Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    28-08-2024 21:47

General

  • Target

    c7b3f72dd22fa7c36f8ad18794ed3946_JaffaCakes118.html

  • Size

    26KB

  • MD5

    c7b3f72dd22fa7c36f8ad18794ed3946

  • SHA1

    61820a735485d4d9924a9ecee4e8b013d1787eb5

  • SHA256

    e2ed49aefa3b165cd69aff66d7b3f4531d3c5ab8bc4427bf27048412c1e283b4

  • SHA512

    f2f01c2ffe2e101af9e46ab64f48513a4c000e6e0124de579bf50bbae6c74e29585310d24d38d722843ccb7fba68818d52b0d30268fa1391219d8a05a3248fcb

  • SSDEEP

    384:Zd1h9TeZoAgHNY23YVwMhEpspk340t6tOXMXn1x2hKqwtO6oSOqwv9EHE08caK27:Zd1h9CX/440tB9EHg1XmABNRp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c7b3f72dd22fa7c36f8ad18794ed3946_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1240 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    93764bcd805399b6a688000bdfe14bec

    SHA1

    a19a2e028c97ae0f3c143729b8d60bcb652b52e2

    SHA256

    be54c243549aae3f5df4c42ad6a41c9e58e51aeb43b19b67b58caf6ac90361b0

    SHA512

    68114184343fb6ef2141c6409820bb8a126a46be9c2f8263791daea53dbd03459bfcf12af0908f1a03eb9f95898ae4e61ac454ee369cfcacad87d0f96417d7d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f03e4606e92f9f99f18dc81025670633

    SHA1

    083cf01e28e03789c833711b5d13dc1aa2794313

    SHA256

    4c036669f46dacf3721c1e17a5fbd83dd56edfd05f16efb5a5faaa18db4c8bad

    SHA512

    598682273954838331898acc656109a9f87ec96865e52d5e6748a4001b085eb4a09d38b691007e576275cd619cb5aee95a4891c73bc9fe85a915489e3fcd8a7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6103ee650606f0d799612bd3a8764af

    SHA1

    ec982df8e6be4a4b843b9ccddfaac3c38357f808

    SHA256

    20b3dfdb80025bf69900719314fe4cf1785dfd5a0b88ed3b96478918f6b187b2

    SHA512

    aeb720eacb432a0996430545a1d7e1cb4775903e75b8e2a5f947aebeeabc1bde46fa57d33430a056c816c1055726c3f81afc7925a51433e83c1171940121cf94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb9c5f7d6f26ebb30a5d263a6c2c5206

    SHA1

    2b26c829c2d028128a6fd034ecfa6646c03b1816

    SHA256

    f057b485facef3efcf46c9e930a4dd0c68d477c853e81c6bfe856d0c050973cf

    SHA512

    1f9b27e91f37f605a5bc0d99a95081799431342862e85be6c2dca85c92cd16527e0922a2aac8b7cbbbf10884ed1af510d4cdf9b98b5e2b25ccada29c8fc7d577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62b48e0d3f43eb503d510c2875032e14

    SHA1

    77d07f72305b4087ce25e7ad38986115827cb829

    SHA256

    e140ea6851a5b5947c9c7f61e6066ebb9c8d9ecf403caf05c26555e183baaeb5

    SHA512

    4cea15d22349bf0b53af94da22ceb724a817080e589a73747b9f195da956b8514ff017650d6e04b5e6fe3586bcba406bae8b134ebd556f893c86f21799cfd020

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9c3571daf9832fc6994fdc0c16a5bed

    SHA1

    4f389569ae4adb0515b08efecbda38b9f448fbc2

    SHA256

    fb3e07b729a7039e4c3f1772d7b8f8332d98d1bde94b09fdce0cea8c5888019e

    SHA512

    c802891a721e9c9dcb430f4590bf1b47e5791a6ee72e1a0b8d4422a2e0b310bd216f08aef95e1f9c70882e18af80d30c5681bc3ce949e18d15f7d7c2e945c4db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8579414d4f81dec24cb6621618ee4e3f

