Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 20:32

General

  • Target

    81c025656f00c434569fe74ff439e335_JaffaCakes118.html

  • Size

    306KB

  • MD5

    81c025656f00c434569fe74ff439e335

  • SHA1

    4c2756668df4f1097f432d7c2308f472ac246958

  • SHA256

    11de0252dac21aa0df55ca179cc58833b98138716647ad8b350f99d0a8bf81d4

  • SHA512

    daebc689156f407e21fc8d7cd0c603a40beaf084b73d0a6f63d0cc12046917c1dff93d31d5f1bbfdb04a9ffeeb600125c1765704a1d1946cff75851ea7dfa5e4

  • SSDEEP

    6144:jExmlleMvyH471tDVF1NJtAgc+zSJvnGep10pcGgsQNCBukhjz:koleVY71tDVF1NznUnGej0pcvsQEBLz

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\81c025656f00c434569fe74ff439e335_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28f33581e27cc821a44e822ad85266fc

    SHA1

    34536da7438016ffe80c7e64512524ddb8a4dbcc

    SHA256

    67d24bd15645e8191a437365b462613b17316017e6c3aa460ec79126a78ab7d8

    SHA512

    eb4bb0d4283a4fef01a2cd8c5a46da53b07663f1531481e238267cf98da486dca2791184a36717794e724a230b9aaceda2d6f7b95aca255a4b30ecc86a9fcd6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    138d52f30dbe8643a49c6905e3e5a589

    SHA1

    dbaa6f7f697382e87dfc27f21a6b9761f9f5ad79

    SHA256

    daa4cd82cd868b8af771d6a29eb5e280825d11e4eb24b3647d758050844260cb

    SHA512

    955ccaa7cbfb8a8defbca4148d0ca09c2707218b49d5906067beea2d831c322fecd5b8db6417499644d22e770f216a26c0a091e7f11b7f1f963cebd085fd99b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9be97b4bf65527a7da2ba4639a2d3aa2

    SHA1

    1dbf492b77e992bbeb5186d0fb1e0c64ac8e661e

    SHA256

    3be120dc6e525f16045bc60b4c4bd8a1c79c654325e983f49ee7745c2e0f6c08

    SHA512

    9f8aa75d7d29b8a72717e39f409cb2e14aa4163bb1ff97b54782033a466c097201c2869ed0f07838f45981306421dc60d9fc8f7eb97e3bdea187b7cf28bb1033

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10297f01cc3ccf60e85e79fee67e8807

    SHA1

    45ff5cbf35a44c4ec249eb7e9a2c69427b462a7d

    SHA256

    875a06db202a279bc765d86f6cdd2e6d746010bcec02678defea7a18c53a18d0

    SHA512

    f46f8dfe365b0fd4b973eb77f0fef1fb9d9b729b096d302a7e1dbf98f5c5ff7e5260a80c803305ac267807ed44621774e23bff07cba3b4f77c98775871376598

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7131de5612caef6ee8128a6792764ce0

    SHA1

    db8f1de99f0f9ca9f6bf35fa4256c6c879d1234e

    SHA256

    f41588499e786133b0dbbe98271618e27c7b27d1107a63e04402b6c9c997280e

    SHA512

    8c42f7baf0ab9058f6f84805a0e9260432e554e2c6a6428abcf48ce1d766eab549b1c52d79f8f51d610383b22e855792209b95b4de0103fa1c096ace2258f950

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a8dd183d79b8bb12d13103848f0cfe3

    SHA1

    8e1b12935abd5aad3af9515f4ea76768d9bf05cb

    SHA256

    e71a69864a51b051c5bcd58c1488b68708984ff114965712c109e33df07dee53

    SHA512

    602334ed5494a683e0f3b40461a0719f87851e04f53cf6aade9d61ea1e04087c36ec24bc40ca5565136436d6c00066d3cacdb8b659a12dbf5ebdc62e110bfe6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d28d629776ac2909f20c680d0f69ccfc

    SHA1

    bf41dc06fce5f4ca2a354e8438f0753be4cce81a

    SHA256

    dae8aea96cfb88dd19140213d1fa59d05de8d9624bf348c01b3eb1be34a08384

    SHA512

    78448a11be6a116de812917ef660614e30b63d1848f32aa4731d0ca1e3ace91104cae1143f0f94362527cd62106ed7f6c702914bbaa32e80e9483220f243244d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9d651e1f51fb21b8eef195ae4a83cbe

    SHA1

    5f9656b21458a9b4de30a63b4be285422aceba77

    SHA256

    8ffbddb474792ff1363eb7a7cc40822430b57f1fb2930cc95920fc9a57578b7e

    SHA512

    44a6faca5c89b9b91d5ac8bef2d9fe8f5964affac11f3e7099667499fbbf034425de11eb9d144d9f27c52a62eec8437cfd92e518da3d138c1d6c5e2d4f393f11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9371cd726cf4eba7c8690c1d5b094eaa

    SHA1

    804c176fb1b1fa28f4228689cb43ebe6cea767a3

    SHA256

    e09b70b31286b36d4f2772b70987ceddf5d6a7e43fb532704245cd229b035373

    SHA512

    b9a31908f5f56698b03d7e10d140ea8f908e2e99433574eaaed2a56f42c3f71dc8c228cd2012ac2bd5e6d5073801c1a6eec277006bc164eedcd992faf24f1999

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6818ea89ff74db0b93e92e3dbc59d562

    SHA1

    b93f23520d0780f443cecaf668e7ef6a6702ca68

    SHA256

    c8864ca6a99e9e752911ec41479fa873ad5c620cf6f6a6994204bc5089b1a8fb

    SHA512

    e5cbec76bf8d69f65686946cb5181a38c5508f10aab5e1bf088227147ee336c1ed8a53f13eb1d90a1be0ec0049490abb1a8a6a960ea1825f6fe106bf03179222

