Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 08:04

General

  • Target

    d9ed5918f345230c364a062c173ce59e_JaffaCakes118.html

  • Size

    194KB

  • MD5

    d9ed5918f345230c364a062c173ce59e

  • SHA1

    28122cd0f6ab455edb6933c15c7c7e23a51bd93c

  • SHA256

    14f4ce8f24f0fc0a09a2db941878d1a5872a78905660f4a07d27ad578f531fa9

  • SHA512

    d4fab5f54b57ac8edb926e8cacd2fd3a78e59edfe69004b4bbdc732c93ed176e33c0ce66981a5dacca2101601bcfe6008267b6c2c9ab26d229fa1b1c9bd09019

  • SSDEEP

    3072:SjL1hyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:S1ksMYod+X3oI+YS1tA8

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d9ed5918f345230c364a062c173ce59e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f47f6ad080931b0eb514c6b73f55761

    SHA1

    c1621cd965b8a7ce5e9e8ee169da975d553ce36d

    SHA256

    bb68e88e82ef315679460036f577f5bdbf9423c0b71707f97b2501136037a6f9

    SHA512

    b3e495d5cfe6cef97701102bce0fc1f3903a84440d41ed5b24fd3f4961302256de2bac2f2d14c92839619c74c63e4bfc3af13e96c1be3989abfce576ba7dbab5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77ea558d46e0a075ec818e087345ca6d

    SHA1

    dea6e01131547dba1fcee88ed577dd0ecbf65d3a

    SHA256

    3121e94e5c55f698d13de5fdfc06559a8226a4eb06201318feb56e4ccc9f7ebf

    SHA512

    b0cd8505e913c7fb83339b6f1b743ee0adbe0671f707524dfa0a7fabd4db0e719cea8a2474dd1c4bd66efd94a2a867b4954bf7a028d5ba70e39bdc7cc17e3af9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8cce00e4a60388599f6eff4e7cb9db55

    SHA1

    37609cb22e48c855054db34f543c2eb3c589a350

    SHA256

    9c0f4de0d47cfbf9e3feb627708d6b2fc20c2ef956e0a8965f6b4ab6f0fd3063

    SHA512

    8019d36890624fd0c5349b25f104f84ac59fd9c7aa6e352b14a8241e2ac89ee6f7540f17931b8de39ed3d3daa5730eb1b4d0c96bffe21290f9655fcb2f684bbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32be16c9dad9a74adc6d3fb76e4559a0

    SHA1

    38a07719325f7ac81f6d0db7ee1793c7113ec57f

    SHA256

    ae730db58cea9e6d5edc062c35e06f1cf5b42b4393b65b619ecdf5013a819670

    SHA512

    da349c0605015771923d214b19de0c48b33cc361fbd78b7f698f8ce09620281193eaa179df30b6d02de3d949856c500a048043d016806821ce60ded4f18d389d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    142e2c43d03642bdd3c36bf5f1bfe135

    SHA1

    bd7971ccaccb6d665b1d7cee9dd90b306d86b757

    SHA256

    d582e394a1c9a4ad7e7b2055be6131410e83e3fe2d18a7fdf4e5c81cd9fbe7d7

    SHA512

    bcf0bc9a2cfbd3ade1acd09a29176f5ecbdaee2a20ecde119bfcf33fb17ffb6884a6e39162aa768de8e591b4145d18aef899286cb314b9337a6984e28e768ddf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8257d93ecfd8a513c6fb53f53a6858b6

    SHA1

    fcb6ae39aa4ed1cf073c86511627bb1e99864435

    SHA256

    9d859061b275d176181b9c520575b4f543960dfd9b4b96162837121c2e82291a

    SHA512

    7a076d42c5095404d3ee5c74073f54e777787e1ed832fabafc7fcc1cf4eaab5e7e49e339cdd11b632b476fd0c887fefda6caad5bad08458d3e16d5a7fd0b38d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50e930aacee957d61800ed884f4bc403

    SHA1

    bf402d41b541ba9731244ee508f44d32df7b3967

    SHA256

    9c17261912ffdb39d5f26e190733fa0d3eacc1d393c7c6d860073cd7709cfb21

    SHA512

    5621daeca23199a32fc978b1247a47a3aa1b674b090dcd612182c68cb84bc78a8a900d2e170f4e9e4f27396fab2b3538c9d2bc81fa4c21d27034289ecec020eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3622b394a11c4d5ad5663f067e02fc24

    SHA1

    503292f8a138f1dd4d9cbb7f9a91840cbf38c834

    SHA256

    b483613af7cdf644c7af215f708fe47fec034fed92a55361d80ae6cf938080bc

    SHA512

    f4351cd5ec5b25df6dd32135038ec7bd1fdc560dff5ddfe1d5c3f27de23e49f2950ed79bc8d40112b4bfb90057ffc961a9e01ace6ec44a2cf6a247cfadfce8fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b53de49dccdfa049d7c789d87de5bef6

    SHA1

    219c31d8b056f2635cbe262eaae6f2c457aac9a9

    SHA256

    72c6ca904498b19cf96009c24809abbe55c41ba3d7f195bd045eaccb91608779

    SHA512

    664d8e74c5f0e6c2cc9c62d368ef974aaa6739e361a9969562defe9cf93cfd0c646c88d4d58d3e3c0ecbbc70d60850febdcd2b68c33e94b3a01030cbf490df69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71ab71abca18a2e76a17195ebb03b939

    SHA1

    f4e8e1477cf98763755e026a0556c524548b50dd

    SHA256

    3132c27ccd03e1b5d58d12139eee12b5eaab8167a5a16ac8e1e0e576aeda79fa

    SHA512

    8a14807acb2fa59cf786e30c508c1bec10b336775a1b2893251f36fb821b0c5dafb9d639b27d8fabef22bd8ffde615754a2ff3ecd019222f0ed6f4a93ceca279

