Analysis

  • max time kernel
    126s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 07:04

General

  • Target

    c2813b5910067081ad24f462de6a5205_JaffaCakes118.html

  • Size

    82KB

  • MD5

    c2813b5910067081ad24f462de6a5205

  • SHA1

    c4d3478341c2c9b316c42ed99ec22561dff17392

  • SHA256

    052b3ceb1bf06d55b2f1390492a7c26a67f6b45d902de39f021c00d7aefa5257

  • SHA512

    da85b35129321cdd9ca5042c508e4a5b2a081b6abfcd9b4dbb04c27ff911c3335131f2130364672f4342d60fc4e134bdbe8c01425f8638566005237585799ab2

  • SSDEEP

    1536:dc/xvr31JR/8Q7DIIUi74tI4SMi74n4rtpbZ4n+HVM4c14VDJ1F/BjNq8//CEQmt:I31n/8QfIec14P/C5XgRsxARhvtVT

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c2813b5910067081ad24f462de6a5205_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    11d0005e0b8794ab4aad0542756cbfe7

    SHA1

    7b8418bec44685422de5c662ac7a6d95d3c04a35

    SHA256

    721e5b826a6ca850601660da35945f26f901ac73bd9f707c93faa6b4274f9d08

    SHA512

    be28b411d7bdb72d96309bb44930be33db7898078cbcf10ef6fded144731748b7498b19c91cba5f4ac069fa6de0d250c495f4bceaf4f114f522c3947793ec249

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_147AB4536A182B9FCE88E194D59F3B22

    Filesize

    471B

    MD5

    1c33733bba48dc1da9b3b72aa0d51872

    SHA1

    4cf2d3db81647006bb5f53aa30b9db7bcaf0d655

    SHA256

    88c15dbd932201db0eb1903827bcc264ed9abc80bcf323f4c49080ffcacc58b0

    SHA512

    3336ea7634bf22b2989549b621596496308446595d0e3b291902767883d901106aa5ed405789047b83c5ab97ffa05db2afe0d987593cae37c5a90c9e1b680988

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C02877841121CC45139CB51404116B25_9CE832D646FBAFC5C4ACFC523FDD84AD

    Filesize

    471B

    MD5

    3565d3104fa920a897ae5ae49dfbc5bc

    SHA1

    4704720303efd716199f5a53390a13549fc054f8

    SHA256

    e59be9994e30908914b4579c7625d33ab7473e0625c7f1db2c31782cd65c2e09

    SHA512

    e37a07d3cc4f9f66973f3f0cd9c1e119cd7ca42746045b6a2f0cdde3615a711a47a2423378f1dcfa6d6f620037b86b56a07a73eddf5a6b4d2f064f24efeb52f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    80771eeddab4644ed19ed766f1f47438

    SHA1

    963ca8898efcecd6b4ef4b159014aee1b8310e7e

    SHA256

    595533f94476db42e684517f5eac07389e01e209d30348c43cc6c8e90ccbe2aa

    SHA512

    68e2a0c31543a2b7f9c8251418f98580ea2149fa16d4b0a5d8a73e1577c2b1745f3b7d278b5c25b8058b427de317533975046373af7b994ca4d1ccf86e4c52ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ab92110f17d2292d757e563a7d36551

    SHA1

    4fce7e3cf32a39fe0013d39835f1afa69cd474da

    SHA256

    5db7842445c1f56367c6115d094f6d15e7c3b2b59612a4a483dc790a84eca6fa

    SHA512

    0d140bced4da104dccd50370b28c5ac024e78445f4af399fd32d442e1284d04f9c807544fa2d7e8592fde3d6bbb8ebc9a457e84dbfc321343c3fd78d3525d670

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ab520562a79435b780e00f593ed6f08

    SHA1

    980d5a79a5fcc9b6f4f022dfcbb4a43d06c69ec1

    SHA256

    2db723fef2f9932a2c8414d7e7c7ad8f576ea58990c69ccbc36986c4fb8e9d2a

    SHA512

    7ae48d3d54c58d3fbd38712e36534297a7eff001f8d15e4aea28a58d334d49f12f40d60e19db6e7867ffac7263b6cf35d7cb57495c245053d8aaf4332dca8944

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    533840117f3177f55bf3ed4f1a964003

    SHA1

    27ddff2cf7701c8f598ea246ce113a01326fd1bf

    SHA256

    662c4e0ee7053f93e74d5056de7fcc5ee05d6ce8ab592574c6081c67a3af53e8

    SHA512

    5be081fd016032b75d2ec5c70b092099d63fe6e2af1d798b7f4649ddd63de8126c76f54ba1f163b0ff1d99c2ae6a6097fad560e00e2986920d4326ca95d98283

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    601b78239a17454e81a63c0fd406d780

