Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-09-2024 21:10

General

  • Target

    d718f5262b2d4c6d346acc1fb5d70506_JaffaCakes118.html

  • Size

    36KB

  • MD5

    d718f5262b2d4c6d346acc1fb5d70506

  • SHA1

    eeea630b0b9a1419034956e4f9e1f03603184405

  • SHA256

    9e1dd50719aefa82b298ff3811a2d3db8605f46a38ee82a4299cd10f8eb6bb35

  • SHA512

    501d7583c287e90d2d3dcb97470326216ad09c14c13dca2bd8f47d69579160a233520666bcff2bfd4527c26dfb3c618c4a3a713dbc4c9fb75037d172290a8906

  • SSDEEP

    768:zwx/MDTHRJ88hARMZPXXE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TyZOy6u3l56lLRW:Q/HbJxNVmufSI/S8qK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d718f5262b2d4c6d346acc1fb5d70506_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    436B

    MD5

    971c514f84bba0785f80aa1c23edfd79

    SHA1

    732acea710a87530c6b08ecdf32a110d254a54c8

    SHA256

    f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

    SHA512

    43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    174B

    MD5

    54535b0c7a26494569d806498c708cbd

    SHA1

    0739b00a8efabf1a10494961e19d75b3a98e4172

    SHA256

    2a382782d6857be64695747a0e21c44660439ffa864b41ef66f2e26e591c526f

    SHA512

    df297bd540bf15ca35e7caca03a74ce0b45c2843f362ca035dfce32fd45153e72bca21fadc2fcb838928e43a1e483d801e013ef86e1b03a108f2785a880dc314

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d6bacd4c2292aa1988768492a4b85e8

    SHA1

    9b4140f81dc05c548a865d77c80be16157362421

    SHA256

    0c9c5313f1256769035a4208fedb5c11f5071636709f7e25b16cfdc41dddd1f4

    SHA512

    3146b1c6f421559c56fc9d970b7ecbfcb0392e74f8a6be4949d36b1de93b777126b6a3867195f9fcd7411b51eabda9293fdbdde6c22f16cb415fcea2914431fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3863dea22671c554f5ebf13a325b930

    SHA1

    7c28a16ad3f4f8b2c5db953e91ea052ace17aa76

    SHA256

    85e5f782c49f215b0221a8d86d2a177f1bf21bf3e89f8e1481baa91a51177889

    SHA512

    e24d5a2ef8c5195bd2949454f896ab970c8dcf8d085046d6c1e8da58b1166b900320c835aa801305915764b53a66a9f7b66b68a65070723ea4d453853d44f24d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d50de7e6ba9aaec157d87a0ab1f95bcb

    SHA1

    2a6b02b949677cd916a6a171d31dcfbfc7039d40

    SHA256

    484973b5d442f61e28a7fa7358111b354a56af2028097135db9cdd41dbbf2e66

    SHA512

    53d67123de976cf7dd4c5cac2c913036bddf560e3a221e5c0d44c3f6795520819962ab4adc9410697eebbe8fa26c9ed88de0eafbba2108e4a9a1a14c2a16a7f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad52e41c532e5313fd9e019df92bbc4a

    SHA1

    ed97fcecae537cf0b2b16c83c2bd0b64ac44a468

    SHA256

    b8ae04d7e3010e2742d90f8c325643074cb36f947b5fdb1c24d5f8f64722d913

    SHA512

    1a19621e73c518dd80d2cbe72d416d579c6f7900a327e9bf81ac87226d073935385a55bb937766d7296535c641218548f09522775577e8c4d04523485079ffcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68f5ac88dc9d450995494448ace0dc4f

    SHA1

    393adac72a0b68e28c55612adc3b16ba9abd6d8d

    SHA256

    3f9cea104059c2e97f121dbe34b775eb0bc1a115abedaf07d2ac2746ff503111

    SHA512

    e90af2376cbbf7ef73d0c05458b2e637f65e0713c672712660686971db8aec2f09b2d42023ada960f6b364fcddee25a6253f08fe7fbaaa395b9bf1ed758decfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61c621f40e5785cdb5c7e70a5a88ade0

    SHA1

    3e1c6de61ccec343bf91523aa254f52d03db8eae

    SHA256

    a1b48de7e0c5dbef30be67dbf4ddfbe831e21b93cbf3511b95295fc6f15b1e8e

    SHA512

    3dadde58cabe384e280c81fe489c8d8df4a770bec9e8ad4a6de34a0d46e8f454c7794cccc7e530403829bbb2d7bfe7c84e4c91b1e397ff89e5ff922f729c4d73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9a261386d7ec4ce7613f8ec70b1b215

