Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 23:58

General

  • Target

    d3192350829443c7b3effa47331e3a7b_JaffaCakes118.html

  • Size

    4KB

  • MD5

    d3192350829443c7b3effa47331e3a7b

  • SHA1

    799b557ba929ec4ccf2dc159a6cc5334abe8fd4c

  • SHA256

    e028b541dbda1be2b3228b6e579cc3be1a51d020372cd733bdad0a039448eb92

  • SHA512

    3b1008a0ca0c7fe8b92571946126c17e522fe78ad07bda87c7daa1660d56a2a5686d4677c84d89bce556231472f75a1352e2cf478d0d7b79e9090e932ce66748

  • SSDEEP

    96:rf9seakGiwLsvfpFFOxUEcvBUqsOeN0Eg9jag0MwU:rf9FaL7LQFIafvBRlVEg9+g0MwU

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3192350829443c7b3effa47331e3a7b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    897276cbfee1011332c268779bd17760

    SHA1

    fba71349f75b62c1fa9b4cd280b60d73cc0dbea9

    SHA256

    8ce15d1764f0abf8acbd48414bf91e1a2ee9d59387dbbff00b037743e837cc40

    SHA512

    ea0f0ce0d2000f143ce9709a67febf8559b8bc5bd50ea75e5b2b75aa14b8201bb26ca84d238403f7d9cc613e9d44d3335b369eb55a7754ba177c47da00111c93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dd0b2a2ebc1baf20746bd5ea6687891

    SHA1

    0b215450a596c058d4708f61f44c761debf20971

    SHA256

    e001d94f6e79d917d75a0ac8d041b872fe5d847b5214995ffb90eff030430eca

    SHA512

    e06295555e0edf6e7286fae8e5300bf21acc925d494dde35548130495b96e7a6b7e738e599dd1e6be1c6a19e7e56f5a5c1d53e55058206654e2f27ab92550264

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9db9324a7117830dcc98799ae06149f6

    SHA1

    730f1639e115c21bbe0e8a16a6562f6ab9d626b0

    SHA256

    669f67896ec19cf6930943ac09e781e19722772f19c18f5403d278c1b9eb39b4

    SHA512

    9c0edb8cbc60c297795be934aae52a221166be9f717f469be825cb6b601413095568240a6386eec53419b594906af560d50bf2843ac3ad8701155cd0931de7cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb93bb60802e3fbe3361629016b90b3b

    SHA1

    db1ae590113133374b715144508e6072b4a88492

    SHA256

    d9477b95dace9fdf8aebebf62b79085d62e99c2977af0bf453383a7f94306560

    SHA512

    c46740b11f3e926c1d6a1b8212544c7ba2dea8c951bad60a0ba06e2e711a6441cb0bdcae618ca3572585d56d42a7d49ba2cbbe76217ef0099fbff3bdb197885d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    775f9a8765ec62b73516e80066a93069

    SHA1

    db7d4a026ca59c5b6f12a388232247e7d8a41faa

    SHA256

    aaee704020620a32b04386441011565772b3e9b090c629a8ec86571eb666623b

    SHA512

    0c3c15f3664081ce31145123edf92b544b11ee9163866e483a79e98c47c9223f08fc05f8372209efc80bcba8bc9f2b8892f7dbc4f21eb3f3bb43abe361beb3b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d653dc09a3cb11cfa3046072986c54e

    SHA1

    ba81c8b00fd510af67e2724f6039a4900daf81da

    SHA256

    df34506f16155adfe7dd2cd1e65abcce232ada801e2f8a8a44a96d6b94f58f34

    SHA512

    b9b7e1dee30cd145e812d2eb53734ea3e486e63e31a14c3ce6a23266c0c675b9675d02b4f27257c544565eb5784efa8b8a9293c509dd3794b012d5c39966ed07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb47d7ad77e6e4143ea1f254f1f53ef3

    SHA1

    7a7c92053b0660a5cc4841426f82ea0d1e2c605b

    SHA256

    280f36ed3ce7bc2628b3fbf1a6428136af08d0fcfc9cd52fd728cf9eb8b4e184

    SHA512

    b9ff12aa6299c054e0b574960961e0386ae908d3d8df8f432e0327a967f7000110ea85e7d403e5298337a52eab8e2c644a170a6b50aa93b13bddfd539545a017

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80b1271ad8bac8691dd9b2a5b15ec750

    SHA1

    562596d3b7bf0d9d85f1a4a6d6d632c53a6fb26a

    SHA256

    926a97c404d04a811e0dec72c90c5f18eaa3aa8b9cd1214b371d42bb77d92e87

    SHA512

    d34fac4221983d581907228b6332ea6495addbfa6b226805d43c1662d2f40fc2d7867ad05a8eee19970d5e2c31662b0a481c0d545895665b28bf5d1002b69e81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    321e92ae2d57063012f450b09f431368

    SHA1

    d1e9883bb97b584b41140b68225503bdcc19f1b7

    SHA256

    fe59e17fa6d8b7995ea2d1ece342e1cbd3391a6be20521c3598ae05b90c3f791

    SHA512

    4e8526a04e1c30ea101b2ea2011e24f273af80c65362765115c8f8c57d2e3d6dc53d610ad834fe4420cae3a544dd795eabf2686c8692d7e342c5c7fbd4996538