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a4a239727b9e46ee175b9557704990a

    SHA1

    caffc1b55a2e56372d3f6070435a37b6e712b680

    SHA256

    ef8861c0ffb5cfe526bfb68e2936126e5e93d802604f4f819ea3f1469ba89565

    SHA512

    515a9fae4a0e1cdb61057b12e2250a06dd072f72a2e9e56b3557ea9d35c02efad75467fe62607505555b9f506f34fa31a11bc073f60b8c781f2b7592a91bccdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    561305afd63f8ccde203e7fc2ad71004

    SHA1

    6f279e15d27ae7322198a881c7cb158e451b5f69

    SHA256

    5a75e69779643e2fb3626c7b8b7f214c595fadf9e178945e4783fe5f0b2f4668

    SHA512

    3bfbc2c81932552ef775cbc3b69e294c0eabb24fecf245933c254befec6bbfd6239026674ec6916fad9ec35f9791a5c343d1a0b5c1749ed9d20c22342e385302

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd4719070cff65b93fe9b4aa25500116

    SHA1

    222d803af5d6c9593a5d62372b4b1afe7173e83c

    SHA256

    b077bedd1619b04ef5e10bccd9cbc35f1d43d2ffa32b1953a68ae54afa77fda9

    SHA512

    1dee7992ab1f384c2caa33b13dcee001ecb8c638f48615887e688a7327f6b89009cdb7cc83dceaa64b4c6980f45e35007383715efe8f75304828cac902096e0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1607be14cfec86410a40d69ac3d67a8

    SHA1

    745d9045669b4afce4f2afa16061adc2c1342a6d

    SHA256

    39950c91a6122fad3e5dd7e7b4f3ec1e984af4213f9496064e011944a4ab1b63

    SHA512

    a3b1c465d390f560663f46b538dc948099a7ae78e371caa5447e1e5d5e7c995109e5c7bf845266c477d51a411aba8503c3870ebef8b507f771262b581ae84a7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    690deb069ec2879e316f5b0b7915d376

    SHA1

    2d1d00163429069d4aae8cddc234dc4dc3b9b7fc

    SHA256

    da7ceb6fad19d990297eb2c4f6de516f19c6b9c3a98de3f9c047c0d325a4809a

    SHA512

    970d3beaa7224f2fcd49edc7c6e099b137e9c4f012aa162f45249cfcb4009271bd7f4de0256e641ecc5425a80338d7e43bf02b4852dd8ce4be36da8ff50b7332

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da28a8aba087a5c5fec78117b6dde69f

    SHA1

    04ec1d6755e2f8465c0eda797a8c215bec958280

    SHA256

    47f97152eae4fcf8cefb1a2414eafe8e4d1fc1f7e76f51bc5ad7be3b2ae7c8c4

    SHA512

    6362234f24ff3192f7ceb2f29513582ed64d8bdbac69bea979e7e4c50ddc79fd6e40a1be872815f8e0a4bfb802e3b6c8e1350856e9cc9f9c3a811a3bde00ae9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b49ab0100917dfba6545fa4cd5e6a7b0

    SHA1

    b6435c0fcc4cd76b8199864d2689c7d27aba75a5

    SHA256

    bf2b3741904684378dbb18d341015b4490b73639d174b286fbc80dd4cf4d0c1e

    SHA512

    72ad392077b798fbad9155bfa1965c4fb41fa304587646e6661743069e52a0bc359404e4e7cee8b7ae204252be341a161c2dff8e2742a8d54f4267d6043f3efd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f01d63d40a95c4916149fd44eb7819da

    SHA1

    7384d716c6562288278ec7f1c1ba1621fc83603e

    SHA256

    2205e7a13400163457d773812ce602ce70f4fbb7418107c6ba71cd7bc1de35d9

    SHA512

    564db5ceb8260224f8054c472712c69759f025f6b4d8a5dc6cc27bc9ac60b099c6c042938c005ca52524bb11276b3831196c4e8992689e2d9fc3567a7644e8d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f83ea82c56d6e43dec85c8b89e1e0d4

    SHA1

    75e82eea7b60c8f3b527e06401eec5bcb0b6f744

    SHA256

    7ecb735e53ff7dd8f38f8ebde07749e502fc494dd06b6d7d11a82502b0d2b70f

    SHA512

    8fa1c794df02c729057337cb05311a474260d73717b199cc705e0e3e64b1631d8d5164bc6224d0fd9b9a1c1448f383a471ab41e332ff022a9b90fc33af319f81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b88e95a0d8c067775edf4fe1798880b

    SHA1

    c9eb9718d37042759f8d47c8555f9d9a8dc13f14

    SHA256

    ad1b7547c22659188bdc1629b4e11871b5e9a6e6f5a9e7c18bbb69154e106942

    SHA512

    47bdd10f8f08b080e41bbcd3ae8ffc291be1c1170615ca89f5d2d3734b67b3b6df4bbadc5fdb61c32f69f75fe0651c16999b0bd024cb0e1c4428ea9f627ae5b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc4eabd33ab6deee27d538d11650369f

    SHA1

    4919bd23401a7c1ca38a575ddd63ce44373a6153

    SHA256

    62c89989d7d1df80e301ef5f6181caa7d5ff81409cbcae853306afddad8f457b

    SHA512

    143b0248898ea57884af618d2a16fe2c0714bfe74b013c056db0f2a6293014be35a21445814d91f03c89254782fb98d16d1cd22b3989258ef65ac88ffdbc00da

  • C:\Users\Admin\AppData\Local\Temp\CabD5E7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD657.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b