    SHA1

    bd087c46dc7ba164c4c0091d627ca17f010cf1a6

    SHA256

    1e5e7b7462b499993e7dac218e4ce9026091858ed898c01012bdbca3fd8986f5

    SHA512

    a280aa74c5fe4b2c10eb63a16b2b22ef23c2dcd86477bb436a0f70ee21876e3d740870e1336ba5b46f17a36514b67cfe02b016b3ff27701c8df997879dd82138

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d52f7e4c096d90cf0b238a481ac57c5d

    SHA1

    2e0a3d3f65bea25726e30d738f6eb1f00bf0e161

    SHA256

    8826323d72e7c6662705bd34d46299b75243fb9a26dee6a7eb1dde178baf3da0

    SHA512

    f1292103fb9f6b41a4b9a2bc355142b3a7571d0617ff8dad2b4520778f84b57ffc5e2c241ad5d220fc6b4664f1bdfe95b166eba86467416a17efe8f9fb583568

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    883283c16be691fb4a1521c6e3379b7a

    SHA1

    77dae3498ef43d8129eba0d8e186011099e38185

    SHA256

    37a971bb5294c1fb902d5bc4efd15803ce4868515d6f2059f0f8c7ca99807a57

    SHA512

    e6a70e40a62932262aaaee7dfb69c689fa4d66603df88d0851570c2558404518d4538638d59afd2f4e8ef3de0404dae59b79c79c5bd14de2972802356e5a5142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6af42aef5f3de436ca12790178263f75

    SHA1

    6b88de7c0bfb0fc585b3f30b4551f50cd003faf2

    SHA256

    c3ee3791bbad0f84e19d1e564b8624b5405444676d5821cb09b2de31662a31b3

    SHA512

    229bc079ddd09e6c280dfdc069d6ae449b16e3ab608e7ce62a18ed9ae4345f5e27b4c9811c23c766d557fc9040a81ac72b60027deda8a4c36c7d8efebf77944c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abdc4d4d004cba3b679469eced8bcec0

    SHA1

    0a9d1b127ed1b4be631b49956853571c646411df

    SHA256

    9390d39977f6af67a969893beb74099b211f45579834e22564c3ba806ad39bcd

    SHA512

    5606b09715c55f1e6825bcc3e5640f57546409ae81aabb91476902bf44e13baa07de72ec77833cf06669c74ece8aaa72b9328d9b07922ccc48c000e3e44ce14e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    adc0541a9eb51220aea29e1630556305

    SHA1

    b57ccf5fd3639b60529d27ad02a0a9646bb0069a

    SHA256

    97b410654034cbd4b7a3b52d10ed970f1118bee3d521d4446d8008db9888deaf

    SHA512

    30337ba4760290ac3689285e36feee4f1135ee2917bc8556e3d04c0f12071f0bdf57aea8446b33823dc4364db67b9cca48c73539cda9d0f998e04da1b14cfeac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a2bdc59f404c06a136a701fe9c71370

    SHA1

    ddc1801f85cc055475d659fd771ff53ca85074ac

    SHA256

    3933c3aff37c99e8dda631c69e6cd4a393a01c09194bef0f7a0dc88346345812

    SHA512

    cc658f8c1b9bb17b51079a3d197689e6656aa9c26a5eeba6985cc33c15ec0ed5302cdc8153f7c4719fa8984d1b12348b8839481c06322d0fb421a7ec6ee183d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fa58e8153a86ea9a453d27ca83c4f91

    SHA1

    5e8f98630d407dc0fa5699a7ea35229a5f26cf12

    SHA256

    7b5b985a278686ad98d3785aaecae3733be8cb7d3ca475a8a653e724b7288c23

    SHA512

    82d4c906faa84856646810203adaa8bad1e452c5b584f02fd461d9e06891f68bcfaad4b93668ce6d61b0978e2497a20dadd0228ee5d03acb3ab3ea7b334fe0b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b290f494d439fe1ac1191fb052699e5a

    SHA1

    354740ee90fc5a39eee79edaa04821d9f6d66066

    SHA256

    4926c66e0eb77a8d74687d6e584cb63d0469ca44a652578b9d8676adb5129ddd

    SHA512

    b6b4fcc213062ffd69cb68b75d5ea225989d241df6d05f04be44da54c38aad9bbf4dd0c5dac38d728b948721e8b78140643a06c4d812d935f4a7f0608d92d5de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    294af992773390b1d6145e00727ff46e

    SHA1

    dc8d63c9aab1e9f212af9bb6a9e7f6cf1b5f29ac

    SHA256

    b61c0428e57c21433d481d105a7a04c9caa37d021e7463d79c15a5d1e18d2b45

    SHA512

    421f00a9080cbd26dfab11043a546c87151fcfed603e60d12a4db6fcb25ff982dd09379948e3860ee4e1f30c0543d4576240a6eb7fd327fe190fc2585d8af487

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c7bc95792a0c15c91632a23667855f0

