Analysis

  • max time kernel
    144s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2024 11:22

General

  • Target

    d43e80131dba995dd87897245f348410_JaffaCakes118.html

  • Size

    68KB

  • MD5

    d43e80131dba995dd87897245f348410

  • SHA1

    030ced96f6d244cc0e46839dd7a3a72a491c1e72

  • SHA256

    61c212e1474c672e138a481646af04b44585552bd60b4de9c9fcd9bb7bdc0ce4

  • SHA512

    d7f7a67a9630548901b7e2c34bd6cf6edc89f99ce3535b77cdcf5e3cb0f368fa05971410515efcac9ce8a448f9448d7a4f533e658033b13f9fe7b7325395a341

  • SSDEEP

    768:ze2VO9DdkEBgHKsZXl0/XWcgr2NnABzj9G:zDVO9mEBgHe/XQ6WBzj9G

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d43e80131dba995dd87897245f348410_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffd48fbe61a89bdde206d54bb8009db3

    SHA1

    80481e29cfed8004c1ff89ff161ca5fd9b124108

    SHA256

    29f96b87b8482d424c46aef69a5ee1ffa3635a6fec37506baa61af83923ac19c

    SHA512

    26c84a8dd9e7aa4b9e53ecb64c9b040e32c221cdf749ce6b38e1027ef71f38aac4788cf31309151e5914fad045beee400d0e0e55a92d42fd514aad564c11627c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a891bce8687938e83decadd267c15fb

    SHA1

    7000f5e50a6f48d99ec802f53ce749e2dc565271

    SHA256

    09442c282cabb1e6131d2832bf54d432e222e6bb3a9cb3a50fffde0eabbed60e

    SHA512

    7400ec944b1789fafccd63d2836223cf68dff17a4fd611d3967837c65d2f69bd02fd47478361dc5a7367ffeadc86aebc399f7c4777b877ead5876e95d7ac41a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5abf0b19fba751fa0b030d61545f75a

    SHA1

    a28e4bc79103e13817ba67db577b76e14c83e466

    SHA256

    c2ca861dee7a03a2a8d987482ac3b5e24e3137d9fe76eded068a6e05930f3cca

    SHA512

    ecd26e659735098ab344d6f644cba704496aff6d5135f9acf141ae0909bf62a4711a28bce18b476f70d8dd2626be4c5fe719e873fc0e92fcee906b6e2df88872

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8dd9048eba58b4d761b3eaa3f03ae7b0

    SHA1

    49b06548ae6cb706d80d985bd82535ccb498665a

    SHA256

    14cdcebc0fb7d3955834dd1a23146fe7015416c420afb96051f5d041c601caa3

    SHA512

    b839a1bfda2cd21dec60ccfae111ef3c7b59b963786d6ff82d431a2a6241852599f57f942f71fae0a84c4e136c6fbae35c0f2f445b5dcfb3cbcfd9cfd0176aa3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00da5096db099f3e2b5ce28d17c7bcc5

    SHA1

    d9434922b33ed973c4079c56753245e5094fa0d5

    SHA256

    58d353b39b31573fddca3d294120d119ee10a39e3cd2c2b6679083e7eaffb384

    SHA512

    0cfcbe6f50186811b5a04979d0bdd16ddf46c35c75586278adb393e445c6f9eab6b2e712a446f48db7c42e712b11445287b07fb5096093849125bffb900385d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82dad46af36e11eb86ef0bcaedd975fc

    SHA1

    c1460824e692c821dcd901be5f6b15b19d97fb24

    SHA256

    0f4683b2a238c7e5987ac32309f30bfbc5ba8b9edabce9d073a80be4a7e9e087

    SHA512

    5fddfe78f71d2cad183a3b1fd2f24dbc1fc08e562f00e0a7c3d35a23a85a770c0e9dc267efb476703ee4bc2f225ea2db7df9bf0989a28680c6ab1e255f9c015a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3b7481b36436ddd8add1593f6dd399d

    SHA1

    89ef47015aa702f1b13966b2a96e7f40038ebe06

    SHA256

    f03bc3ce5f54e97daa8954c31596c89016cc3e28ecbd207b7be81d5dd8c645c6

    SHA512

    b7ac22fd6a44a8992c513b6179f192da6b9b48da212855a34b1b904cf3f5157232cf23add2c5deb218137273606dba901e250834b12515ec8cfead92c7275632

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    281777471b8e3415f443f179e64edc82

    SHA1

    635a482311d9154b987e464638bae7a62dba5e03

    SHA256

    4c4f703430cb3949a69084f8c94b0f4a3af5e7020a32505821060becf0461a6d

    SHA512

    77efa3628f2fe09ad287eb7ffdf5e8f2c5dc32946c56670c04b0bf29607583efaa917eba1ebbee4c2b989218edeebfa5063db9742bfa0a5fe6a7916533a51082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b880897506e393e1c3553e88be0d381

    SHA1

    a3072a4528ce860391524cb4934ae9aed33e0491

    SHA256

    7284cf6cc07623ad647358eb7c293c81ba46724fdc97d99fc6e8d814570f7a92

    SHA512

    f051c4847527b1c211580339667d0611f2056d519d96dcf306b59d88e31b4061cfeb9789e6965ef931f46069420877c90cba61f92991d6093fc755a5b71d4d56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8c83406c0464e13119b366079d0e832

    SHA1

    ade0267276c33f1d12d4a6ff3a4552805ef78a59

    SHA256

    1181c8a5bd234384118c6b2502ebb4988e52aea3f949f9eff0ebe825f8b1c1cc

    SHA512

    744647bcc327df0080a332c7b3d58c58aadcef4c8eac1a8c0a4af7cec5a7514e426378e01727843fbc2fda3e0d96da4d01a7782bca419bd917cea9d0ff68b62a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59059dcdf62998fb2b6477338fedbf19

