Analysis

  • max time kernel
    68s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-09-2024 19:58

General

  • Target

    db1e6e736b7b935842a254418805f163_JaffaCakes118.html

  • Size

    4KB

  • MD5

    db1e6e736b7b935842a254418805f163

  • SHA1

    0484fe3635cd2f37d93f097e04f92ca01a8bf58d

  • SHA256

    39365a7928fb3880a25bac266e21a5ebc3b1f14ac2e558e8fbc2fcbd63998ba0

  • SHA512

    fcbdd6c013123208b3c651ee8ca2c6c57c4afde37b8f51106921f37b75cb1b80b0f8059182990498b76b3f7c38ff7f83317ba09ef6941cce56a735f313149a67

  • SSDEEP

    96:ziEHCmV4MSEPBDvV0n47ej/hgOKiljTR1QnynePhUma4TlLxZ:ziSdV4GD8/h/KiZ7Qn/PbTltZ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\db1e6e736b7b935842a254418805f163_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f8e9552a75fb17c2c0db00ac0c029e4

    SHA1

    4a47a8c320bac4f9e96acc5658e16275ceb14619

    SHA256

    768fac72b50ce1ac9eb3a81b32ee8010426f95631c52a6f679a937f967f004a2

    SHA512

    599645dc4247da6c9ccad244d49112ce6fb9b0b9cc65e71351f72caf847371dbbfabe370bb7cbc8a8d03e95131f46bd129f5028765c0d66529b744942f510c2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    187c8be57d8d068b5a7d2820d2806b45

    SHA1

    d417fb5c03e23f8d93ec2ee9fbbf9a153c59a5c6

    SHA256

    3b1161eb88e7cc8ea35811b4b5f42e94fb0ab86b32bbf65c4af4657e684e1205

    SHA512

    4f8fadb4479b6647147dbe669d065c89df8597030195522ca8abfcf896b6ec1a3ea9029689446aa79bf460802bece0cb1f2a741c54d98bc0fff6224d405e006d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9aa87fac7f1a3151622f66e96080e0fa

    SHA1

    906ae3338eb5439da39654daf4afc540550be15c

    SHA256

    18602040f5cedb498145b22ef274c319f13b7b7bbf79a24b6c6a439bddb575e5

    SHA512

    0af565141342085e3ca83eebcf04fc7f7a6ae9a832bf84642559b36d0457bc8e478e98f88be6a5ffc5959c07b73262f21aa162724c423d4d4135618020582e8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c0c818743dc5372ca83218f496fcf86

    SHA1

    706e1a35925da8ad52827e4515c01b656d2b647d

    SHA256

    2b9f780b45b945c82d5ee672a3b42a4a3abdd45a716b2d7a015d3e348a14c652

    SHA512

    236c651022c2106910a4b5a5e865fe88b898e3a340c40c93d6daca695886cee64ce753faab70ca2fa012bb8b44f7639c004f27ade74a1a9926699091c0f5b2bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cde5fdba7cd0e106c2903e4eeb53ef25

    SHA1

    a2c2cfaccce7ad045b80a3fdd0b3aa95d1e8a55c

    SHA256

    e0747f662295ae95562ba30ff8302c0089f0c0824b2a0e69f9b72741817baea8

    SHA512

    da067689247012a8b2aa5eba6e13dae8185617380a74f98855050dda77bdd30866fa36e56ac7f02b5b49ccf5eff904423af42e61add6cdd7c96e8d85d12dc409

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92ab7b93ec2b12920d526217918893ff

    SHA1

    d9a157f12728a5fe9f78c5b6f83b675bb39e9a6c

    SHA256

    098084b09984c383032dafe0d9818abd6cb6d27cac79866796e310006d7fd5b3

    SHA512

    7fa8218d6914798c903de0ff81cef79a0be3518bc9973cdf2c53b8f35d385fba4cd8be16640d34f15ae128dc46f1bd7c0938b111aa0d224c3b3d2d0e98e753f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8b7f16c7a70963cf4c3747306455163

    SHA1

    8fc4f09e017ed34fa388d8c892731c1b73365562

    SHA256

    e48bd260aae4d7e5c596a607b85fba21ccb879a628366ca85c78d339e48cd015

    SHA512

    c4021c5ab6ee1f8a513479865c21fb4bb645cbbf6790d4bb33125ebe331e2d6abc5a8316fbc825010d7533841bff73331224a101438161d63100be40bd4ab3e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b32d65e98993f911c02e80deb9cd322

    SHA1

    c2a9ab7fe635b8e5c66edf22460b505b32d3faf8

    SHA256

    11029be02c1336c6a86c2902dd54ae5567c7088b937cd7b307f2dc1fd53287ea

    SHA512

    7b64d8c4cc4281b0ff7bee1aa6bfd4f0c67d15e6eeebb5fdb5e0b3e1ad2b508b6ddcd1929aed99dbf7d5e985e8d596c8b35e54d9013504c0ff4e167cae3d6b6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c467e63bfbcf26f68929b3ad516e636e

