Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 20:11

General

  • Target

    e0f2582f498f7fc46718319be1dc0cfb_JaffaCakes118.html

  • Size

    36KB

  • MD5

    e0f2582f498f7fc46718319be1dc0cfb

  • SHA1

    09fb97d77dfb16e3436aa48d6929ae81f71796de

  • SHA256

    a923800b9cf59245e89d48a44a5edf4798cc4893c0a0f423a89528e773055f00

  • SHA512

    c0efcd06b7d6d3d03cf54dc9aa109c550bef39a98e66ba021a1c238d0f7b1ec6e96988dbfe6b4263cccf9b5509048a46cb1dc887261ee225b08e9f906eda2da4

  • SSDEEP

    768:x3mGf0yvb/VEXjPWHljWLwPWz3bdRr/FEIngENfU2VFnW7S:QGf0yD/VEXjPWHtJPWrhRr/FEInNfUe1

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0f2582f498f7fc46718319be1dc0cfb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    436B

    MD5

    971c514f84bba0785f80aa1c23edfd79

    SHA1

    732acea710a87530c6b08ecdf32a110d254a54c8

    SHA256

    f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

    SHA512

    43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    650f05f8a21de22270a323d65cfdb204

    SHA1

    7e947a33e463afb0ba43274ae25d81cd98a2b680

    SHA256

    cd98a277b924c788ab1c2a7a3229a700cd1326bfcb0e3b68f3fae45e89258421

    SHA512

    7a01ea9ab006a19b489eb933dd2a3d0d6720e460d1ebbb25131e477057774dcd7e7d5b8519a24ccff22b716a1e61be99bc22a3d437f5e1335a0bc2f55f1010c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

    Filesize

    174B

    MD5

    20efd4bb4497cc05c5b7de0f40733fd4

    SHA1

    36c66cb37fc90e74c7484bb921bc0c7e2f6d56bc

    SHA256

    abc1e2a5fd7f111e325a185b6f3a46fbe21cb4c7029133fddf43c8339d0bc4c9

    SHA512

    61e1a2b37d29d126648418415f99bc1d24b16a458cebc500e30d8a63924a61fe30e905e7bd46b2c5da423c3ff315f0c864b7f2546283cf85ad3c4b0187575671

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1a34d2316a0c32ef060d294dee01755

    SHA1

    a2cf7c9f1a4b9f461a8643657c6647b1db682e83

    SHA256

    1d996de2d9d9b06cd2ff664e8e98534068b884d3c25e32609e8da808f68a56db

    SHA512

    bba92c8a12aa8b838455b69fd1da4c0a704f33530d88e7b80044c793a6578f18df480463ffa68ed0ba4990894e4dd42e70bfefe70891811f39d05b4ca4a42c7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9e8fd7636f314540eab32f07124029e

    SHA1

    c2f7b78e9751d362017fbd2ef70c8bebb591d4fc

    SHA256

    ec05a5540d68b484bcea3a39049d97937d48338dd05bdf374cdd09e44ceed5c5

    SHA512

    309fa949fef9ae2f0f01011eac49a42e79e7bb1a3422935464055d87e692f29bed98f5c972b9b95adaa363be277f5e47dac669060ced9049ed4a7c711eb85ea6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2881e4061ef898f32d4c6b1a47bec392

    SHA1

    f67505059f67617a9df6dd4db51cd84bac17cf5e

    SHA256

    c5d980bba457c2804c851ca172c32584fac6f76398226c64bff1b8387f8bc94f

    SHA512

    d36f953734884e3b321afd5b86188d1e5d91dcad891f4a0a52a737e45d6fd6916e33501c4a9a2f8d5aee2abce0881510b01df7cfc5cc502454e446df6eca3743

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20d56605ebda8e6e82017229a055eca3

    SHA1

    c8caa3f377f7d26f9b89857bdadfcb0b6f87bf11

    SHA256

    62673f7e1d5d6f7599836e7a6240b36a3459dd14864602a36e2e4a06476a46d0

    SHA512

    5f111e7b1c9a176ec80dd173c1417e72500023aecc79d23744773c0453f79d2c73a2c6fa253d2018eaf4ce41b66fea052ccb751584dede0f9fd91faf858d7c03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17f00c142828c45d43b6a67d060f3a88

    SHA1

    415ef63c858384fbcbe6f29a5e0a17f6c7f2921b

    SHA256

    e9f2c40eb45859a4a54bd89b741331379c06fa7a60ad2707d84c0f7ad4be9df2

    SHA512

    a5a3fe58cd8cbeeab2d201e101edae63042d5c7bee6fe7db6b3d8d725161f5157fe2b091389bc67b423f5894832deba7fcdc8b52ca6d0349fec149239c18ba5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    117c9c3c6c547ad98409ce1fc9f94911