    SHA1

    1702a572fa71dfeef75d243361bda24b26ac25d5

    SHA256

    e13f641ec731846f338d69f045f8d4ff96068803bd10c3fdaf06a5e32811fd09

    SHA512

    4c0ff635bc82a15fe2d45403df580feba0859a40927c9836803673469e77cfd54a3635a9bd10132e9a5f903407105479a38a35ad848f9209a7fecda4ddce6211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67c7ee7cc66fbb0c5074b403e86e1196

    SHA1

    569ce9584fd1ebc5f4f798325b512fcae38f09ae

    SHA256

    66c0d9336210f8b92bf9d1e3ec609f1d2b74ce6fa9ccd9f43cfc5d80c3ee4742

    SHA512

    63b5ff0f4cd1f38ce4811ba7bae036285892c4b08d916ad2eeb2305ada8e225dbc44a980aff9ca9742597c44d74ab8b1ef798f89c6071510cb4ac0ef338d75d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74604a36873d96f331372a9e5a810fb9

    SHA1

    9736928293a543824f8be98f30bf01dbcaef020f

    SHA256

    30a3467b3de1313c3de2e839a74904be141ed46b22a29316d2ffeb53a8df3454

    SHA512

    c142a3d11cf7b4c0fa5e5d4ad5d8c0ddaf6338bd25d2af61b4fc551e696260b7bb14905d8b70e09a2dc19b62b3bc1218737af5d0c0e48d1a74c37aba7df9b075

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff08aed39c91d4f01d86bf5c67572121

    SHA1

    49e20465c575473a91aec79ccfe6a3d5f4d2c94d

    SHA256

    b322e826a963a20a7311fb8b655e2a8ae968dc5cf06099c8d9e5be7ad9d70ba0

    SHA512

    6ef521ec2b2bb94b37b00b9f74084e7da142ed81da12bab27e3817c4de095280b856e9a72bd9c0048ecbc84cbcc146e81e119f5fcc10b8e9a49e9786365709f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f8d83b93938f6763c566e562416e47e

    SHA1

    5d76adf358684478e4a44929135b128dddab9d87

    SHA256

    ad9f57fd25bd959a0c5287a1f8466e015de4d4345052b1785c4447da133ae876

    SHA512

    2709d9f0733a734320030b47692d9ae78012dc31ca53175d0405dc8dd5cbd385b78a534373f9dc0b1830c035ee2d3570fd0e571421566d6b0c7c506d3b5b5d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e931a0d4ea28a3953f4cb983d74cf8e

    SHA1

    83ed858e5cc46308b4fd2c7514d56f20086c6d4b

    SHA256

    1e4c3a410cf82eec6dd6f352a50006d2ed2b64a96c54f38cbc039b27a19e9d25

    SHA512

    c3ccb7e657c1636cd93b6a9f1222fe4cec9deb0898a8d4235a9d8a778fb2cfd7ee9572c9565e28f1bf8d2a9e34f84781305acbe8815465394e2ed2b6a24ed76b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87b3ddf458813948cc982de74eb594aa

    SHA1

    c4678f4a601be2d5b9b619db9c043dba5d472097

    SHA256

    e237314c2abbc92ac43efa73ae9cf298c0b6e1bbab50695e12156fccc1369187

    SHA512

    ed1c42b63d060800e925f19dec71a08c4987e2d0c76a7290dc9dfd4cc609bc8192b9c1202c1b0b9a64cfc768229d24b631f711826b9d433bdb2605226955a56a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8607ebf5fc5b2befbee83f70758d1e1b

    SHA1

    c60cec23028891ecf22e0f6cc7b1813e997cfe83

    SHA256

    3d4f258babbdcdc22be060feb7bd14c63f093bee49ce8716883947a4a532b005

    SHA512

    3f71c6454d0497a6badf49dcd34bb1d58da9d064d8562b3ef429dfbebf50f89738449b4c442bf3419ddd81ea8bf9786c940b63d9f5c306856562c60280c3b8d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5dd59e4647a8904fdf321c478188fe7

    SHA1

    a7da34542916dfe580e99ac34e9c28f4ce746b2e

    SHA256

    7a937cd1bda0104d5014bec16d0d53f0a44576e22902c5d5d5521cc659434064

    SHA512

    935b880570c0af73854b1fc3cb53f436a2355fbcd4908e5546a28ddea8fed9eb62aa23b4717911539c730b7d753621f603946e113204cf8c4012c97a8e5ec8e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    584d306d855dd3bbbe9bca95391e237d

