Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 04:54

General

  • Target

    d11f3022d07c00c210217eb1a6b19408_JaffaCakes118.html

  • Size

    6KB

  • MD5

    d11f3022d07c00c210217eb1a6b19408

  • SHA1

    3452b7ebc7e78f128334180ee6ba0082fdca32e8

  • SHA256

    31079fd55f4eaaf7d5d0cc3b9bc1171d7c6e0488d584178efb83712f72bc5807

  • SHA512

    9b40a3ff2494b48d7d38c5998794253e461b7efb1fe96b99672e2547c5bf010f08842ed41f91520fcbc289cfaffe03a50b8e451277b79f4750c750b09aa56aa3

  • SSDEEP

    96:uzVs+ux75WLLY1k9o84d12ef7CSTU3wPh3cEZ7ru7f:csz75WAYS/uq3b76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d11f3022d07c00c210217eb1a6b19408_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9e1e72ae8d29e108bd8cb6afe33b05b

    SHA1

    0c917ada3a7f4ac29c3f53014597ae60e1242bcf

    SHA256

    db6f1020c0acec8863922a8bb5874bd1e3b8cb43227ca210452eca08047861f0

    SHA512

    75f793fbdadf507ed77b69793b223e926d24a95e700c21d50b301d5f8af3e2eaf4db065a9d647e9cf35e75c391cdf154f3387d6625ade0161af7ea4765a0b717

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b38500d480cb370f1174d3eaa5f486f

    SHA1

    6bb15ee50eeff9abaa65391cbd32c8fe323f6df5

    SHA256

    bf294514298c189107b1a999c25efbfa58347b4e68bdfaa12d69ae009c6d2f36

    SHA512

    9367ae6a14eda33856bb30b82de51d0bcc24fd2fbff8fc376d4114fd532594f519940100e5a7cfd22169f7828d246279e15bd7b8581fa5cece2404c86cc92801

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b143a29a55cdeb705698699013bef8ad

    SHA1

    0857d6e3e1a05d62fff2bdea582693974cb77590

    SHA256

    fda5eb0922b170e68c09fe201561138e9c104deab3062e20b4b62682310e4b74

    SHA512

    3c2224e76770b6592500751b9fa5b8f1567a80005807bd1dde8c79dd93926d940387ff5efb285c71b3d2dfdf35b29d191985d62b7aef017ccff6b5db09e459bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d3bb3f2d546f1b6dad5a97dfe7611b1

    SHA1

    4186e4d4fe7fa89d1b72d3cd2fd2a7ef75546751

    SHA256

    d70582abb1e30e7991456d1d537e92d72cc4ea0f06b41ae9481150a04a137f3b

    SHA512

    b95700b6a2b87f2a4a4981a51962e7657da9157743c363342e715987a0a10891937c756cc64ffdb8bcfd3208fb8a18947472083ca2c56e52fce75c5ef186762f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aced6e5fca039e771a0efe2d57d59353

    SHA1

    0c797f3a8004337c350293ae1d83f1ed1f399f04

    SHA256

    c91cfc65b908afbe662ddcccb5903979aad6f74b6474b0b6e9afdd502b1446e8

    SHA512

    782d873b710acc13698f35d228ac1a5101b014db48d2fdf1c1950177f3e2b1ca107bff3b0f20703d11ee6b7b44b4189deb5081303b32263cb4a2b2fd99f3984d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ee12c86a615f926b881a77c44ac4fb9

    SHA1

    4280c545b8018fdab7a376720c3e4270bdca76e1

    SHA256

    4fd2627762db36ebe4a37ac6b14b98d076f2dfa4f4d9837d5b7a25d9f3d6ba2f

    SHA512

    cfd53c87727fc0c1b4849cc4f2c2392217649dd7ddb5222a328409df853482277623412f5d700e8c1e6bbfcc02adaf3a792429ed58eda98bc2cfab001b40e264

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5e9c28c5087f729aecb63801fd9d936

    SHA1

    247f5e94b9796e82c56e871e878eec595690e765

    SHA256

    0cdb6aaa5ead465c5d0db063a6194f4311a64b20b42c4538986944e7f5c25726

    SHA512

    9d11d0becd92ddaa59ccbfb7aa0e00013a0691ebafa34ae66fbed7e40dac1cc2b99bebc11d730f0e7765ca701b9620ba8af1fb53fa9556271c90c507509c678e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b54bb69f10841742f6da7a7a5ca1f64

    SHA1

    bf8af2f278e82da5c762df07ceccc2bfad28ad51

    SHA256

    2ff405fcd4dc7756c53f711f3c7735bae7446f209d839bb19c3b687c0b5074b2

    SHA512

    0e289378d7c67b4326e1064f1ec42892bed4c8d047cbc4951f5a2a4a40e129777f04e93f5e614f2ff4bf344433219e26b7b7bece269bf28ee594203fd2009ad1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67bbdf03914b0e50843798c57807e967

    SHA1

    bf389c18aa9e553e509e1f3774180b767d09b946

    SHA256

    4daa0577df3d1a1f3dcedbb8600453489682146022f4947c5412bb8078ce2991

    SHA512

    8c7646613a37202b7579efa3f8e9d118c9b97062b7ca1bdc849f3b92aee9e828fe5885a9706da5b50496b2014eed000d42be169cc8c83f31b35032278ffc942b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46e2de2a518da62101bde0b94caf2880

    SHA1

    ad781c13628aa0be8fb8e86ecaf92adc737c8993

    SHA256

    a747c50560939fb203c7cc415daa2b4039512e10fb867b3eac0abf02b1bf827f

    SHA512

    089bc7fdc5887993120a2cfee9fa47e3683ae4dbeb2cccb296e8c4b071eccaa9162eeb9504b552485547feda472f8357608e45321faa203a5a567330cb505a0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    033d731ddd053fe7356e9829f9a99d54

