a3a73156ee584abad72eab0b699854a7a6c98bb890f6d449acfa1171349c6a61e2c73a3414f5c6b2b45cb8ce64cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b09ff2f650660593b455a57b8617674c

    SHA1

    8854daa5ba8c2edbd457d91c86adb96de36a54b9

    SHA256

    b78f528fb24c9746aca7a1240e60cb38428a0d8830d0be79ced4c4428cc8be73

    SHA512

    6f57d9b264b29e26c3db6dcbb18bc147c80c5f961032e212849d48deffb67c70d77679249330009392dd385908678336bc77bcc87dd642084560f0ab5d197c87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2db3510e458618f06826b436a85cb1f0

    SHA1

    a332c11283ab23de97ca2ea245e8fca00f507fdf

    SHA256

    e2662c37fdece537d3fc4865d81ac6963c545670bff49b343d51c74942685245

    SHA512

    1e0b7d6d16167cbddba3fedb8e5bbb6dc126d2be5f2cf6eea7e76eea097d36f4e19d68c92282a826fe30f76b487c95ad4ec7aba3f963003369169f8292fc17d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3315644b71a3717ef9925ebaf5021604

    SHA1

    2c7a76d2741a231a020b192fd995e958e5d6818e

    SHA256

    8202b3e2da8d79c7c19e98a6f42c69ebdab2ef1b9d7dee2cdbdc0990d2470909

    SHA512

    487a52c66694f7a831813e06ba3ac2027f5d90838c76102b2c8c1b3178fff4221a32afc20c1e3a5e75abef5bc1631632e6c51eb5829ea10b91759bc8208a5f81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4851dad9022af60730f4929621a36e8

    SHA1

    6944477c5af7886d2cb879d3c9c7e50bce413527

    SHA256

    205cbf7d8d88d7a61fe325447acf641eddc98533cd80eee38819644e27df675a

    SHA512

    fdc3d2aaa6e83656b867258211358c569476029a87802c8393b6b3af7402f39068ab759bc17d59e45f501c14e395c688ec66ece12c854259a8212ad23dbb5008

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd4804e65ffb701730215cb6de2f8612

    SHA1

    17b0c8da0b7da436459e814e39c41eacd62a6d9d

    SHA256

    af5a64131189f2192541d500053ac9693e2077575beefa9db06162315db28e44

    SHA512

    02318a3f0fc292b8ab43f444358eca1a3430d3ee31078bae50e8725230b13d3044063d9d8858ccda82c9f8467bdaef175f2b2577f299f901d1765fa139b6b5bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82d84b8016626d08acebc57c14689ad0

    SHA1

    ff648d4268fb61eb5f2b48b3da407d301950188f

    SHA256

    0536c6df161b46ecdd29ad99f8526b92b7766863b641bba1d5af0c32954d30e7

    SHA512

    4c826a0941f67b430897f471237b36ba69476a3429c814d4716ba8420411a01bea123e1df39e33d855c37dade0a98bbcbc8778f2e5c0dc172994c4a57dbc2661

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6349413414094c6e199df028c413487c

    SHA1

    9fa7b39444df35fbe75f6da335c572f6a49cc82b

    SHA256

    bbdaadea379cef27f6b24ec0e6a7889d23b3c6fd8dda54dd90f23d73edb138df

    SHA512

    80cc43700a98864c107d5b8ade6e55975e4b9b3f124b90289483283746699578c64b358160ab6371f2ab6ab3a92b0ad5f80fc77c1da7860a430cb7a9062c60e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b74a4ed33cbd563f46e8fa3179578688

    SHA1

    bc79691d99b766a721e4613e7ee9fadcc60c1a73

    SHA256

    574fbc7a7ef7089a4415bef49bb146a49d967967605b3b781dc7e25fd683248b

    SHA512

    9130b4017a4273b3bd5352648e5dbd12143e975fb0999efa5858fb76f9ecc628cd7a14de14a1607834932746229f697c3d1f8e4bb2b6b21817f8b93757420972

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ef1d37b6704efe199acdcbd41842976

    SHA1

    a7771dc298191ef6618d9c855c9d9821397d9845

    SHA256

    1e968874e94009be619d13af92522e616d14af6a5d3fa5e60702fa5678fa89eb

    SHA512

    3ec76bbb0d04c75cc7b72267f6525ca02a0e3062ced07f681be1e79ba7762bd198598b590bc9d69cf9ff03ed59f20c423e0bdffe20968f9cdacbfdd0886bc799

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c91f922e0917997b00a4c6cbfa93ba90

    SHA1

    af5b8892058e1ed72756601272a68b0c3efdabcc

    SHA256

    585e40f652973cf5fdffcfc5552ae87da58aab4ee890d5e0bdc0f86e83f2129a

    SHA512

    6d38426fbacd3d06a19e2a4cfb5a4eaf54d4156ef5c69b5bd9c8e8d91579c4fec7b3577b8a4f1311930237522b1f1e65604194fb50e70fffced0568afb3e1bae

  • C:\Users\Admin\AppData\Local\Temp\Cab32.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar93.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b