Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 08:59

General

  • Target

    d18fb16f199e1fc1e4494fa87a37543e_JaffaCakes118.html

  • Size

    958B

  • MD5

    d18fb16f199e1fc1e4494fa87a37543e

  • SHA1

    10377e4cf291c4141c7e5ccb4aac2418316370e0

  • SHA256

    df84c8fd7b45da04fa7989428970399969e33fed8f0f0257b451e7318682b94f

  • SHA512

    803ffc6c04632b292f5b6f5190fee0681796f0f503c2660b94677e7bd7b60c829326c3d71c9afb2105a6a785110b67ca4221627b88db012f4e405acbdc26aeee

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d18fb16f199e1fc1e4494fa87a37543e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    824eb300df6bbc1cd801add7e8dd34e4

    SHA1

    c36531051026061df42fffa39f0816fc817b9728

    SHA256

    a6e1619a169774d562065bebe650d81838e29add0069354da18f8bec9c6c4ff0

    SHA512

    7c264534e739c6a7e6dec569f1e0c834db85c0d2a34bb48d0c79a159ff2636eae013e776e6582690bd474eff9d5dc49fe16c9c9987aff262f3705f8c514647fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44e4dcf7ad7d863fcdc997de764571c9

    SHA1

    1f57f50f61f4ea49896e88bed0cf322607869d07

    SHA256

    f5350c11aeccde27e4f0194049087387d5e21626643666cf64ba27673b1f9a87

    SHA512

    d83483b4ec87163f8ed58a00440e86c545894bc464c890f550198f2906c658131d3464c6cd337364d2931a174a2879d16775b74def8c37b0b61db2b9815d37ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    052dcc3c6c23eb4854a4efc40e99c62e

    SHA1

    e6d40740a274af8befe847aebbff7d3e358ab382

    SHA256

    e749c6412222c2d2eb27a7f466b5197f228d4d52c033c65e3ebd4bcb2470ae44

    SHA512

    6962b59fe6ebf4ef578b15f52508413256b9cfcf0905b6173876d264ff037b092937d63d2a079dd8aef230b7913337a9c711bfa82596cf82b031c799d683a719

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6ac7c374c64275f3b2fd413dc616cc8

    SHA1

    6e01811c527581b5c0d34d79acf17869bd633370

    SHA256

    e3bbd2d70c3d0112ce0ecdb09295f77613d4cce90dfc501976ed97f5acaa050e

    SHA512

    ffecfb26ef94799618ee3fa3e1673f255a87dceba9c27974c4dc835d20dd1341d023e205a1f7fa9502c2dae2389f712618b6ebcea4109cf2dc1f2f3a4d34160f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    638a29f79327bbe8a6f2c2b38fc7d336

    SHA1

    365ea8af43b9471542188c2e7211e37ffb8776e6

    SHA256

    b3e973302e1736f6647f280b191cf52efe96af27144d8549f29aa92d0548cbcd

    SHA512

    84dbd844dfbeb4972fb0a4ea828d51b55cd5a1c8902e92cf7958625ce4fc7c3528d417c9df642e2c488ee41e417a0c7f57ddb93e522681f9cd65ac8317910cc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2aa7564e5499949a77c52fa36058eb1

    SHA1

    e5c8911aaa48150b89455ae1c523791bb250746e

    SHA256

    1bf308d750faa6aa15db8051b5f6ff4b26a7c38e07ae1e11ceac7571ae749b03

    SHA512

    d1dcb9e06921bb7d710fa0c9b05230bcf571accd4bec1f3029ba6f932be3d8651fd329a2996d5399efc6cef6c3a0d18ae80fa874feb6525acb252101fa0a4a68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5707c1e4748f74851f5bfbf0630b985

    SHA1

    ce8c9b3cb081318f8e6a3c80ef4703972e1903d8

    SHA256

    dc08c550e03e1b649f9b99cb5dc3a163413db243c2816d555cd8399cd3544c8e

    SHA512

    87ad4428bad105bffd4a81315adf8c5e925fa93fb4c7c7450040950ac32fe846fb330792c0f964899bf1193d60cdab73f3b6830deb35148b59f4ff86572db5cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63f4e4ccdd986a78bc2d73cf437a9ec7

    SHA1

    35ae835c3992c489afa72ca6c4d0ca092c460405

    SHA256

    fd6e97b8f116b79804740527912964a22afaae4afc702c837238743fe850300b

    SHA512

    1b159f65877eae96b8a7e4484c0cabab7fcb2353c0b9fc0aa42e680dba3c6cb29b76b4099074a1af7f03bc1e47234740f9dcf3ed037f265e2b50e92940a70509

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97caf9bf2f5a2af995a11dd7b569711b

    SHA1

    e246d1ba509156e72a985040cc99cc74724fbb82

    SHA256

    14d62f4aab29c8d251de4439cea7151c25f7ce7db4c815803edc2fd1e5cebaff

    SHA512

    b17481601d23ac5e6105de3c3ad798c9bd50b92be3e2f54c2443bed35ae5d1ce19cfead54d244f729a15826f8a3b30db881947668f793e79d2c441daefe54051

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    743db8a396c70873d512bc3a132a9157

