Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02-08-2024 00:38

General

  • Target

    825db6b8df3cc3ab6d260f5f17a6f652_JaffaCakes118.html

  • Size

    53KB

  • MD5

    825db6b8df3cc3ab6d260f5f17a6f652

  • SHA1

    6921e30a8cc13728a9c56be2158a8ce4565bcf8d

  • SHA256

    58a2b656443e7ee584aea56a6322a314cece96ad6d7bbaca6473a11d0b890cc1

  • SHA512

    04394c37390dde4b8975e52dfaaed6de5e08cc9036ac25bcd600b965133541fec0a85a61a5ee54bad077cc5d53a0f36784a3c775bace4cd261cab2057d816c8c

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUkrunlYO63Nj+q5VyvR0w2AzTICbbLo//t9M/dNwIUTDmD3:CkgUiIakTqGivi+PyUkrunlYO63Nj+qk

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\825db6b8df3cc3ab6d260f5f17a6f652_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09c7a3f15b516b660930e42077a93dc3

    SHA1

    50229bc62bd0051a5eb78a7946d972a61685ee59

    SHA256

    4c2b8bbb3c1e6846ba89ded351d8eec03e0155d0fa598c0b6cfa139dcf35be26

    SHA512

    0c4298b2f1441af6071bc14d8b923f343076a07d6eeef95e87ea13d940ab2f39629cdc73cacb26e404d2e1a252821ccaf2ca52c57a8a128bd9acc3c4efc2e234

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66e0e06dfc7118247950e07f10835dbd

    SHA1

    0620221beabf02a56e5d5d072dc9287966aa0f86

    SHA256

    c822c427044cce95e9bea22a2af0d05e37f70a1945cf36f050c7fabd70688cb3

    SHA512

    ed5f95acf647facbe7d99de71709d1cfd9a58a5b8b00a0f1c4fff47ae689652284acf88637b077a33ae8404c7be18a3a53882cbe1bf015f56ddd544545ece00e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    246dc3bcf82e08f855438102c0a894ff

    SHA1

    5960efcb8fe077e4448f2036f2522e6be19fec45

    SHA256

    dc6243867080a27b9763f3b06b758ae9ff9abb733fdebec1f9436d6e1f4cc70a

    SHA512

    c6564232795716da4945b1c313de8858cb1cbb30ddb6ffae69d551eb295eb2f5d596d7c2dc36393d317be6b7020d35d7b2e92307d936d99a248db7ba124c5913

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c38c0133ec5d3589b53db0a51cada1c

    SHA1

    2b94e173e75f834abde41f52fc8dbb2f8a6e7ff0

    SHA256

    7bf934ea499231e996b8480af33533a271cdd3c24a577c34b35469b128d5163e

    SHA512

    0824b505b59d40c148390f7dfbb29c0d2f047b4210a6dc208a1ddfa6f87044cff54b17155dcf965ea61dafd0cefb5bdfc4917116393fdc00a710e01071debcb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b81bd9820e4de9ec1fa1c3d9efaf0916

    SHA1

    8b8db12de0cc21fe9bf68f64af9d175d3366534b

    SHA256

    b932a908a9276b5cd143caee70cff7068287caaea1f7832ba2aed1f52efb5c7f

    SHA512

    5e2d4448c104e4c0709a94d00574fc10e9f0c28011911678028da7ada1a7bf4b1f6004d9cb79c4387029c934c569a225093b2d0bc2a38957833eb58ab3e1478a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    307b4f24be5fd2e983441a7d83c74494

    SHA1

    249565fd07cfa3bbad8584d1bfd32024bc4a5970

    SHA256

    019acfb4ab1f294c9920e4dc96745901186d8038262489c050251923d9c21c54

    SHA512

    a70b19abd1c7c76446aebe766f3285296bf74f9ea20d9ae2fc2b7256aa3aa4533c39d656fc852021c8a495419c45319b3d4d41bbd2bf6621489b3182311fbf7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    260abb2d8ba9ad0289daf2917c8eb2dd

    SHA1

    e4e2d10b3fab34790741259b1515f0759847f5b3

    SHA256

    ebb3cb6fed1b115946ed953c430a7304bf07ee28e7f409d67f594146d9cc9272

    SHA512

    f24f1f27982fba4419ea21e75a9eb11a520a6a386fbbaaf541f07ca8e8310e1bd04c622b6cb2aea007da03e269d5b0d6a5dd4eacd97c9b99cc5878be9a3dd7fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2f6614f81c778ebe986c9371495a296

    SHA1

    19057660ac0cd0dedd37f583afe25d475328d800

    SHA256

    b6c37d2a3b9d00d9120aab9ce808c9199101a980734ad77dd7735f3090e10ef7

    SHA512

    fe5eff9217e4beebcfae005340e3032772ab5f18c3ac39be50b4a4fae32246dc1bc3717f52e9ee20ed19648bcd435eaa9c297670b23791c145c18c4003522407

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f19479269ec1cde14b67455b684e0bd

    SHA1

    114ebfefc44701195aaf8a1f63cd503d6b1f8168

    SHA256

    d6dcb86cdd4d844bcbc28f9da4d4f950051931d00920015ad25e0eb835a0fe28

    SHA512

    2872e9390182f9dd863a98b6e867b10db4204590e430427ebb042e7039548b25124c6c60a6bd3baa0ab1e68ade838104156783217b578064ae648f1abf332441

