Analysis

  • max time kernel
    139s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-09-2024 07:41

General

  • Target

    ddf9e8cb751f0e37e6d775ef542364a9_JaffaCakes118.html

  • Size

    139KB

  • MD5

    ddf9e8cb751f0e37e6d775ef542364a9

  • SHA1

    a63be20a02cd84f65f7d23cdb98a377f2dfdfb93

  • SHA256

    fdb5bb7e48d9413bcf0cb4daff06ea8bf618d83af4afc6a1fbb691e11cf04fca

  • SHA512

    3001ede8a4badbbab8258d9f4ed5336e73dfd2e3ff45ad6dd3e517a7008c230f30f457aee0cc9f7f763438301628b434c05a272eec2e2b01fa5e571191ac2d44

  • SSDEEP

    1536:S9LW5+xQlGrdyyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJruH:S9e+xzxyyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ddf9e8cb751f0e37e6d775ef542364a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2380

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b00525e13003623ca355fa8792e6a060

    SHA1

    aabd1157692366be2ca056fd0c8bfd785e9df4ad

    SHA256

    30ca40a9a7c124abc92cb97b07d70d84f3c932e9b9f02265582b7420140983cd

    SHA512

    2c8ecaa96ea851dd7a0807a0a8004d08a1374bbccd9577b89081c7efd74d582d354516d199f072024debc455f782d040828832337036963523ac569f15a84373

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13648b2ceedf4a40f7c98c8644f49c68

    SHA1

    159ddac604f77f0ae010988df60206dad15a5df1

    SHA256

    7264a13a2d11f178468a75f93144a49cdbdb8a10b2a2a7042ca5310265488ecf

    SHA512

    3897c0c5ef2c89c31acdfc88c01d5b9a7811b15f41f6194ed510c83d67e33a71160920b4785c600f8cc79eb0e9dc81b5d9db04e1a00225f177f61553daaaa886

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6cff9f18f80912eb1a13625c6ab3627a

    SHA1

    d793be51a98bb049d620210157bb9acc6f1ba17e

    SHA256

    207001ff0f3167731ffb20201eeac43968af6bef82d02f72f0669f4ef71830c0

    SHA512

    b7ee0bfddf153f876f93e742982fe4d6bb5759f1075d8dfa3b859f750736abb463e4ec416c9707b078121659a47a242ab0d047fd47079e1cd5b060571cdc5fd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bab7dbd791fe8c417ff9bc40568fa27e

    SHA1

    702b883d93faf9bcaa7161d34455d71b575e0eb9

    SHA256

    1f2c650ec1219b7140e3560e7638fbc2e7d9e5ac40bbff425ef1ff4a0f976442

    SHA512

    c129ad0bff6d0d2e2b8a761c86f4b6eaabecf21aab6a4d1eaa15e2011aed1feff714b7d83fe2b99da0f1a71ca5ea68d112581c108c50eaff17f5e27d23ad5d7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a14b6bfc88a5fb2fd0c2070d1643f50

    SHA1

    1414ebf6f8cdb210bc1de508c3a32602e9df01c0

    SHA256

    01ce0ef0c0acd6c34e5c62e7672a674dd20be8f8bf1aa46be34145a9659347d8

    SHA512

    07a6b797bd3fadb738014666176b2ca3ffbdecddd3e20fbf332a84cb76a90fe6db167d614c4b997b90a1ad74a4f83e6bb6fcddbab9328b73f9129019345da472

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    402a90013feb3bc836923394559780b1

    SHA1

    ca5b03d8f48e3be756855823a35d1787d2cb945f

    SHA256

    d9c63b1e1d6f3afdf27937d19b263f48f552f318eafe7aa1e3e94b09be1d4e6d

    SHA512

    91d8bc4449e8a76699f251551925fce5032474ae22d7967b01efd9428bea34e35b82336c0ef37e4bf2ecab7e5bed720a8f3f701597e9cef82f1db0744185bcd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a3549d982c0fef1b57c84283cb301f1

    SHA1

    a5058f595c7c25a5940c4d1c3684ed51b94ef2a2

    SHA256

    3d279a38d6c78cb9009b0e0ae7c1e48b925738c3a857a45edcc96574f6cb67e8

    SHA512

    2a11ee6f9b7f201a53bf9f37234b52a51646d06786d123b5c40ae28f43675fb73453e2cf6c9f69f3e8c1c24f7c02db2e1b00a5abfb3cb5ced4e2653dae069c5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06d05aadbebfbdeffa8a66cdfe11e543

    SHA1

    66d6e5592db9b28af56c9db1773ed4d6440f9097

    SHA256

    96f093023e190fe2f0434be1565a1b15dc1d9a5c343425b0fd1b1a947be6cc18

    SHA512

    03e33bda0bb9e5c978496984ff2a72d810570f2bce72a67efe081ca05a5f81a35931b5bf6b29ab00255e0f06173c87f96fc26c01d684c9b8334c7ef8f74fc3a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76202444253bbd54f6db4d2263ee4e68