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    534a861079a6810a1d2f1c550fac4a23

    SHA1

    154713b41d40b8387b9be88c91467ebf74af744a

    SHA256

    faee8b54d04567b2560a1994779d70da5b95954862eb0e951cd6d7f004248817

    SHA512

    cb0ad6c569a355633f5f509a884e7ef66a009574b86fcb2837b735236d786461acc1fdb4d8595a33b1f5ab3a7e47a316877515f3ab19c8027494ca65de9a8202

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af840ec55560f2a8e8ae1f8029de9af2

    SHA1

    511f0d6e7e7ac3ceebca4034909dd003fceb3281

    SHA256

    98502c32f03cd878d6a22e7c7b5d8be37910f4edecfd13f85d02cf5bb8bf0e89

    SHA512

    027b311c37335e8c3e92a1ed29a60d4e36b90a70667b59f8bb6a3b8809e17449e82c32ab8102adbee670955aae2acc5abb12720849094221ca9ce0d88e567e3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4daad26e1f2ee5d1ceec506208031591

    SHA1

    9806ba54d84aac9b4c37886baa52e1c18a7a4437

    SHA256

    f67ea8b9273be19a746bd0216d7279b6b8e4b0e4fb060a5cce3cb25420ff19c1

    SHA512

    c62a27ba344f4fc7e54929ff3af9b449527cf1d9412eecbe8c8625b4b93d33a1178716ac5d663d6924e796ba1fe96c6d6e9647fcc442186c64bf739441eb44fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c31130a89d6e0c54363db13e840fd5c

    SHA1

    911897463af214123152205c8374d6e984fee1d2

    SHA256

    a785c18001ebf1a9a8ed9cb304c685412f8ec9baa1c85b24930dd0ad4526b535

    SHA512

    30e264c58c1eb5fcec5b25536e80c0a9250b39e4c078f32af1103a5709a253dbca9327a7f8025e262466aec306b8a28702eaefbaf9069a528e6de6015d818f2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffb174e959bfc0f52ff77e90f7db35e8

    SHA1

    6586638f2ed0b758b84d33f8f64d530442d0ed61

    SHA256

    837805c98cb34c20a44ce1113b857c4eccdf331effc7d353d4cf52ed243a156b

    SHA512

    f3460cec930aef2eba4fd94832159e14109c21d01e8e7bb564147afe97205ab0bbec93c6bbe81af861c2d62ed61c700809a61b542bfc749f9b3d232d4078c137

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a854cf80b30d7d69a17d901f4ca3fa9

    SHA1

    1959e5448e42ad13497701a8973389ad51748aa3

    SHA256

    bb3b9ed56b20f2f373d47635f9d8966cb76b077fc33314c4f0b9a7fa6f8a744f

    SHA512

    96a3b60c31b0d21e699f17de39a3a5766c297982071565d3409ccffbee4610cae62621014648828e2d83b4a60bdad70d0b287d085f684ed8906355e3ac612f09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff7415a5687e1a433b56a935b0a2c6d9

    SHA1

    efb823cc65804e787ab425bc441935b2f7fe8e71

    SHA256

    e1190fac1f1c8b9f8003c9fb1ad2e01a67b3853d93ec41c4509a33ea5ed9d661

    SHA512

    3069c619af54fd9e33094a8c8fd8f827a8872a703b21e21940d9df62ca45bf2292de61beada556e5243dfbcb091f6351fba2f0f175f166ef85de0cf78587f5da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31a159805ce5d8c20b31a12fd87d563f

    SHA1

    cca6f71215b28df7c4e00616dd3455c1c31c7d91

    SHA256

    a3987def80fcceb70e35d8113beecf41485082c5f976b614415e0f5073746578

    SHA512

    440ef184be25e3edd00dd52a4f52f1902f8bde0c67271eee7a3c77074eca92eaaa1fa58dbc730b5edddbd7203c38faf06d9c522d465aed036f233fa318b93b8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6510dd0495341d43d20b9f4e2ca951ee

    SHA1

    2e4ea4fd7220a809ff52fc5f5230071ae64fc1bb

    SHA256

    e7f6bf13a940675e6f3578d184aa679c773292acfaa122e84ccfee83fd3c2fc8

    SHA512

    08eed269a238d3cddd7711f7a01c4da811e1aecec992bd9e0657042c19b8cb52f1285e2ca950089b1a8d658997361e586aa306e9dea0df74ccce757b42acbbda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79077349ba3be00caa13c0dcb73dbaa6

    SHA1

    d3371b12b5215e9d6778a36340f9bb20e20ae537

    SHA256

    a996b2efeeaeb296f5c7b92b163a2a220d972c0086b13b77f006e9c0dd54e085

    SHA512

    1b4736b0ea0a43641538deadb46c97349bf1592ace6b92528d3f0f18f34ec0c996885d832d9974db0a45e03cacb425851bc06521d10e0e17bd4fc3f45703937b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3aeae9c99c880ca36800ae61d03ca0cf

    SHA1

    3a840826f41f19bc9522c5a737726cbf0934398c

    SHA256

    605eb360e7e5a66ad9ff27c10a8c6027570a4f6748ddaf9eb87c393dc126f3d6

    SHA512

    ce82c7471578dedf031ba08df69d484148c8ba9175abe641668ef7a9e1da729611efb2ea5db0c7fab23cf819fee140ef14676d978cac236e5b63aae3e5fe9a43

  • C:\Users\Admin\AppData\Local\Temp\Cab5572.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar69DC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b