Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 04:19

General

  • Target

    ba559f49bcd81958b30255f5ae26bee1_JaffaCakes118.html

  • Size

    103KB

  • MD5

    ba559f49bcd81958b30255f5ae26bee1

  • SHA1

    c437d4ebbdbe892e79ae98a89a83cf56286537d9

  • SHA256

    caee6801f2cce35fff772b943a50499dc93cbc65efb251520d5bcc12d1ff1adb

  • SHA512

    20dcdc8f33ee153c111382c76016efbb28330d6234fb39d2b76a77b1da524cf97dd85af1c79eb6569e54085727df442cc789d7f0d0d1235ccbe7941f10b4c7a3

  • SSDEEP

    1536:pbMjw2fMk1D3O9Pj2fcCC/HAm0oLND/n8cZCl99zp:sqfRLmv

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ba559f49bcd81958b30255f5ae26bee1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:624 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1646f928a8aa87af9a30e6ed8931bd7

    SHA1

    0b831e7db5e44a14b12fc32f6ebd8b05002216fc

    SHA256

    34f9fd695a10e3d53c42f0dc7c1b3ecfbe75f20899782bf787d9dcf35f1576f6

    SHA512

    e7333ccc00f88f4bd8f3a1f188cb971f454f3cf631b32ca889c5da8b9ea2d15c68e6651f6b0ff842b25291ee8cdf52287815672340312e52c4e7c538b91f1b89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68ca4baf74bb7a89d0a70c66a5f46a7b

    SHA1

    844729d5dd3f6e271869fab1061ce4b17002e3cf

    SHA256

    16d7f31634cf46a6698d0556a0c364bcbfe2a6982a1ced706fd0de52c1347cb5

    SHA512

    2cac275be724b23f1fb73070e0bdb57d590dd7cac5ef7b4bd22eeafeb6b4336e0e0c949321bfba9c36ee6fb752addfad6dd46817cd1da2d0db5da7824dd12f09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52c42a32dd267670d7acfa7b8e15ec35

    SHA1

    852aaf89925655f0117fdf7a61c5ac58347f2cc5

    SHA256

    96fde39b903e2f8e4024e01f698d2aee4466862174e9018ba09128e6ca1b9e8d

    SHA512

    25d4247505143ebdc8bb49efd3b6502bcdd9e8da5051903b67fa276cfa2caec87dcde472052775a5af0e50d99dc5d171447e8c967043ff443953152b2f638a12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba172d91aa09c200c45a4c5c92cab47f

    SHA1

    8c1bf5de0ae49f6bcd1813ad1087fa1bff6ba73c

    SHA256

    58cb8257a8362a567b1a3488cc6f8fa1a8394b93e59a037e6c406440b40b9522

    SHA512

    ed99f90fc758de4af92dd6aceeae18a9cc2728d6f03d31c15915f5bc3ad6263e6bbaadbface3c86cf2f89062677a3d3b8471f2004921f8016932af75767c87a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1878b5ffad65d5ff6107e605e515a26

    SHA1

    2dc4f6d2f631e3b3f88535cb52e6c745d37a61cb

    SHA256

    960ec0986ad512d8d24a30abc476b9f8c055068de774fd02751e5b232ea251c9

    SHA512

    0de63c91af06d81dd011779e53a526d252e9d5fc4b04ca0bf0eef2946590d52d0679bac3b5950b83a698ff2ceb8d86cfa0a5a5b851ca2a8f58b6df39872f20b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a40d4d8677062dcbd3a09f404ce04270

    SHA1

    1fdc489e9b64862fa97031b7d000b2cb802423dc

    SHA256

    9dba5ec2e32156676dbfd406ab4646cd51b10ab374d8f40f3606fbe32a82604d

    SHA512

    08371211bed9236678afc4838be14ce215ab34c26d3d834fe2f80dfb9c0686a7c643c1be7c30045fda3e23e4521fcd90dcf9d5af02085ae845b6df7dd5d44805

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65480d4b0aec86406bd2a78629a6cf40

    SHA1

    5b9ae3580998816ef5774cf48f80bc0bea9166f7

    SHA256

    ba3179ffad96cd2fdf7f6571c4544ac754035b1cbf9e62ac600ca2c15c7abe52

    SHA512

    6806f56ffb5bf67c7ec3fd969104b0d31d28d8ffcff221f703df9708f4589571f869faf122acecaa0b85087215ccad1f1905741adacaeb54509a5873dde5e4aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    661c4e705d94fe577f531c8982644fbe

    SHA1

    ee5eb2f7842bc14d7c1da48f34f19d79e717ebdb

    SHA256

    d159b7ae5fbebe5585e712ef68582bdb1d0a4521e7b9e7d8b8e421ec8d99ff68

    SHA512

    39fcc34baa5526884d6f5ae0d1a6242d371208eca4b0edbae0e8952b46bcdc416dd429e39380edf39be2481bb75c57fd1ee24d3d52c4d9be38475d79d1cc1e7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6a7fcc9a69220dae9a82b4f49f5cc99

    SHA1

    37b873ef04f498a5e976870ba500156db833158f

    SHA256

    4e4ce5e02faa72a759e8437021717bcbad53a55dd991a6d6aacd48a7a23ece9b

    SHA512

    1b8d69826834d3f4f6aa331588d4fc8533c57a2664f8a2a83d2243acb5a39b877228f51ab5f95a4e3274e2202ab24e610c18a2410c0dec954b79c06f9701a0f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76f87d5b9a9bdab80fcd9685c8356201

