Analysis

  • max time kernel
    141s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:04

General

  • Target

    c033e0a5ae7f779c369dd76d3df8faf8_JaffaCakes118.html

  • Size

    70KB

  • MD5

    c033e0a5ae7f779c369dd76d3df8faf8

  • SHA1

    823d0286ac8c8c7d86844c4685bd15c08bcc868a

  • SHA256

    a4ba20e34026daf92b6bfc27a571bbe5cbf4f684e315498eaf155a05ec22ee65

  • SHA512

    c8d3b6787f3f1f724384483ddf6e40c2ba375177c95ed9140e15cf384ec38b9cfbc179a0217f010293227c802c97b6be793f7b8923c0a37931eedff0e6d92988

  • SSDEEP

    768:88FU9cfXYfxfAfEgnMbV0hkBXZeNGwH7KxuwiSXVwT//:oEUl8EgMbok5ZeNGwH7KxuwiSXVwT//

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c033e0a5ae7f779c369dd76d3df8faf8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2d5fdf109f7bfc6d3e25959ba8c75261

          SHA1

          e87ebbbd1975e98598bd981446d6259487b47997

          SHA256

          388f324d4ea8689f0d1d74e6631e718329809d1859036e2759868fa0fbf8d99c

          SHA512

          a466158bd19e2525e99eec97c2ccf9b90378470297f96bc5d3202505ed653ac460231edbe1601d758a4379626b526d02cb39768778cbdf44df8ea023d6207e20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d3cd6bebdd5c0c8377d28cddc5e1637f

          SHA1

          c2816411429d72cf1be095e9bf7f214cd91be611

          SHA256

          1e7bb92c482308df39fe7fac45e8f420f06ffc3004c2b04e33fe5487a64daef1

          SHA512

          7f95d1dacbc6fb0cead296006fd3249aa11d48b0f0337bfb7533a850174e7ff8b628711e000a6ee8b5971b1c2c7b2426c6aae61f2c608f9256f6c911e45f8379

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          27fcd3869c2b56db408e54256aa2c92b

          SHA1

          a87c41fb6ec625e02d3f90e0421dbf75cc49918f

          SHA256

          16d3c7c299054a533c1f0299784b9d2e063358f78160a3d2d50e9b20621cf9f7

          SHA512

          8cd8d9df6b5b021383d2467ca77616912dacbd1d069744eb7274954b4130632f5a894b640367eb852659b80b65d9ae9e66f9950021e67e3e7153ab7ed7f4284a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ccbad17db8773b215232bc74e3a76d3b

          SHA1

          10555a78ac9c3bbbb23352ffa9f1a55ad24225fc

          SHA256

          ef0e7481ac3008d4c4c3c6058d93e7ef8f4cff7d2eaab7f34564287bcc0d574f

          SHA512

          989fbaee3bc4b2d69421793bb07a89d9b02984263df685f22c5a96009e0be1250f71ff15ba2bf25c7bc9ff5de585dfc5393d10c9dac99efcbe8ddeb6993752b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00811c4791f0a9daf158f3d03ab1b144

          SHA1

          13c74495c52f7387b1facc475f501cee54fcb9a2

          SHA256

          74d7402a72914d5a1f2d13213a91168f9fce59b9d2cd4929d67a66f441273171

          SHA512

          f6e927453ac2615e3d354f5477379a1a4657cbdc94bc5db7ed3fcdd39332697a6ef6a2ca2e454d28bbefb30c101c91cce27cbc580ab6f7e3ae58935efac35d39

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ae07ea4071b1d1380d3ca8bd78c36ff0

          SHA1

          a8485b5f05857583ce24408dc6374f7f7cb85e21

          SHA256

          9c32a5adfd708f80c73a66fa362f5f8b0850b2169dc4b433f1eed1c86c40cdd7

          SHA512

          84a0dfca3196afff34d01030d6a26a0186441fb33a014ff8ddd20e455ba330d0f1b52e6d9ce446b94f1409d6b2c7b9c1bea4f9bad058c0e150f4273e18e154b0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          572bf4f35236898a1d195bf380c46362

          SHA1

          22cf2fb8a13824355c750e8bd0b4cc2bcacf7ef5

          SHA256

          ce9fc8eddab8535454fd330b81a6e96e0c832056ad4aa1dbeae62587dd9c11c0

          SHA512

          ef3d0a5d3f5dd2182b0720f43223896de922167844b937abedfb9b81ff139ed36ef1a889a5d6b9823b6547a8d9391f3d90c35c4a04c2039246684c3068ba9548

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          13b31df9137a5efe2463410c9e0c8b16

          SHA1

          7768846bb2cc1dd37c6de438c43c8770e60801a9

          SHA256

          034a593425ed9516a983965e4795e27b4c7fbcb7d9c8cdee4f2b934b15451359

          SHA512

          0f0ae941c9e2c7ff3c861e6a5bdcb22e893db9427da7db0b830550c4436293d6fcd434bbf5816350ebdc6617dfc40ce8ad3c34906e4df3465115c7278443698b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          570128386bfc80d30173929add4f15dc

