Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09-09-2024 04:18

General

  • Target

    d5a3f75f3c88b28ca5f995a6e96e01a4_JaffaCakes118.html

  • Size

    35KB

  • MD5

    d5a3f75f3c88b28ca5f995a6e96e01a4

  • SHA1

    afe7990f22943fdc4252f7105541bea826e035e4

  • SHA256

    bb9a150dfd63e80e9a0353dd3860ad75a450c17267f06c9247ca7cdedacc4e8f

  • SHA512

    80f848d4762160f46ca8e30ca44e7d92423a0d712aef7053e2bfbbf7fb2e38c518f75010110fe1ba64685334368fb661a74b45628efcf7bfcf6e581fefbbc565

  • SSDEEP

    192:uwfIb5nOn2nQjxn5Q/unQielNnOnQOkEntWknQTbnBnQmSyxD4ZUvRXE3btcBP3a:d3Q/d7x3lybs880gj9vu

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d5a3f75f3c88b28ca5f995a6e96e01a4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a882851ad60ebba9713dfbb7e9ea7e8e

    SHA1

    a7e1a808b7afa583cd344a10a3455b0697847390

    SHA256

    0ede9cc32dbd1fcb41a8a39842580c724bc84ba5b66df77e44e6dee0fdc27922

    SHA512

    d4c1936b0de900ab9ae23c3439f449e5b623910be2692f2281d8704f2bbe7be40d37aaaf3265572c3ccfc6c91e3664bf1de839057c9ee903349b065fc29aa78d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddbfc8e078f88eac6cf39be4af66aa7f

    SHA1

    e9b51dec84823b317699248a5af74359a80e3fe2

    SHA256

    a3b45ce92edb618556fc62f8c700f9011d60af59d074bc376140917159d73d58

    SHA512

    d984b2afe1685d4ec1c89301afc7391b03c4f6b78cc3d0dff851c4c0a004ff62f8e2566a6b72a19d723885d4c18ab06526b4450d352c6c2cd4e83b3c5251bd00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42bc0dacaa6855d82bc537f08fcd7fbb

    SHA1

    b1996b3c226cb318cbb52894dc4d69158da57cc5

    SHA256

    43e73f0fe916cbbc13be60a49e54807f3dfc6058e1a4d991543b3452ba876b35

    SHA512

    4fac48b03460743e2fa7f92c5b44050167cbbcec1a7911df9112bb82441abf86e9b4fd3dc19809556cc2ceb274739c3d03467114c42b4a365f168af52236376d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cdeec0b6340d78677024e75e2ec6bbc

    SHA1

    6eef41850a760a70ddb66604acb99dc708791e73

    SHA256

    dcf35b934d232ff48d8f53d65e54d93264e0b62d39b4b48255ef09143410dfdf

    SHA512

    6b0028810cbade5c0a67ee659f7ef53710dfe331f2984006bddea862efb8c24613e87da5190ef6e11a1d8b7ba03bfb34d16a12b223c55000b5bd845c4b82fe16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e25c2952541c71b8ef730ab92043fb72

    SHA1

    b8af3d4ddf1120ffad9f0bc4056777d224384462

    SHA256

    665a88824631265c9fe6c638cdf9218e7a6eb5fe85c65aab9e7d128052a6ed95

    SHA512

    f0518b5e351dd08cafc7e5aa6f99c4e6e0f6c6bcb47718824443b85cd7de8e3a110a908f630c5628ffcacb92a6fb90360facbc4e5e3a2c938a5e53503bc335ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77a7415cb5bd1704d734227929cb5fc0

    SHA1

    847e376e2b062336937f49a3e22023d754d0d5be

    SHA256

    45cbb06b66aa914f2ec0abea22133e20e3bcc210f7a6603d93af412d1d536f50

    SHA512

    af5d1e15ad1f3638dd05ef94096369ebb06959c846bb9081f1a9b221a03a22e96c0239cd33ec933cb65adfe6f07c6d2f4e929136dbf331400efc7c604848a3e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05548c7042bd85038b0af0e8c5daf27b

    SHA1

    83f3bc5d7801f35c4524d1c3a1979a7097960921

    SHA256

    069ab8f40cf07333613367a953de18a580a5be4f2854e55b5d27f87885ad8a9c

    SHA512

    daf15286edb73b876b365b913ff32ca00047d8fb7d8c92944f5bad898704d958ae4ade3a03ce89861de8ed1e6dd6ae4504e6ecb75dceedb9ef1023e27f6e54ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a438cc10a4407886b325e32f8f1b09f

    SHA1

    cff03836d06d66ce1c518e6bf034f52adb3d1f50

    SHA256

    f52050c46bac70842d8551a8d3838f2eca986eb4f02af3fe7f1e2aff8dc8ef42

    SHA512

    9f9220590933d4a7a3c0f158d858a8987e197bfc7ec087314d6f685e804b7878b72f9cc19b88a1d6ec5c8fadee42cd3920e62caf3b6daaa6de93061f68e15f90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31a8e60f7eb0123d46cf32720dcc23f4

