Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28-08-2024 20:35

General

  • Target

    c79a3e87ab5b16db3e6ae6a3df640470_JaffaCakes118.html

  • Size

    70KB

  • MD5

    c79a3e87ab5b16db3e6ae6a3df640470

  • SHA1

    1011dea1155653f873b3ca6eeae37862dd7baf2c

  • SHA256

    59bff8fa9803ec96c0199de2613bb41919c5aa4b6c06cc63daec3607859bf9bf

  • SHA512

    450f03dcf41a84c11e70d9f50684cd646d4e39404020f79581da33e5424816f0c48becaac2263556128aea228a4595d53203c3502f767312d5f3b09e817ac472

  • SSDEEP

    768:JiCgcMiR3sI2PDDnX0g6s/6RPPnIoTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVh:JCSTzNen0tbrga94hcuNnQC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c79a3e87ab5b16db3e6ae6a3df640470_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2668 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43b13a83755d0615d5cd460bdb94373d

    SHA1

    39c87b6068635c26c4a24fea3ae535d2d5d062d1

    SHA256

    7dd26705a333bebedb1d279413f082c5a2a27dd996432842bc369b8e7f3302ab

    SHA512

    afcd66b8b91f094539f6ebfe0365c3e8281d0847e2b4bfcdff7d7368a2f2c70d7aabf88187a72d2de55f0f870a35cf19080b4ea9ca1168b7aecac495dd2f10cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54ba744e8d2795f076583edd20806a16

    SHA1

    3ec16d3dc9f9e2fbb4cc59e61634e83bd6ff74d6

    SHA256

    8d507c3a6c667fc33c35246018456a4363fb3e80631712af5340ead8fe95ed48

    SHA512

    4ced53ed019f33c37998234465872a676d8d89b551ade69655294a9d997a70933465ef5eaac964c0ae45cb1f0e733171904c98f48ac9bf689038a866beb531ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d9eb6f54c57170858d339efda689d88

    SHA1

    32a465a29d6f523febd8b7d9a0cc99df5bc227ae

    SHA256

    e058da39e9bcb909d4aaa1effbe5e17b6087ce357c5e4be5a59708288e1787b9

    SHA512

    e12c56095fafad90859b4d5e3022d984aefb07e072f00680671cf2cfe4798a3a9a4b2b6c5b5b7aaac4647175e3c608545559908a450b58867786e94d169da5dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb8cb12fc87c4fae8d313abc992cdb26

    SHA1

    7d2004c455635a2462ee20ae28ae1b40444b4b3d

    SHA256

    ddb55bccc2a29bd171a4e5a03d74da7feda340306611f9eb9e0b1615700a2812

    SHA512

    49f343f0543779e71ad3c76f121aa264468130d7f8ad64c3645adb35c6426560421b3b6acef5fa372899b8bfd6bf9ab373e34500a7e0f265e4b5ab862f28dc0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b73c03d0c70cf306a4c34016e167343f

    SHA1

    e8d9e57bf5b11fd6bfc346197ed12008425a59d9

    SHA256

    5d4027158fbf83061169d8a8b9210b3c860f938c8a22aae2445a9a037f763b8a

    SHA512

    2139e86a09f820cf832a3eb1c7bfe28209121840fee35070992fbaebe695428af0ef2a46947220c3bfb11676ca7df44607152d95dabaab120e3b3cb3ba60319b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7be895fa85bb030e34b61912f6bce42d

    SHA1

    b868a8b2ce4491bd9c14223f4080fd1d4aa78884

    SHA256

    7077c8289940a277ffa21c6342619e3b52d877cf9bec7c97dd304a032349b188

    SHA512

    236c3bf4ceb8f14e23f5f2e3864df0da61e03844fa86ed060d93f8d8ffe7264fb29a48a5e4c84819a2bd9a53a707cfa8ef104ca060cc22afcd03e28a1628c4c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b3b2c6f396fa291b74db2aa4532a5c0

    SHA1

    045d42103f68e9cd45f456c09bea188ca07fe262

    SHA256

    3eeb52e830bd1198cc0b9526ea73de9b2158d5cb4aeaa24ce145eccea0114e4d

    SHA512

    252e79056db3fe142c1642cf6b8e7fb822aeaf17187caa70d58ab079b77ce02c6d80333beb53dafd1d4bcaf39954fb799fcaa5ba58814466823aa04a01df54ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89e5950aa30265e698ae0a8f27996237

    SHA1

    b73f2a41a05a66fdddde480eb5579b7f7b846484

    SHA256

    ce18048197419117184b55ea7572cd2e703b2562ce15ded3e73ba084e21d019b

    SHA512

    03414e9965d89759b6119fba4b93286059adf3dd13b95075a627d25e3694ff1521eb348ff5b4b182b3d39a0ef79c3d81b770589b582e1a1503558269fc500ff0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a36e226f5232a751539905d44ade94b

    SHA1

    e3e1297aca5a9d009e575816309e43603c2ed4cf

    SHA256

    532131ea99b9e0065cabeda3ee10e1cd51c97769ecff2b63c9e04e4eefddec01

    SHA512

    e491139cada94d8a552de57cc6085f4c194aeb40c1b1d4221f69d2386bf0c4e0ec222e66d2d6259b8946bae6b05888117f2bf20ad11fbb19d445c48f6e8c6257

