Analysis

  • max time kernel
    143s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 12:15

General

  • Target

    d456b8822cbe6831a42bbc65eea84df5_JaffaCakes118.html

  • Size

    66KB

  • MD5

    d456b8822cbe6831a42bbc65eea84df5

  • SHA1

    86748b4d425c45da5d9ffdeba4c3a5919d64538a

  • SHA256

    b84275f6e29ec99b325c8cdc7a6a67a25ee6b084179596d9a4eae29f42f66ed9

  • SHA512

    819c0b2e9d52764c33c849af9ba74d0305fc6ad07689aa9aba4c457d18fcad7b996755e83b4d767eb32c25606885bd99347eb72ee20aa016172873a31026ada3

  • SSDEEP

    768:JiOgcM0St8tN99OIsAZQmhdvpSmhKoTyOqhCZkoTnMdtbBnfBgN8/oycc8QFVG8B:J++NR1TIgec0tbrgaCcFNnzAC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d456b8822cbe6831a42bbc65eea84df5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d674a87ffa70ca3900639dd2bfb96d00

          SHA1

          a35bd0bf75cb080ee290665773af0367f4cbd4bb

          SHA256

          a05e92edcc2cbf46572546e0f96c726976eb4176d7e0e28916e134179059c4ae

          SHA512

          ea1cf0f16a1cee0a933418383833aba60aca210a4d29f4601884861029a70075393154c1db449e5f49665f0004973ef33bb0501db1272f79abb5e5cadef70adf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aa300e7e1ebad141e418030074e2e6cf

          SHA1

          4883bca2feb4e121a9062e55e7837eb218188474

          SHA256

          739e2b63244d9f2a1945fbc2d3049de429d35fa93bc797e5a3fa0e7b231cc127

          SHA512

          99922b30b8636e3b737a886528fcc76dc31c1f3e840e772ae47d9bab18ddfe84e3a65b808dc723d4f3e3c77261e4becd7f6a22ee3c0056f7982db3e91a199cff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d855f945f05c0fa06923dbde87481194

          SHA1

          6cada96308d31ee0aa005847ae5929cc9b639d4b

          SHA256

          42427efe22308093251a2bb7651a01a83e25ac4aaad37454cb2fdfab4925d072

          SHA512

          bff0278a6a8924ec750985efe8448fc35cb3ab70181e78d522fa8fa5ef3e02724a74d0ee0ba319b8739d6a1b878578d81b3bfad49f8191d9dfc9c40e5b8bc46b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e839f850ab274725d3444ecb53a4cf60

          SHA1

          8572f096e8ba8f628b0b98c816d81514a2e48366

          SHA256

          2428c9caa7e51d7dc263efa25794a3979d820334de02f8268ba1d04966b22478

          SHA512

          2c139ce518e6ac8d37dd63e75e90039563ec177670b7e84181e9b35d54ea6f2be34c70c31e7dc2e8836c7de31d6cd589f6fc743ab392c9c0d2730a8c7680bb22

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c5b0bc59492be04d9967625e1a70cbfd

          SHA1

          90b3c6d0425e26a41d7fee81554e6abbfe4a76bd

          SHA256

          317e790bf20985afe5c85c3d74c715755b8bd09a9c5713e8c6630a0dc7f65eff

          SHA512

          4726c87107af5d3fd2c74351fc199bc96e2a88f2ffe6878c4962d8029e2f0e134ac1aeb0a5131f3c026a8490fbda2df73b9fb7fb65ce322c013679eca89d4560

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6d20c7b173da70188b79696f954a23b6

          SHA1

          a8375558b600fdf0d03c2a9276c9e4bab407e662

          SHA256

          4ec8763f3f8ed17f918a6824e06d8636f1fb48cfe8488bdd5ea5938a299203ec

          SHA512

          1ddfb7f30807bb71ddb46bbfb0ca702d6af1baddcdc1b67a25d08c887f63c92186c7e480682cbdc0b237fccb9763900dc3569dd83329e7ae7381935a0cd8c1c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          44309e44cd1a20edb513cf67ea9e9e56

          SHA1

          5d821ccc0ea37bd4a1d878599febfd668b32d396

          SHA256

          6677bac5982d41413f7d199eafa1b6aee80f841942a1c93495796c7ab577e6eb

          SHA512

          b19cefa3b2dff87319affabf4e4080ea54e32733d1c147c5142fa3aaea4dc190faad5b776b8da6ddec53191da797baf18082016eb72c1478298855e304c67997

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          24005c457c522c1e2c5c539a386f9b66

          SHA1

          4400b05d21395a2976b2c8da5a7131dd71adf001

          SHA256

          e6f11cb5c2e7d355c4443f467367b66f1c64a3def38e6ea4e76da4d429996426

          SHA512

          93a05088e19dd95b91d6440472191d3c5c3669b23dd36d23e4774accde621496235fa8317775c3d93fa28e661a709353abea0b818cfb1c53f23e1efbfef6b058

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e615ef02c12e2d6aa322059c0ebb6196

