Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2024, 19:28

General

  • Target

    103f46158c45d69058b613d9766ab019_JaffaCakes118.html

  • Size

    1KB

  • MD5

    103f46158c45d69058b613d9766ab019

  • SHA1

    2620682bbdb1dbeaf5e041a2f92b178fd3e0bc86

  • SHA256

    dea56344d8f0890fcc102cf40d42cf3956f2cec251bf13f51639aabe8f56b70e

  • SHA512

    93bc91f81c30e10d68106ad95ea664f8167c1a7ba15ad6be0c5fc49aa7d4dbb694263b53b3b724aeff90d29b2a27244f9bfb5e895e0591f7ac345d7524d7bb07

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\103f46158c45d69058b613d9766ab019_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1444

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27391c51cdafd81468462abf81df0311

          SHA1

          cc06b387e1ed3efcb52f80dd5cae6f3dabf0e7ba

          SHA256

          579dcb56bfc7c4456b9713f06589555507c81218976c7e2f2286336f882b15bd

          SHA512

          bb314f74ef330ef2f204d4b532b94db8b24ba93eb6a629b187290eb82fb584697dd3f820c00166f23e92d99155486ed4e6c375347fba4d1d11c7c5adbcf7d364

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5604788b2a76fa70da6da2b4be5f00dd

          SHA1

          b41aec6564a1e00e1117b1c4a28717d35338d923

          SHA256

          3094d5d44f6a22be4115fa59b4d29edc985a5f47d22fcd812d8aa63e8782fd33

          SHA512

          f5894747af9fd90a15e238477df2f9b57e4e1f1213f8c004a9e1a9203f5220f2bcb28855f4e11261daaa48bfe5e94650b8926ebf31dddc5d2a2b0beb57f27f55

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          82d25054c4e81420def79a7839b1f981

          SHA1

          6a04b3e2b60af35eb71f7921afc0dea6df941793

          SHA256

          dd49bc8224d72715b37487170448c8e480799d6596fdc03cd0d512127dc8cc75

          SHA512

          615a6b420e3bea6f9af6cbeca1f47ab1464002d71e1322cce5047dbe98a893c008a8373ab58c5f3aa67076cd34442c2f1f95137ffb241fe14406aaf794c3d1a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e21fdf8724a066d4045847b84930740a

          SHA1

          0d71d8d8d5193f999a6832ff504e86dd616d980d

          SHA256

          27c72336f734da3894d4a7e838b546d0377e2c7548ba11656ae205b621e00ec0

          SHA512

          f7f71592f4818c523d1f2f6c592b8838bc6a9e6c9f33db131eff1a2adc28a70c6f5e37c78bb5964eee2e749feaa23dc1e99a2f057662d3f2d65d38fd603fef7d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          97fd28d57956a99f97c2f9e726843ded

          SHA1

          3e0f32d1d41f0fabf61e10996951b8ad76703c31

          SHA256

          26ca5e5ca7814fa9819be97c3090c62109f47d7cf892e5ccb0c6956bdf350d51

          SHA512

          10ddd09b528d3e8aaa5dd73b230895fd525557b86ea1d8520b23ef5a003e499630b2b99069d8cf31707d60a8f116525b06e983088228585c0e32e3526c5271ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          82a4d08885fa3ee5f3e3cdf244adeb91

          SHA1

          c580119c0a88e6db832087b577be74601becc533

          SHA256

          af3e94af1d220e033e6905fbb03cc78d89c6340be3283272fffeabc1964ec27a

          SHA512

          9955a4f9ff1286b75220c76e140f29318b529bc1d80371a2d609183748844753f8165a4e35fecb1119524f2a7450b05ab3e6ccd6814c6d21c508cd5477cbc40b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          41ef3e8f0a340ad4d5737a525c5f5f29

          SHA1

          b28774ea0e3e76fe4ede48814896a325eabbda46

          SHA256

          316a247df72889bb29b63c24689cb41efe6bc53687dd0078cb06e62ff3dbb2fd

          SHA512

          78aa8a9aaeb0c972876143ef3fdec76e136058970df9c7564a394e5679532c3244a957a2da316ce6dd0c7667b3e7eaef75a48544e955447daa9c7edaeafb0eff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9ea3c4462e75384e090b307347c25ae

          SHA1

          d88730dd87afc73c998cf713c685e3ee3c98bfaf

          SHA256

          9f3012a1f28d2f68facacb46669d407a3fe6fc2de419efb68b517767baefd846

          SHA512

          030e8f284f4008c95de60018ebabf9d20127d46be474c62a5b31a89a3ff0ac57e9e27f4afe3b6c5dd47c75f8cdeeb8a8163fb652e661b7a25d94d8def395661a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a649a85f5ea7af28cf1054b53a2a03c

