Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 10:09

General

  • Target

    c081d576353323191fc91d7044314ad9_JaffaCakes118.html

  • Size

    249KB

  • MD5

    c081d576353323191fc91d7044314ad9

  • SHA1

    97558d3a01951cb1ace81d95b6a562e360a56ec9

  • SHA256

    b5d0701ebffe13ff5ccd1b524d8b70a78b1d2f95909462f3d6c7cc0de0bff598

  • SHA512

    7221d3ceeacaa1d96724ea04d02c5aaf3352d349d6e06062f1ccc0fd7f6cadfe12491435ffd00a999d266ea954843556c7793b774ca9142d11437e12001252ca

  • SSDEEP

    3072:SVyfkMY+BES09JXAnyrZalI+YhyfkMY+BES09JXAnyrZalI+Yw2C:SAsMYod+X3oI+YksMYod+X3oI+Yw2C

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c081d576353323191fc91d7044314ad9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2784
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3217AAECE20956500C22BDB70A7D005F

          Filesize

          5B

          MD5

          5bfa51f3a417b98e7443eca90fc94703

          SHA1

          8c015d80b8a23f780bdd215dc842b0f5551f63bd

          SHA256

          bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

          SHA512

          4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

          Filesize

          471B

          MD5

          4963c6f1c7fe6503ab93adaf5ce9e7b4

          SHA1

          9ee2a0e74206a4fa044aa840501c9230a40d7925

          SHA256

          45701c422d2dd7811e2c88b59d3b96b2b9394765cb918327eedb4e03e1b6bc68

          SHA512

          08bbb06d5782a6935c80248dad64d80ab1a51da33e5e8a3e865f4af938b0ab0b2a78c3a5f26842ad5892a5a82e45435774042935f63e53712b969a82330d2394

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

          Filesize

          400B

          MD5

          fcc10c21604501e2040eddc736ea359a

          SHA1

          1518854e068303c1499a1757dd36b9e4816ee7d9

          SHA256

          df8ba163ed4d794ed35d64e0095584ad73cb4744d1b1ed4905bc4b16abbc7cf8

          SHA512

          79a2a0e37c0c1dfffdcef5051875ef41fa3cc491d418a715fa099d054438d6fc585ef307b2249917d0892881a4934e8a3252369a0bb373781515f907580a073b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

          Filesize

          400B

          MD5

          22a870ef97a97cc4f8fab00ae2bd59a3

          SHA1

          081bd6efef2236dfa42750c97f89ba233f8755c6

          SHA256

          c3f0f1cfc0a7d0d467ef97218eb078390f5dbe5ae4a8559f0a3989b6579cc44a

          SHA512

          6b021cd7f4b39674d79b9096f2a14bbb1a85975eb5b045926b3ab2fbed0491b9beee3876ce55964cf2b97740ef950202170a40c2ca50ba99e34d167557a449a0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

          Filesize

          400B

          MD5

          ff9388ac0885bfc7f22a310e58638cf0

          SHA1

          27595b0da26bdf14acf5acfa55b82e61bf98bea8

          SHA256

          aabc15a9d439703eac98d933b7102022050aecdb480e3e59a6fc4a2a3e1902a4

          SHA512

          29efeb6d9fc7b172962b969dceb049df1c45005b62ea187ed9b5e97a0f74e3ddd3d8672ff7d05980e4e822cceaeeb823fd047af668732be0d45f73c25aaf556b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

          Filesize

          400B

          MD5

          74af6869c5d1beb6d4378091e7d72b91

          SHA1

          f92822f6971ed90c19b6c91debabd8d3b5b8e1e1

          SHA256

          01d6b6cd329499deada20c476a13cc0f063a08108de6a003729de4600001715d

          SHA512

          a6a98ae2d0d39ea98c8499859545d338ad0aa7bb2f2750de67bf3ca25f5c3878ff45bc5431a72b4f52d3a9224e32c7662794101b910e0062d97e0ebd17e9fb06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          fde643f2e770c7fdb509930cddda1565

