Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 08:02

General

  • Target

    d9ec5960110ea1a8335b9c7139bd76e6_JaffaCakes118.html

  • Size

    53KB

  • MD5

    d9ec5960110ea1a8335b9c7139bd76e6

  • SHA1

    5c9e4d68a8e39b22cd43552aa4e58d61882b750f

  • SHA256

    406d867d30d8e7f9d7d0427067daa301e0c67f8dd028c2836f983a21af102d46

  • SHA512

    bd513de5bd87968b2af957fd445e791dfbb38997fd522306b0f90e1a7245d80c21f2138b5f903447c1db3bb749eabd474fecc212dcd3a91ae8cb87f8aa866642

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUOrunlYw63Nj+q5VyvR0w2AzTICbbooN/t9M/dNwIUTDmDh:CkgUiIakTqGivi+PyUOrunlYw63Nj+ql

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d9ec5960110ea1a8335b9c7139bd76e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ee02591fea8182485e5c3e5ae64727c0

          SHA1

          a3b6f94ce4c9c4835667eb7e4f31d90c04d50300

          SHA256

          cf5df47865e9bf055ba79869ecbf4c6df3a6f180af8012f2af67bcf96393eeaa

          SHA512

          f8d20138e8d6be7d23f7c6381609787b638175416b66091568c6a042cbb96f5c0d57cf18d3d3e574ae70c89be68662bc4226ac21d54d04234d6c5659785d2a7f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94016593721ca8ccc1221004788794d7

          SHA1

          625b97e72e6ed1751b103445c1425f2a3272fb7a

          SHA256

          1f42b844abe23764a8366ae03af772fb068e43aa1e607bd486bc8ef950c8350d

          SHA512

          87f00e8991e837f2da6d20811445b9afbc1d561ef5e248427627cdaa69c86e9b395885ad7a4868565eafbfcdae0077e5d5bc3d6dfa77e637ac2a52aa1779141c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          13efc4d365037e3a074f2721adce4a8a

          SHA1

          ad963be2d807a74d4d564678318ec7847b6cf365

          SHA256

          a4affa7629449b7fd6a984dc2c3128e752745d556c872046bea3284d44daff25

          SHA512

          4d477cd05297d3c94734cf6d48a9c918e33b022aeecc45f01923270236acb76ae5ac9eebdd4dc13586e3ece986b6964ae5a40f887e2121833fc212469eeb033f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e4089551d16f361938dddc99bbc597f9

          SHA1

          d6409a213209b7d5e1ac01610746c78a89a801cf

          SHA256

          62e0cd4bff78892b0a2697073833426cae720aef6a5ae4f3b47f31c3e724e3ea

          SHA512

          5daf06b60e45bfdc6bcebf24c506e91dd78a904a6946afe4fba07ee184a46610b71bfaf37442aeb68911476e6c872d66c575958ab8657144c76155f98d8012c3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4138b01ce2301fdec40ec591b3288e87

          SHA1

          7f6a15d229592cf0c5bee957a1339ab931564d8d

          SHA256

          07c355368c02aa16676f7c74cc819394530943c3c1beddac29f8d98376bbc165

          SHA512

          08ae08cb5f558ddc35ed17df2f731955a4290fc0228b65e2e77af7ca04738c6d6c0e85bc6a64ecb9a8c19eeba6a9c80b8050cfca7462a23d8d0196c9c76f9b2d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b3e492f389665521bdd2ee45a75a95d8

          SHA1

          4af3f9823fd68dd2b9c2e9dbafacc59c996d6824

          SHA256

          237f70321c8ded2d112c71bbcb5f3eeb08300a0d35537bb328f0ac5046a2bf85

          SHA512

          f988c0fd621e94a65452255d24751abe41e859773140825e8fcd8a47bca2d70191a59cd8e80220a55d77adf03a3aa75db4245c23cb5c4d76a91aac31c233aeb0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          830ddcce891d60132ce9da84d5a74b57

          SHA1

          ea070357bc6e5ff288f3b767af6c61fd9c8348ca

          SHA256

          2fc0d4bcfd6878af5d6934d65178dc51697ca82f0ccee8597aa34fc7083da88c

          SHA512

          1dc95f5044dde1393dd31bd45a85d037f579c9df8098162cbc42702380634faa854188b56ac3fdf4e9eb5464e0b2eb4f7405b235ced7bdc6fce2915cccda82e9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7d12dcab1e1120892d1c957061d5df35