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38efb5ad5a4eddbe7c4cb856164b2de7

    SHA1

    b07ba447b85be71bbec4b742e386728478d3341f

    SHA256

    ad0bbc36ca5233ed06ba2665ce574442642f5c155cbc81020e844acdedff7cfd

    SHA512

    5ee01bac02cbdff387da9ebdceb044186d1481c823cffa5db0f55deb953542673f94f641e799a8c20196589a2fe2779fc70e1677ce0933628815933c3156058f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    710e3490d8f70034861695e5bb7e161f

    SHA1

    ae29578a53c60d1333f84561a143f1e1945fe544

    SHA256

    488e23320a1fa6683f4ba36cfbea1b174b72cfa54b65d7937ff531ace87376c9

    SHA512

    385f036ad077147efd840cbc87c04d72661d7d91073e2844ee7e98bcd7651e55a81c09a89d6e03abb03773a3c8a6c5be875152a696a4f83483c3b752888cdbe7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a269189c2a3798f4d2d563d2a6b75e56

    SHA1

    fcc6a12d62c1a014b1646f570a204e3c03e826c8

    SHA256

    242be37bf9ff5b31a33272a4b3391070fd634d12b9dffaef4b5cce4968f2aa4b

    SHA512

    8dc6a475d4b0a3803fd9352136f8d8b6e8d17e6d0bbe67409a262652fdfd7bdcdaf9c4484bd98fb228638be3b567a631b9f7250745b90277b4ba0bb41bc6f984

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e62c2d226ee75947ee8d3d642073b76

    SHA1

    2b9672f9848007b81b56d0f10655a24d1d37cc32

    SHA256

    388189232c183814af6e6949964999bf5b7f3c4f5018129925a0dd24c368b206

    SHA512

    e991055cb41a473a76460b1172ef8f5cc4f7cc669e057122cbed9c8df29aa423e46ae9ab4c97d8b759097b2d76b057cd4b8f6cd3bd5e22f6238e953ad96a64e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8affbc1b75fed471d92e2c944c80b6e

    SHA1

    e81a17a16ef706c34295449db9e8517c35a8391c

    SHA256

    087f953ad0f1f592cd9a4dafc8819860507498a190fb17318f9a02f18833baf5

    SHA512

    57c113510766f5acc89c34803652273c74d4ebf226fe7e0a023494d40279cbe5a3cf667623f558a71be932d50d9dc8247a57a2e23ece323ea11c06136f85d3bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a818d5da690a2106d6b6849fbf6b1e1

    SHA1

    f98f850d53f73c94353a6211341cd76d2e9c187f

    SHA256

    c91ac59e92f76d3e72705c3d800feb841abfe5bf707f7d5799a8dacf0f19ccc2

    SHA512

    85208b087d210ad76ba1ddd27da9452a691932d0b9f18e2024ac381bc9c42d97b5d5d8fe668d8ef5ee3411c25d900422a207d799f4715afac1f25423efc6284d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0f8285c399eceba465e844ca067f738

    SHA1

    5433342445bcb8c028748a181c557a70e476e351

    SHA256

    86276dd4e3a6da3b4d34b1c1fb37c81a72992e1b9028fcc03d29add31991b5c7

    SHA512

    7a8de5c579efe843302f122c725a448d8c16f54c900c389c4bbdb142d4c014fe0244cae7d7b6d5bfbff84c1f58e7009b08ee136d2578c7f4063de3f8276c142e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d6e53aec1b4a756406f8f37d319b5e7

    SHA1

    13ed4ed1efed5c5c30384dce0bbc6873390e93fe

    SHA256

    50a5ed0dacd3dbd5e5ce3874a0c52bd28a347462649521551902533ce92ca7de

    SHA512

    2de47b730446be5b135b8b9a9be555e59dae63eac245cea786033c40ce6e83e50cd2472d3c7f42f8aa8e23c2e2ce83abd02dfbc82b881dec9575952ce0b6457b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8535a17a83520c970648d22c24c34b94

    SHA1

    79e173b26556f50c554060a17b9f586dc645fc7a

    SHA256

    21e11b3fb24acbf99634231bd7f13b085b95b6b5cd719a9b407542f433098de1

    SHA512

    2a4d566f39e70deafb203f79309450d6c0e68f81bc88d30e235b09aeb1f6bbc98d2198e024ac67e2c217808fde057907eacc803e5c27f49897a7ddca32c85792

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6dee1df64b17a3f777ae9b17aa77b876

    SHA1

    7ca380882c68c6cba7813b0ab5a70372830ec62e

    SHA256

    45590a2a2da72f231c5638e6cef7f5a275dd6cea7e373ad58839c900695087fd

    SHA512

    1aa3ea75ad5c8799a65158bcac657f304632bdfb9199be8a60155adf18f4aa3385d2b00a93bdb3f615c8cc7b4c90476450f6406e981b4231af8640c2e5cfe39d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa45ff0a95d7d193728260e402a82824

    SHA1

    115d6f89e4b6e930462215822ebacf3056de85f9

    SHA256

    56c20f149764a2ec297c9a70d579fd436f90bacd3a59f9b42c441c5be542e2f1

    SHA512

    c643d4fbdfdd25c322cba5a18b6f935a83abae99a952b601d109439b84e6345c70c680e6e3a8f641d86f1cc375fc22837d3c607e050ac8c88c2883ccb22f75e1

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUF3ZB4A\glossar-js[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\Cab9560.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar95D0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b