Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 12:24

General

  • Target

    b79f30374cd3c640bd6ee32ffa96f516_JaffaCakes118.html

  • Size

    119KB

  • MD5

    b79f30374cd3c640bd6ee32ffa96f516

  • SHA1

    072dc8ddb203d4141fc98fcfcc49c0bcc76a7b12

  • SHA256

    5a806809364a1d1d5985ad80047a7b70df8b0d2174314966315159036c91b6a4

  • SHA512

    2f8dbcccb8e82c010bc3bd0ccbff15730db2bb70e86c2a67fce23e1b3f053181002c57f8da2dd5c2e2a72a0bfc4565e094d3ca0bfff8e63a6761fe4fae77c181

  • SSDEEP

    1536:SyokyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCW:SrkyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b79f30374cd3c640bd6ee32ffa96f516_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dec6236128684b47b08756bf161463c4

    SHA1

    f23482f499083ba161a0169e0fde68ae596d43cb

    SHA256

    e53426c89741bcd9516ae489af2e2cbc3381f7f9795e7e2f65f0b9e44cc6b05d

    SHA512

    d31369fad48bf5a3a4755dc6471b4948b825a777b23ba58a05a81a50572703981a5e823634cafd8189a7e722a956a9b1ff302893f5ce9b381fdf9813837223d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc1fe39ff017eb0981ee9be06389eccf

    SHA1

    cfd4e4070079b72aea9a28fa74a9d46bccc2e1a9

    SHA256

    04128d491b73d25e7046ff8cb3f3fa78f23b02058d9bd7e0bfc93b735976e0f4

    SHA512

    60d45624ff13490bc1f7804851c32a04838e31edd8147bfe4fd31aab0138635cb2173371b57835e7c20f67ef24de8eb174af0da5ee0f5ab3a089a021e0f6f143

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c3f50d3997cccc3afe5e86413866790

    SHA1

    67f57198bb40d48d2ecf6459a3c1738514bedb8c

    SHA256

    dca71eb31135e8c2f54729299b71411f3bd2b819c28b496f9728fe1de488628b

    SHA512

    32fea75747ba7548fe4e2cecd4fd5744eb4d15e28bf11d66357cf3cfbd4e2a173b4eea4ddd8735bcc1793dd3257ef0618bafdacb12beeb326ce1dbb2b07e548b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67222f03112085ed8b1487f5d6a403c3

    SHA1

    a78b5e136c87cf47fdf67da9c7543c27191e59a4

    SHA256

    ee3f9a69e100ad135e6219cbbf7971d32d65f89186781759a66f85df58269614

    SHA512

    665c10c2a0d3a6ea2ac746c2483f84320735c23ecee958427e9294af3399a5323ef5a518348f9501874e75b10ebc075cea9cdaa6118f5af4cf2d88b17812ac65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4ebec187450a1ffa6fe0bf94bd20155

    SHA1

    9dee48531aedfd2bff52afb444a7262a0611f98e

    SHA256

    57bf58c33b70abf4d221d4d3acb1bbc0517823d3650cb45c02c1103b75c70b7d

    SHA512

    01b3013aeabc12093e739863bf259dec55f23fb5495280ba5f3f136c5e014b6067337cf723ae734388301a4e47437be2b114952d31f2cab520e35d8eb740c056

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2b31d5fcedd4108deead1de22192ddd

    SHA1

    bbfaf2aeef882ba58eaf52b5a046410001b54fc8

    SHA256

    3c009789a4e23ba4a42e4e51d2cfb3cbc96bde973b229e9c5c7a5025f86e65fb

    SHA512

    f098ce2ee6d9f6a80fda9398fbef6a99b6e71cbd0d480fb739798b914eb3bf6e283c78681134ea55c06b96af9cdd6fb5f62a936cdb66f3196e5f091a72db4429

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3df54647f2b44886fd1fa5abe1390070

    SHA1

    619d0ef328b5f0822f28f022da82e318c4ca8083

    SHA256

    dbe55ad5b49001b76edf705496267f3e6b6ab969febbab5aafdcfe5e9b66171b

    SHA512

    e923a1f81b6c8d1d043859c44159c5452743dc7e111910be09c3e963d1ad80b4d12f800399b01752f094f9c4821daa8ffc5eac6e29d68598b5fada22d0a42c01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9bfd9a82ade1a9967814c7c2353af47

    SHA1

    83a6b4339ce5bc5af6cb73ae6d12ef16bd2595b0

    SHA256

    011ccaa417c8fbdb105b613a4baec5b2db87a91d130fc0584fad3c21f0a7b866

    SHA512

    e63f070e21fb142ef73632547657e41ea1e8119242778846edb5911eed97d1674eb1484be7fdbd91e4c56abcd238eebf274a99fa0d6f07fd0fb1cd3bbaefad35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec20cbd549541330953ba5c085155368

    SHA1

    ddee41d53bb98f183f548b2e473b17ca89c3ee5b

    SHA256

    03c1f0d74822c9639c0a77a59ebda97bea015d43b79b1418eb7cca4c3a806486

    SHA512

    6df252973e56d515566114196b709f26744765f4dcf72ef30396c126630dc7143841cb44aac8d2727a4a29efe35c4dce0b73679976d922bad35ca47d24d429fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    419a770a55f6baed625036131baedcde

