Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06-09-2024 10:57

General

  • Target

    cf63d1b7b4e00dab2f1e91b078e0585d_JaffaCakes118.html

  • Size

    36KB

  • MD5

    cf63d1b7b4e00dab2f1e91b078e0585d

  • SHA1

    ddea7cd4f97d98ca02ae65b9b50fa64f4672d4ff

  • SHA256

    0227969a729e939b12f43e2115f71bcbe518fb8dd157ed95acde0e1f9f6d4717

  • SHA512

    37658c5e26a4fa58010a44e325d8a117b91d9d10b9976be1c9772995c3b7243d7cbb24377063d00210f2343ae48f2601f6bdf06d54e613ead781de56a696112f

  • SSDEEP

    768:zwx/MDTHXv88hARRZPXAE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6ThZOg6f9U56lLRW:Q/rbJxNVNufSM/P8nK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cf63d1b7b4e00dab2f1e91b078e0585d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2228

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    436B

    MD5

    971c514f84bba0785f80aa1c23edfd79

    SHA1

    732acea710a87530c6b08ecdf32a110d254a54c8

    SHA256

    f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

    SHA512

    43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    174B

    MD5

    b1382d1ec2942b38657c8cb96c1daa51

    SHA1

    fdcb2d767e3ce10e82e9b79f238d71e55c7c0a85

    SHA256

    319790d829085668da8d552d43a02637235b74a3ebd089f46929a32053368933

    SHA512

    71d498c529b442919a50efedd2bd1c16f7666a277f9d3619fde31fb5bfba19b523fad157e722821a0f0d8224b05e1cdd31ce398b5ac8f215cf9fd30a824c9643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ac9fef1fd8025eda2a097a09496c0ea

    SHA1

    74f1dc2d3cb9663d053f34a0ada8b6cf3649370a

    SHA256

    7fbd7d488a0978465d5c32525b7dded938e756901e3c5f7164a6f7def2ab1637

    SHA512

    f64dbffebc79af7cc030de9b761ade9b3723386c7b8bf294bfdf42c15af350039eb3fda764c1ec7b9d77aec8316d0ec4a02a42e1aeee08cc97c615c54a4fdbc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbfed03875057b868ba80df541a1db8b

    SHA1

    72e7cbfeda5d209b6acd3c808067d9464eb6085e

    SHA256

    89a96991bc8b780d641e4bfb581d6fe1a5971e6139e9980b198f45f991773b88

    SHA512

    eb05535aaf86d728291aa77f2de42d6080e4e061e3afed56c0ac1ba5248715ce64cfc77c5c598aa36a2cfd83d4b43d49f9d08195445a06bebb279f09f4d401bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d13d4fb5fedf9671b51728af31521088

    SHA1

    803666ab9da4054a5c0ad376a23d4eaa0e61bdc5

    SHA256

    6bc8188fcf8d1845c6816dcb70f8aa1f5011c718a2f363ae93e85f03e7f477da

    SHA512

    7ca550ad29aa8d6b538274647b45199c15577b0461bdfa47a97a88665deafe7d09059fe675fb9c8ce4e6355399b8a31f50ae242daea39862c5bb37144e5f8c13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8710aeaa5c2a22eadb702059088223c6

    SHA1

    429534384aa9149da5a9fd09d31c97eb1c20f2df

    SHA256

    93878fc3569243c400ca7d8a8cae4191c4fa57039b8dd5d89a06bd4e363ad8fd

    SHA512

    a0ddf27ed5081d25a77472c2ca3ff50ecc2de01c2819bd8304a68c0e9bcbe3201a342f7df262204df05a0e9d24c34cf546f988322c063875af5a7c8577efa161

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1f5a2c687eab51144d5da32959a0b52

    SHA1

    f2390d05389ec673ef06a15ff23c7b63bd600cd3

    SHA256

    776aa65443c5a68e5c6efba45685c0ce8f804360007bc39522354f5fc2117ddb

    SHA512

    e620e47645a30c8d675b78b8269bab6f7ca792bff74ffaf4cdb88bfa1616a5d77a82b784a888e1e35a218f81e623c52f03a2906c07d41a0970e9c0f0d456c602

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21576fbfcb71a03349b3f5d6b15cfe1d

