Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 06:51

General

  • Target

    c86397461ffd1e5c08ad0aa236002c2c_JaffaCakes118.html

  • Size

    36KB

  • MD5

    c86397461ffd1e5c08ad0aa236002c2c

  • SHA1

    b21bc571c0c4810026fe065470f85fc48365c682

  • SHA256

    1f8964cb555dbb6d93b29e517705a278a3fc120e6b1ef36d9b181625a6ffe640

  • SHA512

    17514fb396fd447a8066a266c099062bdf8e1c25ec8964603f3a61dece5611fcc4053520ca3b818cf2bd1a15ef3d2b382c4ff9b9ba5dc9fc2c9e231746b2b927

  • SSDEEP

    768:zwx/MDTHqc88hARyZPXpE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TXi76u3l56lLRcu:Q/TbJxNViufSI/X86K

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c86397461ffd1e5c08ad0aa236002c2c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2248

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

          Filesize

          1KB

          MD5

          7fb5fa1534dcf77f2125b2403b30a0ee

          SHA1

          365d96812a69ac0a4611ea4b70a3f306576cc3ea

          SHA256

          33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

          SHA512

          a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

          Filesize

          436B

          MD5

          971c514f84bba0785f80aa1c23edfd79

          SHA1

          732acea710a87530c6b08ecdf32a110d254a54c8

          SHA256

          f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

          SHA512

          43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          e062ce17ec50e8b5c4959f1d47885fa7

          SHA1

          d3428191c860ea88a02f75191c144dea06f623d2

          SHA256

          349176615c8c3d0334f2c65d5856a63b7c0f18b97304dccbbf627b5ba845f3e9

          SHA512

          71101e06930deedb98bdb585a517b0f1139a067884571a87947582cc69d9b77fb9b3d1edce09d5f8862337188ef0af3d5ef0b211a7c35b86bfddbff8317bab84

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

          Filesize

          174B

          MD5

          afb5b6fdaddead51ee95e49c01c21f22

          SHA1

          48076d2407a3f35f2c0be70b054c8006822df934

          SHA256

          83185310dc36cb70d7897f9a377fb3ae3fa2087bcef1dedba91d441b9fc3263c

          SHA512

          242fef040d25df3a02a8a8c25000dc228b069de272d1c141ce15a43bf419ce46c6e6f6ad1283e51efc64b0eaa1439d1c4349c611a6d97f1591034c5e67165b8c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c94ba4c71a88cd3ee96a390acd831666

          SHA1

          fb8282ab028d100288f3b372a45310f78e05d03c

          SHA256

          53433a76d0c93c967cb17603c4ab4d134fc83ac3d45324714650413f1648152a

          SHA512

          d921385f7ff7cfec17a652d7368b01cb990ced6463437e29d371bba325996c23fad7324969526c5bd94a28321000791027d7ae2c23ef333cf3d8288c83ecad0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ad493d5edd1b14f51ed25ef70fc520f6

          SHA1

          0ab54cca6457762f3fc268b879b4921f3c78a703

          SHA256

          bbc5bed3ac875efc1546cee95763691e613c84bd8e477a0ad7d40b8259dba1bd

          SHA512

          b7e113da29170b759790f208affc712bc739e4876dcc7a7abe17d1530ae63c99542c6ee374e754d9cb051c33081c2e9f5ea9b99d98ed04909803a69bf97c75b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9b4cd7691d63a24f2aa77658bbde3fce

          SHA1

          91925841ce3b260d1c79bf8abe5ec7079bba8ba8

          SHA256

          262d21c971632b3f267acc130c347ce132e37f7a8a327898366c9143e3e70bea

          SHA512

          50610fb43c78ccda75013a705def0592f7ff8b096be87da6322602cbc1dffbac0143d1f77839d6295042b4b77667b1d28f29865c78798fdbe1965fd43ab99ee9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          814a02f65d3f3f2df8f2a4f8e81f9017

          SHA1

          75d2642c2bb5d368ee48a00484456cd873f3ba09

          SHA256

          3e1d3c4ec133bb5a4e2cf9c2c990fede2ee87a354ca1c20b2f04c344d104a198

          SHA512

          ce327612c0d3d4af3db7cdecaec01178126b6ae7cec0c1f8a86399047b6b89bce451bcce365937a6786d4586c5275dce34a4915f73cb4fb827e4f61e54e58494

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b44f603addc36b53b1af3ea255cc7dc

          SHA1

          4d694daa1f8941c9ae0669e6c3aa2da5a3c8b706

          SHA256

          8a537a076c937c9c511ee3c84a99fe44632e737a54b8b45e31d1ec70286724cd

          SHA512

          f8f7df03c46f1ac1cb38e30a8afd7891457c5c9ebcd7d342f7baa2af1b72da5bd6eb10efebccf91007bbffa9d5a25482b25ac21b88b5db86364463ea364964e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb58ea1a6ca09847510e9d912f07b5f6