    SHA1

    00729b952eeb75aca3993587d98033bee08f805d

    SHA256

    0fc74dae4945ca34c6ba5f861bd08f8276c623d9b9fb43067b71da59521a23eb

    SHA512

    8406be76a386e3342b6597970975f13fd8bc94159f9f14eff0ff607fb9b6d37136d9865465db782bd55870dcca02c78cce462847dc578dc964381301f09bcbd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d171d1a9eed908c7d547b130905dc2bb

    SHA1

    367318918ed5187c928ae905e1f5f75adf2abb5f

    SHA256

    85fd51d89e64e926b713e7001f4afe948539f3385aa5fc5894339d336b9f2f26

    SHA512

    8048576ddf825c8c7dcd955b77daba46b9b857d680031716222bb22be6d254d41e8d17e69eb90953e8c89058b8caad58df5b66429146572df901201dbdd59e9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d83d5a8569510085f9ca3eee45f9a681

    SHA1

    945f8fd611d23419e0d32b29705762010c69b5e4

    SHA256

    8fd4da799143baded07e2879a036d75b39787acbe3459c890380413851ab4701

    SHA512

    a475f21c2e65194f88579b5aaca5cb72ff2b45793509dd79e16061dd6c8742090e303237998c7460d317b1592eca36fd44373be729085a08fc692fe7448ca73f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58b31c95e9a86c099a483b46d0f52b4e

    SHA1

    45598bdad3ec8cccfa2ae3c684cd056db5389e02

    SHA256

    996f903acc23f3746f6c0bba660cbb43e1f4bc71124e3f0250a72173e3d2082d

    SHA512

    721da89c17f2ecf4862708ff7f849727963e68ccec90fc6c61fccd378dfcf3a333a137a73fe3435aeb665cb813d812d7d0022a919063a6c77fe6ac5cae11cc3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    934dfba1a48d189eeb6fc54f46a793fa

    SHA1

    45aec3b79c54f6a0512d7ea321e29880821636e8

    SHA256

    5c88a2a1c6a2782f057a522e905e9d4bb5e24b03dbbdac717570e9b6b8651833

    SHA512

    30802324dcb3c03e1557b1869468e36e1903d9c7a4ceded9f0336bc13b9bddd29f1bfd0f3f0e20578ab9390ef627469b0334e681e8f9c5c101488a19a7cbff3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0011092a8f557a6e6ae5e693443c1c13

    SHA1

    aa00d3d0933ef5e4fa587a11940ddc966b53ee86

    SHA256

    4060b40ec9760d06bc06e2bb69cad543bf29769541316ea3bc92eec5ef17e541

    SHA512

    fc1920e635f64f38eee89ea96968def6e2c40d8c4c50ab9ce77311a42555bccef018ac71f6f2083afe2d1c87a7e6bc4c26b37060fefd62f276ba406d27633a85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    159804c9a5931c164578d89bf28306f5

    SHA1

    c08fa631d8fe81e06f79e3e80fab46844fe00828

    SHA256

    fb953b579274e94c60bd561f02960a39ca2cb7eff587a4da9fb7fd82dfb2544b

    SHA512

    233d1ae23693ba9a7c1c9125c517f28bace9c01df7bc19d1712e3bb45232413c4eb7e58a21805fcd45c5fe491398fe19678d4f9d68facd67537d8913e8180841

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C02877841121CC45139CB51404116B25_9CE832D646FBAFC5C4ACFC523FDD84AD

    Filesize

    402B

    MD5

    d2da453c8cf76c7047a51e02fd0ded9f

    SHA1

    d69dea5481071103c40873f7ab9ddeb8f28fb967

    SHA256

    17ad4971c89444656304f157350f03bd080cc93f83bc8748af6df419fef3e36f

    SHA512

    63ce95bbfe48c27b1796692207d7924c18c74f09791a3c3217f021c6dc65a4c4b43dce8cdaf542093853c3cc1526d11296d6270aea4e4bdefe636e5a177c755f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

    Filesize

    396B

    MD5

    4bfa285563e1d4c255232956ddb367f1

    SHA1

    98b1f8d6c4b8fb8ab5b313e67e16faf5b2abe1b0

    SHA256

    e00580c6dbebdb3d35073127239a0b4cc39d9d42f85a402bc18cfd1cad6428c4

    SHA512

    2baae2b791e688f9e76b3c6c2eb6df07cf2e377144492dec559ff78590616e5c08d4505b39a56ca6d0045aad8fd57d5e41d977d028c46dffc939579445667419

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\cb=gapi[1].js

    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    45a63d2d3cfdd75f83979bb6a46a0194

    SHA1

    d8e35a59be139958da4c891b1ef53c2316462583

    SHA256

    f7067f1d01d9c60618becbe4df3d61778244108459226e2e8a818cfbc2c18ae6

    SHA512

    cea9c9eb8ff0c43048ff371f135148438fc1a2614bf8bbc3518cf430c37778edba3452ce92b4236679cd1a4123af0ca320f530b1c20cedd0883b545209c048cc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\1380534674-postmessagerelay[1].js

    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

  • C:\Users\Admin\AppData\Local\Temp\CabA97B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA98D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b