    SHA1

    243172344fe45320f7caabbb35f84f0b6cb7ef5d

    SHA256

    eac445fe09eed3aa253295ec0b5411a6f72da4e3802388c333ae10c578e78ff5

    SHA512

    f6fe834a1ec302d291550e6941c872406741c4029fa0f85cd49865facef43786110313e283eb53a3f4301e3175024a1f88cf8ae521d3500578946201bd7cde3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6192e4f3076260cda34ea81874bf8d5d

    SHA1

    cdfea664c59a1ef510a7386c7172cc862b76fbd6

    SHA256

    3e611471f734a35a503b6171edc6d02af702f0c12b260578198ee9c2f298877e

    SHA512

    c1566c0e8dd51ce87841e79e6a2fc8521fbcabd506a65a5c345d1fa89d0b6c68f621f04526b7a46fc3efd93b0bd2d80200e004007c6d970cea8a02e00313be04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    962f6bc914c11d6c89f56fb44b24b356

    SHA1

    07b5dd23dee1e7e0b4d9af4246627e7bc671cc8c

    SHA256

    f59a510f4f07b64e7baa638e520281a3e8047c0b44ad8d425f225e06df2ab0a0

    SHA512

    a315607e0640c09c5a95e163d47c8d6cd5576c79514b717bf571c062df73c63fb18f86e43480a373ddaa4564c6f42635b4c193ee28586f21ac43d581fc7b574b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5b076f9e1041c1637db149248f42757

    SHA1

    0a73a717eb5d6adb04e6bd95c5f8b0dac764df45

    SHA256

    796e51ac187f961e369a4299d63d6ec229db62235570d4570cd9b892ad6518a4

    SHA512

    8f7e64b8f2295dc0527a4f94f4c01f15989acd377b0f57c89b4343c8d96b002121073596fb5af7677aa6c4d460448e08dae2f7d5f380a97af0a2b14c77c4ba59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73c26a30a325981fa9f4ebac7ca7c93f

    SHA1

    df8d4a5d84f37503e621f3a80b91534d5cc6edf4

    SHA256

    c5fbaefabc25800a6486575961578fd8e172500c9d9c76bf859880a04120c5d2

    SHA512

    da6c7691eb39291ab47884c68c9c11d2b498f8404baec682759420c4c12731c27cc7ad3d025c43c4730ec6a95fb744cd943677f755435c0548aeee2f257d6ad0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acf371e5717573d0e11526e813a72c68

    SHA1

    8ac087ff3a7eb3bdc3238173cb5ed46c2e45f336

    SHA256

    e98b4966fa0ba73cb86c8b5410de4b3e07914804033b6117460d784139aab1ac

    SHA512

    dcdffab98c89f97ab4120fc5a2a4a034bb63388ec8846508ca96442fa71e5c7d53dbb3a87d953d35017f8fdc4d19d47424785bd09e6b155bd0c80ebfd0ec822d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31d0804adbb5111637691ae50e89b31e

    SHA1

    cc721afc482b63a00d7b4186aea571b5fcaad681

    SHA256

    6061a7d1405054744dd1927fd68c67cacaafb5d1328602628578f48683b9f828

    SHA512

    cbec31a246806c5036b4b184fd4433dcf00135efa5f72de93dc5b5df6ab115d7922149b16d30c32209bb8872f50f345be258b19fe59d0b7df9a0caa7a118a7ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f92181314539bedde7936fedde2989d1

    SHA1

    c80de3c05d55fed159393fc6b7916b0716f24119

    SHA256

    76b09d6808f519c59c29dc0e2eeb96d251fd62cadadad295409d0b4da8f7d845

    SHA512

    93e5e3caaef1fa89ceca760ab10aa93034bde7ef61f5b8d9bf4a488dbffea95169182b9ca3b928ebff93f75119680c1811f98928d3f02456574bd16e9fbac839

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2278ef5195866aba84c65d3b50e5b01e

    SHA1

    f97ac76e9bcb1292afd80ce6f27ec4737a744086

    SHA256

    f082aaf2f77b94e1b8c67d549dc1d5a0389a4079efd03207f6da0946b3d503e0

    SHA512

    c82a9772461466d459da0fcdf25cdf41f8bd1d94a6bcf27cbf7dfacc37f94c7521021025bd61d265bc90ab33c7377aeaa3442c2bbd1747417d0e4659e17c174f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5faf7363a5db9c95a510dd7cbad48540

