Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 22:58

General

  • Target

    82106da1ccc03a5323e029db59a0f44c_JaffaCakes118.html

  • Size

    53KB

  • MD5

    82106da1ccc03a5323e029db59a0f44c

  • SHA1

    d22466cded5d1e2a2f34673874eb7044cffb6e3e

  • SHA256

    c803b8f45733c25bc30441f9f5aa94580b57d817a789ff7bb91d8b0d683809d8

  • SHA512

    5900e2ec395938e41db9b6c7de6f7c518c19a75111f743b634d5cf7fece885fb255ee5a7397c800558a9e3e8474dad964ec15568c2414b1f3df7bdefeab78746

  • SSDEEP

    1536:9kgUiIakTqGivi+PyUKrunlYZ63Nj+q5VyvR0w2AzTICbbTo6/t9M/dNwIUTDmDG:9kgUiIakTqGivi+PyUKrunlYZ63Nj+q2

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82106da1ccc03a5323e029db59a0f44c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6247f769fad8bf54f0a2b8a159907c8

    SHA1

    9f0265ff1802eb89c1655351adb6ff0cec8f8f55

    SHA256

    2ad62a6a8ad9b6041dc4090e757274452a480c01f759068bb7f141ed83e916fd

    SHA512

    71e106c62e63a7c2b58dc0f99745ff4258e5925508fa47dfba3a96ec55a260d458f006543de97624ce4940dc71f377d36791a59421dbdb854a14ed5d3b0661d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65bf8325273f4fb458cf747056ac8a68

    SHA1

    2ffe39429884c873914fd3399ab26b198ecef638

    SHA256

    004d7c71887fe60fc65fc9a9b4122b192880f8942224c2ef38c0697eb12b613a

    SHA512

    46800deb1e266f2eb2883682edd2d557c5df296f8f450078649a6ced2adc29dbc55833b54869a3269d2c8f6b29d1ae672cd36b9d048a466017f56be1399f34c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39155385b4542f06104e6f2b5f52aa93

    SHA1

    c0f5cbb7aa9361684e7a7537b99753869726de29

    SHA256

    45c5d140184a3652692fb634f9b423cf589984de0698f9d374f7587eaf29041b

    SHA512

    1ef16b4c906ea1214b7ed7305e08f41721d7be8dad8e617c9b38e6134285cdfe823f15740a83f35c67d2c4a07949c049e5f8f4dc93f16e8f4d1ede4e14a6ddea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10d170222bdccd71e04b45032c9487ab

    SHA1

    558eeda10014a51da618f8fb288b34d1781cf6fe

    SHA256

    5c490b6c266e89698640d3080a447f5eb1635dd2f96c88cb28cd1b3deb36dbe0

    SHA512

    2e1919e76841c609edb01d23194cb0ef27870ff8dc4b65dba36441d04b95adeb290d5e916697e737520bde853ff22bdf4d2affc1b03e13cff112791f7b82ca95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    680d5b59efee85c866b06c4403cc5f3f

    SHA1

    3c3d69c1d25bcbfe4827fe97cbb6974da5dea2bc

    SHA256

    f9484298135f99cd7bef7617c11ff584fc54255d987c8a8753d0fa037ff729ba

    SHA512

    e06fb889987c991b2cf612ceefcfa8eeea0b88c6abc1d96cb6dc67beadcbe452ae480fad347ffc7b5ff191e2dfceaced018c054c523ca21e63718663bf5c5a64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04692c2581b9de3a9e51d1429fcaf232

    SHA1

    cc51bcda31126a9edfa6d8d92c9f0b7ff353205a

    SHA256

    9a840d37a8bad6e7206841843033826144b16d6d4a931d8e279974310d64e9c1

    SHA512

    c8194de4585b37ff115e63a57c0c2563005b9075d9a22dc1ac945dd0cc4d103ac20e92b7e5b9d0c0949bdba84d1b1a6d2b6ec4bb6b2987abcd8190b7ccfa9109

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b858d6553b92c2af7852726889a43dad

    SHA1

    a3fe105f17a20a0113a70bd96acae20a5e581048

    SHA256

    b8ebd5195f1b938d7c8bfd97b3c72a0c47d0d28c29c5648960a2ec4f7c102564

    SHA512

    d069de0bbda90a1a27eef144dcd8bd7cd1b4cff76b890db4e82b392c7f78c5487965f6419c2276621821e764721ea283c44211b17507fed169a1ad5e6ec7584c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64b938bbedf32be74ced76c95e8b66bd

    SHA1

    1e0fa4d80d8ca273c8987600236ca78dbc34cb53

    SHA256

    b2050a0aca1c863d0b7ddfa848cc82d5fa130a32bad6080868706f5781a32a55

    SHA512

    606dcbaf12febb8c1cd79851eabb689a34c1865744b25adcbf108f1ee28cb822ec259799685ea8159301d453c979d23694f967b5413a0b72e6eb0becae5a3f33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40c660b1d25b8f1573b118f0d22075ca