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7a1f081184579afcb1a1bab45e9a36e

    SHA1

    5bc98ac85b432eaaf8f687dbdf0f7c821ac7d937

    SHA256

    098b418b463b272fd7e4fab48793cd1e7eaf49cb280731bc9af87bfc8fc15de4

    SHA512

    46d30eef1b131e7c63c99c98d5fddda23979f4968d0a24807f8b919523fbb352a656fc1768b96e39035aa57c3bb7d0b2bbb59c6739745b810e1dc122b6420fdb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4c1a8e45dc7540f563d12991f88d47c

    SHA1

    4db751763d468bb1576b8a2acdd78ce01e293dfd

    SHA256

    01657e175289252cd957571c6d8b406ac71217d56d4b84f68733f552d2e69351

    SHA512

    d42edbf494b99e0c76c4724b9e54520643e3b61cd8e5e7b5a0a56a1a505ba01633991dce4ae14fb96d3f862c979f2f1faf780ba207d84f5d3441d6b1e86c4a23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5b0149b94a901cd3617c6da36c66d38

    SHA1

    d963231d956f40c96e93243b659e19096d1b44b5

    SHA256

    93d7c69c05a88376901062faa65b76cb99589df00665c1d8b5f6f649f300ce10

    SHA512

    bad1b3c6ed057dd389389d9d1dc5529d9dc0e439c1c7cab045a4e576aa136b96f091b198ff5b4b40791e6cf3660fee934e9b4cc8596c603249b2f9af22c34641

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dd09f5431ae4849e2cc83e8b515e99c

    SHA1

    b35d768110c3295cad24b8ab9cd05b41ddf1b2ac

    SHA256

    11186a25bcd87f2243b7caed8ce6df8d184dcac4c26bce25ff12e5d01e7bba6d

    SHA512

    3f0439a4f8ac54f56906a7f220b1ae047254a541ac9f0ab34b14fe248409f3fb57fcf0154754a7c0987b39e22e3ad73156db27880e6d24281a60704f17421df1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8269558ed0df15fdccdd4665c3b8ec60

    SHA1

    7cc4fbf3a934ace51ee2692a82c468ad0650b265

    SHA256

    83f5d9bf8530471bef7c610b8f70a60e2ec9237b585b696831689281fadf91ec

    SHA512

    5165e73550815652437a41fd58bb33297521088c057ce58c2fc76bd70901212e9dc7e1f84a47e08ecde2ec012b0afb174580b7f0ed4510b96076396544226db6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a25259ca8857781c2470eee12e5edb94

    SHA1

    d00a0b0c6aa96edcc58a619ec233decf82ae4af8

    SHA256

    d631f759b97e8389404988065f84cbd99ef61d017adeb494fc39af94a0aa4585

    SHA512

    9f1093d99e0f6fd289c80e30253e06f17f8686b295e2db048a7bc2a783aae62da5183d961e494fd220e11c149930f189c983b5a80395c76552bd63422a146bc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf58fc036bf55b5e0f7bdc9a653e4418

    SHA1

    7ecb83bedfc2cf6d38d32daff4bf77e790506e5c

    SHA256

    b7af4138fbcbbd4e0e5722142cb6562946344f4e4a123d30a174a5c87fd5ed0c

    SHA512

    181f70492341274ed3bd43070381e9a7ff2e8be88c63cd0e6a30e6c2836b5d026e7f5e4597f0a72a220aea307968c209db87fb86360e9f9742c12f59cb4811a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ba6e38c9cbf31f930646d7e05088de0

    SHA1

    ebcecfd32e6803d19b7a52519b956ecea99ef086

    SHA256

    7c7e90b97fdfc49c249c29c5e7ba62e7aaaef48d2e0298c6e09c1bc48acbf7b8

    SHA512

    e6326ac57904a99dda2776d7b6492cf29e3a903662cefe3367cde6533f932dd6ed231a06478c80a43fa9b37b73750819fc7ad9c84d0fc7df7ad23e86680604f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6078015528d5ebde9a16c5850f0e1840

    SHA1

    4d092a87d27a9c4467f9441b854524dca3e56d9b

    SHA256

    4139bf85bfa2ffd5b595828e062043388552dee8ab62dce140d105765ee533fe

    SHA512

    d75308380388b6783d8adcec306706ac38ae05eb2b0968dc96942a94a5927765a7f71b1f59801e3f27fa61df908b90a0e6622eec0cd0ba79d1eb9b7c669040b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d19b1db459f90c9c93f7a35d1910cb0

    SHA1

    8d7d622df7dc618da9ee5756df96a50721033de5

    SHA256

    d21d1196a1c9f95f0dd0a539818cadc952a2a237e7c41bc9a7215b007203a646

    SHA512

    f7e4d77e5efb85103177e6bdb3cb0acf1a273480a889058d6a254082fe8b606093e58a1c918b58ffcc813ef05b21ebcfe66e3deec13ae9a2b7db659726504937

  • C:\Users\Admin\AppData\Local\Temp\Cab4CDA.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4D9A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b