    SHA1

    f3c62919cf6c6ed9dc516dd82ff7cd694522099b

    SHA256

    feaed8030b8959623c08a31b13ef80737c98314831859237b97f9a2a58a71281

    SHA512

    39eef2f89ed6b86f8011ed4a4525c16ed64ca4feb3a88bb792ef89744aed6e90e96e28785bd2d3a16d5d4627e06756ee6de47bb9a0655fcaa592e8fa52844f4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    297116c68bd63f922be9b2175bd5554f

    SHA1

    1ff526623dad82956c832971b64a759dffc03aaf

    SHA256

    30322cf82ea6ac04721d5e40aca7090d48d3b6248e1d44820218b926f99a7d02

    SHA512

    42377a89f9b4558bc439b1c55777ab7090b85c93841164361fb97b6c1b71b60609338f594d08d6d7903c6c7cf417db23d6243e7a09eca3d784f01c9da397560a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2269a2452aa046b63824067b928b8ef4

    SHA1

    1f98fd6b5253f5fe63830ee2a86eb3b8d0b9fad0

    SHA256

    f45da2af9f29ff8cc24e9ec9c9e1b423285a0663ae2020595e4ce387fa81c339

    SHA512

    b2f79d73afdfb6691d2c6fc1c50cf4f400b2d2c7db864f3c4054aa7dc6dc23fde47d555a4de8b8ef668eda3155aaf17b8b96ed6eda6de6961fdfda5b235b3af4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b84c3890003b977678d03419f2376577

    SHA1

    c0ed10667f501392ae73c43e38948470c9650641

    SHA256

    a3145d0b798b8e35636825aa9b78e632a443c1e02607cbd14fd2117e6463ac73

    SHA512

    19e1714b604a54b4505f1a83c16d18869976c962fb007cd9346779a66c4bf5ac65f370fe2be916d6660c1c8cfb903604850f65a8bceb25dc0653bebd122f2c6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ecd0a33b9d5665fc5f954aec3fa724ae

    SHA1

    ee87097f9fda4ee4eb65f403cb1e36568e9af12d

    SHA256

    b12529ca7f91ad3f0c0e896c058a49a59fd8110819dbfd3dbfd45e31e916a753

    SHA512

    605afe46f3e8990e8280f5d3fea33364c0e422dba67f0aeaa5b929090a8d1c1b258e84a7b0e05d529a8b5b27cb6506c1f55c8a9efc6ddb0beedc47e0add5fb5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d2e7305764aaef646e7578a2ea3c506

    SHA1

    70c968a44b1f56bf956b5236927232935f6e3489

    SHA256

    0af3bd28add6a03f2727591044da22c07a7a28a02db93e41b50f9d2ae6143729

    SHA512

    b51df921bdf64c97a1f2b43133bfef0acdc851f735caaaddad90feeb57a28378cc4491de97612dab8b051c461b3535e83b13aa760b9d19a41d52a2750a6d3629

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9091975b4dbd357ccd0df1379a8fd60

    SHA1

    ba1fe14fd446e37a57d425fb7835a406f5a9ae6c

    SHA256

    903a59548d91831f08b5f670a2c9937286f5643bae7c60850a51db8e352b2bc3

    SHA512

    0b2af18eab0ae0841a90d9e585ddba7885a47e3daeecc5b4ba3d5b94cb743651550ace4702202d7b0a3665f59502a83ba99c382fa91961569e1d23975d89d290

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa7b0f7cba4aa1463cf7105944e9f664

    SHA1

    4bd5888aa7f7a2b7b9155f88564549b0ab0beb94

    SHA256

    c7fe2e7b3ed414b6e583e51b97059d4904c3c636d74d6f48897236c28652ab1e

    SHA512

    1f502ffebc65d4ac337ddd368a91a1474bd9b97ab2026a98dc95b970cd20c4f4aabdd8e66867120f19599af926626b6811c7de0334d3baaedadd83ed08f28846

  • C:\Users\Admin\AppData\Local\Temp\CabD9A0.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD9A2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b