Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06-09-2024 08:00

General

  • Target

    cf100e2c4428aa52caba9bc7731ac511_JaffaCakes118.html

  • Size

    461KB

  • MD5

    cf100e2c4428aa52caba9bc7731ac511

  • SHA1

    5b46454d09a3af84f0c4bd08db1cf47d51188963

  • SHA256

    7e7a90c7ea2344441fc4f2d01f5ad1641f91b4d8894fc105e99780934ea9e831

  • SHA512

    7cc2cc43b6af0c127463883a250dbd87666a17fc0c438b73433ec7319caee0c533737f51ecf6ccbb13590706dde5b19b2f19252e1525eedcd434ebb7061add4c

  • SSDEEP

    6144:SjsMYod+X3oI+YSCQtQ/sMYod+X3oI+YDsMYod+X3oI+YLsMYod+X3oI+YQ:I5d+X3T5d+X3Z5d+X315d+X3+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cf100e2c4428aa52caba9bc7731ac511_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:468 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d4a977fae384aad44ab63498b85b19b

    SHA1

    e9642f7e1cbadfcc120357244cd0cd5d6a89ca4d

    SHA256

    8f88b763e5d04125a613d945c440dc52932c3c2322bc56a83acd177f51746c9f

    SHA512

    acb5fd8a1b19ad96f0362dc5558d6b294661bdfd1347a42c11ee8c79939917ea1dcb84d1a3171e02a87a0b216bb2324eb5c3b048b203da5eacec7754f672bbb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    070729108805d1650598abb3fe804ae4

    SHA1

    404cbaad95c181407957fbe731b650f332359784

    SHA256

    70ac514d236660bace49ba8f089078051d37b6ab13f4568e512eb52a33369472

    SHA512

    627ffde73c70a2b77ff78b2b6a4c5150a5e5e8833e53468e5c41a90bd97fc92d52bbf2bfec8a651ed26547556bf5543a32c980e983bc0a8c4e16b57d938b127d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f7267b56ee9f00ecae742f9fde67563

    SHA1

    ea5320adb24989807ebf25b3a73d172fd1f221c6

    SHA256

    a5e1f9a3262deb9beaa49d053b950050611a2125c119c1c9ee40e5f0f4a92217

    SHA512

    9861f0a2137264c9f9ef68c62048d01cc7861ddec37e22c2de299e9082de9267d2984f87575869b1d6e710131ba7022b3f3a2b9a5ebe8ceb5bb20b7228640800

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aabd5773022b302a8f26e691af606e45

    SHA1

    279b4a9d2ccdc2ba6a3ced99fb7fd16b015d4deb

    SHA256

    79793b5ce56b3c953633ae4047ebb42eb81ba596b0283e1c8d7e44f492d0c52b

    SHA512

    6c48ad9dbb93c8fb12d300bb6623deca8d9889268ba1009ebbdce1bc388329991c01d35d3e08bf7aef27588d86cbc415c7c26589535e380153b982e0526a916e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ae8d6e323bc5d5f16414c7eb96b582e

    SHA1

    ad0c28098a2744e9eb08ef22a8f0a6c7f8e233a3

    SHA256

    fec071c025fcd86275f07c97616f757896e208bf075a5e040eb08d1bdd7d413e

    SHA512

    e5e8fb03ac09890312e6583424c6e20114eb9511c7723c6914e66b824ea4e2b1261638364a2dd55782869f12e351552dad8f5fdde28b8aa4ad6595f88beba45f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a83cdc926de49592b4ef429259344de

    SHA1

    81b8c6f939093d12612df1287da5d2da609d2695

    SHA256

    82d749571c3d6635d0105ea8f5c333fae6fab504b73d797e152eb420d69c4daa

    SHA512

    d291b2efe18c4d077c538bc2f9fccfe286ec5c0f5ae883e27a40a0480b77af2cbf928aded65ee3be3d0968951c4accafe19be0388a5cb533b9980a49cd1b01fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c53def89036e4f490a9b6729469539f

    SHA1

    59e7d959332bed62e1afdc878a646da132703340

    SHA256

    f5ca237494daf28434c23c2fd45680f06e952b36f19cb5343cd55103d24c7e19

    SHA512

    954ec47203e41ff5a2b38659a2c39f8d8ceaa04211da22851c5dc7be4778bb17579920e0508682c92202eeffe463e5e752d992ac3e0334f03e320219b433c2bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e0b2ca46293d2778ef3d1103e229be5

    SHA1

    edbf61a53e37233a1ca6160d221f4c33355f4531

    SHA256

    7f2453869b116407ae1b73d0210c4caad376d9e9d85d0530b5e585640dfb4ad8

    SHA512

    ecb4e7b1799fd72505472fa51a901a2488ac2a829663eb87b9eb3f9241f776006e0c78357e581a8b3ab8ff37fcce078132d7e482fe9151c8e60475ea175930d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20623986575f8dde27e221e36c92fd5d

    SHA1

    631a75e11ef4469bd54c38d8a5c4011702ab4c0a

    SHA256

    3fbe576dcf10834090ea6971a09f005e9d26aeb772fc40e3ef6e518a5ff21f8d

    SHA512

    9b26b7716b44d43330e7e6b87b9b97e8ac646b4b298e5f5c36fbdca471329c2a85a476ffe28d929562883818a81ea0b63016bdf3bdcded54f9565b191b540a1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bb39177c85a45d262a5ba8f6c626ac8

