Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 06:15

General

  • Target

    d3b9b9785d54639b52aa7438286162f6_JaffaCakes118.html

  • Size

    136KB

  • MD5

    d3b9b9785d54639b52aa7438286162f6

  • SHA1

    9d898ab498f4f12ff4c06d448e262737824e9611

  • SHA256

    0351d1654aaa6f7888a709203db805842aaf6901902acbacb7e98ebeb0b5397d

  • SHA512

    eb03e6c0511ff2b456446ffb2448872993d49fe7957eb877cfbbbba180805b57e70eb14676c90c199351f832b36283ad38ea1e18819f1efa0f5500c2bfe51791

  • SSDEEP

    1536:mAq2PMe4eUqaPScJQi9+UnqvZXaaPcaP6DQzHXgW:tqFeU9PSaoUnqvZdPfP6cbXgW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3b9b9785d54639b52aa7438286162f6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          1d870e252e65bcf77c9fac1fd1dfb1b1

          SHA1

          d90d5620fa58b600e255a677625d2e27082a786c

          SHA256

          c983e99809a45bef60e6df7c4806ebb7f22d5ee4cde44bc17f6a6a594de51440

          SHA512

          2733b95c638526c0334c648a0ad32b5b617fb1d52b439e59050775ab643313ba299eb72537dfea2af553fd3846f647297cb550f2cf4c83feedd4a4516a56f40a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          479f6b8466ade8a88a7335fc791e80e2

          SHA1

          b92ee7fa9d44ed303a9f26723bce1254c1d28f4b

          SHA256

          8b6e48a833b1dd1e105be353d13962da3fe198432d7ec3a137ffc5976c5e853e

          SHA512

          08af75a9edd2f8c2340da78725a3caf69ca63a81947c84ac2b9c93568de49399754ccb6b5742b8d89361f18de5a7257fd60821f1dfc90879860dfc6839534be5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          431f8e742d701b928a61a241fcb72afc

          SHA1

          8587d7cbd89814b41d04d2927e307dc635b9bc50

          SHA256

          29b6937f474cd1a05b60dc8b7d0b110ec4510eb09fe3c8685bb16e097bad17e9

          SHA512

          b7e2cc5f9636a6f71d7e285721e498f171fa3e84857ca0cd88b07b41e8c5c2892a21c9c38fce8b0432e4ad23f0a9492fec9f75a7b34ccd9674491922203dde30

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2edb6fb4d294be8f4c5a6872cfac689c

          SHA1

          7c6639631ee34b8833fca95b78575a2e46eddf51

          SHA256

          c7ae786723219b9d32ae5febfdd51ca39ea90ce9598912f6dfb118ff19e30339

          SHA512

          602c80ae33bd57355d56f7fbfe8ff56ba6b9757df8021239e044ef900914b45fdbbe440ec9771379da77bb0d06ff1755820f0fcd2c5cf413059c9e51deb42c8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b1d3adc3ccac7343d8b077d3e1613fe0

          SHA1

          21c0fbb524f1e741eb57c1d6a64cf8d8603dfb40

          SHA256

          03ddb18e1adab42f42e6c2a193d2480b4265a539f7f6e6c1f88be73b2be8a7d8

          SHA512

          2bfce4d584e2e11453077d94aa0b5b60c5b03f02fb532ebab632453f47535c66486a9dc605a29f7de2c6a6c021b0dc11293a4f1e264e921e2517c7097082a882

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ff768b4792ca7ca6dfd092a88aedd293

          SHA1

          cf89e5d4170de31559488ab09e929fe09d89defd

          SHA256

          3abf7d712aa1c18cb408a268080d7bb08bc883917ca732274e23a7b35beb4cb5

          SHA512

          46595aae2b5bd0a5bfbfe8db93710ff76741a2cc9b81ad2f50e3d3f0ee40a620db4624311311183e230d9b5fffeef5ae6bdce888fb646b54664335b4fb83f2e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2adaeb2893be64a42689e43271628b29