          SHA1

          629b395ab06acdd38883ae7c6eb7ccf5fec7e2a6

          SHA256

          ea304a06665cf56f77392d25729563d2c8a2d96d869217850c790f14ca2ad10b

          SHA512

          c2c3eb86e7ccb9c0eb51ea50a9c178317bb3b07112306f564aa522cf581c6cf2b500f7eb7c0c4b1e29cd1318ec4857c413c6ae764e24961c7eaca5bf218f488e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aa4f56969e445e1ba0030b891220032c

          SHA1

          5863c20a80bc3f1283b80ce0be3bd8eed283e24f

          SHA256

          0d456aa55d1ac470d6e6e90e96ade53406cb18eb6e59c3953fb99162aa40ce25

          SHA512

          c5af769fc7c1362a18402fe1d65c9cecb2be37686ff2c8be85b00b6900baef8bc491856d0d23394950a801c5fd329f3ac05b33a7a983562604d6b04c5a049eb4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          030cec49cdc7bce91692561baa3c847f

          SHA1

          f8b90612e75ba880c407b0acc597d1b58663e0e2

          SHA256

          d4e7eea36bc9f47eedebae344d74a9a6232148460a15ad2ba823dfb5f92ebc1c

          SHA512

          cb5108456d136ad792d0588306e2dc2148c86669f1a6efbb6f00dae1d705ec22206e142e38cd6f7793f12c266e48677a91bf6df31feccf1dbf60ff4b9d69892f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0b450705de7066cbe76fa75b5e1f0cbe

          SHA1

          2f2cd20f078356cfa3f3779c4ba3504fc5d2792a

          SHA256

          e8968abaa60c6b62eb8c182d36624581e9bdac443607f0b8c0fa04512c9459f0

          SHA512

          61593760f00f6a5b2d659da1b4ef7963ed77fc99061629da6bae7ee63d52320364613d8d3906579de3bec634e235e2326c3e9daea2c3b9abd28097230324dc5a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5fbd52abaaa98d9ffdf52cd86d3c5cd7

          SHA1

          6f038e7b0f83d921444ce16f4313aaf34b1c9961

          SHA256

          1c0e4add97de00bde624d22f66f9647e2c59c22bc7e7011cfd85887df43e657c

          SHA512

          455f4bbf22d8d9e6048e821194a05524b291b5eb0e74380cff77b149cb7402554ab4566854d7e46dc2665b2140b1bf51bda0cf5eb0baa8db21e633d8d5fa5835

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a78699e13e2cf1eab6887c793a6f9724

          SHA1

          3d7c8c262b1bd5fe83abd279b07d2ce655e4650c

          SHA256

          12472d7e3381d1eda216f66e9474ffe0f1ae312f6f0498de6ead0d611c3dd436

          SHA512

          c1f8121e72ebd433d97c2bdba0ad4a5b3992a142585e35d71aaeb866cc58fb2df8058b70d9353c44c8d3cd3434b55c2df966e8db958928bd9d43bf00dde1467a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b092078b30bc6e83d0dd200958487cf1

          SHA1

          cc73a30ae43728a4fbee5cff19773c531d66f700

          SHA256

          a67aa949fe1e5f3240ee6ce00b0a28e21756c373bfbf270fdcf72b19d3f67fab

          SHA512

          52ef3000407a5e1ca93e781dda7b61454f75d8d8a9da0963eff5b842bb816ffeb56cf35f4339158c1302d9f32ec91707884d5d40a06a2587bebab68b265953c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc43f2cacd132e08e333253b5c1866f0

          SHA1

          f5a72efbf38862455f74565863ca06eaa549ef42

          SHA256

          4a7017856d9d2d4e7908f8ca91ee240bab5ffb8bfb362c38d9a122aeaf1d7c53

          SHA512

          cf8734d99c3dbf055165a574037731a97fb6e6bd8dc44e9a28821c50e44d24d9ed6522a51b2ce7f93090659d91e474d1ad52438e3e8bbb776f9e4562e6185e43

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b33083356e110d35cd33dd1303443a39

          SHA1

          b2f0b7877844672caf415b1a9afe42dc0268b3dd

          SHA256

          cc3a3cc6f88344495a9c27445fc45c0e0bf778ddfbe671560395daa1872de82e

          SHA512

          42e1646e4967a480703008e038d42bae174ad420a8a51f3beb677f9297dcfed9ab744ce10bbb6421dc3a6f1c1d7ce1bc47aab795a3d7a1323af48f2ac8a496de

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56KJ964X\print[1].htm

          Filesize

          706B

          MD5

          67f3a5933c17b3ab044826d3927d0ba9

          SHA1

          5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

          SHA256

          97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

          SHA512

          03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

        • C:\Users\Admin\AppData\Local\Temp\Cab6D64.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6E24.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b