    SHA1

    a9b1d166570d3a13f9078e973f649d3e5e25b22f

    SHA256

    adb2248138ab468ccd943550406749a094e5a5d2b0f404e47d8451063f78832e

    SHA512

    d199e6d9de059bcd2f5c9ab205595b4aacee7925c7c72f2166005cd09505569f77c678c13e93d0b67c341839d2c9f4fb8585dd07432603bf82eb7616743b262f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ab8ddb8d976fcf342f7aadfab474a62

    SHA1

    f4f55fcffd18aade005fd1b714b50f940b8c6564

    SHA256

    f60f7c35621fc30bb48e9aace4648490f2725640e68454cd508683b75523e082

    SHA512

    819a56b10b3417a25cb04335acbbfe0c8210e758d3fc734aad493efdc51b564aff1bd69af4c47820beadc0b8f93f6eefb93e8788a6f0bea11b73decd0d99028e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f912c3c049d7d3de1cc38a09b6c2ff64

    SHA1

    a4ffa87909dd58069f727ae05d2aacaf9763b76b

    SHA256

    3f93d2749de925a9918049818e6ec9bd29fae94b546ea884c7c6032659cd42f0

    SHA512

    170d2ad395584bf399f7d35d4f1b2d2e0678427774a6254543c0f1a0d567dc8a3c8ac2caf64cd512aa73078db7a261a894f483f86e453759b100f424cce31571

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c942157866a02ba9c1c80da9c661a85

    SHA1

    3251a0c95fed7489034c9c7d58fd7af43e87b3e2

    SHA256

    42cda69cb3e8abef94ef7a7427922089ec717f21b0d3648b023a5115ba51ea26

    SHA512

    3de308489c0720c947e28a7927f488a7a3c1f28168f2eacc8fa27988a4dc7a7a82aec505290143f0090eb7dbe6a36756b38e2d8873bb890cb69185183e2be41c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0ade3bc7d6d6127b3cfaa31e7f33d3d

    SHA1

    3d1a738057bc1cbc71581e11110a196b68951626

    SHA256

    0ec6c21a9dde525e4229e2cdd7fd1ebb21176aa7c2257ecc300c366dc1bc33ab

    SHA512

    486232404f6f8d055a0356d47c895558ab6bcbb6681da59878803e9a1a545fa212a07a39056021ce2418be5ff2506c017d5d70a13537b1684ce31234d4991fbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b4e16de29c74434ff48f21115425b22

    SHA1

    0e235fb0c37b551b9488771eb7f216e8cc4b2ec3

    SHA256

    fbe14ca517e1f8893c20c4f996f8ac57e9d0be19e831a8e97c532cc4c3f75dfc

    SHA512

    66e158febe438ded870495b9c072c474bd013a3eee71f60c2b5d2586b99f734ed6534a4f8e2b2f11876e5b7bc89bd0d71dae36085717a56e54ecd28b072be8f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86ea33bfa98442d8397f9d2f7e354712

    SHA1

    82978fb1d90c631e033314fbdbff2e4f5926501d

    SHA256

    90983060850c1ef65e6744b3946d298d3db1d8005eca57edcb6464ad60069991

    SHA512

    6c90dbc82d8bd5ddc2997bebee3cb7cac7b1151835a25f4a39569187bce9586d1baa12b4a17f7e0131629d39dcbc108e883401d6f9a7d06b16a86398b6fab019

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40ff62240fb14f489dfc80416a74b98b

    SHA1

    6e9bd6ef6ef57ce448155ab9d1f83959ab22e2e7

    SHA256

    614d8717f3d4f0487c19ddc5b6ff1b1f8ad03c997f0745f1954b238b2972bb2c

    SHA512

    24784d0a551478bda3ff3dfe015f95769ed46a7511035effa3485e1e4ff690fac0558ad07f8a37afe6c3b4e0464fb12e3678aea166ce8952742cdfa5db327c21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2680a88373b375155d46771dc6c55af