    SHA1

    b27e325abf71b281670ab73d571629ef34e16f22

    SHA256

    78edc6149ec74596371d8f49eb968599c721621141e3b8acea91bee03cf8bc80

    SHA512

    6bcce9c199f9cd3f9f0106042ead6c5ebf08ec0babdb37e058f37f2b8b6f2a16b547d8997ce7b982f10ce28f774f513528d2809835a64c127823023c524543e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7d5e2d4eb40096fb8596fa336b43582

    SHA1

    45cf0cac4342751f9a6c866201826f0d03f98901

    SHA256

    1502ee3d1590a99fff27db1d877d37eebb825dd0afb22bc4de8f7f37845fab33

    SHA512

    a1463226b6f93e48fbeaf042bcd020a55197ba626428bb6a92241f5a8e99ba4ca7c900a91d0104f5988797556a32f3cb48ddf8df5e262de19b5ae3377debeb27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89f7f44bf7eeb0ab79a780ed8c52e96b

    SHA1

    b3ec2578bbc2f0df95fdcf0a3e3575b541214adf

    SHA256

    c241ca80e7360f252f612f57b2beae7166777ced565fe7ede4a0dfe820677a20

    SHA512

    5e90dac371c9cd4218ecc193388a99e534340362a7d7d40b49007269c1c6e995363d3195b85dc6bdb78ba8876248da471b6e32ce6d178e7cdd55788bf22acc93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e17debdd04c82b251b3654668785750

    SHA1

    14cdb8496114d1538ec26817a6522bd7ad3653ca

    SHA256

    a182fcf5fa0f07568699080b47bf0fff377e242d2bf4785fb1374e6c2387fc21

    SHA512

    bbba6aef7b8c29b77cf1eecacb8ade3206d5f17ab32c86be74481d77b41bd06ab2f308350c2ac84cb50ce8efcffc6eefeea50ce254311de068f1a5136cc00d22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db63b771ba31fa1beb8673747dc5fc5f

    SHA1

    4b693a5d8204b3d7d663c620531c48ac5d1f5681

    SHA256

    1fcb310ed83b94c014ab05ca43c18fc4d545f70b843e6a9b76c983909e7853a0

    SHA512

    7a2ac6bf89f1d5ad951b159c09c173ee29a5694dfff626e16aecd25cafcdce7b33577fe2057caa04b0fc11925198b800b84d8a6d3ac1eda04c1b0c105a71c959

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    511068ceb7129d0ae8fd2ffb98295bd4

    SHA1

    626a218133ee899223e41624f829e88b63a5e788

    SHA256

    50fd21f66cdb22f8f8b771b7573facd0ff5286e047fb585d7335ffc4e11570a6

    SHA512

    37e76a0df6baa587f651bc3849d278cbda8712b5bb3f4fe36b54bbafd05a1e791e260aa4cd0a8c39dbe64e8a801de4601dd7b5fd3ffb215466e58e0d833b7645

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b38400d9158e747b275cb34112e8b071

    SHA1

    9af9b5e4a399f304e4220675cfa9b48d3d728df1

    SHA256

    fcd095bc22f44a0df9877539e2e679067499f990b5f1885d04d0ab747318e77b

    SHA512

    5141492b94907ab8c9bd184a2d25fabc21b70c136fe3766098284a35c424cb0baa0f38e2d83ad7f9f230490938db285b4b4e15c6115bbc2bd67b4bca2d063c2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3988f0160479ef2d066211eb2a3588e5

    SHA1

    843bb4e648224f8e48ef1112c9c4ed2249353b8b

    SHA256

    4a9a68164efb597c6755761b77b7997c901c6db90b4f602f2b5243d942a2d8b3

    SHA512

    28699976479d4a063a0096d28b479d7e4906f1cb6920f9f9cf3b9bd0b6814b831bc13616ef3d0c88f783312fc0329902b456ea898eb3fd41c1847aebc5581a13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d39ccb3871da334b6ea69049445ca4b5

    SHA1

    3e7b59d1e055e7975642ebe2ce577f76abb93576

    SHA256

    7b2c705a7748add7ed4e7c5bf3fade990324a2da9f3ddd5ee3789979d2c89413

    SHA512

    1f7046b081b5d24d84e0a828549532dbe2bd33ce130ba843e11100163f4963f3a5b588e19ff6921d95330d548d2603a4b1e876d911dee7c047cbb7236ecbaa04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07681a64c377802368bdefe367a95e49

