Analysis

  • max time kernel
    137s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:35

General

  • Target

    c07381251edf094dfb92d3059c0c44da_JaffaCakes118.html

  • Size

    139KB

  • MD5

    c07381251edf094dfb92d3059c0c44da

  • SHA1

    ded6cb309404613428de16353a9149be27794e26

  • SHA256

    156225d7eacbc543f105c1aa350e43eb1773ce4764b1e74a256a6be919b1b85e

  • SHA512

    e705dd3048f19775ff09683c6785383385346383c3a39efb5c5444057c9a62138309800c01003b1d42e628cd3914223223d5eda05d084234c5b0ed039cab6ca6

  • SSDEEP

    3072:SWxt7zTw+yfkMY+BES09JXAnyrZalI+YQ:SWxIsMYod+X3oI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07381251edf094dfb92d3059c0c44da_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9be8beb723a629d85ed79084e67ea06d

    SHA1

    21ebf652edc9f354eda625a1f30651c0687a8b1d

    SHA256

    a1bc9dc8ae484d8d1a1c06b3f4af9bc61a84a554093052c2ae4525fbdbc79caa

    SHA512

    06a33d6873f70fbc6ba718ebcec7c459f8e0e2eafe6545a03dd0f3945696e9938473b15e42a8912d477cab2fa8a2bf36ec7073671a960fcee2cf0d3728919197

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fb5fc680a88322511ad146658d6316f

    SHA1

    977b92b94f31d4886deb45c47e3cd9ec0e310d5c

    SHA256

    411eec7c91d9a4e26ac75e0b275385021e15680861f7f5559d0993bcef1197df

    SHA512

    075a69dbc4196766e32577430298bf33892d0674f9108d84c171f329f2c72baf71a57a2bf9e23ea96208afc12469aaa125611b052512d6d7f59781621acd4222

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    178bdcc191bf923575aab2830a5becca

    SHA1

    ac72cfab5331ca9fc77de08b36dbe3bb869ce3d7

    SHA256

    5c04a8fa7690b98db521b50b8d2cd60047460e43bcbd4ff7953a80d2e5fe947a

    SHA512

    cd2ad81f3997c7f2004dc2fb7be77303bf09b5a4b257dec9b725e547453bf58c8e304058f1c2ea3bbda2d3af2a60f67be4bb8f03b7600cf323cd37df01c7b859

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d9b97dbdded79b91bb06d7e605e0647

    SHA1

    48a7c3d37360ce8d844d7979cc8024968abc4e53

    SHA256

    c523b04c97e5ad8d1fcb2530f2d436d55a5fb4cac29f7f24cd1f7bc11adc906a

    SHA512

    1314553f5ad2d08be13747ad8a6987b5a3bd78a1870a67e9ce107d156ba65e636f6e0ce9384aa2e0ed8005e7f844fb396791a4c00b28fb8aa695a0fb649aec9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b516bb837a0325383603040b2812f1e7

    SHA1

    cceac140a927350ce426e9a21fcc3f5e44a041e8

    SHA256

    67d92e42466b8678541707550ab0b93d48901e5b2d1ea230c36fca6a4a831e2e

    SHA512

    f77ff834113e2185d26ae41564fc54192648db4752b77f9766313d1ba4380877914b098a601f41d7139c842c93ac3172c8216f5aa27ee63ffdce6cf29509d04e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f76ebba6747736028aa90b98e86a799

    SHA1

    1a4c5119346757d2e0e788b8eb2badd1382f2a6f

    SHA256

    17a42a6387ff9b7b53e7244b592616670acd9190c09c842a3227e0d49160555e

    SHA512

    02be346b3e357458485bbe4bf6fa58b24ce9aea9f3513edfbc609b88523a1daf94b7ed3c62aef72fb21e5ced5843adb1214c1174093837514de729587bda88e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8b39cd3c0349d01ea3fface18bd5b9d

    SHA1

    51b9f84bc3054cc02be9254e9befddcbe13c80cd

    SHA256

    3224aa0bf0d986f5d3b165441d18b4500cf497002e1771c2ab4a0e8e75c370ca

    SHA512

    468ce31cfcdad8b8fb44a818b9a0ffbd0abf4d5e4b7435cb84d52fb460f821debda1b31774fed2492697453613c0f249e0d4d7c8bf4eaef8ef3b82bc29fa1a52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b57ee74b7a98970a510ef72786a9a06

    SHA1

    ae39509ee2e861158e713bc66ff8eeb50f5b054c

    SHA256

    2f954a6295cbaa22b85072dda1bf4aa9fdf2fed48b6748459656531c2fa483b8

    SHA512

    27df5322703fc5be70c835a6d4b4ae0d26ea7271a04209d42202eee63da630a44fb40744658c40b2ced7d3322e36c20ba6b0e1e9f3fe4a450cdea72ab34301de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ca0aa19719cde08f3a9b418ed491b80

    SHA1

    3511f7ffc3473f72c486f8a0b7d1acfd7c65493d

    SHA256

    129c7535c0ce66a4be7d047f9b98d887f2ace044a4720f3dc919021c37433cc0

    SHA512

    2976684d95beb851fd3ae996acf979cce423fbfe73851e5ac71aedfd3ef9f3701a406f7248ee4de36bfc7650308035e7120e7595a8f9fead21395e1bb1d556e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebee973f298e2029845fdc8a6490724a

    SHA1

    7eedb8837be67e4909fa94f7021f98af609e6b90

    SHA256

    a755d5c5620adb2340fe219df750b41edc9db455978b65f2594b958b27818f18

    SHA512

    b35149546b75aeefd1bcb1b03bc97ab919c58bdf0ab8629f92ede8e297a67e39baef567235481703aa593576bd8e2197d65ae51cf6dea9e683572b3c2c1f9c3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c36935794f87c9ee5d5499df13d3779e

