Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 14:46

General

  • Target

    d22de0c1489056db7ca99645e3982577_JaffaCakes118.html

  • Size

    461KB

  • MD5

    d22de0c1489056db7ca99645e3982577

  • SHA1

    9b3a5f6a6d2880af8c7d46c991ffd6a3e55f12fa

  • SHA256

    2e2b294bb90e83fe12a1d521b82bc8359834254f1625ea142de556816d76c072

  • SHA512

    786ce883193d892d079e6255cf0f48727d940c2b0c18183e492210763f3fc34082e6c87d50300c69152079993df36993410fdd26bc6d67f0614e31f20a2260fd

  • SSDEEP

    6144:SosMYod+X3oI+YZsMYod+X3oI+YvsMYod+X3oI+YLsMYod+X3oI+YQ:r5d+X3f5d+X3d5d+X315d+X3+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d22de0c1489056db7ca99645e3982577_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b2db6f311bae70b0ab39fea4284a47f

    SHA1

    07a5268ba6b32ccaef616128b61b46068be8f988

    SHA256

    1137b61081b120967981ecb3750c78694d6dc4762540253bd3b0749857c4321b

    SHA512

    d18672f8e134d5dee323dc0910dae10eac1de6a81f55e659f3576c8cd76ed3aaa6d3f3d7e3d9eddf5a01bd93001d14f31e956885c6ad91db1c4ed9e309ca0b37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fddcc71fc1ef4037440190526daf0f0b

    SHA1

    fab6e2f110dc7045bedcc829264b891ace7ca6aa

    SHA256

    bf9e39159ade1efc6b13682092464974349edadbe017cb07a52cae3b8dccc2d7

    SHA512

    4f04160cc0f5c1f776e5c300cf797b193e0ed9033d876c3096d0a09634028ebedeed4932c143b0decaa1ebcad4a05b0a0e9f023c765d227262ca4e0e64c55fe5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    043725c799b001e7d2d61afe14db139b

    SHA1

    030e6419d0f839d92fa59b905a46f0ca441b6180

    SHA256

    3280a33cf3c3bacdcbc5ebae0e62205ff22a2d67cb7769658b327154bc94d804

    SHA512

    9a6dd6556c724fafd84b28932fa9e5bccd58ee1938315a019890843b8a89bd5fe7f8bf80028655117b02307f4040e6ce3bc6e271b60d24fefcd6d7432516dacb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb623a9b8f7ae25fb30b80a030b9419e

    SHA1

    f1404f56e928c8dba42afcf3ec33e8760fef38d4

    SHA256

    01945d6669ac6559a4482f882e487c926631eb337aaa8a8481fb72869fddb5c0

    SHA512

    c725595e27fb9d268891f0e8b469e663e0755636448a9410acfa13331555d7e2ba7ad7335eb0cb38fc29c6426ac751505dde031ae9eefba250030302c9796451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    804e73c26842bc8c5a9846f3ed4b3680

    SHA1

    d0aa6bb4a222b7a97460aa13f8bf4fb2d4e84ea4

    SHA256

    4c4869d59197276ec3cf0a2f6f0d0c46524fdf957136997581fae18437357f9f

    SHA512

    ad0abab9a5818f753c95eb0a3ed67332ed1af5161baeec7058f6e9fac83ea486e0e7c355478650b467e5e228377f0fdef6660011a5dd9942dede29fa115c6da3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    986d660ec603890a3f5e4c20c46c649a

    SHA1

    8639f61063ca3b79b6b2107d97a23c48893579a5

    SHA256

    2b38c193c271ebf30c0ca3153f085a10f40f77645bfb7d4a2f02495e518f6729

    SHA512

    edfa623a813b10b6942e7d1878a5f7f7e85ed38d3636b4c9538af2d68c93f1c3c6f379c2a2f23e7149ce87fd1c8f9c173d18e735041b64ac5f160f14f852c388

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c099ee70a6c9008e0b97f77fe311acaa