          SHA1

          bbee6bf6603803391a15271ed939bf4dd6966642

          SHA256

          85d7ee17ef388594c6ca2c091b77e0c4f0147052b676612118f5e68b8f3b1742

          SHA512

          2771689296c27edf6bc366fff94308a8e00dce3647b433041a0529eaec4b24e35567904204d6d04484231353360db259e91de16df55110ccf3c322c3e9aacef7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ace82a5b2d256192a591466b215b57f

          SHA1

          5b390440f01483dc593af34e0645e4030dea30d9

          SHA256

          76065623a9b20d0c267eddf15d7c3d4c7f013bd9a21931febc66e9a7ad687498

          SHA512

          534eea1450d030a509bad579693c969e2f94a2b8e239ffdd9a4221f1cbcca2f4e04bccae2fd61ffe3e85c942129f438011f1e048128d80829c2dd30aeb3a44ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          93bac42b422973e98b0614b0743d80e0

          SHA1

          072707aa4423a93e3a2a76dd734b0709c887fb82

          SHA256

          d7dc9e91537beff74d7224cc4f6bb60ecf145bcd1ed862dc04bc001d31918d8c

          SHA512

          afccc4a241c9df852c78616c6de2a40eca55893cfcad38ea542e12c987878d8fa82075157627647cc3417ca9956fc0bca7b3fffd789339c4a59a19060cb8e2d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ac3503531c5929a076b127c8a40eef41

          SHA1

          6108d2d933849530c81b24f45b99970d13b57a55

          SHA256

          b3e006e745cc72fbd10c14b707dcdd66590d9b1fbfa6259562361898dc03a793

          SHA512

          0466950ce03c7855a15d0a0714c51bef1c0d0af2d69ec610f842c55e0e87ada7589ba3381fb5a4233bf58406b4c02aed06db16c66acd214a2aee319d78926b45

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          418b50838e95b0f6353372a5c5b7a9d6

          SHA1

          56e59c6d1fae1759c5197e9ef511efbfe8b7880a

          SHA256

          503bb15ee59ecea43a46de041e9830da41a1d7d6cbc68dd50e1478a9b653573c

          SHA512

          c47b232f28ef561fc2de2a3cc085391ca592cca8cc902dbb3b60d3426dfb021cd95912dfa87fcfdf17d20579eaf5b30923e77dc160787c6d763f5739c93b20b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          04ae98622b755c8e2210e61bff364c7c

          SHA1

          4fc6937b454b1229a2654a183e9a0bd171690dc3

          SHA256

          199a4066a1a95b5136b07e3862bcdf2dcede96e1117b5a1e97ae97ee2b465499

          SHA512

          f948c4ca43dccc5945addc527130213bc1bf85cd4bd82b764f1c8166cb2be8b62624995120d74ade68bd4783b6fb985a515a00ec704d12d8e347e013184194fc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ed15d30d7db352fe778633c1a27bb4e

          SHA1

          b68dcebf82d50208b644619f33674285600d5db6

          SHA256

          e84c5bd6a9d4c7c0a80ed8ecf3128347d4a8b91fdc64b071ddd6b6efbbf7ff2d

          SHA512

          23b088a1c0f0fb9b25cc16bc3570aa43078f751ece9054c3bd2690e96474d949821bf69707b7e2b5cfb9361a567db24ee8875dfaf638547fa7e41d3c9d0ddc7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f1429d5c82a5860cf870527c2a156f8b

          SHA1

          29bbc1f723e4a12f918a93eda752b5377e983236

          SHA256

          71dc4d3c7df86f2109023d3f06b0035af1db5177fa13f24ae25902b2306bb365

          SHA512

          af082684218f971302e7a19623d80e6ecffe2ee6e37b38b99c4959b01779c1b2d8605c11a748684098ec8cf2b73af2410717bd59d35376ca6c57500c40d3ea67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          645960237ae93421d7385e3390c8b28d

          SHA1

          22de8fa7525e9dd3f7f6ff09064c4c2b377a9d13

          SHA256

          9b68646f60957e9ca81cb0cdaddedb7b6264b454a77b01ab41bd84a49a016962

          SHA512

          d96462ebd9352bddf28c161db47f30bf8c00599959a1a6114c012030da0ce53c1dcc9173279461c794a904fd439d431d1c271e37887b2b65b7a9fd5541911bb8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          891f76f5377d3ca9218c81917382fdb9

          SHA1

          bc61c24c54d9b4385f7c39a97da0b408a7573fcf

          SHA256

          a8a2dad29ae9b210af4085b6865a674f5f63654a65fed6462be624d4e4b24240

          SHA512

          2ab0d3c75f4e7054d40395f551e96c6e1c600965f7f8f8d29e2ca4fc90e8593a03b7a02da28f0b4754fca88165ec78655ef7fa8ccc6bad46c42dd5dc3c046751

