Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-09-2024 07:34

General

  • Target

    dc13aebe9ce44ada69161737041bb75b_JaffaCakes118.html

  • Size

    249KB

  • MD5

    dc13aebe9ce44ada69161737041bb75b

  • SHA1

    27a80787b83be3cb6cbd1ccc570f2fc45e5c75de

  • SHA256

    05bb89120a13f6ed54194bb274bf757f1752d50814146bae7d37e0ebcdffa82f

  • SHA512

    143184546f0961a611f8f67b5addef4df557e81815ea6ce3db94d86482d00cfac7c73190a62eaeb18e0ef392889fabd51b7ff9cd0ca0fd3a5dcca0e0fce5cc1f

  • SSDEEP

    3072:S1yfkMY+BES09JXAnyrZalI+YhyfkMY+BES09JXAnyrZalI+YwsZ:SgsMYod+X3oI+YksMYod+X3oI+YwsZ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dc13aebe9ce44ada69161737041bb75b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3217AAECE20956500C22BDB70A7D005F

    Filesize

    5B

    MD5

    5bfa51f3a417b98e7443eca90fc94703

    SHA1

    8c015d80b8a23f780bdd215dc842b0f5551f63bd

    SHA256

    bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

    SHA512

    4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

    Filesize

    471B

    MD5

    a713cacf3d0f4845c4b451ae0b39be59

    SHA1

    97344e710b4769ec8de3a595a55d427c162df1c3

    SHA256

    5caba2c6af507e9f8ff97e60ba26d112db00b23fb11d820248536e9016c14065

    SHA512

    204dde8bc8c2ed35b29527f483a2e847b82f509a8c67391a444cb37eb78a1fa5b5a67a405ddcbf10937d7a642997991fc8357124a41e529ecefe54f277bf436b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    b062185b1dafabc1e19b999f9a1a14ac

    SHA1

    722ebf9d85a7884ea1980fc250b84a4a29c43e85

    SHA256

    5014d4ffd5a2c2c57af582b143bb790a8cbceeded8681fc9687cd89a8bac8498

    SHA512

    7029039ab392c69a77a94c1de872bab1b6a458965dce890def7fa0ef78c93d4013ce04b8d0867a72a4911e3f2dcdaadae6373986d8286c5ef9714d78178b0055

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    9bbb70c0680097c37cccd983cd65c5a1

    SHA1

    cf2748c568f77e4597ef6cc47441696aa5253e1b

    SHA256

    7e93fc16c838c4f51e17d15712b4bc92c06a24e2acfa640ea814aec2d28bdbf9

    SHA512

    8336b8ff58dc52ab6976da7679b89c67526a2dfd8196ed294b1522308d41311183505ef379c0badf3c4a4893e9c7ea36e1c45a38dcdb79e80b1b7e18e4be765c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    8c968bbceca090af979207713c32b6e9

    SHA1

    38f7c06f8cc7d5948fb5ddc30a905e99ab7cf2d1

    SHA256

    010355248f169a60dca2a512adb26a9b705aa20f8a78aef33987a09052cadc67

    SHA512

    49d805e7a7cdfb329dc33d8b3e93c898262095a7726ebdf35ac348ffe38a2cd5b0770301e1558ec8833940251c2cc34f589e25ebb776793519db5f5981232a2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    62e77faaacabb5f4a0ed60e5b1d70464

    SHA1

    0dc06fff55510567286eb165bc0a57c780b30d1d

    SHA256

    4e119701fa745f1c04ffa2cbabaa46812e16e74186e9e850b2c6ac085af4f1e4

    SHA512

    68bc329063997335d2944191ff8c599a0e064744643ce9b30bd5b3ad707b21af1814a666437acdb0c41690a13a4e7f4b7e376ba1728e5520fad5942f72d16847

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    00c9e553bce59d2352164009b29c5cb2

    SHA1

    99dd3b0b6e1a1f5bb198cefe6b5b4a3607b81eba

    SHA256

    2b69b7c11372973476244058a46da25234808772a552b66c213b86cefdc7c62b

    SHA512

    f20b07135bbd9d0d6808f14dff70301abe37308a9c088ded4afb3dc57b80373b046a8549d517415882d6a11dbeff6ad7fa7f47d68b8fbecb3221acce379038a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

    Filesize

    400B

    MD5

    9aa9ae6adbf3957e28a5da8fbb02807e

    SHA1

    2bbe6c22fa787bad3161cbea26ac5ec21490f229

    SHA256

    4a9f6c0225fa629b6cb7d0f9c6a8d3aa08f8a9846e88d3a15aad633d9d7b45ee

    SHA512

    fb42acb189152fadc00c571294450ff9dbad5dc1bf7dac6985c359e784269d8951e9a62a8315a9cacb6fba96254cb58327533643367b27e0c89e4fb72cc5631b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11491e6e3cdb22724accb8f7b06e0257