    SHA1

    379a08d3de5f5165bece9c7cb440ed0e47a99825

    SHA256

    985d55595ca0bf08df4df18507608dbee059d3e80e70380ddefdc367cf575687

    SHA512

    bce91f087275516541294b14adcd2bbcc377d27d0520420aecfc2905723894a73889f1033898b8b8a881e171450103603993c9656ab66ba2d644b5a6711cdfae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fba9d050b177f98b69a3e2571a4bfbd6

    SHA1

    6cda6fe590ec0f22c3a4314292d4e8d4b39dc5ff

    SHA256

    a381508fcd8af337c755a3eafe924dc52068e5c29e1295ae14f3db07acab87c8

    SHA512

    abac927adaf80cb3b7cdfde972c57cae5ae7cf4b6adece7962bc7e7e709c227e8e429b3dc9615f22545fa40a2caec33c26249fa56a2344f811374f74252b052e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a5a4b9d8f3b12a06cff98eefdfb5ef0

    SHA1

    13b65a57a8e8df94cd2ae29723d4c6368b37ad61

    SHA256

    d83a646f7b95d4deeba4ef906db6b67d8b647588e7ce43d56d39ed1be14c0e0b

    SHA512

    50bfd9a11659a0a2a18afaafa8f2e899f28a7780024b1fba7f616f2251e39a7e3f4b7b6be28c6c1fb9f5d8b29959cb9e22094748621a8fd9cd6ad56edd32071d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f4cbd842e7186da7fa496764e6d3f2f

    SHA1

    4fc160fe0226ec974518dbe56078d5fd4d1fa729

    SHA256

    a8b0216c4e4cb982068f83c1ec2b5ab9b6263e633dc19bfb658f4165f267cbc4

    SHA512

    6398f0f41c65c6a1d60576319849fa11d3301fa6795f8e11e396857563cff5f41a19f68c35c2d1d8ff39a3a745d5683992ec747f41c7542761910a0c765b1f98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    054c934a1e7f90f8940b5d8b7af4c74b

    SHA1

    d52d976c33810c7797ed968fcb94673720a09e64

    SHA256

    9e8255f5e06efa8dc0c333b08b9ba40dea76cad9ab4b73803b209e6e03a93738

    SHA512

    a5d34530ff7fe5cfb162f1ae012927b1b8a39d552ad183809ce5dc392978a5f1674a1f05432e2490ecd676d36b3f8567652d03c41151929d7afc40867712a555

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91d3364e5b6de9e697ffd4967633794e

    SHA1

    bdb70973be8c3516d58ea9196d1cfc1eb8ade512

    SHA256

    91311252520d641f90ab8873ee9165fa28ef09010733292d31e646d264811488

    SHA512

    0616d0525f6ec6d4165a5cfd12f995456df668f0bda538da13b66fed60c830749368251f2feaca62154edbc4c7220e4132e77c1d9f6438548814f9c31dec92a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c263f91410b8d87399ba63989fe63af1

    SHA1

    cae4cb73d99748cd6354b90f26617086d6f2f6df

    SHA256

    5ea9fd2faf3b0cb5fc55fd255553f9546d714868a6a8f5c2f068aa2f5f7da9d1

    SHA512

    5bc10344c57f6d914c0c4f5f66e1aae431354a87e2381967b2e3e0af07e779c21e3bd5ad4720b176878bc6b996090509ca8dc857ad61a8aa5503160a82a28ab4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8785e4b6231f5481bab6747644e53d64

    SHA1

    e8f2f6d29b06d7a16784ba11f5ee41cf1a1f1af4

    SHA256

    cfdad7635c8748f7e4bc9215f9a96c24471d5b7ebcab1284e177ce817d978809

    SHA512

    508e479d107b8f0daa43484afebe076f506917cef965e7bf197ca99b925116f13f51fee8b649974fe7f9212e4d1436f2376fdff2da25016cffcb1323032e3fbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95ad1118cf2741e2f2c5e99e60b1e1d3