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0df841d80a505e23601e3647442ca0c2

    SHA1

    cbd21f61604cac1aa69911de5791ee046e0a2204

    SHA256

    fc887e5320b36809145653dc2b7c4227132108be42296dbcdde92968c8e8013c

    SHA512

    c8b42223f41cb69c39a163978e3c34097a7eaa39b43970af6249737f9c054827e18ae0d4bf9cc2fde4e798b39f1e3846043e85d2376adaa49763dbf2b7320dc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb185c9f71172ed691212949ad9b3d91

    SHA1

    809369e4417cd0c9fb3f7cf03021ddc443ae8de0

    SHA256

    6a475a6562ec9640fc8606876483c5dfe1dbf4da551d7daef2a5e71cbf2b1fa6

    SHA512

    ce1ea2b3fe20f0b989bc0b7f088aa2e1fc2cc026b58b6434cf933cfafb494926ceb3c9b07a4a2acf574c5c88f8cb04b29f316afe901e03c36e001c4ff65d998f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bf49b812e0fde7c6e9f12ac1e88bd2d

    SHA1

    d594b8c8fd360cf1f0f4bdb6f28f5df98cec604e

    SHA256

    0366686847cc85221516df4806d04bf48d028c30dd2a60b976c2657bd7fbb837

    SHA512

    96a6969cd6ab4b2520bd63d34f5d5ebf93b098b574e2e31461d05e60f3a1be58108ea10df8d07c287c5085d461924c100793ea8cd022817b15dc6674c5f5ab92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0b73899fb059d9af020d45ba2ee4b47

    SHA1

    25713acb07604a5f05e839b9a6cb0c37b9787d6a

    SHA256

    4e2b589c40e16b35dda282f1a658f9085c470135f8bc1f8c100d2d6323d5b13f

    SHA512

    e1f43d86a2ad2da3ed5d45087a98e4347d571a135c8343be6b8bc52bbbc0c34023ab409b83f4e04cc81c52843a3e7d2cac67d6eec386c3c5d90fa28dabbc8e99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcbbae257201b12669726207d1217cec

    SHA1

    8a8d2b955098df29d4435eac6de5362bd9becaf9

    SHA256

    e5518dfbeeb35925c49c06493c97cea69becbd5c8f79f3638f1b8b679adc2585

    SHA512

    35ca3e75347073951d2a0803bd11e7b3e9590862475d13bd5c91debae9035b1ef46c10f340466cdb1e2536310d5141d9df3e3dd68860b1f6560ac1e63d01e257

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1facee3b59aa1689e7124fcd18dd396

    SHA1

    14753a4aa6b0d6f941bc74482f3f5f242c4c8732

    SHA256

    baf3a2eca4ecc6acaf05df34165601185b1272a0ff3b7bb4a995c3e5f09c1a28

    SHA512

    76e8846f9267c380efcd948da37c01da2caef22cd1d9902841d24112a985cd8760bd23df82f33d228ef82ccd06288e742c692a81a619f2ef7ffcd8185648c444

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36629ce5ccd1523180b466a867633cbc

    SHA1

    52676b330cf9be64621fa621c6e0a90f1f40b22d

    SHA256

    7b4876640d77261c697471d2c7074502db46c22627d134578b5f77a4e6878730

    SHA512

    c2497fa467788e311b21d5a1a59fbdf59c4be02aaa302729600bbd2671428dac5816b00404a8509a68746838c7254fa758d222faef03edca6dd089bd0deb8013

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6354b22b5da010dbd24be96e54920422

    SHA1

    3172c8210429a9b70dc6ce8c13c3d372cf7458d2

    SHA256

    13d4b836985d47b040d314a321c78b90b763f8500930e27376add032e2efa4de

    SHA512

    dcc6d0c7457cf128b10e7176cb5e0618cf1e64df429069f5f16ff8bef29ed9652036937d2cb69f6ab187c63e84d73ebc63c87dce0e03902765c0eca0de640f60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19dc3f67a18c2ed0ac51a83a59ccdf95

    SHA1

    96c461e40658a79901f77d82a8194c05971582d3

    SHA256

    76842f6816bbcec87246def253c2d19c08679167a2afbe366fa42d99e4c83b70

    SHA512

    ac5ff9fc0df0edd0955181587883e7ac6d09c536cdaef4c3b4b2b6ccbcc55b648d8411fe08a7c0ea9510fa8e08631468d30cb0cfc5e4b787d42445a428cad076

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17c9337536fee72476fea3f9bf7338c2

    SHA1

    5e6f52682e7a3f67bec62054e477de9d28882e36

    SHA256

    db8f1f276b34b9a2cf0b297c112c2c9dbbbc2e6ade76a7c01651ed1d924a8bb8

    SHA512

    6bb03f13df2722389f47d589888fcca262f19fe831a14b58e27a759acdb313784c5b613efd845ab49140461d34833e62f8bc6709b87845b8068931bd571296d6

  • C:\Users\Admin\AppData\Local\Temp\CabAC39.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarACD9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b