Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:16

General

  • Target

    c06b400a1082e6002850eabea474acac_JaffaCakes118.html

  • Size

    37KB

  • MD5

    c06b400a1082e6002850eabea474acac

  • SHA1

    dbf56863d3bfeb727b9b0e937382712e66aadf4b

  • SHA256

    af564aba007eb0a0491b8613e08c17b8a59391246becb452b3d6c9015acf8c41

  • SHA512

    51a8310d690e106c45b6ef1de19d37254e01e649cc603791b0588b71841864efc8545ece210ca47dcf73cff71abda5e42c4ed137a77331a4ffad3298c6aa265c

  • SSDEEP

    768:MzlI9GzwE4WXAG8L74bXbuXQXl0BuRyNCT5NC5Z3F3MxetA+dtA6fftATtACVmvf:MzbtruAwYgJPEKfI9ElB5jR2RGWiwwyG

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c06b400a1082e6002850eabea474acac_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1940

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          1KB

          MD5

          d211813d3f53d4d012cb8999a971cdc6

          SHA1

          d5ff60b1a5daa022e1ce2ad4e50ab10ec6186158

          SHA256

          01135d373a3a18d0eaadbbb875fe72fbad354c1ffa158ae6868237731fcbd780

          SHA512

          3769d588c36146c8da0bcbeda02b26b2eb580f3c9c8312d88b1ab3498c0534c602588147a0ac5f943d0a3cc908fd297a79a59f7fec456907aee065d14a5d62f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

          Filesize

          979B

          MD5

          d5e8f7a9bc4388bd5d1117dd21f824ff

          SHA1

          2bae050693a200852b2127f688b50d777b9b5b6a

          SHA256

          9b554201d8e85d682184283e37fd1cc0d334429f29b7ff44d0d4e7bae38e251a

          SHA512

          4676f9eb0435c6685df530d019840b490c85a83ad79ee00f2fae0a6b721e009fb387d0f1c2710dd4676f23005835c6b87377b7484a794b72b8a43ad88b3dcb41

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          ed2f617a96a1cfd212670cb662f815bc

          SHA1

          540fb9fb278a1a04da35421cb03ddef6e597f680

          SHA256

          72a1da54b56971018d0629cba9510cd5a963f476390cb3af2b94bb58515971db

          SHA512

          0e36aa198c888b1b697ab9ff3b5602e22b75a8a7a93f30aa5740e78e3f0027195baa0b92eb1cab74019b93e6d99314219fcb5489afc2ea6c77340fb4b9a12eb6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          447ada25a12fb7445f90f3a3e449eb98

          SHA1

          a1aa623957fb1c76c6cd04991c776e55df6b9a20

          SHA256

          5717fecb821bf0ceeade319ac3b4e60c1e05f864816afd4a334559d41f15fbd1

          SHA512

          b6a79d46b641e04c09b0424713ead6a0d7220e586c55c3fff50e0a22bb9bb24e855125dd7449828d3265db358486dc2d50616b3413884f0d34fe195a13307fa9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3de5a752fe140fd82c26bb016dea1471

          SHA1

          6d58037e39833963ac5a9aecb5a962caba79adce

          SHA256

          04e086fa7f6fc2a919cae5c72de2a98f2c8ee3c2a7ef1767e5071be56d5b9034

          SHA512

          17e5c9f32ece4ad2308563593a47d0d8be9e196ebb6a1d42107ee10b569e4e00e443bcfadfbe3de22704810cc6fb0cb8bdf135106ed654ef95893eee904fe37d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          54c6c35b5efcc040f2c455af0c4a1d57

          SHA1

          8d201a80a9f493a25e08bade77d1eccce2caf840

          SHA256

          65c182ed2ac61f077195e4616f7d8c00d069612c0d265bb5042585988872b063

          SHA512

          f779c7efce668a29f722a5f31d6ee105b342a879d6f0a01abbd17c74f33423f6872aa7c48bc8adaab779d9e595fe9cf1fcf21b63b120cdeda5fccd8396b398df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e6f65fba06257a249ca76730d5d47f1

          SHA1

          6c4ec315bb11c78469c666192de825df661e7a59

          SHA256

          40c6b21d3f33d9cdc92562fae3f245666cd6024a15780551802e3efdb3af8511

          SHA512

          ea49eb286b4f8fb9485c7633b5051cf75aa5c8b3b676175bdff2b06e88d914a35af23f6227ab607017356398a76c0220881199e3d79e4f30aed65ed4fb177048

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          18bc576f3086e996032037edddf97853