    SHA1

    9906303e89e2f995325cfd51eca672c381d5b46c

    SHA256

    0d1f66f2ed81a063de2846b7b528b4355003dba4067a23f8dd2f11ec30d1a6aa

    SHA512

    dbf0f5636de4a0c1da60accba1bd2ed0d8a3b08f251de65b14236ccee4d33ec5f70d325cd6a49ab2312b5deec2817ea2dcf68ba63e3f0cb5dbc8c776554c9a4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    935acf14ef18126878fb97bd1a58410b

    SHA1

    60800b0428c84930b9c48458466a9b072171b50d

    SHA256

    91599389fb9461c9e2f0380e120409291c8093f6b2dc117cc04d6cb3c605669a

    SHA512

    2b4906abd1f363c770c37b35d485aaaa239bb1e72db17834dbce8183fe44ebbf59318020afa16701bba47566c7b532445f9d1dbc1151bf66b9e3e4f7caf30ae9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd410fc1b759548d84d1a2187527fb2d

    SHA1

    ef666981c969a11c0f4e5c2101523f3a79de2182

    SHA256

    d82a12cee1e73439dbc2c785f5b3f7bb38d15ccf7e1dd2018b1bc7d63bfb0b8e

    SHA512

    91518e266376d509a53ec85f38708f7e62911c1bc3820049c412f0403f51c84b48991265db9d0ae0f463e819c22e91d4c81ec06e169c71bd019f5363c9ce0eaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d46d9532eb4839420c16731ce343355

    SHA1

    27eedbd9eb4f3b89e0ed5340c9be07b9e577c9b2

    SHA256

    c22603436c94bed9dfdc634f7a0d2dd1cb7f8aa98e8cd275700677d37e8a0965

    SHA512

    e190e1d5b0a333bf38f6996e334fbf10fb995c207a1d372b2ef99f54954195d9b2649a111079aba191f3952fb5737eb4eeca73653430d1f5fe34f2a6f09a4993

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    070d659ac0e802112f3212b4147b47c3

    SHA1

    59b9109bb3668f19ad614dcf34b9f0e771a2ef5c

    SHA256

    f866f8c09174f91dfe591dba40cf4259621d1b4dab4009030e03d724b583feb4

    SHA512

    0c454e1f4a92e233a9dde95bdaa052d45acdb533efed5cbcd13b2c36052f845036de8f998d5dcdd84922baa235e45e9e962fc08371521993942f204ac7b7ae0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e24419335d2308ec7a2a1fa5e199f76

    SHA1

    693da6acf7ad9cb286cf021960e6b7de93f61f9a

    SHA256

    32022ed3685ca485efac27e6250ef0b8350aac4cfaecf5359ebdf7c2f736a37a

    SHA512

    ea19e1fd9fb13204c2fd6805f1cdfabdda7a13b11c310798faae01ab2abcda0b527459f0e5400ccac03fab12bbf70f72f3484d55ce71e7a450e9f61a2194b1f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ca3bf487d4ed86444f5c3ef081a9ba8

    SHA1

    1c934875353e3d322c62747be7a7c1d1cb2fe8d1

    SHA256

    7b28b60d5bd31e90f289fac3790e51d8d758b608731853be1f015d1326bf2f63

    SHA512

    86075b138a20399a071cc370e07ef92ee5acce192d0af6f6d1063dd650a4125d79da0b6b832d797c368d8aa402625c963e652ccdd0dab704618d7196143920ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76e81db7f6468a944c1a6e6b14e9cdfb

    SHA1

    a662dc8875b3489213a39aafc1d382be9602173e

    SHA256

    da5b686c191a04951d59d3b83cf13360c0f72aefc27d522bc780d6630d29ad0a

    SHA512

    3103c60053adc618c7a79b3580b71b77db92d1d115c823210cc2f4f1e8ffe0a8eec212a8dd4b72105677abda763fbe844bd1cae15034dd88a0ff59b81ba9e693

  • C:\Users\Admin\AppData\Local\Temp\Cab2178.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2227.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b