Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 13:19

General

  • Target

    da6e0ca2a02d54bdf0d04dacacef78f8_JaffaCakes118.html

  • Size

    47KB

  • MD5

    da6e0ca2a02d54bdf0d04dacacef78f8

  • SHA1

    ebaa5a55fb4993a7dbd852d0cf932a5f0e05017d

  • SHA256

    f9c1b90c4fe5ccef73ee9efae88ba934282a732d889e131fd9bcf92014016cbc

  • SHA512

    b06184785ae6462adac3abf826161c6036ab3383898f8744f504e1d9f61e08a29ea44e4b6562c3a7d51541ef0d4c03ea1ac4b44c6a20b32614f1f203f058a30b

  • SSDEEP

    768:eayHHvPWlokKwtQVfG1hizAUFEW2OiCoooZJNeB6Jt:e3HH2lJvtEfLzAEZiCeNeBk

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\da6e0ca2a02d54bdf0d04dacacef78f8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    61cd5dc79825a2860817d9b3494ac116

    SHA1

    4db211856f8329620190afeab4f32def6d842ac4

    SHA256

    ea22e59fcb773324f5e0ecfba6453ee9f77f3d542d510a917904ede2bc4fc7d3

    SHA512

    8435cd087969f38c746f309df5cabb90d2d2addf6635df8f091edd8bfdfbdfc0b62997a4a68ffbf41c1c24a3ce9672c7dcb03ee2e5711c6673f0a445d2c8d4f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA

    Filesize

    471B

    MD5

    e8bea1b1395eef077c9457140e0c8224

    SHA1

    08b79767fd6eb532141bb1c47dc80b94ef1f7f14

    SHA256

    3b79b11ddafbeac29c754a90673fbf2ff69071e694314188dd5cec0cd047144e

    SHA512

    efcd33ae640fb78776a3115836771442803fb38101ce5ad3c022c7401d1b82cab9cc56d3d104c8720d5777abd73f0aaf0b5ea44e21b2996c5169997e751a020e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    170B

    MD5

    ea602ca1371c9db36ce602e3ff46fd10

    SHA1

    69e28e6c46ba4590f8faa1aede666219f4c71f3d

    SHA256

    20dc0dada783c74a4276a74731f629f64318ba91cb451e8f894671b78febebc4

    SHA512

    2c609b94c69d74cb18dd45d9378814ca154102f388562ea178ad022dcc97f756c33403b0e699d72ddda5ecb34284d28f79e19a3a94db361aa9bb81d7c9f64116

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    ab2910f0e5e20991cd13231d7831bedd

    SHA1

    feac94e8aab5b5ab56e6a9dc960ee2d6c89538bd

    SHA256

    1257a24ed68cc88f0dbb58250ca6bbf14bbaacd19d1ef67d4a3120dae23d2b7f

    SHA512

    63dc9cadde1d1e5c23ebc681d38774d31c2298b14c019ac81dc97226da6eb06819b8101e731cb1dc28edbb7582596a0263db79a7c2a72575860f6812520783b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    79bbd86e6dc936a55ba47d833890b08b

    SHA1

    673caf719552b654f3fb645a19db5caed9237c69

    SHA256

    d03839c74f33385f5e076c24fb9c3e70ef6221dd00774d3b43d4cf326658f60a

    SHA512

    ce5340d031abd8a66adfb951478aa01536d4bc875e8aa3a09efb7d6b33410e56196f49154b3e417f9dca6ace3664411df496000d69285e641193984c5f5e1287

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66286097d3ef675e37ff31f1db93a546

    SHA1

    83969c73e0d7e552b0143d28df5eaef99bbc67cf

    SHA256

    495664f2e6b001c612d7ec90abe9f1baf76dbcfc43a195663b5606847dc01be7

    SHA512

    c3f40e75d7c1bf8aa450d2adfb82ec8e3853971dab2f8b5844e3d5be398b078a4bfe7f31fe7d331ffa5f57aef572a6fc32f93d70d4e7f4a0adad51914613682c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92a41c974567752a6a50b619df6ef4e0

    SHA1

    3ddb86eaf9bcf41f79fcde2200a64394521bf552

    SHA256

    d8298f8a72a3d194b71c31d5f234e44a33d81f38828dd9ec08ef18d9ab5fc1aa

    SHA512

    3abb54e924408cf4229021d60a8b3f3138762bfceed40ec482eeee62122314ca26ccd4a3107eb7ace04f22a3a98c8e0c7e186236b2d3561511aa0cab35de3f3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    493fb378859c64620dce4b413696f5d4

    SHA1

    de9e4a7bcacd9f94944a57196075523d212467a6

    SHA256

    54d44b3e4d0cab6199dea5f9c60d4969941a37e710b01be0929f85dd637dc809

    SHA512

    6acc831cd128ea1c8e41df2957455ef5eba626dca15b2a9f60fdbc729a4b43453fabffcf7ee01b16a1efc1f8426a133a5c39a5cfe352548d959f15b5e18769b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5128221e41a071f77f71ee0429283c5a