          SHA1

          e82275351a599c659b7853290edb8e6adb1b085f

          SHA256

          fe0dc14eb1868de7fac4dfdc5e7025d1a6567960741abcac06d6ac7298e24d8d

          SHA512

          7b9ca2c506752e21f600d08704a7d81cb25bb0c9f00b23286c35a9cb451ca28ea451b09a34ffe1189d12542edbcb63172feaadacceda1e0f80d33503e8050bad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          51af7088e2e7c176c40184099219f449

          SHA1

          bb278544a22aa795bbc546a85aae8ccf98a1b1f0

          SHA256

          12c4de4afa65a6ff3fa912c20a55620e5a130903e0244d33305fadb11de73bc7

          SHA512

          37af39dd65464c998ea944f13794a57de771b705bce663b87100ed22f1af487b93937a0bc11260d9f5bc075431d1136b19760d4b61119fe4452baff199814646

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f41dd7a68e28d4816ad5f20cd2e4dccd

          SHA1

          780e2482d22691575eba278892431899bf7ff5fe

          SHA256

          db236e2ef25a01f89de05844b00cf8ed0de8660d4159047112561ad1a55a23bd

          SHA512

          76d97e783f7284a25b430aabfe4d70acb343c50cc6b4f99afb8455618fd3b78739d04d1356e7cc4bb7c8ec584049c6424b9e650c82df63cbd25b88dfa3cc4958

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          91b44f6f39094e0fbbc7a9db64f677d1

          SHA1

          47934ba9167768a6ec8c570ee3cc36c3aca4d7ed

          SHA256

          a2a82587475660ef0801b28bb35870094f96e013de41465ee51f427b246efbb6

          SHA512

          ef4c39c9def30833902fbcf42fe83e83eb9b09c958fdbd93cfc80af7cf9e359dbacb8bdd1f4e3d788e5c9fba8f4f9107efe5b6f21dabd590231b21f3b8f05fdd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          538bec5fa7c05689e48820ac33e8a43a

          SHA1

          519ab0692d90fa6e1fb0275ac0f6daeba91e15a4

          SHA256

          b32f85250f79d7d27d3b5e937513d4d0eba255bb161e05e1df92fa26c665ef35

          SHA512

          db009bf55de1dfdbe5b115a1782e5b6fd5a9d46c7457a2bd4a36ee0ea15acb2253600bfec204462e7500fef261b838d2c3d735f2d981fb367e1e5a4b2239571d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8cbc9cc70c28eba2a9588ddce24b6a3b

          SHA1

          7c9f8f77a82513c1ffe2a9ec110fc3aa704e9254

          SHA256

          6965254070ecf9254eb4251ca4ae7034c330b7143043ba1f1ef912fedf1e0b5f

          SHA512

          63fc9908ac713f3f9f945870ea25a3ce2d7a54b55a1d816c9ba24bfff43442fbddffb9a7d25ec98caff23c606190f6dc524d7e81350cf6b068213b424bb3c14a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          777a9d7bb27ceb6009d1d3fe29297bb4

          SHA1

          ff42f896d9d917aeb5ce0e7b4f76bcdaa14ef875

          SHA256

          cecf10eda6a13735636357978bd4d82983e6d5288dba609a8411244c0afa8bf3

          SHA512

          8b516c13d1bcaefc64810d58f030d943b82766bf091a527b0d66c84fc2d0df07de55e78ee932df273be4a1e70b47ddc2dcce9e451228ddf6b47ab9b0de9a11cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b3d6fb0436ed0ab45c01e551289b890e