    SHA1

    ee1c7b6193fc1e6d3867f7d821284813039072cd

    SHA256

    cb52cd78c9e117303eaf419a81bd4e1795067f8d2b35c5b621a1fb95958a7ba3

    SHA512

    2df016af8e55f9b89d65f503d117db4b02602b3490c9a8dd0c3265c072dc9ecb5c9216b7e79895ad49006d887e1580e6aa5f39a839b5b81575e7f650d36f3d00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f221f76b2bf2ed8e4602b08be2c9f013

    SHA1

    04b5c9a2eb2a5500c14843d1e32b12258318e66f

    SHA256

    9f4a884ff4f8ec18871d84fc65ce17994b5659fdf03168cb649ba8ff05e828f4

    SHA512

    417b0f0ddcc459edf1f1c4779b3f64dac55151e6327cedc1cff025d8d1c65acc868e3f34d3cc914d783e8c691f6e23f1b2101693b88e7128d13c6c4d914ec075

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b58c52d8a2110d5952ac3f0de3b219d6

    SHA1

    b8762eb944ab27b9f4ceb97cdcaa46fd4a15829e

    SHA256

    7fb92c7b93ceb8e638e321be631151c58addf2a1e1df3e9ec8b5b1d3e75d50cf

    SHA512

    31d06feafae3f982b2ae4c3598da94ce7bb624b5ccf8ee46f7b67336442fb319862a9fe4d227228365fb0cc1706059acd2aab1087e395e051bcc093042970ca5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2da800c7fc47b7d743da8a9a693bfb5e

    SHA1

    9d98399ad72c60604eaf85de1d95932f0aced3ea

    SHA256

    3174d8dfbb1a5ca0ad0969c595001046bf98a4e8a0ef7f12d6fca068d3c93c9b

    SHA512

    6e11e08762a202cd24ac266e74a5e5cc723b2672f5ad35480632e778bc9cb7b564b77a37460e0ef94966f270ca46c225e5fcfd2e8144e90ad80f244d366a59f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a2ed0e7703f61bdcf028f03594d2e68

    SHA1

    0d8da8a199ffb6b42f87f97cf032157b0293a1ad

    SHA256

    4c4a40e32a5b1b32f9afc9b401d6cd98a741f0c0a38788ccf02a4622c818dbed

    SHA512

    828d7735d2a9c719a92530e8f20b39445ec629e945cba5b996e6b4c63e8d138a5e5e5d7d11c4ef4353cd2cbafa68dbd88407d44e704cb17b5851658860326266

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9a2fd2ffe8e51038fddbd6fae5928d5

    SHA1

    2b52cd7a367d65ac1642c0da3a86993ea4c1aaa7

    SHA256

    51fc604264bc0680060ef034aa2bfdbb5451425f946db7027f2613ca9114823a

    SHA512

    07c93ca1cc5ebef89cda65255aac66e02b62af718115d4944467dc70e24fc35aa00f3b179a4f3d3f8e6837a0ae28db459c557d94ee4a22656dbc716cb2b841b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    445399bdeab77418180e07e671aee015

    SHA1

    0d6bfdba6d97aaffa8375ccb955e0865bc5956ee

    SHA256

    68910bd03cf8f4b8217fd9af5dcf555a44aa957f5153e37fe8e75fce6809ab7f

    SHA512

    74ca7f11b3a8b45aa48971e5df34e4e57ab54d8eb1d92296511dc71850a2dde12a238aad2236d32b13d5697f0535416e69f5a0a8b635898ff85d69a9ba138540

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8cf5fb1d2c46e59bcbbbada42b96acac

    SHA1

    4c8973de994e82e21b0d5665409d472210543bef

    SHA256

    6df1d12d2a6c16f475fb8e949c8f73e7a3989432a1e70e6f92b1e0c47e0ff659

    SHA512

    a0ff23eacca28a43ed04134cff2a57cf315f9d599d3a290644854fc33958a19949beb8573cb372ddadcba01ac4d30a1988761948e43ddba67990e9f223096682

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cd6551bc5d3a6ebfacd19b5116f0974

    SHA1

    df7050bbc9df78f0fb5c9bf81e5e29ce1e9bdb50

    SHA256

    cd4438439fde6434d2f0707efc0cdf1aedc2eb5dd23d5aab046e7de6820cf82f

    SHA512

    85fd8ab56fe39f5c086c78250e605d3f0cd292c1b98d3d4e844811c2cf9fbd3c70a67fbf144cfc8c1f53c315c3bc69f75163a1efbcb02dfdf4174edebb0d45e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    189d423d8b6c8d52ae416cf6ba3ac6e4

    SHA1

    2a8b7a4c4ec7878987f40e315234742b7c6fc1a7

    SHA256

    61a02af8c981a61fe6d1a5453ad508834ea094542b577a56624d84bcb213b9d2

    SHA512

    7dda9990ce197d8b9df54cb9f98e85989a7f598478d3aa133c459c897827e181c833f153eb62944003ae31499b2b2edc48ea452f7b75457ce6c854362687ce92

  • C:\Users\Admin\AppData\Local\Temp\CabFF27.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFFD8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b