    SHA1

    ecc6e4cf4de778849346418f45a956fb7d089078

    SHA256

    59460691d1c9233a75692ed383c8e32c07df59afe4795a05820ceab62a21e984

    SHA512

    51d4ff362e42a83a9e4ff5ebb361b2bd645b9cb93d98e05a6853085c4a66c7f4dbfbc0730bf6631936ca71b705cfb21a9a7d1c398f7922b9f1141779d31dbf1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1131dabdd4392b5533dfbb0ebcfde304

    SHA1

    935117ee7647b6ab2677cbec749ad0137fb61038

    SHA256

    837eef3c94e896af0b39eca67b64b58536615180adb21eb653824475d88973e8

    SHA512

    72c754f5fa64f99946316d6f8d7be6c9d8a4c74e3ae971e828d4d9acfe308af0f8dd4380c1949262ccda4297a07885a83e092c3298c2e491878a1bde6e3e0696

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5a43d5fe51b35d2f43e7199cd14bb60

    SHA1

    b9ee15ef14a036e64e9b9272b14c3b78b7347b05

    SHA256

    f069cf1e38756d81b376d31403a6f5f7eb787dd93f61b9238edd709af46e8aa9

    SHA512

    2e1bbe4bd9e1086e8c5bd80d0094ff84098415c723b012366e9bd25e8ae037847b52f0000c635396ebc1bacbfd338d396098876c7cc8cd2f405e1710d01dca10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf747711b4fc94424fbd76804f7e9764

    SHA1

    65deb9b60137265c242f7459959c66a949b75e0e

    SHA256

    2c00fed832e00802caf6021f1831879afdb97a853e310b77c50ce7354a191054

    SHA512

    21ce941d8a5f1e4e5bbd10090a6c0f43268267f871d7c13b48d44ab1658446756ab65e07296dcab5a6e4ca8f499641f828e64a4522b9fd99e4ed58e341ac90f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5e3d0e40a4d0b65456410da8bd9abc2

    SHA1

    d625cc2e63f45914b3bc64310c371245d8b831ba

    SHA256

    6ed89ee6c541665e1569df0d45910827d2854be545f670081e431fedf81902eb

    SHA512

    2257b9e3b66115ed2dc9afa4f0c0483adb8e149b1b0a97b15129c3d1476fff1251a1b4aec1489c7ff408b0d2ae0d69092f1267171ad649742c9777de1321738b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1be10b2c2222829a3f312760ed436efe

    SHA1

    a8b1cfd58c1f262ac7524a4c36141991a210f7a4

    SHA256

    130593efe089bd6e2f6477304a1edb17c8f6322468fda9f1f332aece77f76b78

    SHA512

    789d74653ee1b3ca672e126cc77b426f4208199b60cee828418bc827c212aabd9253e35621b8d3bce3df9d2ca660b2fc71d2740b5e55fd9b12724e9c66c070bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9d125c678da530724ad97e6b869e105

    SHA1

    d1e68e3286640b9107a401b829a94057b93a16a9

    SHA256

    1b711d78b2f8f6b652e49ddd4b2bfcfc96e789f6fb86fcb0f22597a1635cab15

    SHA512

    bf9b1fd97505932e73f8326d9e14a34196d2d7afa3d93bccbffa3492b4624138eac24fa0929ae012796432862af72112957f87792cbdc702b04cd79b7b68e17a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    084dda44eac42a2886e985ef2ccdefd5

    SHA1

    eec484514bbf844aee4b2133df305471597baadb

    SHA256

    ea42e8c5465226beefd801a5fa7ee5214eb55e655f277be9d23f56076a8dfd15

    SHA512

    8e4747bbc1c21e138051386e998cb86674494854558aa4f4385ae6456768795f96494cc37fbe8dff05efe2a1175f769405fe875eb279a9155538e066fbb458e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc4d589dbd0b6eea6308f4fb0c81e8b1

    SHA1

    fa4ba7b4fb38b3b13daf261b7a9ef2fe518f3276

    SHA256

    5182c8bc2b5725b2aabc09baf347c45f0c246e5659a554eb57ac0bf69f71c801

    SHA512

    8b23750297b6e86be44a2a80fd0d1a1a8384e32b928ac1aaf7f5d9cd7cdacc5f6c1d07386770f1c3917f7c8eba4327103276dcca5e3944f76b1fee5ab4f01fb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cce0550d864b508eb11c272388d0ff4

    SHA1

    064f019925f215e9959c6c2e62b04d22c3315fe9

    SHA256

    53e87e3ac4dbddea239779056c133d638ee321edac94f3050b971e0a9e1770fa

    SHA512

    940b266918323d5b5b2df434e9b5496f78abb142a035f65a774bdf529d1b2632be986697e6790a998bb36a2572d16b38fe985b5843c5047bd8851a653db20de4

  • C:\Users\Admin\AppData\Local\Temp\CabEF2.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFB0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b