          SHA1

          690955946bae99369547f396688a4e0458192020

          SHA256

          d1d5330355bf1b3bcf649d81971f3330f7806c2eb863121ccc53847f1a56cd1a

          SHA512

          2645704b366346dd07a33b82f1d343f4a1a3c78c592d4da9dc202c388a7b47bba1c52a1d3960737e8918466fa2e5c9ad268412562a3fb50e6f56e1a286ff951a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4001102571f6eb43f3ad85d77a9a8d5d

          SHA1

          2718f565aae537142cb54697aaa4a96640bc31c6

          SHA256

          dbc99f57c5b20904ed1be7bab79a42a8dc8f004e1c7a0649f1b208eb34c390b6

          SHA512

          8072c7d469f8e773fe53bdbfd4c7552dc35891f084079514d9e983f1ee4234c88e53d3c5653cc6958ecbba2d65c923c25ea2a7990cd05c88670f5b5e1b7ba24e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8a6d750b1cd64e60ed92ebcefe95c018

          SHA1

          f0a8dfc20ff67acac70ba32cd080d141e59e42ae

          SHA256

          c351b57796e699c43759cfca5cb4521b50d1fd4b9d4f370708a6766b5d070b56

          SHA512

          22def2fd98c72d0ecbb114e3fc6eb78f6bba55fa6a0de2d516f3ea8b65606c31c0f74bb2748a9f79036632bc7ad7356e7ec95606a8791938df328c552ddf18c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          528824be88172db21ae0aa66d002e275

          SHA1

          d80131e27851846bef2a2c5d3df35778ddb5e757

          SHA256

          912c383fc691e42ffb1c73cebcd12c346d63d23c9739292a1d94caede5eb776c

          SHA512

          7bd5878fb342ae8269b8172f4e9e0e986a34934e8a9f1e2b780c04c528de0b5a27cd32a2f0353a3130eac88d92bc88f47a990fdd15bbb670a5cd12b541676883

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d960b6304cf5352682ad80074c8446bb

          SHA1

          1fa3b9fe63036363e969db1f4a5bc793fa7f9558

          SHA256

          9081ec8e8c9d99a5de192678b3e92bc596f130f7e3d2062f08064c11580def79

          SHA512

          763b3cdf667a7e6b68727c7178676f7631a72dbe9784b67b0e22c17863e17bfeed297159213b346ee590994c392e2f20cb5473eb56bd80297030930c8494ea02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd9dd944cc317b8fd94c98d83c8f0467

          SHA1

          9689415cf34cbfab3b2025596a88172fc63b5b25

          SHA256

          5ebbbd6eb86fec59c5fde7d509783ff189b1f47f0af8fcca1196f85dca9e7fc7

          SHA512

          bacfea62b9032fc65d05621108de9a7a24e2e2b09f9ac435cf3f8f15ab186c74a5ba24a341736e9fd590c130d1f76fd687050b55b9aa9410888c19408409cf16

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

          Filesize

          404B

          MD5

          323143e8117dc9c24af6dcfa02030a1a

          SHA1

          da4dd692dc885940c78e38a11382851d65501862

          SHA256

          676a6be55719480422ed0e9a52e9aa88b6379d3733f9b506db9e394fc04c08ff

          SHA512

          512c92051df14e1e10c4c7e05e34d2189d02cebb85c78cdd8abe04ebb676ed1ab10a6c09ab5df1281d6c8f309cee61b6a6c395ebdddbb670f296b5c4f60a44c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          5095d2f27d5ac84f145d48b0706a3783

          SHA1

          523f5f309ba0745fce4e648404b21c4d0029bacc

          SHA256

          2eca5f589f037a69868d313619bc3a450d018011ac1a7073fc3c0f4d79d74c22

          SHA512

          1e64d650c19bbefb733ca4f77668f3d3c287065bfd35607efeeb51c13542b67d718a27f491cc23199d7b775c8e5dbaf19adec4dce0a7c4308780e6bbfd903b92

        • C:\Users\Admin\AppData\Local\Temp\Cab5EB4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar5EC7.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b