Analysis

  • max time kernel
    133s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 10:34

General

  • Target

    aaa8c54db790e29b1a8219c536fe1cf5_JaffaCakes118.html

  • Size

    121KB

  • MD5

    aaa8c54db790e29b1a8219c536fe1cf5

  • SHA1

    32ce22a98d8b8aa7dd357486dc1bd1c230281822

  • SHA256

    4f198dcdf437ba55ec6e7afd365320bad876a24598d2496a79fca35e96260578

  • SHA512

    932830f0b3ae58c4a5159fa1caf30a8f69bfc32775411f9fe7149357bcef4d7f599ff7e25bc3e89af8692d58be3eea3ffbff8da50690a9f89f05c1988f98568d

  • SSDEEP

    1536:cjJd3vFMYeWX2+8L/HsHVgEH4aEo+/wjT6W:wlvFMYeWX2dHsHVgXHU6W

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\aaa8c54db790e29b1a8219c536fe1cf5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65035cf072ab64fa154417d52642e2e2

    SHA1

    7001a997f444f22b87c4f970595328099d87710e

    SHA256

    1055bbe37878a48e0519f597bd43d255abea42b5ed451244850539e7988c4975

    SHA512

    b8d89a2755f81306b80d8cc86cb033e64e5bade3e5f947011694e9e062695ea7bc2a665f9b22b7e7d8f032497b78824f4bba308ff817d8bec1e79e84a1aaf2c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b00cd8c8ccd269143f4a69419ee8425

    SHA1

    6aa4c68bf4b51811826a1eba5210f14a5dd4315f

    SHA256

    9d714a02dc3c92e46740dfe9b69885e384ab516c56de4b65f3aa5f037bd50876

    SHA512

    6da7c3ff14bbc081dc32e1a93cffd3d27e178617bdf18a8b9eae6d1c77ed0d4d1f9647d1744bc270719731720746ee2aa367002d9679c4f9d9bff72bf742e030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18372c52ca4701c3a45a5afb80687f10

    SHA1

    433d0bea6eca49af8706d68dcec6e1e27fa994e6

    SHA256

    3d5c09f1fec0319858188c1fcf8a35050df7bf7a6d8db3785129d0017b8c2439

    SHA512

    627644f2551f1d5e9497a7a07d0a90c8bcbbab34b81e1cc40cdd08cdd5ddd2d0161a193d8c1b7d819490c62bf410c15fd119c668fad1d86e6a792af982420be1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f252af0da6c9facbd9f84006b07c057a

    SHA1

    bde6f3071f6271acd637fa796cb97aee9d2b6954

    SHA256

    d00c45592429343b0eed5d7da6a32538122d08350dd616424b2070afaa4f063d

    SHA512

    4a861e9a0694f336cf04fcee59de841e7c3edc39321ffe5034ccebd9035e3ce00d53d3df0e2b3a472d114a4405552c65be686ec2b1209b80a2f8aa92d99ecf59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05478ddd2f5b78e303278d284cd09f40

    SHA1

    a3f22ecd1f4e766d9bf88b7fc9c2f3c5cca6ec8a

    SHA256

    889b15102155bd7b10b20df744070134b502913c2084f463c94d8600b4659f8e

    SHA512

    9bceaa8dadf472e88dda08919d2e095429b9d90076aa3b44cc99e6fdef2a21bc4b43c2abdfb3b0f8610203775914fd577a0966c747dbaa0f220b61815b075b7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5249e692465dfd35ee57aa09341cde89

    SHA1

    b462b3ca5de466c562c21c4d3d6d12d9a54c9438

    SHA256

    ca5be1b64ca909d47f5e67e7d2ddb679342aef79dcb45e3d7d1382918190448b

    SHA512

    692f53393eea04d4fc8db7f6ae2c9e3e01ff82430d47f23815e20d761e71710d6a6a586e96b9f3074149582b5954e876ad174c4b8995b2d0f1e048265fc5b756

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8aa3602c70126f8034c6c8ba845c5fbb

    SHA1

    a87dac6bb311f3c6fa07a3075c096516b05f3dfc

    SHA256

    97b7e96bbd106ed144b78184d5ca474eafdbeb91189d2d5d0f3fb1d851c56a16

    SHA512

    d472222348950142f83a4d8592f3da93a49f03af333f8dd09b6e89d4789396fe4d1324ab7acfb3cf56e8ad6378310da498514a93e053c4e8e4a1dcd7feb9a6bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f65f771dface35fde6a3fd9f2133406

    SHA1

    4457e81622ccb1a058eaf167f792fcce6b4294cb

    SHA256

    d41791f4c22eaa40510a2ffad6002b071335c15354738c02ef579d9de937d69e

    SHA512

    28ec8e1b9b577f9e2b052344604fab0f6850ae95514434368868f94321d248318458ee58c7ae0eb267527b75dfdf65fe9f3d28d2556b1db5641925b55b21b284

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0be0b5d7833589f08329027bbba49e9a

    SHA1

    ce0febdb4a553bc8a2a8042f2e450b1359f1d084

    SHA256

    c4c20f733d623b9c13f58295b7afba354d433d33d7333933ebb0d3ad4f2ba001

    SHA512

    8936e36cbb5e903ee2a3512f45c143223d65f8c503085d29f355bac168b190b23009f3b9eb87440b3c9c47068d5c844443a2ebf58c147e3327b68c7f5f0070e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4214bdb4b48c3ae0443ff2fb2feb3e1

    SHA1

    28432ff4863545bb7f6a6ca618ba7e0f4fe4906e

    SHA256

    dabedc441f52a10e4518649957ad588c6e23002433310c7d50d0be91073af5e2

    SHA512

    c350105ced7b157b5b073019e12426854dacaf356e029e441ee1a4e6102d06f82dc82ad1c9827a74e6d7548bc91012c68d93708c6b8ff964de52136e7889b1bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ffde0dc8628eded6f73960a17fde273