    SHA1

    ede7fc37ce1d99aaca2c24fc89f2e1569518df91

    SHA256

    c4f8325c3f4daa3b38d1d1aaa3b3b901a33316e3257aeb1f1586cad4821fb424

    SHA512

    e021c69976769a589b17d2f1e70770c5152ac3fab8bb0cf71f94884adf852f285c54f176e487cab98be49af109ed8eb02653bc00b45e24bc50f6e13dee1891a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    813acc9cbc00de205be9a10618fd975c

    SHA1

    b7dfad86d8c2bd710a1449b64b06f3e4cf23aee6

    SHA256

    958dc8640c5adc435c96f93022d910fb2cf7abd6147833a70823d567425c34f0

    SHA512

    a1fca7acb039f3d61107d62a6b51b402d130b4d76dc7df4f5340a491de85b036d4bc9edf181203a106f8f439ede9e5dd9e7926ddb2141feb8ca63133f64db7c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48308c87147a773b861c8c3e72fb6d2b

    SHA1

    fdebf0129aed338dd5358041d7b9f6c8cd74576a

    SHA256

    7fae00a8b2f8830602124dcb2321b6ce51fb2339b36f8be4d79290904d425b34

    SHA512

    af696f1bb96bb704ac99ffa24bb3e8ca68ef97fd89d2279ab66e221de3293b52a4c65bc08708401c1ad5282f01233ba1cf1347b03cecf61ea9e9ee63e4f306b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8949811816921b5cc934327b0684bc22

    SHA1

    c713643291f1464321c5bd44fed573962cf17b4d

    SHA256

    6ec481e39e07ecc9ef78e6f19f164e46d7ee5526b61a9e9aae1c5e053d9af9c5

    SHA512

    b2b7e5b1ab22ec13824c3742b32e72e1b897124fbc9cbaf8665f59b6e2957ca4704f6f2eb6531e1a054473ede94692a57c733c12b820c95d6b83d377f1eba778

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f47ac51aff78c59dec412f0ce86303e

    SHA1

    a14891fc425cdd52fdfaca787cf13a23fb00e348

    SHA256

    d2378aa0daeca535de713e37dfb51e75d536285566e4a6821269a38fae535396

    SHA512

    86251aed71e497061a487d837c6ec5906744b5ab7a2a08a64281e418c45a44783662dffe464571ac95f16a4d51d6fa3e2d23f103e59040fdd8f380b06f27b364

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b26fb2da0c85281d21280156da0066ea

    SHA1

    aac70e6b537f844d27014ca7c76aec9ff68f04b8

    SHA256

    2460ba7f5efc3b72827e243cb334b12d887fad780f20fe2602107afb22bd082f

    SHA512

    db5d05d1803bbd0e1b31542cc211a56008ec83315dcadb091f98b93d75116cc842e98708a441ae0aa0b83a235a72c04b9a15166a0e802ef435110661a65420c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86ce4f50962b9a289a421a8be1d59078

    SHA1

    d8b74f88cc0050582c1c2f6be7cbef540a9fa998

    SHA256

    20ef35e5c9d0eb09088553d748eef2cc95777ae6deedd4f863c7eafcea9b21ae

    SHA512

    e2c1832f44404b303a3bf3aff5e2d7d9547af297457d3c4005bcd075df158e4ecccd3f6246d3d5f4c383733ab1da51f1cfe886a7333a5074346ecfd43b99e567

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2e9704ac6949f87cc2d143d1a9aec45

    SHA1

    37e178692037560684a1bf05f23cd81503158139

    SHA256

    b5d31647e28419eff3d47548df4e47cf6b05f05b2116eae36dfb66115e51f9ab

    SHA512

    3bd8eb5c1766a08a0b857b997877470b1cb26bb7eff15949c5fa53b0967153989f59d4d203108e0e9203183afb05cfc062f2d2cff3039cee547aaed2a22d1b09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90cc50bada3c8de0ccac2d7338a47d1c

    SHA1

    872c75627e4f16c83f707613f8de048a8d23f74a

    SHA256

    16b99914252ca73f150a94482fd769e8184a5e2ce3fd7676e9fa8dd7a30b01a6

    SHA512

    e89cc4a9031afaab84a33e91d04bdca8ba4ed314458128ad6964d9b651a59ec677c683454d167dc15c623d3aa1fa77ea007e251df1570f295dbef614a0eed234

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8765ff1cd8619d140fc44fb5cc8c3487

    SHA1

    acfe3e3d94748ea01c6c51613482bad6348d0ae8

    SHA256

    84c75f87ad674436017dd0fbc7eab5496bd2bf50fb9872b6cd138100f519b07b

    SHA512

    17d2778e750200f3af7f4ac1fb6b8c399399d029c2edf7c696852fdf6373d48a3ee43e054ecc416f06bf52198f1b1df3321a32386cd27dec7694bc34824d0abb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e20f6495f58a148b9eddfabfc88350c

    SHA1

    2ce0510ddb7287dffe096dfdec5c7a42279964c7

    SHA256

    5458e45b322b0ab7ed156f1b524452f8aaf6537a089f9e821f7cc77aefa98aa4

    SHA512

    a22fcbb981e89afe28e4a09ce498ce288dea4e49759bcf85ef0a285a15ce56644051ea3ab4dab7c5b05f8f44d5256bca1081baf5db38eadeffe5403b53dbb8b6

  • C:\Users\Admin\AppData\Local\Temp\Cab7E0.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7E1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b