          SHA1

          440a3de54ff5c7d78284cffae88d0ae57e1d55fb

          SHA256

          7e3f57c2b4506390f7d345b1d0fa4c4aead787de43eda24c2980d4cbb999b9f0

          SHA512

          8fa6a57050995bd002af3feb6630546d20a9383d799e298b1a35ff1d6662c1f581d4870e5b87f2e0a2485ed0f6c96e91781ea6474679b581eac56b641de3071f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a8d02c71f804a3b00edbfffdc6435d3

          SHA1

          daed66a63421cd95a07142519f97c223e536194c

          SHA256

          e81fef8d3f03843001360db58a5d8bd0bc845f24ae8efdec31cf13a9271bf1ef

          SHA512

          16507aedcda1419250ece85098114896e8d15ae6c1fc6babee49e1de7dda09ae1baaa802608be254fe0740f3b3471184515b63666fd45cf0073d4c21f09b27d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c64a8174daf599fc26b92179e57a5e13

          SHA1

          b14b94248c0707f1f24beeed9ecfd5ebd0735074

          SHA256

          839cb0ba4e67a540bc4aa6f54dbc318476b564ba2b5a0780af2e2a438d1a5e55

          SHA512

          dfc328d1e1f8a1e81e0723e094f07d02b59f7bd240b6624b8358b2abcbbcaa1bf34e3a74eabc8491f19d8b10455779bb37d2b33d3b9ff452d164a75f901c5f86

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a6f4570e7b5f41f783cce69c6dfebf4e

          SHA1

          52c6863ba9e46180529104a4c074441cca94d8ba

          SHA256

          5bbc27683fc3921d538d46d95f31a44f14d901b5f93c149d09ea234a25a7d438

          SHA512

          e54db6a464709273dcab4cbb1ecba683aa92feef9061709ee1e37fe3a340a9c74e500636550b5aa1e5bfc7e7c4bd7e2ce56462f9f6dfebac079289e42de501c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          412f8b69e17ae7f726d2564d4276aa21

          SHA1

          b1cf663ed6376163861dc893aa043cce2844df10

          SHA256

          c3365c399e4aa0b9737c4e973375b7375abb5df905600d8bfb06b3294ce95d61

          SHA512

          57c17cb8335e8d3b669de1679624cc42ecc8dbf2e66474155da984aaa934968adcadd44ffc3286ac7316704fa6c2af4c994af93737613566cfcf2b3df1c3021d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4b7cb936dcdfaebc29ac307694c39e72

          SHA1

          16533423029a2972657adc922262a43bd883b973

          SHA256

          ba7c50edf3c8b44b4561d7cd86ac63ffaba33519a2119fc603009f3e7e7b7a77

          SHA512

          642dc196bdf77e9d120c50f29ce195b56c44ef3280846427522062d177294c9f128368d0f99700620878c3d330f4165b71a2c782537a9c990e1c87728b3cb572

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d29bf1db00cbdba973b64fe3d9e879f9

          SHA1

          e7da68d19a26db84ef81cd600b15af49a321c01c

          SHA256

          80d272d3bb8f121810c47197c48e749746db3d23ce238ae98a900d21919571db

          SHA512

          982df3f75b64dee04b5f8c34fe0e1658b0eea978edde3536a47a340b34436703c85c7c772004c985b834053a9e46f2271ddb12a5e10ddca6eb031c4827309c23

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c620b534587f3859401d1b51548aa3b

          SHA1

          9037de4c4f526aa0a7b3c8c7a84eba571cbb7ff0

          SHA256

          bddef8579e67ca75e0561d7995644b34bf970f49edfb3198e0793cd2e4048a12

          SHA512

          126106c2d94df59418797e60df3bd5678167c086364e98231abe0a01511b60e6ecf549f85b52719b5773bb9f6269fb523e18a058301b1f32a9554314a6dd16a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d87112719cb5ee7c7ad602da1b2034d7

          SHA1

          b3c379ea424323d54c51ed69d883ca2139b452f0

          SHA256

          d53d8a9d515a32b8b45703da16f0afe01ff24bc92f697c4758d0cfcce51a57b5

          SHA512

          8f6101bb622f01b4ee98580dc38faf34f89a68899090bda13a823cc7b6f40dae908000980653731255d57cffcfcbfeab82fbef81d8583d3e0f4817230219fac8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2cf4a1dafed731f3e9cf89c1fdeb883f

          SHA1

          0e6eca1459da194ec64f8ad12fc71f8f7dc99586

          SHA256

          b4221d55a347591533f31aafa297a5c9585c8bf741fa8bc9e4c8af0bf67e55bf

          SHA512

          c9fb48d5a7d5f1b486e862d2f3b8c95fc48aec72e655ae9dbdf37fb07ee0239ae9c8cb9ce85993c6636c2bdb15f742920c1ed1d989fe6f2c6ee22ce19a4f6d42

        • C:\Users\Admin\AppData\Local\Temp\Cab84C.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar8AE.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b