    SHA1

    fa1b65f1313dcc2f81d66c4d0ec46dbcd7c216be

    SHA256

    e839dcaf702e7ed5a852a3d3ecf1789ee66a861a4b1484c4842142234e4767c5

    SHA512

    0b3a17b30b9efde75eae18257db19d007566c6c5e8d8f1b11c391e5608fad42fa9c8fc003b47e9761db44dc884c8270a30436eb7b47c7dd664c142e7de229457

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f613708952347989ce7646c4487d0496

    SHA1

    832da9419bd99f93f8d63c4d48c7088026cbfcd2

    SHA256

    43e46a47724a46029e99245870fc8bba3c9a02954ad413c5a5c849947b8092dc

    SHA512

    18bf84a1211769d167acdc1eaf56f53d76d46a7743ed56b256a1af4b63c78dcd454db171330b48d74747778c269d63bf0fbe7752239a9dc6350707d1265e24a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c1c9bc9c5d0226f7dfa4bb78f82d070

    SHA1

    7eb690390cb504a42ec99d2b8776e5764a09ccfd

    SHA256

    d201b49749efdbb15b53a2771047801d23cf0319d5989523b0704b70dff32e9e

    SHA512

    d65b1b5666f25ac6b649128ab19b94de9dd3bea4f9cd4ae8888c57fa2e4bc80dcd48294cf37c146c7aed73fc769524e0727fad430befe425e7fa496f034d63d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b4e3ef5779a96246bc374c48f9e1495

    SHA1

    91b2a522c55ec41d6d99059856e4644fef723dc5

    SHA256

    9551ce849e26012aefe95351f1b8d27665801f3b4ea95f846c25535a2748acb7

    SHA512

    4ebb19736908d99e867487c2c9ba7b96c602b3318caedaf43c4834cbbf0229167080853c562779d5de85f72aab9ce7eec2bfe2fd07cb5d5912b0ec63bdba403a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15a273d280e37e857b274d1ad8f4d5fa

    SHA1

    99550e5458528f588cabad717001b8450af9e45f

    SHA256

    93a9471462973f8a2a718eacb4cd386f0a17405c4062b11fbeea9aabfa4fd810

    SHA512

    cdbf1e9afbf235b8340718ab0a845d63689df51b041555a61e832dc0dd7f911d5ca618e4657c5278565dc972da585f5c60de385b5f048fe4cd3bb7e5d5d283d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ff0ed23ef10ea5d54a0bf4b84bf04d3

    SHA1

    9829224587403c1d36e477eac6cb44b1c61e656a

    SHA256

    55e64c1ce29385a8df34aac9bf6f34f7878c8e6e49c556ec55afd87fce4d9610

    SHA512

    8674591884e5b33e2955cd3465127dc14db63fb3dd9687605c0d06b9110b2deb7ee6b00f0384f776c7b6a287ee535dfc24018e7174d086d8364fb534dc13beba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c641e3e1d1615edaef684e1fba2f0aa6

    SHA1

    0a71d5ab7065b4b52100c5c9e1c43abe623b2092

    SHA256

    526a441c72fd977ebec8f85d2716bf5f2465e7f6cdbc02648555ff7204641d34

    SHA512

    92e70052ef4e74c448e11e5ddf611306347be74d5f6bb3c3a176661a18b20c989663842bbcd0eb4be291432dc449ad02286c788931330c436a3b8cd884ab3baa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dea1b19620cfb2f31ba4114c07a4caf5

    SHA1

    2ec243419052117b8fe8d018c3c7316dedac39b9

    SHA256

    3ae61fdc30699f3acc38eb9c26259f0f0bbfee851fce2f2c07763c6fffe71065

    SHA512

    fed7015f1d00c1ce77d8ee85676370dfa6f67c32effafb44e39821307c1ab5bc346347200f999a17fb8ca4d1482de1c59522b8a8eb3d8c0adec7d013c9ffa0b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f47e15c53bd5746d17b359817da2dcf

    SHA1

    59a87b9e5deaa48d1a932db19221f3c3fa6a7085

    SHA256

    e17f645e3c570d2f4f77224f66017d6b7ff9f3f33efc67f301345a3ef913370e

    SHA512

    da1617dea5f21b8065c7b09c02d2b815c5f4ccda00e03a5305d48c4e4a204aa1a396f9e58056b3ad71756a2977d4f172c14abfbecee85dea90661d53f747d507

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66dee11a9597affbbfd5484f86ef2b47

    SHA1

    1391a6185a21b921aab9d822469b598df78fd433

    SHA256

    d793d5e96d15dedfcce455758f071d88862c11870a9154051d334bc49ae33873

    SHA512

    18d396215e3d8d2b558a51473e1a2ff4c6adae01e530eb2e31ed7a56ed346fec5af8edfd0157dbb6da2ed081a725a6eb4d1764ce0f92855df9b4fa9dd703fb04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81a52cf2b93491092a0b1924a5ba2776

    SHA1

    08b60816621a9f7133336a4cd5cce8b0a4c3316d

    SHA256

    d8e41d1b903b2f3464a100cf03589b552631e6a2ba40820963c8aeb62e91a06f

    SHA512

    938f6a42af3ffcb3ff6dd921eea9847ae0cfa5116eccb885779a063d2e9890e1f66084d939b6da592960301db3a9eaf2df8dd12ef17889bd42e8f462ba0ae831