    SHA1

    c8da93c3f818d3670b2bdcc004a8c2aceb29aad6

    SHA256

    a48bda95b428bf29c4effcece7a0542c0b10a08ef7049cafa0f7af2688023528

    SHA512

    defecb8aab6701dcd3162967a3d48ae7aff9686d73a656e5dd93969449ccb385978ad003e87f0a2123a6800f0589310bf32f9effd83aa646194fd359f73bb9fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d009315e16f9546c5bf5503a7799d55

    SHA1

    aa906496c7b0348bd85076102aa3aa3f9488abdc

    SHA256

    526ddc5215c4750c24c45be19fcad39f6e81c6757c77ffd5a68fa3fdad56ad00

    SHA512

    8026e4282aa9bbbe841e95dc3a6e9fca80fdcffb455ba0d3b6da0fab22fb17ffec3a01a62460e3f3873cdfadc4e257b6ea5397c32d559a4c92ed15d073e25545

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fd94cab18fa0f13ef04f7c836a57260

    SHA1

    d98b28820faa99b5ca446f883630bfb824a73df2

    SHA256

    8515664763dcf9fe61a37761aa5e2f1d648a44c4d8a4184fca3b2d4957b1b01d

    SHA512

    e8434f99e52cf97294505810add1646b2f7b69c6b12b69a0513f19388cb245511633738e5e911446cde609ca0fbcc6559ce8894ee69782aaa94b56fcf1d1c0d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8c027c3351bb7b7ed3fac451502a0e2

    SHA1

    e412b6f8e0652125f5f83f7ede75038c90e146d4

    SHA256

    f8663909ee2c0ef97e3342199ec7aa9c05eaf99e344a8a38d7abb4f0baf8c6db

    SHA512

    821a7544bec2618931b170709f462a4e9d798a706f8acf33a74c1ee491784b05a9d2b401afab6ecfd5dd121057bd604762ca145a2d5ccc4708e6469127f87fc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e7c50d6b28e245987b73c66976d2427

    SHA1

    ecf68441a22eda8fd6819d4569a9518e66aa992a

    SHA256

    8199852a4a5f1f6136fcb310f2b642f52152a43156881b6e187332e4efd38fb0

    SHA512

    298c13ed6d86e62d644d30c824290b8d42c3286795699f89c974e3ffcc0cac490c64c3e6c749f18def92f87f3f9b4267f90b0ccfe41eb63b12261cead179278b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96811367e103a445862790ea0e96a9a4

    SHA1

    5d5a2c96f4e84579ee6b36d0e1cb06e76dd96fe9

    SHA256

    cea9b702d8246b8355d05d68674d7aaf659b809ec403a3c1eb21161576f9ac0d

    SHA512

    97b165c2e6db344d63f9f1c04f1181c6c051d7789e8a621c21e27ef77a659a7a6447e7e573cd89c4d9ea4ced7a4863b37ccc55d60c1bad5ff269f48fc9156b73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26eed311150053ac139e425ddbbe06cb

    SHA1

    72f9f1c529891b280af518eb44919eca893bbd4f

    SHA256

    ab57e11fea70bb440e855b7a56cfc3e15c164fbdd75e414092adc3ad6a0e44fe

    SHA512

    ea7f81d569c704dec52639d29fb80f84d01dc8711cb6210cb2bc6769537271de822fa382ed0cacd925e2b32e998ea59f1453a32ee178b630a32c32bbb4d6e1d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    cfda249018c23e183da0e28c3c7a0663

    SHA1

    b5e43fb93240a106eaae895413794597b50850f4

    SHA256

    0fabd05d248c99bb05defdc82d044f408ca1bb244271c8e292deb487c2bb72f6

    SHA512

    d36eb397ebcb974b4eb8c8bb12840e5a33d8d0bf33b77305efd2a7496bebbd241639f51fd3a5ff8dc2bf93adbc01127ebdfd71242c08e471d408e562960458e0

  • C:\Users\Admin\AppData\Local\Temp\Cab27AE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar27D1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b