    SHA1

    2f0a602ccbf4c26de87cceee488348ecd8bc8fd8

    SHA256

    961009c0b085dc09fabeb8f38b1d9e784deae1360691d73d8236e21a9a1319ca

    SHA512

    c499b8f5af64d18c312627f711a243e05b58ba5ff04a4ef062a88c6e83b7211684ece9bd8910d52893e3a7d26aff82e24773e356af17ad73ba4465402e435842

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6543a2eb57094966bcbe37874e9d7140

    SHA1

    7222e571ac43000da551955cb112d24d83243331

    SHA256

    3a0685bbd286bf60767d50b6ce3d487dbd81f8d93ba4c8d625581d43a0a55518

    SHA512

    2f64d1c3436834974d155e71689095abae587b05ec08094814d9c20b54cee411c9c5aae7875f88fcd618b155a7144ef9d550386fbcec1c088d7ccf69e756081a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17a05a7a069b520fa1ec4b7ca8e8a8bd

    SHA1

    4b8cb5dee27165b809075afd3cea0bab0daa1981

    SHA256

    83c41747b8da51b722fecef07dc8ed12dc3258030c2722e6218e2949d847ba43

    SHA512

    cf2e842816c4d20a5bfca3e09257e8bcab3b3d147ada78ef1f620b7dea9240d7e879bda13c806acd4768a01ed04dadb2d445221747592d15d3e061b479416000

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3e1698fee5e95e04392c97113b81fcd

    SHA1

    94e20721472eb0e3b6d532747aae09b2d554f5f8

    SHA256

    f6be3b12f70269a413f680d6aa510e2169a366d320d701a96d97ef8923a03d02

    SHA512

    112405bde3a67044e6d45a3113302f277a3477a372f00793524967768b279c8ebe3b9c066efbcf5697a1f6284cd3468cc8c617d91fc9a4b57321bb15827fdc30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    602e823a083f81ff3431ad914dcd8e5e

    SHA1

    af004adb2e176cbfefc8ca6b34975c2067300cc4

    SHA256

    ef6ac5b6953409d008c262f846c76e0924304dd0572d8be9d50e09970eae6f2e

    SHA512

    921797fc659bcfc4cacb24d0f87df86fc7e98f16e46e3ce0d8b14acbac5a8a3cacfcb310769f551f281fca7d3a1764561bb6a051b73acd674cbaf20da206a2d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82742f71af11c3b0791891b02ad45f79

    SHA1

    e3d7ba8e36e2d0027c577c830ef70eecdf56f5de

    SHA256

    1f83629d32b2ddcf4bfe7dde42cbe12697860823695ed1b990bc51ddda7becfe

    SHA512

    a4b0585ba756de0d4cd073f0a946dc3a027fec1cdf3fb86ba3a4d9be66578e5797999ccf1c4edf5859e88b2434a92b4dec7a47a3676e99db72801084c1729f47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9bb3a4cc8ddc5ef53a99fac7f3aa20a

    SHA1

    7ec39dae932d01b2c05082a2393bfb7036c50fe6

    SHA256

    b4af2b04b3326ac7c9a324bcaa7d66c4999ab7660827e8d2ebd93b8b687e332f

    SHA512

    992256b88e2f847258e7ac99b7771596365596be805decb0c80570ed5d4429d04369bfb6860b12d0be2f64bb9f153a486b35fbe688b0ed7b2afd6e7d5d23070d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76c746dced8b99866c384c8fa16b686d

    SHA1

    8f4b21e37703d8c2eec800f66464079ed41bc9e1

    SHA256

    3b2de2c70aab588f4d3b2c70f14cb0031020e9eb6744d71a5dda96befb47e392

    SHA512

    95036284f9b65c6cb759c247909f54f9474ba4254885603476d490e8e3587a07a67d2102f500f0038fcc8aebf6602eb77d73980d162dbb8b39af63029ef74ad3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67ee9f5c2827cdfffb2b24011c2c0179

    SHA1

    f12234acfdfd7edae29826213b317210a448515c

    SHA256

    dd5b43f72de423ea9267842a38733d23d912f6d4f5578e48fdb137e4e62aa347

    SHA512

    bafe191ba64dec9b78ac83bc3f6c7a4af2665e9394977bf93f950f9ac95119cb4760617a1eaf31955b47313207f75a191a621dbc5e0b51d9305ab86edb510091

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    167be473d926478c7259165352cbfa54

    SHA1

    68b2dd03dcb79249dce6eaa54ddf6583d5fe58a3

    SHA256

    59e6b2939bc8ee1352b6389b75a5cf0a696374af772df08d61f27104ef7893ee

    SHA512

    e2d3e091d17f7c9197bb8fba696e9d5af2e8143e2ab7900cad1a9f4e0d29b710a933a825b067f31517d1e5bfef1bada684a382f028b85e2b7cb1cac01ce585dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98f940442210f6fde5ac64bce26d5e42

    SHA1

    aa439703da817491d2d75ee2cc501ca902c5505a

    SHA256

    06159a462a49fdec0a4de689e63097062b9b8dbe9778693c3bfe413c0acf0a87

    SHA512

    9b4165c166bfbb861b57a4d989da507b5c3dc8301b2dde38918466302d5620604dbc6975efd77bf1ab4037a20c74965194e72232535bfc7f0b3c5e362bbab8aa

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\print[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\CabCA73.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarCB22.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b