    SHA1

    fbfb6b298aeca9582b1cc325244ccec37804ec41

    SHA256

    7068719b47822cca777eb6df9162408006534ab5653da7250ab23799c6677a3f

    SHA512

    fc8e4a3a98d6a12a7721a0dba5f2be96b9e87492a88c2b38c6de9ac0adc106b06dec5c9198d5ad68542692fd44c4a5364995ff08eaba7f3e05bde2cbd7edae53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b26f168c5a1afcb15979651bb2d1781b

    SHA1

    91a95d0366fe9ff0756dd6f980e8b3d8672d4455

    SHA256

    859c15a0d18f941975d5e0e39c513003ba6e6502acfcbfcd3ba9c5455c37ad85

    SHA512

    743dc1618e751607cc7280af3f56c68a6270cf912fcdc6cf78616ee2ff20533dfded1cc9f1d2b481955608764803a158aab30e840544786654c916aed65e5d75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19ed205337733c76e958d2dc74512fb5

    SHA1

    663bea1cfb38bf7c4d87641ab60bd98b639ada52

    SHA256

    0d6c28654c25c6eda5426d38a1fc7536e8ed5f150ca8f54193620f6ca62f475b

    SHA512

    0a6981bc9d0d2c255dee7e854128ede4ede0ef0c144d4540a64c546dc948307df69c59a81d5eb3c75dffaa77452bc2fa1fcf4c7ef4ce831f719cec446dac3f66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f5f049f768fd764947ca712dcc6f9c9

    SHA1

    28d4b6d00f55e4c92e394ea9f70afc6b766217a4

    SHA256

    f48e4a287656c1190b77311c68daa543beb2bd3ab5c946040d695140879fd0ff

    SHA512

    64bb9ba0868890777c46fcd1d5f735204919a6c54bd2a447e0d5511eb54d1e265b754af494cd3b11cfb1a4c07a6c8dc7f48c221d776b89cca34ee4f8d31c2a17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    419235ff40373b4c2a4c45974141fa3e

    SHA1

    0d3eb72c19327d079c49699d41876869956d25a5

    SHA256

    fde0fe581644c3f36892ec4727e20078c79726e42e86013f42b623293fb8fb85

    SHA512

    8b32480f242faf184531c6abae99a1609a858567b805970f7669ed55108a6d84e52bc982232d4d79317ff4476f87c77b89a821e2e2077294195b323d20d55346

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c1da5635a7061e7b39bfb4a83476f4c

    SHA1

    f57655cfdfca02b06fa4b5635124f2aafa28b6ce

    SHA256

    e50e8062c56ad2b177f7cf7338fdd26e6a3eb39e273d2296973247fd27f1041b

    SHA512

    046006041a14ad77c6ac0e83ee8709ffad99c252aa9a96d6a2b751375acb6e18ddd74ae9f975ea623a87e26470c47805261c41dd0f2beeb65fff62142e399c6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1577bafa05bf71ed20818cd121118c5

    SHA1

    08ab7b229edcb8d4abe31ae0a1a6de45927ce46e

    SHA256

    f19bfd3ce5a2276d5942de90ad8628b7fbd215783a90dfefc48208d06a7922b8

    SHA512

    b607d22c556d07014c904a0fc7fadd2ca10da978b5c3abf7f02808e3a40ebe1cf588fa0feddee464eb62e835f4ac3b9f9d0d04db626af9c32745eb669b0d3a7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    429c3376a1bed47308f5d271c2c17f63

    SHA1

    c247b5defb9cec61a3a6b9b0f8bf4c06675cdcc1

    SHA256

    da166003110fb371d6b10dacd696f071f0e9ff6a042f7b7a8376df0ac0f6a995

    SHA512

    55e18774784b9fb1e605e7ea65893b22a5f9c601e0a4b060addabd225b0fa4ae9bfe7684864c53f8929b239bb2689913cd643df5bcd2e5a323731ae556bb7578

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8423bc17a5b317ea28d147031fcadc6

    SHA1

    317432b2cd4e095aa0690b1f3fae512730377e00

    SHA256

    efe68ee17e4f6be658d01927d098fcaee994604b6233179208e45c5bf4eeea5d

    SHA512

    6996e248e704ced674c061391895163e12985edb73294bc66e762d8100faa0f6f9c1d23d4aabf3f7901f01d3e9c76a0a16982ac18850bd34a1aea10cc3bd7e0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abcfdd4635cb781886c9090c128f35de

    SHA1

    4956b2e369d74ba4721dbbdc72f55eb56b30035f

    SHA256

    54c366d48956c8e4818a79ff8bae86d2bbdcba20d4e6ee3a70812e5438c4bbaa

    SHA512

    837f05b6f93e1125cdb6deb8a200d4d90af37745256fd2ba061d9b5470b3e763d07334a96d61c248e5a1784719a4e787bee37711f4c5e63644db3ec12cfe6ccf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ace54c3bb24628fb41defeda665b2808

    SHA1

    469015235987a0df495696126906ba8d8c69b96c

    SHA256

    3ef5477e0b0f5c4dd0db05640b26f3f155f93284c3a8921a3a5a90497ce388aa

    SHA512

    9d7e98562315dcb6d116cd75f96ad9b0da47665585dc57f8e3747212e4c5418bce6fba1a72b6564551ca46fec2c5af09cfc8e79892006e3fb2d3a362e719fd01

  • C:\Users\Admin\AppData\Local\Temp\Cab4222.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4292.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b