    SHA1

    e73a19df2ddde88a49cc104a1bc43b71372dd0ae

    SHA256

    47edc858bcbefe8e64c13c88564fa221d249793a203346a5770309ad5504c28f

    SHA512

    9b94f6dbb1289aa4194665f80a7d730dd3173aef0ef7421a64cf578d68cdd765457348e065d1cb8a084f02af90078308a6366635ff1f5837a3fcb854814e2da8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3db9dc297efe2067fd5650e551b1ac2

    SHA1

    2cba697f807ff37f7f07574d6be9d1fa43db895c

    SHA256

    67e8de6fe6b9b6f52b7f5c08fe9b08c210f3cb12edd49ee9ee5e2dbdd434ff41

    SHA512

    58f7efea8121a342b3294cbf4415e0f37040067f12db7729fccf45787d96fa479327f75705094706999691d86d4b1e40e5862243125334762844429e6cee81da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b356be1266fe84e294d9d22922a8a3e

    SHA1

    19c65f617344852ae8a132aaf3a26669f882c78b

    SHA256

    99a344302f4742210c266ba4ce5bed4c74436b08749239f2c723044bfcec6370

    SHA512

    d1b848dd8cd48b5666ff8bc9b35fc9b8384cd62c471076b39d89cdfd5ffd3a7f92a7e4b0c7e9dba923c21566fa87a55b2161295c008e5f37d99efa52010a75b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f84ce82ec86b49aa47b67febea4b9d9d

    SHA1

    e6fe6cfe5fb559cf546c8721b565a2babf686a2c

    SHA256

    fa685076912425c015977d734ded8b90ab0f607014cd78369cc25c5cf2f8b391

    SHA512

    3e8bc063246accc0d92e49480b0e8ce1720d971e604c53197ab270ef475f76543e9dfab46e3c6ac3c2eb71fd7f9070424cfc006cd9c88dbe293a373f16c04b4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfbbb4b3f98c3d01ba146242269e42d4

    SHA1

    0594b66bd8a9a49e6fc5778e972acb2c74ad21a2

    SHA256

    04013f3d608e5dd09947bc35847918197b35ea3439400bdd621d1f812ff1356f

    SHA512

    ee1ea51981e688c2c73f3962d1c602ff072cef070520944a65b4d25daee979c97b62a936ccd0ecf30697780c876a4fa77f8988f80bc554317f916b5a94af067d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    742216a17c4d6eec1ed5931d3a232b29

    SHA1

    4130eb4e5842f1d3bfb19b28272a2a43ba3180dc

    SHA256

    47fcb25d66c0a415c34ab1bd39d01f2f02dd84437230963f4a1b6792609ea80b

    SHA512

    ee3befb45f1d17114b10681f3bb6b1aadcf71376a711c8afb8b41123a79b71f4b627d5e30cf452f4936917874a7da28e7713313bda8eefd89b60620500910236

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90aac3642d8085afabd5d7274e391d99

    SHA1

    b4a3548ffe45f14599f74c8fcaf80d4d7fda3786

    SHA256

    8d6f3a10d441b7bc7755985fdb47a263dccd87da788b1780e83332edfa5887cc

    SHA512

    5544a257db1b65b41119367cc4240aa5c1140fca5de657627abba9f1076330428c7eef1a82a3f1e62b501a9085460060f5eea9335c44134b74363d7908c80dc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    170B

    MD5

    c4c52328a67709a678e68523be52af74

    SHA1

    dc685b747db23edcf0b49935f43ff89cf3f5d110

    SHA256

    9b0f6b4ed52cabc431c27569ef54dbbb320933ecafa007575bd8553166ceda56

    SHA512

    4ddfae745ae3cde5f5b0e70a26cc3c39108564eaa6a4c910cf255e6b760e2b09f35e0597b237fdb989d4d1891cb0a1b4ae84f500f54ade8268ddb2e15ab9d1b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    170B

    MD5

    3d94d7e6e136b3a763b2bae9c74c7f6d

    SHA1

    21e356716a4b2a2d83fb48197f78462a7ced6201

    SHA256

    608d1a3193a053b98af4bf767d2e1bc8a3aa4185795d6d1527c0f017e5324800

    SHA512

    fc4375215f266f30ea37e4aee770f150ba5f2b3f44b6148e399e5c6198416016352747534fbe17a8bbc7faced54d0fc0bf96812d14d20188661fc4204899e07e

  • C:\Users\Admin\AppData\Local\Temp\CabF73A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF74F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b