Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 08:36

General

  • Target

    d184367502b4da1ad8facfcfaaf39c28_JaffaCakes118.html

  • Size

    4KB

  • MD5

    d184367502b4da1ad8facfcfaaf39c28

  • SHA1

    32a2b22b46cbcb1951de89949fb98a3c518df01a

  • SHA256

    8482bc8d2a07b046009870845dc40372c0b4aa07189a1a60b28f96c1ce37690e

  • SHA512

    bdf5ef93486cfb1c846f2459d126576173b61730273cd5b523d7932299628a61bfc9d483f0ee5d8950b0e1aacf39931c660aeedac9283c383a4d8dfe56d0cfa3

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8oygh2nho:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDa

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d184367502b4da1ad8facfcfaaf39c28_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fcb948e8e38856e1b3f9fcb5b8d2581

    SHA1

    b32222e412002a1a5ea9b3c78859d2aeab93621d

    SHA256

    adcdfe3b7c835b27608b3358561e6aa929c1859b0eb9426d61920ecd79d50dc6

    SHA512

    ef6132af525be664732116c549965197447d1aeeae6a3dd4da8fac03f4bcf62a85749d78e1b6a1d961bca127b5d3a20f722b88d9ac9fd5c9c496b8e385447f39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4af039475a9751f3b698822287473eb4

    SHA1

    655068f9a207dd05c5e5940fe071dc42d1334a2f

    SHA256

    8b2d0d96ea022e23debff6145f3eac860c28757954b0121da12cfb2fe4c22809

    SHA512

    5cf16a005499b8b32ba7471f44b293a785b93f5fef10bc07a3dffd197ae0526a93ca0a36aff18d9632e02b908d7291cf1aa30e1158f4a5c9c8b57ca6e5cfca0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77cf6dde1823ff3a985cc9a536a7f13b

    SHA1

    b81862cf2fa2b3680e5cda3259b61d97c9a1b2d9

    SHA256

    888c904e9e9381b01b8342e5ffeb2964a28396964d376dae2b285b2bc76590de

    SHA512

    d837ba3b08183653f2927f5783dc6ad90193dc45ad58e315821e79a9cdfa6c423b39bc833da24ee5bfb1405489ac385e68d80c9ceda15e49be0555e3acd86b85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b2959a810dee668b60e1229fd818cae

    SHA1

    9e05fc65b21c19d3970878ddcb66466b6b952d5f

    SHA256

    db25fdcabba2e4bfc353913c08afe3a3f0609dcfb1d3a0ab44ee7cff3d6fb484

    SHA512

    c9111a7c88b7d75978ec0ebc0072ae8c58e706653740c91165f426a65e10aac3fb4f804f8855314f6a6cbb5ab262edd8d88f1141f5dbfafd4ef7726a25461824

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63a9aea1537c11e15204fa69f9c6061d

    SHA1

    f3fccec8cb543dec67d1e6e645dfcb93fa6c0c68

    SHA256

    12891d74cf047b5d55c5175fa1d29d1550f1472912cdf10422147d1f96685239

    SHA512

    05a9bc592428a610694074e64b02747e3422f333139b34c0ca0af3da5193a9cce462de14d89db1ba3e5b26f32daf23e341d5d8b93310a9766566b92a28fa1933

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2a006e1ade4e633689b992dcd2a486f

    SHA1

    81663b205184fc60ee1eb118bac1edb4222cf3cc

    SHA256

    ca607c2e5b86a7bd74e75f2ea0014691942cb36db5571cc5676429a55492134f

    SHA512

    8d46ce3d8085e702174a1814768cef94c21c5bfde87f5f02fe5efca9cc08bb209db869ad0b7c5740961c56b6f1a10a4e3915b2bcb624a4d2146360e1aef4dbe4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9557d00fad5a99affa9ee3750542ea42

    SHA1

    d71988e4239eb8fe75c40a4b5c67d3fa9f615439

    SHA256

    8442c1c5131a7a64c1662b22ab1a01344e4cf1082629efbdc20925e2d4710b61

    SHA512

    2a97977629f01c9dc807007246e6199a7fbf7a5de3ae74431ba441acc9bd7f47965c149c8ae11cb8c8f39c01cddc29aecac8bfb1351bfaf6a4ee4bedd75715e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3ef4b15587391254f62dae4840f653d

    SHA1

    0713cf12e37ba233fdddd3d2f007d844f34f23b6

    SHA256

    88a152dc378785fff4934e0f1e637bb6e1e9d33ed15c06ed66e58a39969dfcb1

    SHA512

    188a4ccb40121d40109a78d8294f24d5798f00b9c7455ea3021f93d86eed4327316e5da3ba05c7f8c9e07c0ac1f9f82050f0d22938783dd65022d786a10ba35e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a064d70bc6979d649155f0bd18371fb

    SHA1

    d3baf38c2bfee758d330908d2a952a26d76f5591

    SHA256

    432b697c0a6411ba8227c2dd1af6c829730dbf194295e9731d66c20819d2fe53

    SHA512

    9a1160d31ff19d9e5479649db4fd0ba0cc29b0372383a5fa48fb373fe187a7c3a6d0b2d569b582d90b4bb4449947b34a12f53c35aac3bebd4551b4bec61c3be2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4093ad1447ade00cdd11a898b3fbf10