          SHA1

          e857536f28616939e32355c5024bcf57a86194d4

          SHA256

          bca70b6a00b4aa31ea40251307c900a19ae1e645f5d4f397246d5ec1b8ad105a

          SHA512

          1fd14a52152d9dc44b6a28ad7f156cfb17231a21f9a518ab86c4b451ed4ee59185e75293a49f022f1f66fcbd4f65676d3e490a5f09baa318b39abb89f92e3ab5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bdbaa7bee798211ac1f4116423254c1a

          SHA1

          7dd7c50aa15ff4e85bd15b72c0f10004ad1cb523

          SHA256

          37eca748881c8265f6f63d825a393c6019c05819300cbd74440c782002f60fb3

          SHA512

          8eb062775b40ac01743e0ecea725670d851b7c1633234990cdd398808dc2a8827961be4525bedce17c8a2379de2f8dea428611c401eff84aa712020cc733069c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d8acc824d21103ad7e772379c8def46b

          SHA1

          3710cb14a3371b900ea5ed84c3d34eb6cff04bb9

          SHA256

          aaae43f15768f90d3d635aaedc62c47e9267a675390f82a424eced1d69ff1ffb

          SHA512

          f533f33898c0ba3ae8de826917c89c72218ac87ae7fbb6dc35e09370f4b28989ca6ad986f93c9f83d909fbf73939561f45ab5f0aa583b4efa42d2ec6dc441d1b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bc834f96f8c2df5d9867525e3c346adb

          SHA1

          4a358ce4fde053b4bfc0888009ff477c7b6b20c2

          SHA256

          829a79717fe490c66203e34504ac75f6307e0c92f501dcef4e37b84c80eb0668

          SHA512

          6e9f5b25bd41ae46b5145bf388c8f12448882a9ce220c859db742c89fb07660f285cbd54285d7e5c5e55d5f45914df0feee7cafac68f7be3d981d318371ecee3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e53143b2c2cf64c8ea6879c3f7e6490

          SHA1

          f2169baec05cf4aa4096f3e58c96f0061b91625e

          SHA256

          2d9259e4471bf90505f56bd435c90b54e0bfa652180db5b95c6aba8814c81ca5

          SHA512

          f1654c691afb55fdf458146c39568da2447878fe8eae2af7399f64487bc791a1e8d418ac7bf4d55fd3ec8d4bc48a4466a217c300d920d18de4b92d61538919f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0aa6f1fd1afc24afdc0a9687bb213be2

          SHA1

          f256275da342a085126b128c0a8885530fa989c9

          SHA256

          3d41722393bacc9cf093e218149fd476d090264d6f29e72569494708125f1810

          SHA512

          8222cc909efbb6203da704ce932011388a0041e3685596e3ec4e35cadf93cb070a49dcc6761a9ef87ed700ed221b012c7cab15026b733da139d1e1ab4bff91c9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b18b476f1d045e43e2a1172db03465c2

          SHA1

          9d36f417cae966fa3087ebf5e76a3b5c3319c335

          SHA256

          f48aacb42f31697bfe8882df704ecfb24377bcac2d23ff60889fe8f4cec0bd8f

          SHA512

          97cd46d54bdcae2e8a1d480cbdd61a8dee9e06b25af4dd8da2fd1ded9c18b1aea540316302171c4c9552dc74a16b74ccba390938ce635f75e0d5dd94e8ec81a0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          24ef7da8d32588f1dd92623803f0186b

          SHA1

          eef95abeae7639840776d89a2efc070ba2963c09

          SHA256

          cbba1d044fd9dafc644ede3bdb2727ca71db03c012334e776f1ba91ee9bff6b5

          SHA512

          923078ca19dd70fdebb03e0c32c0fcf211a6331d2dd6305cb83e88631030ad6c8fe00c5084f0a100a8fe8c669c798e23f44b3c7f0b8d210213017068de4fee54

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          21f6d136df9e7aad65b61b6d4594936b

          SHA1

          e401d6563dc03bdb94250697e71539ea8eb06595

          SHA256

          4a4e9d8a9d14eccdbec6eae1dc80742d4a8a2a6ad934ef8f8bd8c19d293fb118

          SHA512

          f6a55beb7bfb826d0ef773a4046de80ab6c865d1f68a25b95aabdc4a8fafbd516e37aeae5d53f7d4ee9d1dae352d3fef5212b40ef4203c5c66e74b19787200f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          43e70988d1ba5b171f49b66132b1a6db

          SHA1

          8120e194e97161ed470c8cc7253c97997101778a

          SHA256

          f715d43befd1a4b5f003c779ee4a0ad4e193314ff272a7efed96fa5bbc62ca20

          SHA512

          2c5b7b7e48c86710fe3187e411431f0ed3a7526f7cc2601ffa2502cbeb09b3754eb6f5581a839f741e4fe6ebd318b5b2e61ee6688695c37f7533896ec2dc23b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9472bf099a5990419514c9be06761572

