Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 09:51

General

  • Target

    c07a81ea9e518127b23ab44d3837bcc3_JaffaCakes118.html

  • Size

    36KB

  • MD5

    c07a81ea9e518127b23ab44d3837bcc3

  • SHA1

    e107f85ac46d54bc08c86aaad4ff90ba1d4ddf9c

  • SHA256

    54170c2a8fbe5a1c5afe214324c0214a9f64da1cfdbe42c21a6602e341308380

  • SHA512

    a0535cdb1761278f18c0d38bc17ec095469abb372589dbe3ea3f6aac197c99c182da139ebba30a17883cdd6577c166426f1387552751e67ac0dc75cc4bf80e8f

  • SSDEEP

    768:zwx/MDTHFN88hARAZPXbE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6T9ZOA6DJtxo6lL5:Q/7bJxNVpuCS+/48yK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c07a81ea9e518127b23ab44d3837bcc3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    c72b014dd2f87a3718c6f99b6bb3217b

    SHA1

    1497c80effaadf614b83990f36eeb04e3c1fa256

    SHA256

    5c4c156167c0dc1c6ef15474ad3992580367eec4fd5b94778d8a51b4c0ea54fa

    SHA512

    adfcca8c520815bbd673b151689746ef2cb247235c98eda3ea9fe1167b148ad3f2515249c93a9d52102b34936faa146f056ab8e0a78e31de8bbd6ee914fa5860

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a104a10c123aca0f429aca9dba703c5

    SHA1

    c70ba3dc1887d3c2272f0536ea5e0c9c3234e803

    SHA256

    bb83caf9fedcb3eee765a0c2b09467fa7af5a4fc1f540be1ee4d7ff2a5ec3e66

    SHA512

    3425395e8dc0acca7808ef248ca9f71d80f5905496e5fb1a45dd11c5290aecd860e9f6c7e3bd6de191707da872964f84660fc611fe88857b731935d7c9784f45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3a6409b79b83c1b6f4239079b5e6043

    SHA1

    382ee0629feaf4c7ac559a9470dcd4e844843bd1

    SHA256

    c8482ce3068d804653544bd0f09038c0b98c89b606a3770367389a91cd628b9e

    SHA512

    9e64a0617a3a93b4a49964c097551ff8db595955bd58ee31cf47af0040ed0dd33ddc152343fbe5a2e7ea9f1ca83778c2acddabba7ecfff4dfcf61c694572397c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04d7f19607a29116351b4618f2a1565f

    SHA1

    d79e63fd71aa3a8c9c9fa6492a75334573eeaff9

    SHA256

    f63d3bfb8ac3765b7196370a9487034e31944ade7d71eea7b3c5f5aa82ea593d

    SHA512

    77d6ceab7373a638e47351ea486b563021a6a9bc074cd765c0a43daad7ac126d72d82d1bba232d71c31c5f41c9aa8be8d87f9a95219ffbded0c88d157e59bb24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    162bb3b6596265f24060cb2b6ac658af

    SHA1

    17c798a37e534c3c210e20b92c5165a29c175ee3

    SHA256

    6a54f3d29964043876b8c2b295f9d9d3d6349735671288f3e6245ec8b9d6245a

    SHA512

    4096df657fecd0fe350dc59817d98c4ab7a2420db4ecd6b02ed97d4eff7773272e469944a4a311b81eea951d23d40a1dc652ddf4bd49a8897fa8cc24046749c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d6919aef1357f0236d4cfc21f2d1481

    SHA1

    1062bf229fc472382801dd261aa5aa1683e6388e

    SHA256

    aa5bc6c14df94789d2f4fce3a5822d3a1ac230f6a6eafa5ed22f299b9de83035

    SHA512

    47743b769a229bdaa7b4732ac302ed0cf3dc4ded91c5733a3e9ff801d91450bbbf9557b717d58ede33e1fc213a7360e7d93bbab3b11f3c302132c5af3e2f0b19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2af5ff91b03c91b56c0e0647f3d9e846

    SHA1

    d879b4058f88560abc6fb049569deb7ceb97de3b

    SHA256

    04001910b2bf0c4a36e7c9199e6b6e0b2d3354c98bbafb1ae9b15c7f3386463d

    SHA512

    8804e54597dc6ffdc7cdf73adc85f7f824c35b23d6f202b19563aab1f67e44f750caa0f991510b86ad568232e998e5169857fedd5259fd9795b0a5d4ac9824f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cb3d9ead43b64ee8f7b80fd7bd5034a

    SHA1

    e7774611e07468cd90a221dff8b2d814bfc1e783

    SHA256

    71012e7bd51908bda7802db1b9af3652e869bba61a4d2b044a92c23dc2fd62da

    SHA512

    f4b06c2b049f054efd5406eb391f3fc9ca3e1ebff63ee511b9f5a3a92018dae07fab5199993cbb2af963fe91f2dea3cd7579c88bd1572db8411073baa49a4228

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0dec7b862420b4767e35c10fcc52895

    SHA1

    39b5f8886085c3db496bcb240a13a18db623c4ce

    SHA256

    a7e1e4ef147da860de1fd80578853b71ddff0b2b4d759643c1e5af9a9354f68d

    SHA512

    3e3f2c0b003447605b2b900439ad32ec2382e2cd42c9096ce3f6c58ee70935fba221a8a208c0a3886fcb54cba89d4b256574dc47d645e4a5285517be5a197593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1292fd1f3f399a543351a605900cfe6