    SHA1

    2286ef89afd51fa6f983b4148dcc12286704de6d

    SHA256

    4c1673d521431a9ee9fd946bfb47f606362c80e3b8f1d4372bb74f546dc8c33c

    SHA512

    88b3fc5313882966433a5b990a8f889e4497e310032b8374fc0d66434ee5be56f14c9fbbd64db47eced7f0e733f08f41c0a0736c822294af4232aedd4ca39a8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0592f5312b380e7fca247739c077e081

    SHA1

    b282feef02fa53306b0b2002b81c9d538a195e4e

    SHA256

    8912c45e4935bfd833d31f2bb46f046fda57da5bd2dd34e3eebd2f567251fa17

    SHA512

    528f040bf16c6fa36722f5f9238b0eebb6dd88dd596a082e8284e729d32922aae08efe929960796115d249cccf1cd0eeef6aabc4c7be6d68e2cc4c7c53108ed8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bab637ee62d238fe932fdce4678403a

    SHA1

    bdfa607658ef070b2d8d88d8dcda0bdcd0ab1794

    SHA256

    3b4f7140caa9cbf739327d4110e2ad7011aabfc59f0b7ebbb4eeb5818fb937f6

    SHA512

    015f10165f8489f05a1f8f4a31c7c2d7ac6cb6771c0415046f489c19af949aa6040f878bf1aeabbaefa78c991ca22dcffe09c9afd008efe7196f39ecd9503ef8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe0c9780eb4a29736686cbcec6acc21c

    SHA1

    644529d6a16f46d72730c7a4b527d8e989ddc9d6

    SHA256

    c102766f9b1d7925e9e408c11c9f4858daca2ddae354d5cbc77dc8ae2c477e76

    SHA512

    475ec309cac89f335067707304d322b966434a2efa4e2e5b12b578353452f56d0ec336676c7aaba2682dbe9a0e8f31027818c45fc001a395a65c79d2b9cb1b62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a27918d22c5ec14b0d38631bde692606

    SHA1

    0e22ecd885407954e223d2d0ce37a7c8ce464b7e

    SHA256

    778b5911c6566008367fb8dbb7855592f8302ba517d58db1c2824ed25283a944

    SHA512

    efbcae7a94ade340a4c381eb1d149d4878c5e41bfbc0510b6300678f864331b2d3a5b8a60c82659fd38697842ec66c4023e24c6fcb9cb14ab25558b5adeacafe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a24cd8fa3d0cb4f331a6897d1e85cc8c

    SHA1

    2c9b3fb70cc4971c80b555c90e9fe76876fdb602

    SHA256

    5cd9fd4950c49b0e781ca669f6bcb535fbd6ddd4014b3cb0d3927fa3f3eb3556

    SHA512

    5093278019d3e187272f69aae3f46b75cb987c2ecde2cf8821a46aecc54a5feb60ad04f18614026217711f44ab4da058f9fc427342ae0ec1e9e26cc712d39e2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b49b8d2c6c3e9791fd3303f94a48fb86

    SHA1

    cbaa18223b8ceae7498b5f8b3d8627ab4c680a32

    SHA256

    4c28301aabb9fc18857113949612e102fb1ddc4f749604292c87ba8901d507ba

    SHA512

    c9c12a508881a14ebf746e75cc5346651630a5d9f44f93c22cf0bec857a6612a66057c39b96fa111ee5cbd523a009aee9a2e015bbba54f12eb24f33bec77840c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    958d3192f95f2318103edc1761b1ae25

    SHA1

    cdbd1e3272f8d3dea4db66bc2212907b1a236813

    SHA256

    81b50580ce5fa8d8a2124ec5d17ad5057a76d45a6bf49e75596ea5abda778e8e

    SHA512

    5be8c4bfac21bfa91adbb62690dc111d2a2db4b666e8327dc4b7db277fe8d529d1a32981fac4ecfc327f80fcce8d54c94082a7a3b1cd4fd52be6bb0f699f9cd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbadb3262763134fa89d214dc047ba7c

    SHA1

    dd1aa5ab3a8088cc5bf5e2bfc026fb2ef58e1287

    SHA256

    9982c8131deaecee630f236b4a9721aaaf74f04c43090540a099b04ab0f1dff2

    SHA512

    48b1341889377876fee74b4e9973c6e05416c843724d0bd983a9eccbbee22f93f74cc6ec40cb1538e611cc147d8391a5af97bffc36e020d56ee1020e8e845580

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bc4430adce99cb7c98c17e0608436c0

    SHA1

    750ba0c0d8947f1aa755ef5269bb28fae1e356b7

    SHA256

    b17b4642772fa60471738139273ef013dc56f6bb56a4e512af9ee0dfe0d65d84

    SHA512

    bf39c78a1ab795304eef90acbf825d248fd5ce62200a4947298d708ee435878189c915c2f0dabbb261463d5b614de1794c6d88891de068ab5e37ec98cd408f45

  • C:\Users\Admin\AppData\Local\Temp\Cab916.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar988.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b