          SHA1

          05f110659591383647cc39cc1ba84fce8b898e8c

          SHA256

          b7e0df182d036347e221f4383918d5456c9a05a7ec4f24c37e7132629cda0dbd

          SHA512

          9eb05bae440e6c925ed80a6cbbb5c37d1bec092f282966c9c980fd5da239d9a26004a6583c78411ea67f5611d0200e8dd0dda294f6f232f8d85b811844f73b80

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d7d8dcddf471642a873d55178c283a60

          SHA1

          4d72658e244ae3b20cacc3d00f2adcb33748c39e

          SHA256

          83d6e17faede2401fdcdca2869a1c7208342f59de0c12a5c1496f79722b55e7e

          SHA512

          8729da1a2ae9d3767f65c967305d221ad4403398ee4402ae0aec885e67811006abb8acb0d4a8b629f30bcc0f60029c785c4b642405555a73782437c22ed24a6b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd5f80b078bc76c49f289ee6e4440e25

          SHA1

          c9dbaeca2e1dea61228cc7d0a43aa75acde9f10d

          SHA256

          96b390c09326d130ccc13306adac209a7ac196e86dc5762d237d42f1cb938c34

          SHA512

          10350895ab3ed96f2337fd8837400fbe93105ea15ad626553fdfe5a569c8289e7430265538b8b537a9a1f1e0b07c411fc5ecb5466f544a509c181e096e8ce6f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          829123caacda0dabc792e1d8e76d4482

          SHA1

          d68e3b0610c8c4164c7279bb026553bb64672c3d

          SHA256

          536f6690bc0a412aa342c480485948c1e4891dfbe3918a51f879b754ec33bf5e

          SHA512

          15cffa997aef32337cad44f615822d645b528c2327f33350711322438d8853004aefbcc18f6d120de042647ec95f522b06ab8bc7d34b49e1426f795329eb39b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          864f8161417bcaafbd28435af34f3395

          SHA1

          b50017912cb04be4dcff31e41fbfe860aea374ab

          SHA256

          72bf6e5bbb4228d3c17c9441832f363dfa8a36fa2ec6e9f8e28ef05ae09723fa

          SHA512

          f21740ca6aba3aa9c6f26efcf5896ca704f0b5385d65dd9876efc8dcf5a42d95fe036a3a81b528c899fa6ba4e18b728d28b9c7831f43ad225c874b19d6950f24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df7de9a9b8268dc6cfcc43b30353abac

          SHA1

          94bbdf880161bc68f55bdaffac33fa3648668da3

          SHA256

          45d3a9415061f1d59f0cd193198d7d02fd5f1e81397e638ff46ae85ed55b1dcb

          SHA512

          308c720c0c1d346e42a6e7ee3ef1420537a43c39076ac1dc392f39c5ae87723f6f8254d7ab4ce1c26f41cf10186591ff45c89682c85ec91c534cfb8a5fd006eb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f14fa659cd07381e38878d5b32a683d3

          SHA1

          bff1f28763fae84841da6665ac385bb5ac76f222

          SHA256

          16b4ea68cec8040e0fe182be39939f3b4d36618eada4423ab29627bb508588a0

          SHA512

          105ae01e92059f77e0bd2f48f53c87eb9c60c449ad78810ef77910503c323fdc4acbcf838cf4bf7b98b95ccc68c38b7cf03569410b73627cea13c1d158c1ac3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          482B

          MD5

          ef0534e9dc2e9a8525ee4d6264b2fa90

          SHA1

          4cedd88f242141b6a5e2287000bfb97337f5501a

          SHA256

          448dac6446cbec4dcd1d913f603da15a26b036ccfc71370e165ff99ff6f3e9a3

          SHA512

          20bf265017b85fa23c35b4dc1a25ae73fe3ac2e591bcbb00c296fc51409d4980bc5b8345485ac220ac6334408560ec21ae0ce964789d4ca884a29ef65b5f9c57

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

          Filesize

          170B

          MD5

          61cfeb66c6aefb3c476149e400c1503b

          SHA1

          e38cb1a1b4c27d491695e9960429192089b6fcc9

          SHA256

          f58bf43d36c749f46afd6cb5fa77d1bb89bd49888418b6761e67dbc4c8fa21fc

          SHA512

          eebeaa8b6d065b55b9d3f1ce7305445d05a5203857839593c35d6572007155423bc97a6ecbc3ed53b2484f2eba73c5f2d23c113dffe94a9ba44525978cfaf4bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          5bf0ae59b38006deab5e21b9c9605fba

          SHA1

          1e7c8f982276fad9da3280f4e6f54e63d2978df3

          SHA256

          bb1626f81e9a82d9a9eeb9670962139ccd38f21984914c3fc82715f79bf03aaf

          SHA512

          631142958fa3c5581af49edcb476a841b40b418e63764414542b252af919487df5222236d764ff84abff74ad797b0c8c0ed5eb1d4fd04c603c84127e3d867c04

        • C:\Users\Admin\AppData\Local\Temp\CabF1B1.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarF1B4.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b