Analysis

  • max time kernel
    141s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-09-2024 19:23

General

  • Target

    e9d10cb19130a467dc105555fc62b1d1_JaffaCakes118.html

  • Size

    139KB

  • MD5

    e9d10cb19130a467dc105555fc62b1d1

  • SHA1

    80d618884b495f07de0a11fc3dc006fdca32e236

  • SHA256

    c2b912f9c9ef2130656d5f0f8df32eec7b23c2373ee98b9e5882ed469083c3c7

  • SHA512

    521077ff3c9335d5de6bd0a803fe500a219011206029ecff03d394640d179669b671232c9a06b5de9af46cc51503958516b2cfe579e8d2d8bfd064b9270aaf73

  • SSDEEP

    1536:SXNR13layLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy+:SXCyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e9d10cb19130a467dc105555fc62b1d1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f78d598b400ac338803ba289d340c7c

    SHA1

    5d92bcfdc1b2737ce853d78eb933384ced374901

    SHA256

    a276d707fb127578154344e3d79265470096a48abf0335a883d21b67a4a4709a

    SHA512

    bf1ff968a96be9693720f3592bbcd40d3d5cd1b9dff4a061dc4ad06a9c331380781330126bfd6923fe9094d7347cff9245873d2e4b80ac455b1bf4e056d38836

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f482a597226effc2b99b2d34fc586c73

    SHA1

    322eae54eecad5ffc90c7e8b8a6fdc30e0d99841

    SHA256

    5270cd9fe42567b077f779dcd2619be326f71d29db60d1bd9034a5eae5438ec4

    SHA512

    6533d137285626700fad786be738ffd57836820db7d448473cc0c3c0cb911f1d024d37137dcf44974129757d3080b37e8355f14a998db44b997ed1c72c1e7536

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32075e8367e0411b8dd22535766f01bc

    SHA1

    b64c22103ad4a71a39099b5d3bc3eabf153df4d9

    SHA256

    b3f3bc65c37d06403aaedc80a9f935f6e466a3e77f81ec742e3ac6f0aa1f5e10

    SHA512

    5baadc92739e5efc269ad89745f966a440308025c6376c0bcb124fb2c5e5bdd67a0d684ae13654fafe833e71578e2f050b32e9895381873bdf7a2eb7419dfd65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6cff93dc4a348b7dc6e042bd6cbbc69

    SHA1

    fea08a8db59f9dd485378fd44b74cb389cb4b114

    SHA256

    3f381275306d4310ec050e32dc8481b070e2fea69da9db24d4842035bd0ab1bf

    SHA512

    06ebd8a685917c24e17f6820221f9941012041d6b558c9a6148c82ad8a8dc306ff57b410d25137794e2f8148b7bea793003359f9bc7830236fb2cf6c7def104c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4733582c6311f973b3b3ad19e4525719

    SHA1

    ad4761ef0213b463fbaaf5eb5897ea940ff1e567

    SHA256

    846beaa9c037704cf3de2cf6fdab05a36a46c48fb8523731d2f9a9a542a12b92

    SHA512

    fbd48b19b31c4a4293578196c70c55fa51e0216b229abd047dc8e771aa6ff75c8a33b4b97d7cd3d941778670a6f777f950174f1d6c92b95c2836ea41813af994

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dbfe422cd929ea55453b8045430a11eb

    SHA1

    a8b4ae688506178b9a954e7ec70081559e5910c6

    SHA256

    0d98df45c3eff60454d38b37ee31d626564dcf4b1addef8b5aa82fd5b05aa3db

    SHA512

    7fb6d91ec1f6485e608b16bfaba6ac176dedbe7519bbdea79bd6b2c71c7bb07d2628fb9c6d0a7b200f409c24e484f95c25596cdba2df12b1d64097b2d89484f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d19fcb7d2ba987ebcbcc33dae047c87

    SHA1

    58e78d959d914585b20fd37348d75091fc574408

    SHA256

    893d845a769e0661db54e0168593e286f7c1489aff343e4392a603c69170536f

    SHA512

    f219f5a96764aec78458691a0be64aab69c6cbf0c74a5776f79f48bc2ff99a0b80927ae2251e0cc4f395ef0e1b58485224f5c1d69535b8a4bed4da09448c9fe9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b65793f209cc570c354845fd7f2fba3a

    SHA1

    e7d8ef433e79ef5e251e431a59a6ff1f790ec116

    SHA256

    4890cfd73882df81b6a86da8056b9f4c33d42a67d3becf284f8286bb98a44a12

    SHA512

    6e38ef5cbc5a91c14083d70ddfdbbc1a9f01c975115b5cbfa48c1664146d59aea67c1911e8e4fbbb0a43e5c77b8e73288f62576c653ae7a111cc94635abd8d45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ab66f33d88aacb6c75b4fe833973f18

    SHA1

    5ceec3bde165df61141e1afee3b9ad08522e7d56

    SHA256

    1598cdc166585f3d38517e850bc38df671c061c9162a5c3f51693d1fb8008417

    SHA512

    d61b647ebfbc090202237347919b7157d998bbc6ca96ea60a2b5018726ab5a183b708d6c059b76e263fe67644c96095cb6bc5de7d0bcd80ca66e284e9138720a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2181006260ff29acbefc4995cfc04ed