    SHA1

    83f40ddb17c2578e952ebc9b3ad293a5cf88d647

    SHA256

    45a125dafdf677114906d6635521afdc7ed4f86ce5e6d739c609977ea21f7615

    SHA512

    0c52b18a5c8851d23ef637a561f6ceb708692166987a1652c4c406a3426ef1d20f2816ce91cff33693dc71f533254dc5dc2acf9b29c4429765fe425c258b7c46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5abd58c0e4cbb66189fe8415f41c558d

    SHA1

    ab264be2e0e3f5a985f5c24fceda1d331f4c9326

    SHA256

    ce9b5dbb4c17a226c9828cb28c253f3c8483f5ca3874a5f642bfc1c31c94f3de

    SHA512

    555447de78e0c5b6c9439d3cd1c5f2c851cbdc46d2dd049510e216692f80890d5e5e068c6c3e1be7694ce2dbe9af2ac0a2753af2c13f1140c240458d88a07d03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e02566d1a6c1148635696a45afede874

    SHA1

    52669e67593b1f8affc98d356d14c15862123af0

    SHA256

    67427d617d4c02d3489e0febbcb71bcd1607d09690cfd54e8ba2dc119d886a56

    SHA512

    380d65ed55ce116c91c335540564df6f71d1c76871c7e893f7cd2432ececa67751e8c54383095f9764a84763ad220f44acfcf9b51ab364afcd705dc1cd6c933d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    688a84ebaf2b5d3ad5b664d761d3b14f

    SHA1

    478116cb4ee355132fae5b57ed213a88c2d6be3b

    SHA256

    6556e2517bd1362f2ff1cf1d8e0b2d947b94071143d4c02ede19dd64d2e9764a

    SHA512

    f7587158136a020097d7bdfc4ac1099d213f3ab3c26730c49246ca9b287fe5254cf7878870511cdfa52fc152ee6626c94f3379f2a4311d6ae03bc83245a0e954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    407c6ce496a255ccd6bc5517e3095ed7

    SHA1

    6b6588cce6fccd1273aa371d7d891778ebaec4e0

    SHA256

    45a23d1b2ca524cfe9c9566cd0bdd4d83e71a1c977ecba002780cfad409de6f5

    SHA512

    ea3fcef5c34361ccef44f9e24b27dfe460cb5dbfd9c7fa98246b42a79ee487b5744cabac40838d1023ad4005709cafd948d2fc070aa2b192081b163cacc3dd8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1bb5d1fa53af88838fd075aad37cb33b

    SHA1

    90dc19f16183715449b84ff02991911d4903233b

    SHA256

    b30e208e68e2c6e52a8f1de6d354feed9de8068907eceb0ccbbd7ac702dfc4a5

    SHA512

    6c3d96f7346ad944d0f19387e1732c626fad8834948f1971d5ad955445927f88e989f475708c839e0bcca1258d1ddee4d790e4c7eebf8c770dbfc00d70cc7123

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87a843cee5427bcc2322a8add4a4affe

    SHA1

    347fbbdc49443011c2c91454c2b022d499f37fb7

    SHA256

    2be4f85bd241ff3d46f7244af5f0b0fe2f1fb946d65b650c5f4af59e45b19467

    SHA512

    171dab61e83fcb2bff6f901044abde56a641af51b71185aaccabfe8be57834e8a4e0229f758b4a8d9f5d4b6cad2936e0176999a67ebc3ea5fa10a4406e94cf5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    589a463e978365380416a9bbbd4315ea

    SHA1

    e6689529646bde8ec0aec1faa6dfad352e67f26d

    SHA256

    45cabfe0e20770d83c54b62a403a458ec2a0f1ba3650c968e414669f746c0dcf

    SHA512

    b0644598dc44ea6bdd948c0dba31414d6cd2797141c94820150e7ad29ea9619016b676f51952c5cf915a002d24c8f1fa43fe0a94f2e41dcc0ba34aa99f803a31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c385228fe72630543a1a2c0bb2115830

    SHA1

    fd1f08832fb0bef9717b188120bd24df05833602

    SHA256

    9c01730798cb4ad0bbdd9d9fbdbd6c892b0703ce9ef7696bec72c991b0d867ad

    SHA512

    9662f82ec7081a0b96f38cea0831cbc07c9a150dce65b4a72666aec5347d2d431a20d83486845580f4d182630f6e5e7163896b063a907c6e53d8acf2ec7a9d3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0cba670f5e6f6639112296e7b8f85f7

    SHA1

    d5a898b6df9e3c0d4c1140d9f26922b8d3460ea5

    SHA256

    c10df09729511d572e410bf2f37d21b84a2a9ff305b710b9cdbcc97aa57c4128

    SHA512

    d518b60eb0a90e5045c0a525f9624dcffa1680acb7b5b3816c31ff59e8d2f3fdcf890266d96e7478b93c6580e2bcd2a523af2cffb3efe6b2fdd6a134b67025ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b25accb9c1ad9d483cd14aa360682c1f

    SHA1

    5eb880694792eb0d0ce72eeeed8cec25b6db6ad3

    SHA256

    84e10b10106680bd7661ea4096a06ae1926b63969859c706f951c47d8d5bfcb3

    SHA512

    4b45e2a0cd9ec6b93f5b73a76ac4d9353928a0199f95aea91305e3bada8b9f79593110c08f4911ea2e651f9a07e72621dc4c3d485ccd4c6ea43c4e377f16faa4

  • C:\Users\Admin\AppData\Local\Temp\Cab54D6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5537.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b