          SHA1

          60eb04f1e35531ecf919f82c052e02d10527a659

          SHA256

          366617a24f56bd866067628f2f3059205fde8912ad748c4d26885836a2957683

          SHA512

          f1f762ac632a715d5a58db9ee43bd51d970ed4c298379792d45c1e6984a6867b53d70f715625de8e67e52e7ba1bfa3c29c9012a687fe95852af2456090b07e52

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4da35c1f624975d8950272cbde0f9769

          SHA1

          5cbe31962fab65fa6c65ef43e96d92103b101295

          SHA256

          7fdca6a32e617a22241381b7e315ddd53d9a554eb397e0d2cfcf6d7e8fcc5471

          SHA512

          72ab20ed31c913fae09c188a7933783485f02f0c5f0f373c27f60f852de8df4c868efbedabf14aaca0b764d7f17ce235620a7e24e5c770790e15f81d2a4a86bb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2aef4d315f9f3f21603893e8b81e1b94

          SHA1

          ef925a205549c4ee087ca3a1f1a1e8db64261e52

          SHA256

          98fc74f13668f30061ad7b1a090b7a1750727eb6e4faec845c06d3c3c0af92bb

          SHA512

          92f0a23176c2e0d4a18c1ea77cb69b76b4309be30fc8786519dfc9692126b3effc04d9b731701dccfac9b77dc4c2b3ac097763107b3fed2c76d713060bf597dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          884dc6681313f75abde1715270fb4a81

          SHA1

          24b61b5aaf3d42f55219752856e330f159a1a48e

          SHA256

          57c16a5eb6c196f100a4d37cddf28c4602eb767abfd07903a1124f43acb68c1c

          SHA512

          e49160d22f6503375c7903f07f752c03b2cd172b560b6de6fd01e2e0d4cc5c9e4c91f9b0f7792a34019e04cb8e3a8abec9eeb386e13c798c7ea040d4784c5da5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          03be0c6da3ae84b33287baa6c40a9e92

          SHA1

          5a881a16040e8491f8430bafd6866178c5cfc677

          SHA256

          ed06ed0c738ffb8c73113ec1fea5fa1ffd2a9fb01cb9f3231fab4120dc802c55

          SHA512

          033e02cb5501408873a6b26a80361b0688a200548b057c02b4db4ad3f58f18e6ca53401e54e4f2ecdb2523c03cced023fa248fc987a3a94ec710e6d09f49c56e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d3fc9506bcb7362e87a325f26fab3a18

          SHA1

          daed81aeee48f3708defde31bd0826b413776348

          SHA256

          8ade88187b2c1297a251248d1711fac96d2c84ebd01e5a70a2d075f0fbb37b3e

          SHA512

          f556b52cb1926244f8093f2c8ffe185f8e5a02e2d1d95d9d97f2568d31e404d9eed7d4af0292826eb0abe0f236da0d97a50ebe8022492e53cd3ac8e6badc0b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          479a3cf9ce2877a42a4e05fc7f776b5f

          SHA1

          68fcc724c436cd1339db2f975a4031a22df7f5ad

          SHA256

          11541ba335992e743a8d49d8748afa2b9d414cb3edb058ae77375eafcdd66f6e

          SHA512

          3e36c6123fc46850488acbab2397ec82dd2a85401f1c5336e12c87be1a256d15cecae2ebb15fad927de5184dc488467a19365174df5b89bebf918ccd3edc000b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d30dfd88c9c48f6bc9cf5c318298a0df

          SHA1

          fc4d6d33914f384f6fb7f3eccf0daadb7f4b3886

          SHA256

          998071886891596134a2359524b90d00f00cf21a049db8657330d22190d02f89

          SHA512

          7c238ad024cba633ee0f9ac1257468015e00f9a7a326433f0507899cff9d0a60d529ee9be0f5a1f5e5b0076815eb3cdb2f9075a20b46c8ba8336ce5da56d7272

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          965745e533341928693917a9df2fa525

          SHA1

          d2c490f66b30d68c66057eb8d5cb251faaf34ba0

          SHA256

          60c635ed59e1c3f1591e836e6753c02cd77be20e5fe9721c1f84ff1eacaaffc1

          SHA512

          16aaa0b2f7ade44ed72df2446ae129cae0b98e0a24fe8776f427de446d9e0a550490f89f73361c84eb017cc57c7ed799dd18f76528f82cbb67cdc7aba37ce4b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1689a00907bad7e7d05e00beecac3cc3