    SHA1

    ccfa90f71c18bdb766b8fe666590b8a71cc3df3a

    SHA256

    1f2bb6308133d2c62e3d1704f5b678ae578ff48f31122773403e065d0b42f4c9

    SHA512

    3ed949b7768e35207637c4e759a5d4f54d4d9998d073226752b365710903afcacd0a3940119fc7e87dc013ef17a3029b7bb55df4b5454c41126816af103cfeb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    926a78819864b4341be4018d1224a3f1

    SHA1

    0b581b300be593a4430ba167c9580f2a978fa0f6

    SHA256

    51fcf507418fb07c7d558e985bb2e834bca2b523b6bfe6e045c482e37224331a

    SHA512

    a927c2445f520b3e35f68e5966554d3041c9078b8d1604f8058fea63b0aed290ab8a2163621864c065f75a8c1f52fc474408673cc34f0db1b26b5b96bba2fd90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41becb9c9dde039a0d0e761b0989327b

    SHA1

    104215b99ed85cce9f018b697cefa63001d2397e

    SHA256

    2edcfa53901f91600263bda2d14c2e988326bc65ab7a9b42acda071a5e817ba2

    SHA512

    a3740dd3235c300c1420b934327aa5cdaf259ca30690b5d8324bc7ff567f0748d87d1a346b54ae139a7de0b72a949fb99304aa61831190d8aa58c9393cfa3b03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c6b7fa4d6b3e9f67d194d069a1f1d86

    SHA1

    66fc4d427fad41c89d4b535b0e8caed31fe6c43f

    SHA256

    632cdc3c7cdbabb42a5912c8f25c54d38b4d469e1f83d8c2656cb547904c03db

    SHA512

    45e69ab5b6e4c949697dd64fad9f81a39c5c0bf83496c88dfb94fe97f8d7dcfcbb9267cec2797e36f25debc77903a9876365343928a636b36fb721d431b3c577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5052fbb8d0617fa17e900ad615aa186

    SHA1

    f57260e49069782a6ec20d0b03f0c4b965f94ee3

    SHA256

    43b55b5a39841c76a2b89854c708d75a11ff0e332cacb6bde33a1f5908d543a2

    SHA512

    8de1136c9f652624bfa9837115a26adae02daa059874ac5fe84418642ecc1b300a9b6450a6cd4f5171c45dd8e43fc3a9d1461962e7273103d83d2333c1e71ec1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bc504ed165721dbc221c37b8f7a4e59

    SHA1

    e786d341d7ccd3439eb26e085e4c247d7e3be5ba

    SHA256

    d124b2aac89e6d28417989fa43b287f9e5a0aa74b9458213e6af7f8bd15972a3

    SHA512

    790eca94bbb7b594ffb6d18e125580c693317609ed853c59ca1c52d356c627b23c16680b82d9237f8c9d2fcb9b0b3b85b64147291c9dd20fa56136662f40723b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e4ec339d69fee2a2a6fd6c607663d09

    SHA1

    7842cafd2734da6ebe4cb1bea1086a9f6cf0f0f6

    SHA256

    54de65d4d7b13632f1d18b20e77cf6feef8777cbc75e8e7a5b6db6e51f745e77

    SHA512

    81593d6c1c0923d37646c3c472f7eeee10d29e987a3faeecf516a1b95a54571a7bf3caea76a0ef675eae0387b150ca9f2f071ede7db863b4a5203f0783a9acb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf0a539934164efbfd7071e35c00065e

    SHA1

    d19ec4629a38fd8dcdf86388f108b281ea1ad3ac

    SHA256

    16892f3c138626fa6dcf9ff91763924256a834ff8585a64a9f9be9325c1426af

    SHA512

    897b799c58660c63438972adc9d0375262bae49442d46bcbe283433887ca254ce30144ad372a5a6c8860f5c684dbda4a94b7ffd98227cd146a8c13666341dfde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f2893900ff4aa9f12c68811aae607e4

    SHA1

    b5961367162bf45ef2c8ce0bd15fc475389aa657

    SHA256

    68c88604e365f3055fc41718a4ae3764d1a025b2de81d69c479103bf9b5e04aa

    SHA512

    963fa0e8dbd717b500f4911f3459cfb80e4b4c9565975cec5f4f7d587c5f17558c991782f83ba1d26ba2e2c8490dab876691f5fdce82c0753aa2c4d25883bed2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    117d8ef66ca6f7a88908f60f43d16ad1

    SHA1

    d725e6fda0408a1414ff3b7505c758c4ed5d076b

    SHA256

    5594bfacc824097d7c73d00dff166d2841ee8be616d47cec94e0d8cde5890244

    SHA512

    c5e9394a4bfd37575248f71a0684d662a49efc61ee89d173c67d31653c50560e698e632f3fbcb9e3adadf6e6e0e17d8b26202257707b8e80676e53b7e8dc4b90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a41323539fb960b659fa49ee88c58af

    SHA1

    8967ec0cb41284e114ab1417c96117e83174c451

    SHA256

    fdb4679d460de0aae5c9decb481c939547821728da338d35da6d90086c716d33

    SHA512

    7c88c2b1be47f518d5b7641dafff594dea8ec1ddcc6c28dae4aee6b4c1c1de8ee8f5988092f965a73bb359843e1540dd80c7ec3672f484b6d1599df4d3959e0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af9986dee4c3ef2133b4e91234974eb7