          SHA1

          d3a0dcab76cb0123a38d1a6f686677607465e59e

          SHA256

          38c407482bca5b329aa4c76899b5115d9ed473b28dba6dce3942f5150608e365

          SHA512

          3a0078f28840b304214b266ecf1c13907dbfb852619ed1dc15dc5c7053b736953c4c0bf30c146861e90f17b61983406b5915893f717edbbf58fd704a59a9c5f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3482ca1349074b40daea035bb50b6aa2

          SHA1

          9b57d9aa3c7004183e064f6c91f5ab3f06efe7d0

          SHA256

          35156d575d5aa7f6de35fd0084f6a4480fac9a903e2799ebd3a582ba6e0c871f

          SHA512

          bff2f0b55f90bb52da99c25aa7f394a7d3274f2bdab3d5b07a18de45c8be3e04f8a074613a3eb82661ad9b135484a34156bfcf2dad321eeedafd98b5de70ab48

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00292bab6ca18a4b9a9427013bc0b87b

          SHA1

          84d3335ccdeecd86a2bdc52c78bd9dec2219dd4c

          SHA256

          9ab37c1670d7162b128e731a4a3142cb1f350324905910aa09e0e71c5411ca8f

          SHA512

          4892ef9dbab06d19b350279161d566becaaaf2d518c65db530cbad9848eb8aa41dcc4a8195cab5e1fe9488c2e8d4aa2d94bc32caf5bead39265ffa3ee2e750b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0a2a0adc56d286511c05bb0009fd3c70

          SHA1

          8fd1777007dd568f6f5b93d40e78f405118d258f

          SHA256

          824da0a2674cdd20f013e99eb9c7a5e45ec884caf22a62e472b78ddcdc96fb0d

          SHA512

          6aa9452c3c9c5173ee8c7696bf162eeda4930c0936d30ed336c75deccf167f93fd1a6b676cd7ec1a9c91e1415ec741c7db1a1738b62f6fa2ac8a0c312a00c8f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a0d82986212c7a9e3ac4808bb4ee7bd8

          SHA1

          88610bca21a60b2346512b7f804879eef2b73b38

          SHA256

          859d0d0bbc6545bf6de262ca7bc0a003ad04b929276abbe310b0f5fa33250b38

          SHA512

          64484703e23eb43525181af645a90ccb3cda384e44c74d1857bc7796ec086b29d2c74fe5682b5ba9df695228be001f027fa3ad7a09d7055d61eacb590214a724

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0f738d071d89205322e19f626a3ec3f5

          SHA1

          8ecfebb000e2b886f434097b946624b790a98315

          SHA256

          51dd3b72c5b2b06b2ff8deeff80973fd132caf326328bdcbef864acf65a9ee53

          SHA512

          d1d160de2911652185bd8bb134b247fff7b9d7ff897bd585c3513278b0c24437b81a9800e73415058c94e0c3784e8702d39633033e51ffe776ef8a4738354d3e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          caa1e15d5392b60617b112758bd752c7

          SHA1

          67575c3e451484bfefbba9fbac1d6bec3e0c09ad

          SHA256

          ea354f014f00cd737ff75c0ab444541a6af28a63bd8692937b599db1ff80b345

          SHA512

          b38a8030d92ad794aba7a9acb3e40fd83ce4d8116ebad10f1ded2c268bcd08c9bc64a4950fe96a72853770252807d089d13fff448b6b3fb854828bfff4074984

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6047c5e0b05b6048c023e7454cfbb5d9

          SHA1

          fe26cfcf7ec2aef4de67274a0cadf2b2853314bd

          SHA256

          3808ff3b72c850dbd2c99f5bbe2e2cc76003b3a696eaffb7df006fd76a3d4158

          SHA512

          80266710b715691ba0032a621531788f7c7f101483d9ecc47ca9b5bc1ee83507d443d07cfaac77621b0f500e5e57c17b687f5e295dcbadc8b63eed51c2466064

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6dec2d684ba748ea33678ed65eb134b5

          SHA1

          0fcfe25563d43a45feadb965893f162d6d7f7fd4

          SHA256

          9c8caa3a5fe1e89f1af81236c54183080b629a6954d96ffee48658abde435884

          SHA512

          49e17627dc220214e2957098cc12de91fec454ae5dbfc8297f192a416e6c67a43f155688ae7ff5e2c24dbd91b51a1bb44c71edc12f8a337b045d8fde4a19d5d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          443b3593269a163542b5ad650875dc7e