    SHA1

    8eb0a4e259aa4fbaae19fed9f3a1117d60bc037c

    SHA256

    a8c65eed3dbbc4b582bd7821a079401bc988cd427854755de37df7a9b7f04877

    SHA512

    b77f1bc47ecd18dcf90baa7697b0f02d1a984660fe2bf147665464e72c642af6fdf151293ba36d9ca34bcdfd4d4bb245e68d98b7e70b16dd46a0f079b8843de5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ca386e8b45a378a1ab9ea27f17f4043

    SHA1

    e996218208a355054738465cacf39757edd2c79c

    SHA256

    2d155e8a7466ad4afac5871cce3486fcaea82e9ebaf6d7624c799bf04140182b

    SHA512

    123fd806527a82aa23a437ce32df275dca79836b1a3445075ac702f839c29eaa4bb36f001cbbd995876a2d5a0fe1ae6d6b198483710d9217d6faa917f38b45c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d9a7d4bbda0f1b7783aa17e65c6ec16

    SHA1

    f923bed330d4d3ce91bc08ec03e73a841783d9bc

    SHA256

    c80377e475b4f25370aeccda9875437842ccb335d19bbebef5044d15fe7af762

    SHA512

    6d1a4c3f28404e5a138588dcc8958ca0f9448d0cd831f4fa0e0edc089d08cc4a035d7ff51f56c5dabfb2f1e95d8ffccdddac2dfad2bc72869406b1f019158bd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edcf7ac05e41eaacb215ee89fa1840be

    SHA1

    43d2ec9846a83243876413d6db2bcab405f7507c

    SHA256

    794dace150701b7ce07fe4d71dd2139e1e83baf51eb74730c266350466f22b1a

    SHA512

    52be4fd3587ae1919ecfbd79223220627caf4d7ac98c536aa910d7bcb328c9a109791c326484cf836bc509f8675aac9a29bcb3432db3f63e029aac14a501554f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b086d7ec86aa34a52266017aa7de8325

    SHA1

    c21559bd83dc3e7128065260757d744296118de2

    SHA256

    38c134be686d51774d7b132e0efcf4c27f8b5ffcacc65d352ee719e44d41815a

    SHA512

    a63757bd9b33031b7d81c704d0680eef8ebc7c55b61d8fb05c137756e742815bd2442aadecf73d72c5f64d192c286a3ed7b7d78ef7b7c29efa92d416196a3eb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    078feaa89ee915a279c892ee3afbe084

    SHA1

    f5bd5d86d13f9c6e39a13ad8ef9360d3ef56dab6

    SHA256

    d77e3cd42cb692c2914e3090d6d56f725e5ffd25416404f4274837622b5bc073

    SHA512

    f404d94466db0feaabe03b2d67e1cedc5adb425c0034c5bdb9b6ec48d7a128c741ac0e023919846bb254cc49631d1b7fc704a8613a2372fb22d57b4dc5fdba17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca1dffc02ca2c48c47b5f13b8ac9af24

    SHA1

    8908c363790d94ea70c45a216dd5521d22c103ab

    SHA256

    daf437771f02cdb6d5a98a7657d6b6b8286cf9c9318456efaa22d824e8943e63

    SHA512

    5eed86895d75f6de1fa49ec90ef130fe3cd78fbf6be0dcb06556b9b310658445060a63bd0e9ae0eaf8ba52cbbaee8003d60a0c83cf5669391575a1db5f9f8d86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f716a3943babb9fb88c66e06f6d17a4

    SHA1

    e2da423a7fb8345a7b446c4b5e218b8bf6031204

    SHA256

    09b8fea9b3741487e53a001a57c5b474180ccc77286f8210476849d9dea09599

    SHA512

    8b6bf40244e50f4167bed9f0470fcb7d77c90adeed612145239cadf0ea54714bac8301e3cbd470e5e29ff50fa238ed0d3a5e5eaf89fb9df41361f5ba6cab27a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    deed9a5feb81ae15a27983ee54eef795

    SHA1

    62cf07816a37e73e2131aabfee76e7984bbeba89

    SHA256

    f2c3a613c9bb6a14820ee6e80ef5a32be6b588586bac0ce9732dcbc638ec9cf7

    SHA512

    cea96eb11b953470f6ba4cbd1c499fe2d8d2e9eb99e9e5ccbe96449deac35f95fc47dcb64c5e550a9331d0ae6137d565001f01124426e1d9b921ec4be92e8d14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    371287b3a64a4a681c75a6bbf95b20ff

    SHA1

    ef7e4cb5ac295aded2c060de22d159bf6d17dc57

    SHA256

    855a0258f5c34a5f45a3d55f7b5c50f173d600e691961a6f2e2dc2da075ed2b4

    SHA512

    8237721382712261b5282c0f628696f2bffdc9d79933d420fe19ee5f77a8695d067c6b09dd39ed50f2cf81244eac0cc70db7708b0c9ebb891f56f26c77ae3b9b

  • C:\Users\Admin\AppData\Local\Temp\CabB617.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB6F6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b