    SHA1

    40ad5fee615cb54b6688c27fbf22fbb42b94a02b

    SHA256

    c3ccf0c642e42b5796a5896aa6401768fe578ce4ac5999380ad7b3dc02aea6a8

    SHA512

    901f9119f57022561f15fd1d8552a453dc6346567133250afe0b58800e504872b61f12afde807c345259d39306051912e023e6321b2378ade0f80c1704ac5ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    706562ff68543ae91d2ca4628a82cf15

    SHA1

    85d797974cd527bd5f1806a3e2415b65c4911ffe

    SHA256

    806b0e1d17c3f61f6bcd9c5a753e03f39aa73dc936498f3d82763c61038576ff

    SHA512

    c792d7d80f5f8bac27b85e14b818e97d03ab96c03a9c2435188b74e4260b225a7c4e222ac273a34f30e2c9755d182999a2fc25d6cca4b15ccc2c335006f4e665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d00a305b311dc50892e73410ac31594f

    SHA1

    5d3735fc9021bf4035b5f4f228c50b924c0f735c

    SHA256

    94861f067c09ff0c07ecd4dd567d4fec35e040b2ba2ebb8f89ebf74933263b1e

    SHA512

    84f73059511873e9e006feb415802271562503800f98784ee806de93c99d53c5b3a7ab6716939e761b8fe87eb968d922baea4873dce41bd6001963f2bfbc2055

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98daec7b305e6164a280828867a4d483

    SHA1

    39660613f264a10fe545700b3d6945d57f9c876c

    SHA256

    8c03f05641b082ed964c2689144942af507365213171a3b2a09c4efbbfb481d4

    SHA512

    e93f3db98d5aef0a0cd2087db4b075c26c587011217ea66c4d4fe1071dbd4d6e4a9c8a23f836cfc68f3e69d5170322012c43adc004607934c820d43291933552

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74469117cc82629ba1985be2927e5813

    SHA1

    253a7531b1d9aaf2d9096c3f074bbe1dc1f2127b

    SHA256

    ee64d9118aeae4c7ed9edf5fb94caf26c206b98b7f2b7c9ec83b6333e0abc2e9

    SHA512

    4b4c4c8613a6e1ce716acfd88d207740bd73e734472294f66192a8beb35fb0da8422ec376797d88314ae01f091c9c36a04d274bb72ea6e83d2409be19ed4d4b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dc99e6c53b14d32e6d2a9a6cd9e3da5

    SHA1

    08874ec4b902e9d5992454a0aae63415f072eb49

    SHA256

    ea309192ab05a7aab79b12b4d7d5312eebc98f2ed2ad99f3163de53e56e8c418

    SHA512

    aae2d3c3d998d780fd333260e87023832a9861e82b1518740971388d5a21e0a6361e0701b4ed13a889e5abc5e0173f5d50c608341914285887d32b81555b2a0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0dc9254e3dff46816256da83bf78aed

    SHA1

    d569fb50fc7ee7175737416cee845395fd445abc

    SHA256

    5f01d0a67ab1c779b0d4b54bef112d8be71b9d74ee071d23debadae5f7f15ab2

    SHA512

    fa34656665707e461e9a50b403d8895bdfabf03260d161aeb11c739340895b1946932f91ce7a1234d183328d64708dd65bd8773b87d82c2c827249da2d001d36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9ddfba1e80f7e66e5c432f679dded54

    SHA1

    a2b2354fe0052229641bffc9770c7f9d147f8aa2

    SHA256

    24a061260fa0b0ff502308b426995d1c582f6fe5d2ce8945e1152fc29f2a17fc

    SHA512

    8d797716ef4536905de936d499f93f863b61c816e799cd3758fe5d1bb1910a07ba8956db8d58afb2dc6c9151108d963f3c347abf5e90b51bc9c2f033168fde10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9b33f5f957febd5fa6b7495f81148c3

    SHA1

    3c4ef6e40c52c8a6461f31821f67f0045d371591

    SHA256

    7bafb8af94fa0c712535e3e7057e43d1cddcb4111d62c13399a387e2422b0a9c

    SHA512

    7e0935e825d073e76c33929e28694214157a225002615c3d215d85dd86ba6bff3ce995422d71b9eb4360b858f654bf92440b43faa606cd23ae379d397f1a41ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5795fb3b02e5c8d6619f4cad4d5c019

    SHA1

    e019fe12ba84bda406a4c04ecdb2ed0615fe1262

    SHA256

    2386ac184ee3a74832bc936c143b1d372c21e0ad757dfdb011df1859f1f3cabc

    SHA512

    5f1cb3d3b56a15b2a1f2675a20311aed319675819066fc2a3e0684b82b0aa305ef0259b86b1ae8aa8b04b8b6fc8061ec0c85afd96982147a436a2b0f9b5ba299

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92ad6222c7f528046045f86d4e1bc89e

    SHA1

    5403b6250aaddc04fff01ae3756d61048b8730ab

    SHA256

    edac84ca5811323f32d3fd8cde77ed1826f6a160249e8eaa7b3557d5c63460f6

    SHA512

    68c50347e2f06680ca791d07fa7413dfc3b148cfd7c0a0121f704e830bb80e3a9974bc8b62cc199cc2f882caae3534d1db27de64adb66dfa26a65da18b205fc6

  • C:\Users\Admin\AppData\Local\Temp\Cab9417.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar94C6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b