          SHA1

          2bdf436cb1490a97b3528d0fae9364e4d4a08e8f

          SHA256

          e90749821ccfdcab00f1e8931e74f187fc8aa65cf6c47971e05854fdfdd65a52

          SHA512

          9ea9fd357c1c9d4fd48cf3d8da9d6a9fb131d91f0ba881009025ed6ff97b332b30188efc0b9b167d91d9a4b1f3822293d95a176c81fc177a80ab27c74c43dac6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3322b492b5358c57f2cfe81845dd28b3

          SHA1

          25ac08c34335887e08ae74fb947f566514a1b6d2

          SHA256

          c281172d20585ad8a0dc9896427dc87689ba0889bd82e9b2e6f62c32aacf511c

          SHA512

          eabb4347ee10ab6e58bf2993ab3a393de49f9afd6ea619cf212c2ca92cedce06dad45bb95cbdb873331bd078a532245069266671096eb971c9b277ec336238cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          587b0d611fc922b8b9c7108444e04d6a

          SHA1

          0f988ed87a10e9a8cd6c89229891fd6fbe6256ea

          SHA256

          540e90046cd95beb61780dbd5f369075276997239f9201f82c548d3662b80436

          SHA512

          4b33f6ecf787bc37b1a1f597645e36bf77b77ae9bb1291e2b137ba8ab866fdba10f9dc04d0b41b809277ad5ef99384abdf88be33a00935037862bdf03961aab3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          512e0731838fa4b44af9d2dfb6b78ec5

          SHA1

          c75c0a4d7e5cfa3809a945a673fa19b442acc3dc

          SHA256

          0fdd92b25e944f22e840a085e2ec6a1b694dd5e0dcc11431523cbbd19e2f6bfe

          SHA512

          5346132eb1702f10c0981ed4625e607f1a84757ad82c7682282e8603cb6552e9bd0eff074f3e6b23fe4d9eea7dfe425fe3eea7db5a8e521774c98b2853fe3c18

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          40152162da5c7bfd427769532e3356ab

          SHA1

          3bc2a672bcaa807014d104df3d00669af7b592dd

          SHA256

          73bd386f2ce803a4be0756418aff67dc23aadbe28e407147f6a3a3f91d81e47c

          SHA512

          92b3ee9d0f0aaa04374d1b0200a529899d6d0a0a773d820f68e5666759b0360e7029322741ce4c20ac47b1f57264d31badbe997bbe6df9105ea7a0adfd056d4b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          482B

          MD5

          0d1674101019ec0ec1a466786d60f430

          SHA1

          5a8e16fd7006f87bf4f05c9e69c240bf6121034c

          SHA256

          de531a312c9a79f456443cef1ee609220debef75174e3afe677f0a54481e842a

          SHA512

          a65dc0aa09caa358a7e7dacad062639c94993a9aaf035282310e384e69391fac9852f394f8eb1d713da54fafca500d0b112675421b88c0fc28cb5c42840f3e0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          482B

          MD5

          23eeab0089f20a49cbb33bf55d86ed8b

          SHA1

          188fa52777d6c777f3a1db804bf0388c23c6450b

          SHA256

          70a6e2134939ded1f2c3e2b459bdf5d1f4c27579e693c53006e1a8f8cbaec01f

          SHA512

          bcc4fb250b5a5c728c6bde6e96ea352dbbae170a01f1391cc4406293b611b305c81875be7857c4d6000ef4fe5e56f82871fcee27e623eec7f25422e47d359ef1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

          Filesize

          480B

          MD5

          0bd8e386f6933f5fe5cbe228e808fe9d

          SHA1

          d02d26aa8a7b684e3ff9df2609a6786525d466cd

          SHA256

          88fc09f16e9a32746fc56a6c1b54b35faba6f98ae672d6705003556491e5d1dc

          SHA512

          2a78399332a03c7bc1c7594f49bb409fee48754994afec9cf9c9b292f7f3ca013b606b86230a57cdb92408f7962a935062dcf4e02e791650f26418296ed8bdda

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          51619b2de444f376c53c2ef2cc115d42

          SHA1

          0d31b5d67001e7c50eafc120985e505126c62d33

          SHA256

          a2284f353f36f4e11a7650ea36487864aca51b2a6c6ad09c8271911fd24714c4

          SHA512

          3501efff347bb8c627f65047ebf1d6f425e26d8be12d4cf1f3dc06d7881f3fa4a87b5fc2660c90612b1253ea5d56fc31f74f54e700dae8f687c3ea3c6400e72e

        • C:\Users\Admin\AppData\Local\Temp\CabD1DF.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarD1E2.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b