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73317833bd41e7a13e91d64599343ad6

    SHA1

    6ba56affd8bf175292ef1d3218e640e6a7e7c3c5

    SHA256

    80d6e362bc43df7744b9513635cfe6a8a7ed536e833c264ce2cf3650e2e408e6

    SHA512

    1c53aaa352086ea6d44c67f16bd1a815fe0bad86a27c4e5c0577a9ddb56cab8843a741b79075991051ac73fac26541ec497d58c77dfdf52c433bdb7e593e4e4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcd74857110b3fbbde1c938155c618a8

    SHA1

    1c4cf88cd4486ca90a1af6e32ec0d9336b53e3df

    SHA256

    1bb6bec0baef433db3d0c1253a4c8471e24369a49f57d3c4ec10e4625c3a2fef

    SHA512

    5d4f226bdc46a0c1f650f1feeba90821df1559fc1933ea4c7867063c5f85f7e17a1385715cb120751a206055a4ba83cb0b3258e21590c4b0d68983464f485540

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfedd75cca99f0553eead26d464ed9e5

    SHA1

    9fd86f9bdc182dc8ba3a35fbb0b415f85a257383

    SHA256

    72049accdfb98fc51fd5c177f79ae2a32a4ee06c926a9639625930e4d8f26ae9

    SHA512

    b311b3ed3755e3c29d64c3c0901e94045c4450794a3603fc58c89868e017e47e4ac23e83b22de1e5ee01c10babfe3cb2a962c392cc89b30032d1eb103bf8c0ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    125adddb34459165d3ec7809361aa247

    SHA1

    4b48577f5bfd6e19dc426af2021bfb2ae718cc00

    SHA256

    3dfad648604bdd3e0e9e882c0d5022ae7a513fc5b2346e5064e74cfdba96aabe

    SHA512

    398859afe0f653576c27a84ffb64e5d87d3a8fee69253348f15d1a2c860924ce81be41d9072ab7185bc5152788545b28b0c46756398ab743e060af64110e5c47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97fa2429d3c90628104112eb920a4663

    SHA1

    3386a02e57f9cd24715f8b8b1469bfa06d195a9f

    SHA256

    1e76f387afc952a566f4976df3111404216936f2bc76aa898ba9c183170fb4e6

    SHA512

    f523a1c11ae4d1968a34c3d4819d72bc7345271f01757965cc107afcf4529dab9df0c47619a20fc0d1645b1ce832ef856451ca5f2ab5e8056ff09f87a411e74a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54ea7334498d5fccad03df993709e79a

    SHA1

    7db987f59a79a4439a241be44a2982ab7fc1e84a

    SHA256

    026c127c3d1af4cabe7956ce134b56046f8bf4a13810825605f296a40d2b8065

    SHA512

    a94aade679da3a4478a8330c6eeaea4751a1559980be2d6ec679c1c69369c198e730a528c42c1df0493bf3684874a5fdca0673f697bc166cc4913d97d71af1d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb810d64b66b835e32dde159ab629a3e

    SHA1

    8baf38ef7beebf9c589dd44d3b0fdc47a336031d

    SHA256

    e6c526dcf5555c3dc33b7cd571c9b7673f98598a82006ab54455027248519feb

    SHA512

    fcaaf24dbf9c962fee3a07dbd3dbd5226892dd13a2488c068120a03ced987cb4ba28d13ac20559a4eded7c20d89c146c3a1046e11eb5693b9d777310fee92a1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4db528169796140a99dda09febc899d

    SHA1

    35ffd2022076227771b4f1456ad264fae8eb4253

    SHA256

    2009871116c8e67a516fd141b5b29c8d892680bb18bd7f39a4b9dfba293d846c

    SHA512

    c0a020a2f443dbafd019d81097087a5687545983231ceb95984451cdeb8453eec74883227b62ac2c2fb835c9f8150f434a51c6151c3736a4186e1661baffeb1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2241b6d0e5b28715642347f274c2bb10

    SHA1

    4b76cd69bbce5e39971a3bc7454ce83a3217e264

    SHA256

    4929ed23347335d83247fd3efb9cc3e3d90259ef8f58e3f21095819ba6919282

    SHA512

    7795084b78b5eea58032b16a83e3b8e96d0e593531a8864fffffdcc850a9f9d5888704401b41c23021c9573e153e23d257715c405335cdb755a76d3102692dd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    068a8916c7a12737747f36792b8119cd

    SHA1

    c37a42402e4bc84bcc76b790af79456fe33a15fe

    SHA256

    8665327d3e04020108e28363201afee77a212bd75e7cb32f9c0f9e8b8e83c221

    SHA512

    580a41174d1a91bca693066a8ff4b2559e99456e1bad5859e15e8f9c00e36a45b23073e166142082039fbed775b82a3f7e92fa7f7fe4cb1b85c07099ad49991c

  • C:\Users\Admin\AppData\Local\Temp\Cab409B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar432D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b