    SHA1

    bf1f0feb41d434872648477b5fa288d8be0b0314

    SHA256

    c7d3357a13a42026456cde770217e1ed51bf0cf0dcaa26b67428dd397c2b2027

    SHA512

    27af0ab96c0cedfd0577d8de76128e04e11dc1bd2c657aa4eacedb5cd6b459680ac757ebb0398958c2677f90071a60d0f4e85754ed1080dfbf84577f5644d874

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ee5a1f5ff6593df361050e83a7c355a

    SHA1

    4c60564f5dd616ee32b0b48aa013018da7e61c10

    SHA256

    951a11c18c1e7793b31c004262d2d0831d79a0e44aec3b97e9e76cbdc599819e

    SHA512

    8a8bdec6d872fe6247e36ceb8144f7a10bfb872b7e5717672bb84aae74095033cbdaed4f98e6312882a77554ba1f766e0d73d70f72aa9171e7ffc8df4b991135

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4aa3681c9ba9f200bcc1d5872c1af955

    SHA1

    ac085efc237bc60cd8f5e99f3859b588f3b214d7

    SHA256

    5f67dc6d8dee4daca4c642b1eda72dc84dd66618d4a01ddabb12d90e8048999d

    SHA512

    6b2dc63b5c9642eb340bf51282934a24c7082fa177990a13db670cf0b31180350a2b0b10b81e814443a69271565253c0e271858a24d419c7e32b8f9e0140e737

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f673de2c22db950abce7a6399322aea3

    SHA1

    f47d9ef393c18e861b83fdae7bf8ba126d1c34f7

    SHA256

    e39630330d0f919ba6af1b89c0e11d26f1d859820e7d41ed9f7897f068e2076d

    SHA512

    b118ba404f4b9ab9a4ab0de4c3aabfc37a4f691f49e116699022c22c38758f5bf69810a966d5305eae9dd3830a530704d8d3083f53b5e65e46718af54fb0d922

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51d97af0b44496d64d9bec4e5a176ff1

    SHA1

    027a3cd1b7242fbf13b80612a67cc16bcfcda596

    SHA256

    99f3532694afb8ba146edeb2f5ed510a786f15e34385e1de881a4b53d4f8d4eb

    SHA512

    6545d38afef238135efee241031d2099735dad5e5f90af19a5e8da7a5b3c3d7b6a4e900562321ee39ddab6ac019dc64389c8d56baf0c7d4d07f37e137875ba1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    539ec0df9632e6a9615a4059c2fd812e

    SHA1

    fac3db2ba539f5786a1f4163520cc8d615da0a4d

    SHA256

    7e081c0d19654bbd05ea21d6f9d6162f657e7bb973250c2d07579bfcfa4aa93a

    SHA512

    ec52b85bf1aefaf91b3d220abf395a31e2876a63c251db1af0ee0b6c0a346f48fe2b4e11db123d34f1916301fbcf27ccbbe21a4e5376639f507827fc13f92f77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

    Filesize

    170B

    MD5

    f6deb3e4664a5d4c32a06860e4514d68

    SHA1

    fc119b10af1018b12bf1545a9ec965e91124fd78

    SHA256

    9cbd4e7053f4a2e9ad7080cc681d6e4e26cd881fe5e2e6d58f72ec3bacd67081

    SHA512

    8d55a3eb35eecf56a143c896ee7297229398bd711585b4888d88b52d0caa815bd70d57b6373a6347a3140ad328324faf51a22b036c9b9bbb48cadd41ab3f07cd

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQQODH7V\recaptcha__en[1].js

    Filesize

    537KB

    MD5

    c7be68088b0a823f1a4c1f77c702d1b4

    SHA1

    05d42d754afd21681c0e815799b88fbe1fbabf4e

    SHA256

    4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3

    SHA512

    cb76505845e7fc0988ade0598e6ea80636713e20209e1260ee4413423b45235f57cb0a33fca7baf223e829835cb76a52244c3197e4c0c166dad9b946b9285222

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROLMKJ86\api[1].js

    Filesize

    941B

    MD5

    85cf93390d3723f7f392a921e31f56fd

    SHA1

    1be37a06531ee51bc6ab069e1343eedd2b0d5352

    SHA256

    94315e71af16364e9fd8db172cdea7cc2d580473b3f3ce725dee80eace7f7a8b

    SHA512

    5ef1ce7c467e5a706b5b5c0408495206042bcd363e46e3b83e2d64e6aee94f827881a422bf8cf32bd1ac2460b122b03aa86d6770102453eb1d15482030fbb22d

  • C:\Users\Admin\AppData\Local\Temp\Cab282.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1D24.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b