Analysis

  • max time kernel
    135s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26-07-2024 23:17

General

  • Target

    7627667cfce8cba5b0af4e74069866ed_JaffaCakes118.html

  • Size

    118KB

  • MD5

    7627667cfce8cba5b0af4e74069866ed

  • SHA1

    b527c44dd32abc454a5c828cdaf0cdcb2b022718

  • SHA256

    623fbf6732e5a10ccf0dae8261ab2ff3875ca215d4aaafa58157a495fcae7c06

  • SHA512

    dc1064bf19643098252998195f6da0fa5b7b1cad4997413dcbe89c8b9a0ab97db7714792787753316ab920ae2cbd951acc527ffac3dd2d477f9925f746a09ef5

  • SSDEEP

    768:GxhkUwaSDvRc22d1fmPvYPe+E3I6H4hljCziWGB34j/NWoGpqjlXnopc2fhbWD8:G/B32i22rfYgQ3IRl74zlG06c2Jbv

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7627667cfce8cba5b0af4e74069866ed_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1980 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9a99e8a951e03a914e23618e529dd5d

    SHA1

    9e86bf6d6afdb33ada5912028b6bcb6fe75595b2

    SHA256

    1c1c520194f0b446b63758026d81e3bded8c2b5bc00f693a492d38b2a94d0b71

    SHA512

    57617a779773ae34ec2a395e598675affa3e4e4d26456df2473a12cd1d3f18204291c5120652f7f0ece163d5f66209f3903d9b5fd45fb1a0c282d7ea436d6e9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc4343b5e293f49f03aa8d92fe521f29

    SHA1

    a7327aaa79f0d2195b300f2c3531fc868bfc137f

    SHA256

    8850df678b18c52d4476d124c35734e27eecd727a679e302adecbc3439afca78

    SHA512

    bfa54b40db9315d8a2425c04e38194d2936cd4f043e577311c8c6c6d59f56ea32a9f446728fcb310bc0591fd51ac25e1a06a84dcfc2b2522a7ab1e778939ccde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1db1a8dda0f982f18b41cfea3094ed62

    SHA1

    38b46bfa0b209780a415ab474e429ce88e1fabed

    SHA256

    2b9a1e5f206b81583f6a93961cd631ca74a2ceec5e23029c8d709c8d539f1d83

    SHA512

    f0f4432887f8f9dcb9c753df2dc53e7b95064f6bccff9b1b30fe6df55ae43f1f06f14f145abab80063c8462d17434e18648d9dc8d1084a63ffa1b52a6b20fffb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e957d43285d2e34e441fd5a758280ddd

    SHA1

    3b1e241a19b18605344b16753c55eb45c259df4a

    SHA256

    14f678cfb13ae0a527573299b6c7c278340de50b5f244348039b1741c20fabaa

    SHA512

    659f1cd79d51435d5786ca386d93d66fcb23c1a096bc5444491333c4b451fe4261c4903917c1751d7cfc62e087806dd580bd2c147a6af75ef17d60292f7ef080

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1358cf3b759772161ed4403ed3050663

    SHA1

    49f0418589935347b9e71d3f44c5b4bf76583cef

    SHA256

    b7a0098bea80c3c399c9eb1eee29f28fa82baf7d8d9ad424e78b6b226cd795a7

    SHA512

    9632d67631780badb070871b44329af0b8d5f5edd6710aa5b59aa1e2fa727660b4203cbe597a350f5a5776d38c306dc0a066ed8afe7185042310b8262bbbfc4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    662852eec5098e12f8495816c1a1d19c

    SHA1

    367263f9ef00f887cb2b342ceae53d298de70154

    SHA256

    38702263ceac165078bf940b173dea0632a2fbaf5333184e2e66eca9c9488db1

    SHA512

    0a3ff2fbb97780827a6df0562c16c41298e627432e0623a9de8a83f8a0ff825346e66d4d3a7aede9e2cebe8e885d02bd3f6dab9851a7cae3aee107d3b0e89ea6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7356e4c73c92802dd5dbcc2ab33ba88

    SHA1

    a2bd233e1c61512ac6500daeccd4cf64522eccf0

    SHA256

    0f69e8f35583e07b9b9b4fbaa07b9a64464453bdc0234facea20ecfa8471ed2d

    SHA512

    6ef5ad4f00ba2a7a59237c61df7216a72a334d9b8bdcf66260f7cb73d67e182f731ffbc46d762d8ced496181bf9f810e27fa962a9ffbc5714ae4b9dda0309a12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    179c38ca8c450b9d39f5a03787ecda74

    SHA1

    66d27d5243b99bf2fba6a34b40d69eac37efc586

    SHA256

    12b3af37bc55011e4949bb63dc9889743f8053289a01a28c1c2d9e6168ed5c97

    SHA512

    6d046a1520b68cb86b792f19e60ceb74199c4774955619faead681e77684c88e9c822a8c1c6b66f198178c4c930dd9cb9c23804bb6402981aca6219b3ae46faa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    538c3b703fdc58efd43ae84274ff655e

    SHA1

    1eee42a4ab455ce6bd7f721bd6ce53e80c5e3fad

    SHA256

    9f3bc4bf94d48825c0664a67480af359bb05eb083d645d85b91b999b4d0be138

    SHA512

    ffeafc2d6d69ebdd77d2a29a3463192278157b81496c105bbe3b2c263229189858e72a84763fddf9652cb69714e59ad86db6ecda3bac1052b4e610281e346edb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80b1fc161acf0a1c729cd38e1d07874b