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          836a99739f6730111abd6117c3b7870b

          SHA1

          d9d4a415e72af32ec9d254c2a7a1cb5e01ded140

          SHA256

          d38f9daf5bab49ddce1b2a090b16d656ecc9db5708679043696a68521b2ca4dd

          SHA512

          89ff4e3781ac18067b13882167e960c414c2b730bd3c7522d5eecec75e62465d696495375c420d63bddffcfbd1ac7a53ba85df741e772760dfe61065cf6386fe

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          115eb170920e3f7700ee3b4c9b75e740

          SHA1

          a35b2513c1a6b03aeffcec66de9b286001797b0c

          SHA256

          ec12810776aeccb3435cc334aa7b199186ac49b58a2f7b90e600229743c58a80

          SHA512

          1742eb557421e83724db125f5a73c8a360aa6e66121a26222a78c4992be13d7841de0d57c0c48acd4c5d4bd42ad6dcafc71362c6c8c4a96d66ea7dc07ea66a0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a85095f567795fb3d386ae1cc4df6ef8

          SHA1

          f515d5cc4cb51bbcd030ddee9e09dec84ad30ff6

          SHA256

          ad5309f54a3efc0879a9c83a22cf74c40f55f986dab11ba37cd97d928e8e3abd

          SHA512

          03930f65b45032806329d60bed4ff7b5713dfde757e932271bbb424a1bf6e8df4443c3c46e1cacf5c28ea788531ef893a0b4c4a947ed88e701b96d69208ea89c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          de2dde923cfba380c8369aacac2cb61b

          SHA1

          58a71dbcc23ae99cf7f902eaa6018bf1dc091e2a

          SHA256

          7a35fc1c34befe85a3c01aea863e05f8078464e3691e41402c0b43432201dec5

          SHA512

          5c50cd85d5b814a3c2d34a92c0a3a96032e845bac82b9ff1246faefc6656997a322893e97512d4a7f6d6c0bd51a46e41f91b6113981998a8bf2736fcaa336bcd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1fe3410835e1d7738eda959025303347

          SHA1

          85ed41c5898c97e35a58efbe80b0a0e6278ab835

          SHA256

          2363d316bdda600efd89ee04c4d1d3a47d260aecb9821609f55a2e0f525ae47e

          SHA512

          54141c8623ff30b0648f89a4fa09d9ae03de8d68992c2b2cda75221b02650a9f919c763639cc809476ff4272c7444e32ccee927b772c1741a27c5e675915661c

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\skin98[1].js

          Filesize

          1KB

          MD5

          c728463cb24222963d38b024ae7a26eb

          SHA1

          92bce4293ed56655afa3e93bba697e703d6d1ae2

          SHA256

          ab0b2d28708886296a3ad8671ee0a00136593536ee59b1c1f8d59306780493ae

          SHA512

          dcd807d4cfe9c22f27717807aa53ca081538d88a00a4af27f1713f510b259cb055782e8d83f0f250220a25e3c5976d424cdc1fc8663ca494fc0c86f3f0ab354a

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\wp-page-numbers[1].css

          Filesize

          1KB

          MD5

          2cae9789d1bb0e24b3d77044f61794de

          SHA1

          4a87661cef6fca596d1b1e1715ce3d510dfd4ef0

          SHA256

          6b2074842ace46bced09d777b7dafbe906a9597c3c0010c407d828b0a505c66c

          SHA512

          a7f41134683fc17c6c8b74d8f2cb7cdc3e5fd5d2b07a3828fad34faea49cc7b9b7f43f834620cc7ad199456a93b5e78b146270ebe3609b47aad8f92b781a762d

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\site[1].js

          Filesize

          63KB

          MD5

          17f5de1918f048449e1c73f922db12ac

          SHA1

          33c38b4790712d0678156e97cb47e1712da4989d

          SHA256

          d526cbfd2682ef59cd5eed8ec29d8123b2b1cc607cc4874ac5440a2326453f1a

          SHA512

          28e81a6761207a6eae6c8c868edff6a10e5e752816e90da08ca72d60d31816cd1587fc193d2576705c2184748a64b316874142d5d37e4817dcedf7165060da8d

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\style[1].css

          Filesize

          8KB

          MD5

          4e5b2934e906b911362280f8d88899ed

          SHA1

          cbbe1eedb0fb75e494573824274c812fb45a72af

          SHA256

          2507d55a51044de0e5aacb0005195b6a7296ee74d694d4a7806d7781048ad14b

          SHA512

          f0b487d77d226120595f14516d45d445bf147a5506e14f9845897931e9b1f9997f5f9e6c32bed4c4651a49c1fc822d70d90b0b3abe7483103613c696faa1bdc5

        • C:\Users\Admin\AppData\Local\Temp\CabABAC.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarAC1C.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b