    SHA1

    9eb69ae7185475f210524d90e87275bd308bb027

    SHA256

    10b04de82309e03d5a57fcd8ef021c2c5b597b8cc5d8b484f2bb74a29337e288

    SHA512

    6accd2ecaadb3db94eae73c18e631c6827000f0ffa621f38c56f6801ed4f9f0277e53c16000fe1fbee8e8e20bb3ba5d2935a4dcc859586384aae29fded67acbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed3534a796ba3e47590d2b5f510f4e23

    SHA1

    3e1cb06e5a93f79b4604c6099991d486910c70d4

    SHA256

    50c0300cce85ea016e0e7b10d09ea626e4dfcbb6c25b135ab959a17c1ecbc090

    SHA512

    929327df057fe73913e06ffa82c6e0a9df9772eaa5eabcdd0d3fe1c41478835952f21e10e8a9b5e074f809fe296de9ff7d265bb5bc0e0f28db88e2b1994c0af2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81a704e4c1d322f1767210f0ae5cda0e

    SHA1

    0b312250f40df2643d3c4edd2adcf1deb5bbfa41

    SHA256

    17ce451be0266c9a6d5483ac0900f88d1cb41778e749318126d6c4997d5c2dbc

    SHA512

    fd47a0c0514d8266c80116b5302ec0d60c25e5292da4a08acc1fb93ccacb4354baf2d40a6d21f3ee3997179ff1d159a554ad327d880cb94436a0ae3817ce7038

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8c34563503339489287bd22ba8a70b3

    SHA1

    0c2b64fdde396511d3d168a188071fa3581b0cd6

    SHA256

    f83826e0f39af627758f930a9beced1e7287a6e8d9cc12ff3967feb0c1593ebc

    SHA512

    b40e78000c75b2e0285d37e2181746e523ae1b70cb02da344ac0c44e4e34d02709efecb1e1698c70ca7c128306047d56ae87408cf4b13e00da96d0e3086e019e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4755545127ff3028ae5797f6f961c5f4

    SHA1

    395786ca151765cff5b17065a65731872ce37259

    SHA256

    ed5526f2c46a5b604edd89d3aa46c05c49ac2a024d75e2f8837c4c2c918a9119

    SHA512

    91d2fb8dcd1014f622a52aa5856bdf5bfbdfde32e31c15892f4e25d6d9eb40faa281f7c538e4e85291dc220d50e0e950863015c51ebf110cbbe23b1d4873d409

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7e2fd14e862c68d02a657b110823e77

    SHA1

    d57517a60c3b29e4e787b78bc273d0dd922ef428

    SHA256

    60c3658b37c5b552b5af994ba3555914ed465505f08dc3a358dc581f5ecea900

    SHA512

    ea5717d3b69fe4e000ff57215584a5acd0d12e230e00ff1a78bb07ce5dd7a50181e736100fc5c6418f8b14491438324c04fbd8ca579df1258264fb1a9eaf0015

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d538478b60b045d90ae97b9f3ddcadd

    SHA1

    756ccf1cbc2da92799ea5c6d231a3515d62cc1bb

    SHA256

    958ecd9a85046dede4529cf09cad6f076f6c4f5b7361c81cd2157daac752d799

    SHA512

    58faff4f44f182ab5967f0b80262d943dc7ea2856ad3fee91fe7b7415f3bd779772598b5493862e0b84e2fa72ca7cdd07e444353e6990cbbd6766076357265b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83c47f87d7ca54ce9fc311501cc3f1fb

    SHA1

    40af1ef89d98250a1ecb67b40d052afc29d7d108

    SHA256

    6a546558cc1235533727a8691738d65074c100564819d8e9486e4f311e80b002

    SHA512

    fb8f949580a8d0126e054b3c8a13dc6595e8da547e7316552590d8680ce2f87937d51f11aaea57dd2fb1d1dc8f59562c56e1f33322dede3e1c74e0760786da26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7452f0ca346f3d504d082ab86e9eb841

    SHA1

    9e46775ad59d5608181d4ac7b2c676236f4154f4

    SHA256

    d67b5f5c961e3a28fe7ec4353a79d1bcbad13e4e527c3a3b74b561fee5eb9d72

    SHA512

    a7f9e286c3d178acf6ccf69d30c4aa471f0cef46466ae4df09cb4f8ab00e3b4008e483066a12a0b7f06b91eb59b314ba74f07dc7ade31e01847cf7a518949e40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a491dac2bff4ed2483415dd04f10d443

    SHA1

    222698219660349644beb404949b2a028bea7eb2

    SHA256

    2f5804bcc35b898c10d1f6fb524242ffbe10471206f517bea0b1f7f0053d4be2

    SHA512

    1a8742ce97b5af7a8a6132dbba2086241afa2c0a90081f60d2eddf89ab0777fa3b96ae971f14b495d59bdbb1d52e93578c7149a2b04b03aee00545fe8c87c1c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38abe92804f3a02d7222d0adbfd5d7a7

    SHA1

    c1603808031f88efdd95cfdb3281431816a0643b

    SHA256

    35c64f89d625670dceb3e719caddcba227deca54642ee324ea0517c032ee3386

    SHA512

    9f1de3002129ee29071da7f38ad7e655add9fb711553d933e99cf54a502c703d26ada80423a2e6080aea7bfe9556eb6aff7cc1eefa647065b1d246b0b272effe

  • C:\Users\Admin\AppData\Local\Temp\CabE562.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE621.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b