    SHA1

    23b3319d791209cf085ee87a681cbc8f7ead4158

    SHA256

    a75cc4d88f74bae2eac1b7d6b7b3971324598ec267899fb0e56c8dc63ab75821

    SHA512

    c01757fe1b8c95593a390c0f7983f2ddca84093b886d8c622929972c63b905bf5ece47d4024274b7fc81b7b5e5ffbb788d3397905ecd0cf059d07f2f23eb93f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3ae75d1083d7575b77c1543e4e653f5

    SHA1

    81ba9fafd91515881f6897c80c8017d595a3b526

    SHA256

    6713490a185cc42fd41b157554f03ed055e30b2432e7872edb20d9381180db54

    SHA512

    975f60d83ed6b21111c84ffb03c733d8f5ef55f4d07ff308a1dd95bc697509e45a2a930c1bf96a3c9619f7e843549eaa6c55824c8cc2235d07822826023d316f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94c4c173098dd888dba42c6fba8e801b

    SHA1

    9369bd2d162a22e922cb0bed1e62c27d868d7fc2

    SHA256

    b9935f9edbb29bbe8aecc68a2ebaa2a719eacd9676056a8d4363a285f6866815

    SHA512

    8af776d58efc7d873fbabee0c40d6046e5d11e574a401390bda81dd226b900ed81bd82b0dfca9440bae36d81f80d7995e6230db85d4df34064c2b6d83cdd8d86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3aa8d2ab805ac8923c9030afd027bf53

    SHA1

    dad1e2185a08697fb7c9fae24353dabc9d481ca9

    SHA256

    c1c1c0cf884e06d8df820f90278552d09c64a7f7bc98f9596a27a7379e5e94fa

    SHA512

    51f353a90f77bd4b79d3706e51684d9b7acdf7247cad383767a5e3f22427fd07aaf7831c085ead91a17a6fcb27272d4d2562680312bb853084c808cc964fd087

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7ce3a0c5d201bb6252b45fe1909b3ea

    SHA1

    b7001ee19d5488e8c018a5b0b2608f089c8808ca

    SHA256

    e466bea52faa5bd907181c05d667bc741a6dcd5aae87453529c6674a60e22604

    SHA512

    ec501ecea091579458fbb5e79ddf6baee7da727bb67842a5aabef52d4a86cd6db52db8c2530c0cabc71c2f832de3db60cbee9888ff497a364c4c9c2fde73c2ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92a0542ab7067df3b562a0c08cae1488

    SHA1

    45e6366bb2ce0b2c7935a2de31b512a14b8f8921

    SHA256

    6e6b9c9e368ca5e69e698e1221015d458d3fe21adc8a1e9908b8b8301b36c058

    SHA512

    05768c00c9452ad87bd2e411d5045ebceb19a49fd7cf027d81beaa1237929b7cb9699a21d77e167d84bdc3c364fcb8a26d6ceed6134fb0269a80d8872e3b86ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a093c56e76f0e9733e0e7f88725b23d

    SHA1

    032318c6d1adb8e1fd707262da92793a5455058c

    SHA256

    b400ca78601086de6db05bc6b625d774a71a7d8c99d9b5bcbec1fdf46393deca

    SHA512

    35e20bbd613c379ea15db8da0c2eaaa453f046671257d1abf58641061bf24c5fb0844c272d120eccb3e77a7d45f856156aebffbd7598b2b8821ea444d5077a07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4cda2d0de4448e358713916db445130

    SHA1

    113530b24ba76a871a073b77540844519aea57ef

    SHA256

    0b884e35fca153064bac604e1f41b284300c1220d8dfeb95430b6613092a180f

    SHA512

    0d40f8750f523108e827404cf53ee945d5a1336807caa2fe91aaab2c015e256752fdaadf1d79873f0b0f223110e88596465ba8772e06c94f80c6b011018e65f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    224a71c6294fd714baae4dade1e4707b

    SHA1

    e213dbfa7804f4f921fbe16b239804941565e9e9

    SHA256

    242dd0d51b4ee588a7e83fc34472b6bb94c9b618dc3f8e8eb6a3e10d244e0e6a

    SHA512

    5bab88e031e1c7527ebb4a6e91374ef3f47f29c952e15c4432f20b31e1f19456324a14fd2cc773621ac20c3e631d0f12eb3d1bbde3adff25d966cc6256d5a5c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e6d9718eb341dd991d48c08f8f801bb

    SHA1

    2f2ced84c39c3d8d717700782d37505c964b9c91

    SHA256

    f4fa0ea96ff9d85d863d6da5b3e27868f80f9d44351dd02231e391c0475fe7eb

    SHA512

    28c80ed967dfcfc885436a6ce2c809d7719049b338f5b353968d3299dd58e006abed53ae2ae29760af57de76492f680b9c99eec93b41c33835acd3a760a8eac5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfa4dafcf5984a002896d90666809f8e

    SHA1

    39a62891bcd1e128cf4f0ac429aa5f5736ee1049

    SHA256

    cbdfcc5ff03501ba75904966bff514fa6af5da37391d95637b4bc08fbc9bf28b

    SHA512

    4720677a2d67f626a778c2b78b22748a8e85778b276fb11f58488da8b97129faad35e2bd5b8e1a09f6c07ea6f8304ff5d82989e2a7dcb4cdbb7f9bd30502d4af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    91726311a75cdbf84503aaef931a3372

    SHA1

    2e264f0804819e355e3f2e0dfb681b9a098f6bad

    SHA256

    e6ea1b22560110e51f86a7f40e9550fd977c4bdc2b2ab9eeb0bdf60ea7a39527

    SHA512

    235abd9351343a279642268d2be6c48dbcd7a4b248402c3724d9b996f7e9c852aeed4bebca46625775c8b308e6221d32f2cae5b2372f0586d5d7c571bd528aca

  • C:\Users\Admin\AppData\Local\Temp\CabBD0C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBD0E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b