          SHA1

          f951981fe6dbc9513d7e84ea8fff44344f8a147d

          SHA256

          cef1b1f58efe00f7c1824a6b1ef1cb1488a40464c7314465b89bc9b977d59a96

          SHA512

          b8ce04d7c1a8b336372dbc8195b107d6ebc6855c235dae1fccdb517a6a03ff6172ebbb488e224d937bd4da6a72ffe9eb28d324883be60d0441f595f12547fb53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73cacdd0d91901aacc96bd90ba89eca6

          SHA1

          dbe05023aa974dc05f0e2fc53bc94fe2745d4c45

          SHA256

          db5bb55c1029905f88101a8bf06a851d45167c86913987f8319d56d9a639caeb

          SHA512

          37ac6c43047aa1204fc93dccee9ab688c868bc5bde44459a7f4d2f6e56a56c6e1efda34b406590d1c9a31ca5ce001ef0aa8b04e716bfef30f7b7bcc6a687eae0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          96434f73ab6bf2f0887ecd283986e517

          SHA1

          ac72eec4da3b7489e04e1113247bd2810cccc71f

          SHA256

          b8844b28deb7284f1d68559ea6d914f4e0a885e2bf216efbe67128f7d1e36e8c

          SHA512

          94b2911537c54373eafef8e1be30b9456923accbcc3130fefaed1bd42c5f4a897f51ff3168b2465398c32f7b054ac5c623ccbe607b47de73c822f4743f1f7a36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca05bafea0e4b557ed5d0653c7ab5886

          SHA1

          8c56d903e514f76547612187b4308f97a144e6c6

          SHA256

          510958ea1652a29dc5ccc46fff5fc09da740ad7f4272e03322301bab64e0356e

          SHA512

          d1b700b92bd2c8df574e594e7280e6153dc9e0db78826e2eee09c1324f87e00b127d8dd6213d3d70f1b5b77357db1118fc81edd2611f4d55d4f4a63552249492

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1d8bd636ef4e95fafb44476d296ddf9c

          SHA1

          c87080262dfa5516669602abf8c2dd517d195e1e

          SHA256

          b767742a161e8e37bd867cc4c0fefc39b8b559f442131d1a6d81459b0050c713

          SHA512

          1c1d1f2ff77611c9fa7024c9a5935e9ab2f9a67ced3c48197c5b5699c795b255bb75ff837e4cdc4720b2f5048e8ac8caed2cad6e12cac91b6dcc8013175f08cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dc82fc76d307e6a329dfbb878f54a36d

          SHA1

          7a8f4760f9a06af2aa350bfb8f82c61d9e7299b8

          SHA256

          e7ae0dbd9f64b51cd4c4a74b40502a33cfc59c226b7f79a9628c6ad54cba8be2

          SHA512

          e4d7b200784ecf006e55f11b9069b9a63c4f56497c963edd391cf3bcd982af2be861c04d5d31a9a44e3e5e132ea2e8de2e89b8c129d94a002aaac562059963c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          5dc463685753d71067d8b09c94715c2d

          SHA1

          9b9407fd69f206f440329738aef56e4a7c32748f

          SHA256

          35953481399b98d0a50a9ba8033f9a0ae7a7a37316259be82639c3abdea4d22d

          SHA512

          b82d1553dfda18fa382ca0fc73823f4a6265bcd4c5e249dc286f9cb0a64a56598c21c3218ba70b7df2e90a1345acd432cf05ce5a10616e75ea3a0365e9b77ef4

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\e-202031[1].htm

          Filesize

          167B

          MD5

          0104c301c5e02bd6148b8703d19b3a73

          SHA1

          7436e0b4b1f8c222c38069890b75fa2baf9ca620

          SHA256

          446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

          SHA512

          84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

        • C:\Users\Admin\AppData\Local\Temp\Cab658.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar65B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b