    SHA1

    a4f9dce7519aae409f3662b729f16e881ec03a21

    SHA256

    713bcc966d1ebca950fdc63a406c82ee8b9f8b10202f0eda861025f14736c130

    SHA512

    e67df35c51b068f9a36e6ce45d5de928eb31749bc66a28201a373ab492b66909e8ffcd941c22f6400592e56dcdf6a404f845f820c63386a9797e08038c24da9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ad4bc2f1521fef334692ed31b085b59

    SHA1

    ce7c307a5cf5d33b513cbf382d383c0c150a35c6

    SHA256

    ede9ce9bc1bb241c0d10fc20ef7672ce4c9fac09af4119b334907128ef89f0b9

    SHA512

    8d73ec56c6caae44d714747a4ecbd48a9b954916d584431f0334cac771e3cb90ec1960927e8c163313dab96013adb7f059541dc4431f5a0548035ff46d3a11c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a81c314860696032910de7be1f56600f

    SHA1

    9287535303f54cd1c027e660e7ccd85ac5013242

    SHA256

    4654dd430bef4d56dd5024bb5e9861b8f0464f926fe0601499bce436da0f5095

    SHA512

    c5b5b4c49424199b04fe353489a60320b72be81b78ff89ee8eb0e3e5347deb1cb2d5e405896edc53561856d20b819ef4ddb73c79e42405239c582487b5ebfc9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5f726aea7ac33344f6f31cac744d484

    SHA1

    7e49147b4df6bb0578bbd392b7806006226b2be7

    SHA256

    96d2102b57cfbdcbad6967c1b77b43274789b45a7dfe1a9f922aed5da938edc8

    SHA512

    b9859d80649561d33ae7088503f638b95903740079d7f28f9cca48908c26c4a4c82d518410615fa3f71b49831b1bbdb915b60ea237c037382b389cd6274e8fa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73f2a18f70d11952cb73fd6d0b55f4e2

    SHA1

    423784d85a90643a5f0e4b47ab14fa3257c08f3c

    SHA256

    6fe839cd245d0e8dc27d8436c4291e591aeb02e279dc82688cee771ee69b9700

    SHA512

    e146406929411b6bf3d95c4b1791116d6b1cd7c4d74431348c860da43d4c7620d8a57c07542e03b6cd2307bc45bd6576b77b5c8368c543c8f5229a68ec264514

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c218c43f19daf8a4cc4ee367c781d88

    SHA1

    a950fa0da0b8c58b09376c8a032fe607ad76c4c5

    SHA256

    c7b69b77660270f744172abe3ce7ee0e26f83ad541ffb7f21038679c9d666613

    SHA512

    c580a484f0b655d9f0cbddaedf9837d923b1d0d79db90e3c538ee2c3a876918bac6541ae77ff8db7bae024c0de94b365d5ce3ca5c96d0641e1278b2f3f59f17d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    111321549f9a900b643935d40f4ddd25

    SHA1

    28b173fd44a59fcb9491959f67f327c1d0e8ac5b

    SHA256

    d5f24d44c9be6c8b3686f9695fdabfc53225e16067e421813118de40840527f6

    SHA512

    74140aaa86d2fb5e9efc1bca83fd93ac030deda7540e47f8b71228850b149cf4c54397a53335b92116d477f7e613f11c59714bc366d9c90e6e6566f9103bd83c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49be6c0ee239bc133703a6764ee33c6f

    SHA1

    e9b76b81840e173af768e691a0d7404d14a2437e

    SHA256

    e0098234747108501963faeaf3a5491f94ec9304a38d4075d2eb2f85587bbb21

    SHA512

    ee8f273e0fa03b09d72acc9d245a99492eca34d8b8a24fbe3670e7e8401b1b430436e73fe2c17d232b6ab3e9961bf1cc92a5fe6e743725c7ee55c737fe502d10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8bbaba0d5a445c65b2cc6efa18dd9821

    SHA1

    c5bf9aaf5d1a3116aa16a3aa232f07ff15d97eb7

    SHA256

    8c1253fa204175d372018669f76887dcbaf9ba0ede523a2dce85b7d675a7c1a0

    SHA512

    cb19ab49bcde8927aaba2f3f84fa5f5d8910a19412675dcb3cbe52f74a0c6ddfd8d59962608ff5026f0e9ae32df609e22078cdc6d7b1b929534569bc335bb350

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1d21ce104112e3a4d1fcba32dd7dea0

    SHA1

    ad8d9583cdef69a330828100c53936ef02ff8731

    SHA256

    5382ad85f987e63cf48a3c0a8bc1dd4c77f9ce28a778091e3da994f47d6eb301

    SHA512

    3bd179dfd1c6b7ff345cbe2f4a57ec5f0e4bf669ff1636ca43262612ea750a17b610b770284402503acac89297d6c44b069cae0468d0ec1a60f2ad2acc51d9c9

  • C:\Users\Admin\AppData\Local\Temp\Cab7763.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7812.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b