Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05-09-2024 22:12

General

  • Target

    ce0bb1917d37acf4d3139a3270e5f336_JaffaCakes118.html

  • Size

    56KB

  • MD5

    ce0bb1917d37acf4d3139a3270e5f336

  • SHA1

    d4ef7d04f5ba6444697f4d120c18c3de973ed27d

  • SHA256

    4306b824b8d5d3f138deb3e37309361ec89c193662081d13af51e714b438d5b7

  • SHA512

    cd1f07d330468008188a5912a1e50869cd4ce59a2669fc0f2eec10157fa70e41544b0de6e9f5d6517b38279e2b39fbf306cf368c0e7653f5d2b31310c62125ed

  • SSDEEP

    768:Zcd9QZBC7mOdMA1pC5I9nC4p0obKVi/HUpQPd:gQZBCCOdh0IxC+1x/EQPd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ce0bb1917d37acf4d3139a3270e5f336_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b614c1f815cc204e6b3d0228f0e955bd

    SHA1

    d1099152e42a205d73c857a3c79ed1b5116ec32a

    SHA256

    1ea5854003196a262a17dda4641177da646c5991bcaf278eeb99f82ef4748401

    SHA512

    69226d3f6775db0b4fceebf12cfda84c13aed480c16cd732062ca9ba91768ae9b3388f810e6ca573ddeeb07f3008a1fbb9a503648a92ed5f946a3b9e2b2ca8d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94c8874a00dfcd85d2d7a268c0d0c43f

    SHA1

    018e1d027bcae12d652e6fd6f916d46ea7e5af7d

    SHA256

    c768054f8173ce16e00c804abd0455dea4f239a1f12207f4b613e5d783d38227

    SHA512

    d28633019343e4acf995fdb38b433ca104ea3e53ee5919a45740570e0c4f0497b0b9e72e1935f512a16e25f7b293be9c23df162e6824185204482e51d2ea8e7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a408c32aa8ac94b75ce4b3b772d5a848

    SHA1

    aa69a946390c9ac6399774294dc1e5f779ef0137

    SHA256

    f624257455c63c6d5a196068ad7cf7855e78bba9aa1eb55e079d2292ad677a48

    SHA512

    d0d72d4652ea5be2c2d63bc2cadfc8d3e5a17e61b946d15bc9b662b77c3daa9999b2b6c8537310de3c36ef4f11d3cab9f635206a455fcf701f0ea91dbca98908

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2513016e15eb20b1d401a548c816329

    SHA1

    4b9bb3333f836f6e05f5a60768a9d384ce06b292

    SHA256

    e1197774a48dd2287fc4be02f420c1c340dfe80fcbb5472cb1ba1f38ee92ebea

    SHA512

    69781ebb60fad084e5549f454c9cdd1d6d6a4e4a5e090c3d29c5091a152d96ccaf96839da472ad0b1d93c041b4f0eb6e82a4a83d318d73526686fbdbe52acf48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50193762060a295ae9e1cd382256012a

    SHA1

    f7d1a47012f32f237460ceac2361a07ee24a9c72

    SHA256

    88d104114b49bbc71489a4de4d90e92eef7e7080e5d0deb55c13c53fe503786c

    SHA512

    d42785fd8713b1cdddfea90acf35dfa8260ba0dffdedda11d3d7fdc2bd9276183c560174c3373f24f01a0107f93a53479d96ce66c7387a83552cd8ed205d4919

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b98a5454f231cbe8e763ada4f1e3bdb0

    SHA1

    d62e5422d85afeb4637e9ddea4f771ddbb7c6ea4

    SHA256

    b6c1d918da324f493949016447f1b31542295832d5010139d11983b43e950dad

    SHA512

    fa7458d576b98d799ce2f0f8222a98f344ab7fa8a1b6d85946dab4a38ad8d16cb5ac330cdfe5ea0bcc91c71b00cfa127f57134bb81d1e1b7ad0fdb31afbc8c8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf3cc78fbc49427de33c6410a61ca396

    SHA1

    4466ba8fdefeb8716f4c14514f3897c291011882

    SHA256

    1889d8f66b2a5183bd90e63e86e124f58201f919ea81c157e8f0cee14af219f7

    SHA512

    70aed1e9e7b3df9909d0d2e560765d6d1c4df219831663e336f2c581fe9e1f5f91e60f42c369606411e3c17472b6d2ea6c7b9d350a4941dc2d8b7cc538f61b3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    993b9d94aea64f9498896e36f4ad6f89

    SHA1

    60e315bb3c0ee7ff61d1ff3f2ab46e6af753b7a8

    SHA256

    292d8b1e0fc8fab695f3b22b219a9f0400a5e77184c504c6c57b4fccee1826cb

    SHA512

    d3f45f93e2735f22d8d82a958806eb22322e3e1dc3bb5327aa7716ceaa879e8d29479b8b02facaf3304f95d5d1c995f4b2fde8a12ced405c4ffd8aacf3037a8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    322793b583f597ae1a3f09decb60cc1a