          SHA1

          fe32329b165bb6a2179ceb2391001a40c3f19cee

          SHA256

          7dcf5e7da251dc7a369868e656d918fac1eb0bfdb2bb842341e4651fbb33c4de

          SHA512

          18d8e458ebbd19573c7bb9e76d4795880036544c96157e671e1002ddace804681f6e8b00b8e734dda471de2ffa0bd04e48d70a1ae89cf93c4785aad8b24aac8e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a172ae9bde4f95d51b9d7c8e48b5819

          SHA1

          ab9902d03cefdf6e82db49ff55b6c43558de018b

          SHA256

          a92cbd258981895ffa3f2c4393a0120bc5434dbae96c61548c48b6166b26c4a0

          SHA512

          7d8570fcf48ed82c48395b61f57b85cab9589042cd7d8782148813fe10b4df2cfb6828ed8304d0c67d6a113fabbfa7d63b3c43b70d895fb95b7bae6fe204075c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e4d9cb42988af9ba61b41af4bbaeeea5

          SHA1

          1b4f227a412354c26cbbfcde482ca345364bcaa6

          SHA256

          da1bcbdf870ea347bb5d7b13a26cf59cfb89b80053ed52753195b3d44dd24544

          SHA512

          7beacee6b7b7b7868fed94e561667a3b8bc1f6577eae568cfda0a7715488ea0dd184cc675390577c684b7602ce0af74408690b976983096de2e8ae9ed426d8be

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          88d2596086015dc67dd4280a1619a116

          SHA1

          f01d716fbbcab45b123238b26b731bf34e4c848b

          SHA256

          10117b3df1afb52a30e33afc84f80071bb163b93459dcc94e941340975874879

          SHA512

          40a9febc9bf5e07e57df305ce02c80e1ccff0291634c4debf8430beffcec78fced7ec437f9bd03131fb8d2bc7b1aabf5984a6a8d0814ac5e95716dd774bb560a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          47a8bd48901951d2a26e64af12980e0f

          SHA1

          bc9758cebec79f3c4756efb2c45fc740511d6b21

          SHA256

          7df21d078c917bb273d7a15452f3efa53878184fdbb4db8635761a8934f551ad

          SHA512

          66981c2184d7c559b2433533c3e3c4d96118d388d6038705031578f5abd6715b6e0692a1a7698f22d94dcb3764e72311246b3f4135a8b4f6c311b89716d8c5cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd65e588beff64241045d700942ecfc3

          SHA1

          7f114010596de58f601ece2b0f6b5a23fc11391f

          SHA256

          361f78a4a9b7dc91b90f9f741075c59b05bff4084f3f10b10493824b9a16d88d

          SHA512

          27b229699cad9a0b19a6552bf70a60e455f1e8c652b224835a10e9fcbc4ed94d27cacaee056042f20d0e34eaacb06eb2986c364a98a5f786db26f7e782a704b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b15aebd8fd9df5605b27da2543e06fc6

          SHA1

          1d2e3bd7188dadf6d5d58c02ed79d38d443caf8e

          SHA256

          0324945e408c3f853eb68d2eee515ca7c5d999b198a2a4523b72c6448d74f086

          SHA512

          65997bc02d2ba00fe741504ee9e97256816c340799804cbece6d12e47caf2045bd16521aeea2c95f5496505d009289df762657e0e3ed520d2160a26293365bbd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9a246db408739506c35d0c33da37f9cf

          SHA1

          10ffd69b125f0f93bcd594f35b6cfebf7e435a6d

          SHA256

          0c03cae4ead232c6bbba1bc63481770bd7ac7f11d5404641e520d8e95e31d879

          SHA512

          2b4d831febe6b42692c3b4a8b4bfdabb79555510ce84e563c763441b9b4ce9edb73414accfca00eb49d14658982641e1681e0d602e290fcff540e628d63080e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9000a46b04664d2248f62b245fce9324

          SHA1

          ee04221e262419233c2553d8d27236fa3fb05aa4

          SHA256

          4b1426f79277848abae76c980c339171232ccea2cd8fc448eebfda689f880193

          SHA512

          735b77ed23840f6211fc79974422e396ee0ebd1ed32ce347089c08e70660fe689658696cc2c6996cb8dcd5576227aa6d751ac7434fe48efaf3261406b6a7e85f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5b517242c212936550623262b0196b75

          SHA1

          e465cb60b86c77400e480678c08970c30fde4be4

          SHA256

          7a38ae9f67aba45fa7258b8fba0dc46d74e1ddb5f6e894ef8b2e788cdba88d66

          SHA512

          71a5c0c55a3ed8cb4135bd73e86a4ad94aa7c3afa5917a003e017ec2f4132ac1031f6a165e441b19cfa887b4da003ec40753e98cf541b4db90abf985347d281e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8a210af64857848654f86b2634d39ebd

          SHA1

          fc11cf6434b8f96de08c373fb0d86df04e6df765

          SHA256

          271fe3f8f67eca149d125d5e51254a2d7328585b52076e069f955e8fef52659a

          SHA512

          8d921a816d9eea86c10518bf4195def7219327b505623d9e5686fe71a6d8e4253efea5ef4b1bf30297137e98a74511a4f3805269d0d1fbd15e546b53425ef50d

        • C:\Users\Admin\AppData\Local\Temp\Cab909.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar9C7.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b