    SHA1

    81aef520e5d9fd92d40d6e24713c27f03f1fc1fc

    SHA256

    abeb6007fe61d9375d741fa977c088aa98d3010800a5364fa8e9567e5cd2b3da

    SHA512

    a862d187ae9a871f63ee9699d46af1ca7593bd755477560a7eb161f32f766876f299700344bb4e82c87a6a98f538353d0f9aa5a82d801f2a7556d18090128e95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1e2e3e2e69f090f82af861bc7169d1a

    SHA1

    66dc5176e6d3a40006d252e9a8a43a8ee956e310

    SHA256

    1a18c555dcb06562fb7ce3a6f5f6542994f80826ba57b8f82314eb6d40540684

    SHA512

    5a1fdf46b60222971b969dccd7e26d89390278b67f114f9b42edb193b115cb430aef23f886ba80758e08ed8d76960fc8f8ce09757285dd02a142bdbaa4649c5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7e592ca707a377bd843f9f8189c03c5

    SHA1

    c42b6d8f9296be6ee4b96659e415ed56a68e882b

    SHA256

    bac343e21ca4fe2afe3af300b81fa68098c86becf8ca063cc6f479589b2e5406

    SHA512

    98e20efa07b68599a6c99b29826015841f8077e678fe0cdbbdf469acf04c3e6eaee7023325c43c5ea5a545a97acaef361cf909daaf9c6627c7c15f1fc4e5815d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22b8d2e88fcfa86ec1c233982ec5633d

    SHA1

    989354db11a106e5a2c0690fbd671ece065b309a

    SHA256

    776906a70a4fea5040b1c33362b199e4a0cb7226592f39cbdfe2e52d578740ae

    SHA512

    5c89b7c5ead06e07e10cfc74845c6a8f803e7272f387f130f774a22cef449c244d705666f852cba5b646cb93ede42627cd3aaeca854cc06996f273736625799b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    386bd4472d9cb75747cb5ba080fc2d46

    SHA1

    d2828b343538f420e2628fb25349aa725caede07

    SHA256

    a88fe039d54b8e3133badc02c1b30172e4dade478409b9bb631de17d40ff5f8f

    SHA512

    c993b3bee2916c28f63767a268ff161aab5dc25fd200df3d1ba52888bc0cd5a41a621f326242004becb1020a5261e44362ef62afc28faa192631b32db896caac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a4095082ac22d1d50291e3d7f51e5ab

    SHA1

    e13446171248bd83b7d709f55d39b4adf5541b02

    SHA256

    2a1c6da55f8a0cac16b92021d8b6b168b0dcede874edbb6f549b090fb6070fa7

    SHA512

    0fb9fda939843d0bb1e4bf3a1ab3490102bbaa27655f5da94472f6c578c5735e0e3d5a665ae029176c0ec84c0f70d0284dec77e389c87c4c2f144ce12c142d06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1101352710ce6be86a356228526bcd10

    SHA1

    5f77169520463a8b68ef3e4550febb0f9eacb6d4

    SHA256

    6c962e1e29a2ca2ff6f3e2cb7419327ddcfdb937d8e33ae424f21baeffbc8305

    SHA512

    5160836b1937a4760fb5d1c57af2f2731a959d946d9a8c02b9a85e20859658852a3982f08c4b16f7421767ae59f4b8e87d36d7ed7d2d509c84cb43a7a78f640c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a22ea693d0670197fbf610aef6164e75

    SHA1

    c8806e05fee7e7cce7524a89fff020e257158879

    SHA256

    54c106c950b2d7da5c40d563aebffe0e84029e9f8cfc183b096141f15de8b6ef

    SHA512

    d84e1d4c5f99ae1e2fa7ac764aa6d65256cd619f154091daba0fb469780222a40dc577c964db5701494214a1bbdbd8a8d0f84a9c8f0bcd3e608757c12f5e19f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e53ddac4ab601d69e7234c070a1250a8

    SHA1

    61557e5dd7cfbff40f284e49fdc088acdd5f6b3f

    SHA256

    ee4cbeff611143611377b5896e2a9b6cf1b1236a81f68718d79f2f3a7bdc9931

    SHA512

    8b7a7462b854270850d414a33eb68565cf59a1dd7f23bc70dff8c656312c9df8411c3583360ab1d4c1b92f6fe5337439f06b78b1e226ef5dd72cf50af64899da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bc6c186b10846e4d4fd61b4e3f69c54

    SHA1

    45f73aed56731f2e16463b095a262a18ae5ef34c

    SHA256

    abd8f117d6d7252881324521f0f6f9722acebb80c8e58d755f8bfceef223b771

    SHA512

    dd59632df32057fb095bc225e5b8d3d8a73240a6309098a7c9a4afb31b74e5ebe360912f9bd89f475e447dc24e341091ce05ea261a0ba776c33a0f4e3412021e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfb9fd46a93d5267d679d88111fb502c

    SHA1

    e3807f7708a5b64e5f246de1b7506c568e7b54d5

    SHA256

    ae224c00bf122376f8d4f495fd633b464f9490dddd79d104b39a0b4b46e95669

    SHA512

    338ae94789d77e9fdc32df294996f5388cf06f43d927c7a5e505104697044c3de093461eec5905038ef0554ca8a833bbe20ff71035f8dd87e41ed7c89ece42ef

  • C:\Users\Admin\AppData\Local\Temp\CabBD88.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBDE9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b