    SHA1

    25a2e9b0effbfc3e1556cebbb62ef4fa8a692a67

    SHA256

    9870f80097f64325b75753ce74b5b7884aa3378642d414eb503c05086ceac043

    SHA512

    33635bcec3ce587bfa9e01fad87f6ac3483e8bdb15bef7eb301e6ade77a57be8d26e0791c2d61ef9dffc4a20c34dbf341d14acca74bf8ffe9f3d2f96a47b57e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7a728a9dbb9486334223719b0b109d4

    SHA1

    7b0b8af824c8d0acbbb3293024726d5498484f0b

    SHA256

    3f19930e3a4695ece73031da73ccd45512eff1f1bcab1151e44d2ea6823f5116

    SHA512

    efbbe1e0aba491946e77f4de23fa6836924a65bb7bc781abf9ab8f5b6fc049003f8f14d52477261e11eb6ca4d2f76075186d3ed041b480f819383d1d0c0d6b9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7327e97a88b434418bd078f3ede6a84

    SHA1

    21acd76b63859715c51acc8fec515fd47fd19ee5

    SHA256

    6d85f6c1fe0ecd315b8f9b7006d376ddf2dab6c21c5d3dec1c360b6f2eafabc8

    SHA512

    54d2c1adb4e43b128dad64de17490feb039237aa26813f44b44aee80dc36eb4d15dca252612a05b2502409f2341d3f1cb6b6c4c43ebd8a55db7bd32fecba8d0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f4d197f92b19a1313ec470602b2c025

    SHA1

    4e17254733dd064545fe4d6cf2450a48c42f46a6

    SHA256

    a99dbbdbd8a4c52a21718234ef10183239e55395b8f70b0057ac366bd1e53c1c

    SHA512

    3b3b3a364a54507175ddb390b4454a815ad6ff447192912e357c8d28844a3ecf1df1b73fcfb8a6559a6339e22d193e77369735e7c9c1e70f232afc7f8a6d7f6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc01e17ebb2b0e3c9df2104bec478d18

    SHA1

    98c19800ba251e17ca48f5a38f021d86b4d0f174

    SHA256

    fc874527a0f6cdf73257d2a574e2c68dccb7af520e9e6ad2bbc5bf51ad231617

    SHA512

    920842c5d2cf72363c6def0cd5121a91d8c90bbefc341051dcf8191075042da6fd714961dcdb4f1e6b7da6697c27b89c726eef761801176b7c268a8a31dc9c0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32977b0b95cc164dcc0d09e34467a7c9

    SHA1

    fb4918124461c7a106d8f5f4de73ae9b50ec277d

    SHA256

    ba540cdd616188dfce37824c1ab37a577d475aa3b40523e7c6753e373d8e8edc

    SHA512

    1b0f6979fbf2646f48098760fe44dee8bb1e86e6ee3e059b5b14de18af1c570ff6009ee3a2b362a0113299da004fd4ee01b0393831dcba5735076fa93f6ffab5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    712cf6e5a1f241c50a3ea4a9769d0014

    SHA1

    8671f21f67e9c137a77b027a7795ee0e6eb7d6af

    SHA256

    e6c8719f2c436ffb06001fe35c640559b0286a53470d5b39fd2e897b1009389d

    SHA512

    1f6bd5bea1034633d5201761a17890cb20b2b69a8a58855dc036ae084accb3b9dcfdc3282d0e3b0415a34620a1c064351921276d914e9c32574f70920726fd60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    875689fc0eb1635bf2fc94db26c25b6d

    SHA1

    64a9973df4cef7c75bb659323bec793e831bae94

    SHA256

    18f7a31fa953f5c9a96f3cedf51dd2c9e5a0c49a80bd5e79114e17bf04567690

    SHA512

    481389d13250bc067e583b1e57bdf75870c3da2e2760a88a6ee5c944e29a56986a00518fdd8c06bc909ceff30514b82a5897f4f1be227b51941d5a66ed33ee29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02df27edc06da774186272fcabb9e7df

    SHA1

    e30b141dac0a39787fcc50a7087c720ed1754c6f

    SHA256

    69423ffe225249260e526bb8f6f47d718e1f1af8a53b93b403642a8b910c0403

    SHA512

    801aa74d598b9c88852b5c32e38929c3a3eb06fe2b5f5530f264976f08f2b16bb99b28cb8c5cdf635973defe86081bd8427fa24b7f03b0dde9e6cb8907e71b53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7897654adc9683c99df9eed238dd7ac7

    SHA1

    7b5280b27dd02824353dd18d87777a23e22ffbb5

    SHA256

    e64a89b3177860cd47f64ce76d3c127c9212654ec70e48b5e42b0a876c0ffce3

    SHA512

    4647a39f11855926814a3909394b09f7538080d9e66fe15b60a6b958d5742168520b9e0948f93786f64dce2b6f6f97e3bc1dabafe2b2d32510dadcab70b094c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9d38c444cb91b4e34ad3f541a6a1615

    SHA1

    e1c13802f92a79031b1323d33b907fd24e226db6

    SHA256

    8e86934d9e7da0dd371c2f026f612277a5edc595d56d6d5069978aff18a1914d

    SHA512

    8867f25b3d6db3aca84c5dd6be962c93ece6b1b50f152cd25735539624331b3563bad5fbf3a0bef835df12a59ed77f366f7c28a9a7e9494c6b3b51223d850be7

  • C:\Users\Admin\AppData\Local\Temp\Cab207D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2080.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b