    SHA1

    16f7f9717292d6abf5f40305f84f7a4f8782cc24

    SHA256

    d8b79e0db8e86635dc427b09cba8e1210f24b4323d498d2267117e938d90372b

    SHA512

    862402c4b118611267ab64bd3fd67671f7830177cd09325eae1555ec06ed6152e1a8c96d93e60161018b31b212775d7731b565402b1d92ae845fcf88bd4a51c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c072cce7bc93f94cdf0626064cd0d67c

    SHA1

    9d010f51bcd15b86efb2a8b855a5f3865d47f6d1

    SHA256

    4d04ecf88b2f4f5c349bac56b31d7193d113c3c636a9209bddc9f913e72a49f6

    SHA512

    23a8817b19a7bac4423719e13d6bb4a734f24b558f7a18b75155e7e08a6d9dc06cb72e21927704d0bad18b8916e4b0cb94886bf591c2b21b564c3890c3f53b66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e80a0575adc9c41321831bd69d6a433e

    SHA1

    243c66487df943e0bbdd4c2af44966cd460f15db

    SHA256

    b5e02c507b700d5af7f6190dfa193608df5a5ae152b19d59f3ff50fab534dace

    SHA512

    8eae06438cb08bc9b059cf03e2ad6ea5ebdf66cabc1dbea2ba0b02dd9741e1bd7af39fb0bfee7b8feed8d417c69f44d3a8598b8d32a994927e04dcf5ee3935f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b7f1959d84f319f7446aa06f2bb2359

    SHA1

    92d8629dc96b11d4510a81d4b3e4c159c4a574e0

    SHA256

    fd3d22aa388e50e2f68cc102ad3765a2d5f9c2c1cb7b0a8b3f4dfb4664cdf296

    SHA512

    1d199ad3c861f357b2cd752bac5fa1d7e5bd4253fd70da3e98e1a76624f3972ce3cdd0250471a9b8de4908990c2618487456f2263cfc904e6b3367c416c98dbf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5028e7b4fdfa3dc64352ace39f0f0ef4

    SHA1

    c85aeb490019ad854ca12ddc83c0ada389892654

    SHA256

    facb3172e1f580716904c7c34b2794cf27cc73455c82ee0bc39eff192cbcaac3

    SHA512

    9bf1dfb6484cb113c86422eb8404edf8dfab2e56e6904f858c377126d280aa17eda225172e75c11cd5938a1acb92f6121f3e7b0683aa7ec53dd7b6d4607f5ea4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0f54ee149daf7e685f7685833344f6b

    SHA1

    9fa5cf7b6ab96dd8832b4a7c458e628a2cb063db

    SHA256

    ef56d9d86332d5c3986231baf58d88282199c0a4dbf9039337fca92e3db61912

    SHA512

    8f8696f83b2840b8f7607fa8d1516159954768d95878431ba0764ca80a6066077aed6c547ff0cdda2272b52d525a5a11f0e33e20fae6fca2d367d560940d0889

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92acecc1907125f5605aca15f2fe3a52

    SHA1

    10611b4d466fc3b43052dc233b5ab1c69d3552d1

    SHA256

    a252cb0bb47ed4d8bac5e061ee285a1535f1e1e325852dd608afafc328a6bdc1

    SHA512

    f491bfa6b7a396744937116b04797cfbc26f58e98fb60c343d2262132f699e6abfe5f76eced5a7c5b7f53502eaddef74b6147c396bb6e6e6b78c230c55479b63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b1b6db79b1e2b0f9f3c74985309e06

    SHA1

    ea453ecaf951ad898f944d584a853320ab3565d2

    SHA256

    3ac257bf388289699e20f6fc14d4052f460c859a2870d48a364258d497e72fee

    SHA512

    6a24688e99d0c3f72c24675568a65218c639a2e54b098df988c76630307d55bdb59251726d0a119fc52337f3bfa4d74555377a86160fc2d3071dd99ac549c893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03885cddac8f6b82e780ff9386a103a0

    SHA1

    b022a62e24e2f9a02f6425f8fe4995a69f9e6353

    SHA256

    dc20641a03754052809bbfecb49c4e609f5a5d00150975e574b5ffa5e9e3a89c

    SHA512

    2d92771ffbefccc015125ac3430c7470a19a703c34af1a884f6282d944640a6ec0b18bde07681c1260ca78641d3d7a37c0c5276ebd8c594f7879ebf6e0436ec2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6eb290edde1f23f28cfb4529ad4aab9

    SHA1

    2ae5338610fc5e2c912b897925b50a4fe45aa8f7

    SHA256

    fd4b7ac39db8ed859c102fa5338274ee727252705185b6737aa6d119425ccae7

    SHA512

    78aadaa3f6a2d78837a2a41d08494d873569c0ee5325ce80a841171cca7dd877bcfde25ee0c2c6120983ee93a361c1a70e53d33363507a8641917d70917f3dbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b34760487fd3b5c9162246165757191

    SHA1

    1216d0d923ee58b8c58b263817a2bb0635d6a1db

    SHA256

    5060b014a122fc38ebfd29700b9ca2157e0e2a4869937c244fdf97ccd63da12d

    SHA512

    09de05f915e8ec1391677efe02c4197ee2af3b289018b85bf0929d817f406f16404490e01dedebb91cea090cc713f2644ab57af6b7cd4799fd7cc0833a0909cf

  • C:\Users\Admin\AppData\Local\Temp\Cab8C8A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar8D57.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b