Analysis

  • max time kernel
    143s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 00:18

General

  • Target

    27989190cfa56fcf11dbba03b9e9f21c_JaffaCakes118.html

  • Size

    139KB

  • MD5

    27989190cfa56fcf11dbba03b9e9f21c

  • SHA1

    81785760501ec7b5a8e5e1d184ea687ae13991df

  • SHA256

    47d647db1adcf310dbad36f609ce1cb3756a064c8ec7de55ee3c1d56fea5da82

  • SHA512

    2127fb3153965c17c3ab83de9b00413462ebf06420c80913855628ee61e92f7bbc400131c5f0f201b31dfbef3666cf12222a2ecfda73faac389e49d3296cd287

  • SSDEEP

    1536:SFBDOs0NNn6GSUSNqE4PlUgoyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP9:SFjyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\27989190cfa56fcf11dbba03b9e9f21c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a4a86cb9dee5c191a29ae29c68d70d2

    SHA1

    cd71a8a4eed882deb7bd333040e92b93194fdce7

    SHA256

    2b2840ea91840553a2381dfefad6903f7bc76c0dd4b758918e7802679dacd46a

    SHA512

    55181d95aa9c47765928a35d0339576bf464251fde227e596e86057d486dafec4eb25334f43e21a2237f3eba7490acc9ea2c75c806a2d2a81daad5674bd86019

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ffb6d057003f189876b6d519a1a870d

    SHA1

    7dbb7571e3a690b530c86c88cbd58264cc21952a

    SHA256

    74d6d06f23efa7a723ac27ce591ea63de8eb74600a93f4f9421dc3b7f97c036f

    SHA512

    bca24d97faf00aa4802dd1ef645d0768911d3441f89c0f1c5152733340487deaaea966055addc5dde19187ea90d518d31309ff39ca7750a013ec762648c65697

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    584baabc304c00ced088574623d08510

    SHA1

    33fad2b912cc11f19de31693ce532f32854228d2

    SHA256

    6ed0fd64d02edbf6bb24caf6cd764e976b90051298eb422762f7fa1ec79911ff

    SHA512

    a1786c37f324ebd2870bced072e85f5133d79ceff0b7a2daa40778d6eb5e3a7d428d1692ed88881c4e990715aa9444b89575817dde716fc16695797a8ca86e4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa776280dc21e1ebf0525b083a622130

    SHA1

    5625afb4dcc5061052fc5407901161158cadcdc4

    SHA256

    286f686b2c89eee5c674a38f30183f511753d332a4746fcdca2e008a5a2e3fbd

    SHA512

    d48a73b87d21213dcf4ecf48ebb2478c3c29a1f23fe88fe18be95cf23948a9428acb43e3e5bffebfc51f18edf2a33f15926c83b123d5fe32086863e8ef1d2bbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbc6c1f6eaa0841cd3c201b569cc3d61

    SHA1

    25885e2cfd5f5f2b14b8ec03b0eebc5e7289ca2e

    SHA256

    b12e32f7a3a3b09c407c991a2f43b95a7ac6d110e1336b69e083f72b24468184

    SHA512

    e5f341ad570573a9aa6d0099f482ec0ee2c8ad5a9682b74541d56d1356bd1bc4f2b32f7c327174ee8e26de996bf6935939d4efd591cb0c39be37bad90d0638b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49c012d7e27ee7601bc71da62397ba80

    SHA1

    eed9e29636cb5b850be4da193999741a03eeaa00

    SHA256

    7cf04309bd8cac68989e3874cc8deeb7a7960c2253ab128ecb9f98473f51c69a

    SHA512

    8796a36d9dea4c39d0aa7138a723b29f2d630454237114e629325b67a0873d76fc9e2ee60a34c564aed65ad4e295a4bcb056f46f0df2148eccfb1df7e7ea2e82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91d1bc154c8aed00b4c4975e65d97ef0

    SHA1

    f24532f1d71ffebea42ead363e88c982f6f91a43

    SHA256

    2caecaf835475f19d05931f80238841358cc927148d07f80ec46fca3157be358

    SHA512

    8c0b82ca802b195f4b718ce5232d4e2d1ad8f1935632409e752ead654d909b8924faa0088550c075113e054b2c3e1a6e7649c348ab9404884896591c60224883

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4aecc20e0c5b9b28b8e03a46d627716e

    SHA1

    de193fef12b0fd6be8a21ad2e3ce29fa9aa54486

    SHA256

    538debdf8835f5e1efe00e528e0d8821f5e5e7a7b14316bffda9391c3c8ec32e

    SHA512

    35e658aad2f699055ac562c81d457ddbae014d10ac829972745d38978f8989ae446746052045a8821987b312a4236b88eeca0a3c34f9405f7bbf00ab26f998b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    736638b047f6b8e0f2b86e4d2d03b0b2

    SHA1

    8f9cb97d94d01df81bd596aa5fb7a6291e4929b3

    SHA256

    7fd901423a66d4d8d3780e3eeec18d72e3fe33bd144cb2aee12e4efd527c27f6

    SHA512

    5b90b89e8ee4cdafecdba4e468e03b937867fe0344529a1756597c786797322afc8a2606cf0cdc5a5f50dd0a4ed4c177503e193424a9f852f9e497007f497317

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49f176ef6aa62c38c8f5f6bd2bf5eb6e

    SHA1

    2b60a1aef2276d92846b895219215b46ccdc70a0

    SHA256

    2d1ccf56ca182e4fd9e8a1a555975b9ae58a8e0455305bb9ae825b37a052a8d6

    SHA512

    5fb763babe572aeb0b106fe1d8c282320b1a3c578568fd69b523ef3daa036be710162e9517ac1848ede43640b82edf2c75eaff747e2c745b16eb17d15e9d8ce7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a68dd11e2565455f16ae5b09641c4639

    SHA1

    001a60819d681a7063389ed5a17aca3352bc6bc4

    SHA256

    5bcfddaa802f4c6800e7c2b1874d3867888a2654d0da171048c09ac08f09ffcf

    SHA512

    e500e30631ef58930d704719beff916b57c3524c8819b73aca4971532f9b332a43a1c09a924bec44b20eb758bead8d90d51eb205927f540a775d932b51270ffd

  • C:\Users\Admin\AppData\Local\Temp\CabC2A5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC316.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b