    SHA1

    81e28dc59c91362c6661a43c1e586fde91bd4610

    SHA256

    f6c80102baaf54c5bcd19bcdfb2fd761b15c9ffd430a7b532f0d0bfcadb81231

    SHA512

    a98fa33b1c4be43c15e3a3759a9cbd30d62d479f5ba3b9dfb42a9e82c77da2478aeca67da0ee0b97184df76a4aaa618f636477941105f583ac444d6e5d252085

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3edfeef645aae80ff6acc9d2d9e2998a

    SHA1

    799d79e32fda541c81ad1df595f41e1fc78e5916

    SHA256

    82597deb39b126c667c9dece6e0928a983a309326afcf690ca4f25e4a3626b26

    SHA512

    6ff101117780328605117ed8e31f24de8b6822aa56f06cb6b33ce2b3df311bb8ec7cfe90fac9d86e1b9e1bdaa80cabaafb4f0ece777b7f3b004b428abd893f4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5239a66803fc5fd9d55c7f12ccb1889

    SHA1

    29c603db5310f88d86f3907931a79c2a81cf0c7a

    SHA256

    0844f0276352b70937bc009fd98cd8ac45750cc3343d1dccf834cea911a63038

    SHA512

    cd095af3ebde202247b98575dc7a59a48e002e094ef62de5bddbeefb2e0546de272251fbcbc32eef41eec07395b3b9f42bccd8e3feb8b75c4ec0a9f0556f0e13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ccdb7360bb6f026316fb643d530d047

    SHA1

    afa33bf9dfbe371ccfdcf9ccfe5533ef6c207cd0

    SHA256

    3dd05c449f4a0809796d7c4a109002f9683317d94b6c2aa7780152ee4da4b1a7

    SHA512

    d47bf79e2733e4984ae4e93e1db1162c2e0e99863d0072516751f77336065df0483f100f777fc5b7f454bd53e4bb28496013d689fa8f77d939b48858c547c32a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b58ddc3279b6bc49c697c297575e26d1

    SHA1

    44fc15c773653c3991a797f1a3d92b6f8b4efb6d

    SHA256

    c579a381490503d699f39884a230dbd6fbf2afd1002457df2fee9cb10bc21927

    SHA512

    d5c520e125688aff55e10c56e224664cdb8747db7e09275f23a3966eaf8e6009655bcf417eff227e061202c004b1bd551e71883c119bb74bcf81de222a3623d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a05db10046a78625653163321023259

    SHA1

    b29f9115048fea61d25157fe61187886ad12b04f

    SHA256

    34dc2fc75fc26f510482bbba079ec926471d23220036f772fbb6ac22aa4babd0

    SHA512

    c2db4d803126e38dc27cfd35a9cf50a998007739b99a7bebfaa9223a34a9b7cfdfca0165af7a00e3457cf2cda3589d4484402cce1ab4e51633e54be03fa7bcf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6594dfc6f670c9505dd33d06c9e659f6

    SHA1

    73000afde3308ab95efd1ed9246e0317e32e59f0

    SHA256

    6314112821a2b16160b48d9e9d79e777ec1d3464956f16ac97d2447423a42a50

    SHA512

    7116bdb2cce3313ee6e8b105c507c96bd47addf2e605ed2bb3fa706b4f470a78c43ff5ab613bd25e69f732d5f3e20cd8dec993b12e20090dea2a889fab10565b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c08bf4fb9543ba1f9f6b6c8955d3c7e

    SHA1

    297c2c80837628fa7ea00ae51d59b25a66566c42

    SHA256

    3a70394e935d0db5d874b4e33e1358c313a8414cf8348a0303dd2a0df63e5645

    SHA512

    0ed4e5824c41ff76dc5c76acbbb618fc079d2a79c60523f5e09b24ad42d8b999070cab1bb9c2652834264b3d887b0fc8d7fa5023cbe6b587b771df10b4e60459

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    352640eb3b649e638c95f659eb540cfe

    SHA1

    0bbb02ab136b62a8d4f5cdf2f853c6586015687d

    SHA256

    fc450634bba7903b6f0532ab93955ee96daba90e3cffb75172961946bb6b0933

    SHA512

    b910df0cab96ef9d0ebf883519f18feb5a0c1ff90cff777d9cb00df597ac82e9b459c312afb02e904b069a1b09e4b4a67612f2f9293d1417e3dfb7b419fb5348

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c0c62c517d78325295fab2dbc98541a

    SHA1

    e968672f32acaca0d1365e6d3a5efdbdbbe266cd

    SHA256

    388edc1d712a242e148d602d788922b1c64c7d11ab7e1d7d2f2dfe41f1d67412

    SHA512

    e21b0f5ce78298ebb571cd0c592d84df3318f741acd87c10fdf57ad94cd6f00e07c24b209647584a619b2de8058d96f367eda7f1e4b500955faa7ec746adba27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d431fecaf8a3dc11eb56ad3fe5e7d2a7

    SHA1

    b91cefa600c088ef4bc2862cfbe80110c5f467f6

    SHA256

    0809b03ae83a1d60d25bdb2240cc427cc048d6d27d4578ee3a3b58528df5eced

    SHA512

    6a220ec6af1a61f0195492ce7a6f6e0f05cbcba4b8e401551ced96d69bdf31b2de8fd6dbac9d6ef47944be809b2d967270d9b25ffc7b115502dd0cc7f909baa4

  • C:\Users\Admin\AppData\Local\Temp\Cab431B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar43CA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b