    SHA1

    63b48cc31293b3da66a8202acf7f63f14b04cf36

    SHA256

    35b240429faf1913330daefa4fdd91d0c77a5954acda5748479e5053bdd3d808

    SHA512

    f7c7a1dc8a53d485a98e1611b878791caebc63585666aa1d9eeba9b440612745dae5851e6f7541cca9dc0ff9c029dfd14947c9afe842ae565d57ed11ac3e1429

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be14f4b7cea905587d73e682641a9469

    SHA1

    506b68c104fc8a77903f97011a4ba51efdb5695a

    SHA256

    45daef06f49b02426211fbc5971f82c7284bd6d9fe14db21d918722dbffa110b

    SHA512

    0c3c17d304880e8b5202bec3e0102adc90ebe9e2eaf557fb1a30d52400cf13ea22fc3d8f9b3bc47f9fae562ea9592d540cd787d394cb48b2ff7a259968e037ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ad7fe63d976c28c48d47d3335eb7bd9

    SHA1

    e92167719c421292c80951bf23c9dc59c46484ee

    SHA256

    ea06a4c08850135ae9e31c7e5777bfcdb835fefea9b04e5d256bb7454f933155

    SHA512

    d9ff4aefce317f4b7b2199f154dc33c73d91e268194eebadc18e471b2bd57227d664b931e17e34aacc5b3a8e627c4dd6473d438514e25438abcc9404ae65c427

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d30da68d1f88deb57e3a27139b674ea

    SHA1

    82acc19ca7c5575e99c971151175b5d000921558

    SHA256

    dc67bdaa3c416c3c2401d3f6d6f7d7b59356bab12afeae4eb18d6aa32dc26ad8

    SHA512

    dff6286d9d5698f95af497eae61c3b6e3861931795ec3c30f8469a0f3eb9dc5551d2e275b92f9b37f038a72a83a04c9f8e7695354eebd1402eacde34cb456ba2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b80e59cd1c06f9743bb3721e25af4ced

    SHA1

    780d6e6fd04e1b8eb3c4c5807f45c6ccd4d06ed2

    SHA256

    f5daa47c6a9ea19fe043a873b20184b31bc12c6362cd06d48a52691c5598eedc

    SHA512

    48f2f7694ec27cd5c4d0ffe5a6af45ec719edde89372b2938c261b5425d0146e777e45e5bf867fe8e62a78fdba05808476e890e5dbf9f4c74ebe2fa99c178564

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1fa8c0b94a8dc6e708040edf923c5cf

    SHA1

    6a6bd98e704beb3ecacec7f1743ded442a9154ac

    SHA256

    bf752f3c89af3a2f87beab1b7a3822d6055895f250e8cd479592488b28f3189e

    SHA512

    f9f83dba8a08d4ca95d53c485cc3339f9a9df1fe74ea05ad0531ec3bea57e47c28648b2719d91dfc6ef89f21fd5a9ce713884e81cc27cca8c67d265ac9a23046

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e11d55be745b053bc3c5e516bda1cdca

    SHA1

    f8a4ce762d390c69679266dde12b5fe6b4e047b1

    SHA256

    e64c0bcd04c13717e5b31c6955652427a8433f10376baff3405e6207da247a7a

    SHA512

    1b0d097bc3f10918a02216adaf390a972e73114bb7ec31b298ff1e4ce32103881b4b9d8ea3c27ebea3a644f508e2a9a1ef89b022c463c6ac145c0323fe061b6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fa4c8ae079b0a9825427ae2883cffab

    SHA1

    657f1d169b2a10436c8bd7be08f92711a18b7f76

    SHA256

    85997b98b6a24749851dc2151c0001a7aafd25279467507f90a112ba88414931

    SHA512

    c28c264d7c0ec82857856ef00530a70bf210afe520a3e6beae9026f27cf7dcda7a4607958f88f9b9ac5850c2788d92110014aadb204d13f2a7a1514531d5286a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e2bc12828755272c46b5596e850d70a

    SHA1

    7d2881b4a11acafbdebe20934af635a8b998d5c5

    SHA256

    e5f115dfd173b1ce3e646c93270a5d9688c16445b152c7aad4e9fab72c805938

    SHA512

    c550354bcf5fcd95c7cf2d4054445c4be874fae87299fa823021c97b9be0bc33b91a336cf4408289b604faf5ffbe599cabc725a5e4e265b40a507a9ab5ee61c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

    Filesize

    404B

    MD5

    9adc313dd59b8336f27f563982b6101d

    SHA1

    689380642d6c1d0c557df3c970bf2099baed1a0a

    SHA256

    ec0822921bff3f6b78dc73d3fe1fed20dc5e29331913a313c1745b16f1ba46ac

    SHA512

    7625e0667bec33f49516c4869ee05797797fb3d45adfd7a78cc73531920aa12f0091c51e430602a3696670c96050b6b434864f6babed0dc6b289c6ae1ed9214b

  • C:\Users\Admin\AppData\Local\Temp\Cab1576.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1577.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b