    SHA1

    d1ed09f9d9ca2330b373f9e6c26c665f0433f75d

    SHA256

    2310e6bf539c8d887f72db6359c60af2856f615abbf1066afa6b64dab88f0944

    SHA512

    8aa8446e976f776fd0534bda6c766ce007a15e9f05194117653b6758ae78b3a4423de0ae6ed6a15d57416e538ba5cbab79b78d19f3004d71dd5f8f071ef744a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a8fa35fc24d08dabba1715156fa0133

    SHA1

    151a79f79adc54451550711b926622480733065d

    SHA256

    62f271b5c53158b1c513d34b4ed4cb5d56f8394748cc95b52f33b644462ca3fa

    SHA512

    3facad8c88b1418e22c1d8794ed00ab25d47b7e3595055049da7427ac25b783bc8f712791c0c412423f808e15d87fac6c92d67efae98d08b5f7b78089906cb78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0be432078490c65a0725272d5e3ca470

    SHA1

    2eaedb77a3c8858765a02705b9f24deafbea0e27

    SHA256

    69e6126419ce1f507a1ad947558313b6d831d6795de09062daa71f56203f51fd

    SHA512

    02ce276d188baf45128feae0a7d723b2ad7487f436f23476a7906f8ed3db5d525e3d2ceee5e4b293d3213818e518161cd350d0cea01331ae679a041c0058bc1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb5e99835a6ca393af227e446ecf394f

    SHA1

    7f9cb787fda2171e428f17298bb471647aa658c5

    SHA256

    daec782305adec60a75521a13e47584189e730036b127923eb3611f9f4cec5d3

    SHA512

    007f2b8783080b20ef35c87613a72f9329d5d4a80406df31bd9ac814a0a07894d540d4d04f7314066f98c98696022e2341b04f43c7d794c17f83a066578ce6eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e62366636f9442e72803bd2c875cd322

    SHA1

    390b48e6cee689646cca02cc4b01ff3c68934ca5

    SHA256

    57c57caf4faa65d127c6aa662494427edc64a0ee322792b8eec0d8c532fb27e1

    SHA512

    2956b4e478a04d29a133cb2251dba276219dbce300a538ab9fa236c211981d45e0b0c27f176ccc1a3f85a0a2eb041f9d4e9c030fd6e8f25983b36afc17a4dc99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d242363fe7dd760903c0b458ac8db065

    SHA1

    e37245bd458ed2b9d7994517827b066c6dac47e8

    SHA256

    bdaae5cbb93e8b4a27ec92d7c5c8a16cd3e78b7ac5d957a3ebf002ca19725b44

    SHA512

    8ac84b4ba9187adcaec8dac272f754814c4af9d169a83d44af1a7fe0f66b1a7e15455e350a9fb12df3db08698af62aabd8d02949e145ab148cbf95542e039b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38678fdd47cf31c5cedb0c3e2e726a8e

    SHA1

    b9a2dfed8daf1c2b5a2df17cea5cffaf2829fec8

    SHA256

    409a44d7774036418309cb4c2dddd175d65a78e0c93280825c4a224124222b94

    SHA512

    d6ed421a4833f55e04f397a9bb82e08a288c23747701d0c85e4f0cdb5b8d56d75cf8f0a919ad5ad0612820f12d4cf51f883be4ace1a57470cc453075b71510d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29ac6db36b50452ef2f755b4181de28b

    SHA1

    1b0bfb62613d09103231151a3d07aae9f8f8b2aa

    SHA256

    42ae21584b9000766879ea2a1878fbb5d721fb1f791a68b9efe6185bface16fc

    SHA512

    61516506335cb2b515177b4fca0d0984c1efae100980650efd7b6e77c57c024677f3fcf9287b106b61e13c52f283487a13aaa21148379523632b7d231fa2cdb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    820015ab6561c401fe05a6172a5d20b3

    SHA1

    be39a4bb7a082aeffb2d3c7349381a74b435626a

    SHA256

    c01bf5cc53ed070ea21e744c9078a45eddda01e27d9dc73ff418eb8e88fe66d3

    SHA512

    fd7996c8c8cc97304d11f0139988b08085a1cb27fbd20522a9662f4500953fc07db7149c961ab2cb8599d57906cc0cea2e980f6b2a13be7aba5b56ee9ef1e41e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd3dd3d33a454af1b040c26da063c7cc

    SHA1

    70ce26d459eb74bf01c90f9af7e418cb10df2b49

    SHA256

    7aaf53901d917affc0913958b1fd55d0aa9321301d4f3d30edac404826a3a5ca

    SHA512

    465dc4e3ded390679aec8700b2f885ba9ddb0621b36dc438a1b180b4c37d1473b1f9f557dbe2f10b4d974c4b9143337cad41bffd6f6b754840746f6faf740149

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6867ade78bee4f779c016cc93fad2b5

    SHA1

    6a8c6ccfa89461207cb0500f49ea418fdb82c8ad

    SHA256

    ba220f003fa5657af618de1ecfce2b4c714487d6718aef3d7661e9a76a03e4f4

    SHA512

    d697f64920f13cb7574261a3c9a7342ada65b68b66259bb78cab757a3dd1e2cd4fe763ebbc4c947636df5812ca290980cd1d540a0116531f234972a0f92cfda0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa3103c59478302f78281515edd6ea30

    SHA1

    633c251938a1e3ff5d5c5547a89a091bf71ebfb8

    SHA256

    3611abcd02102c17d9cf335f75832f860646eb3ba26681a11af8cdbdb1d08c47

    SHA512

    f7c73446e7f6729a5104fd5f6f4b30d39da442ada12e25cf0d328cc6d7d0e19c7c49753877cc198a7494d6d653dab35b7163fdb55f076172bd37f7ac0e05c4e7

  • C:\Users\Admin\AppData\Local\Temp\Cab149C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar149E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b