Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-09-2024 21:05

General

  • Target

    e9f81bcfec21020efa2fa4aa078d474a_JaffaCakes118.html

  • Size

    27KB

  • MD5

    e9f81bcfec21020efa2fa4aa078d474a

  • SHA1

    e55501b660531aec7ca107a60e511ed9d32f3e0b

  • SHA256

    cad805f8cd23ee258037a4a7a3bb6cc35e1cb55284958e766cee85779c76bc0e

  • SHA512

    02ee70c7ce6ca4ce98980c387a1aa1d0fab7b9436c82d15b01f8728bef261808f7f2fc219ee667000274045f0a4ff7e756a96b7ecf055c749c9874db12aba041

  • SSDEEP

    192:uwvsb5nxKnQjxn5Q/EnQie/Nn292nQOkEntoGnQTbn9nQ9e7bm6un9zQl7MBfqnu:wQ/g9W+t69KSl+Zq

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e9f81bcfec21020efa2fa4aa078d474a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:588
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:588 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    619c780d59fdb4489636f5ebfe2b3f5a

    SHA1

    db66abf52192e1eaa95e9f3804c0bd1f9578a411

    SHA256

    dc83782c92cef903bfbed877b055ac5469a300462b48d691ce85a6736b124e0c

    SHA512

    9e239da920f958a4bfaa28e5d8b2349aa88025688e5539339e1073884ba4f0ba5c8aeb7b23d46acc6844da6591c05ed59ff3dab96868cc64565ec14bdabc0f4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8189a643c93e078dec8085e2411b5b2

    SHA1

    23c34d1952fbb5cef6aaa7523529cedfb043f8bc

    SHA256

    1a2443816a257431e3d45c99330c2647dbcfdc461695d4b0b7fd2573d440a504

    SHA512

    39fedd06939b0246c61f01306ea11646b0e9eeea90e9c7d49bc491b49442f9481e8b41c3b0ee10d4b8c0cd1634d09afd21a1a50cfa2b036ea1fb636a3fb9a265

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ae2ce923e5d1fa420bdb0a839e2eca7

    SHA1

    288fa4a71379a8290ae3b03cbf6213a31e7b237d

    SHA256

    855ee1134609812bb6b35062756297d2cddc5ad8fa86d305cc14ef4becce29ab

    SHA512

    e11296b7628a2b517c8ca5a8ce4d6be8f00e76cc971327130fc2cbbe055f45859295a739c574ec2610a5c92bc0a5af5f26b7f4eb90c8a41adda7784359d8c972

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f617c1d16a603bd3b6fd1d7b9ae1223d

    SHA1

    86a0383f5755d5443a72e62e72acc5af936e6b89

    SHA256

    b5cdc948331723aa8f4e60cbb0560cf0f1b6fc47ef8e98807a46e8bdcd902f98

    SHA512

    43e353d03a3360a6406d6bedb3f4568015c2e569724800c9807810266c51a625df5a675ac1af062e1a14674b41a0c629e6d2cb87721fc5395d6b3709296ae36f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae90ddb5ba397d7cb6e84ff82026ca94

    SHA1

    49e21684f6adeb2e45f382d15a3bdfc211d74a12

    SHA256

    5d930c442d15b8654a877cedd7b8203297e0b4599ebd42c396839e65490666f1

    SHA512

    f18d2556077456e261cd7b0c97275ec24b8d9cc23fb5019b5d00d8b773d0078a9ef901575f2ec38a469a4bc5dfedd5f3b7ad7f5457406dfa845ee31d9a8bf092

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    078914575d0ba0a9370994b1a09db8fb

    SHA1

    3a59c9d472ba7c93202fb581520423a8c253e364

    SHA256

    bc48e20c3c57e4e2d2e8bcedb58959947dcb4a4e41ca27e690ca0fbdcb80d4cc

    SHA512

    14c64d40672bfa6ba3b9e828c226470a78fa554a3c1964967415875b3411cd6a8aad16f96b499a6db05ed6789bd29aac0e4993491d0e7fc75975dff9520f1fec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    350a0b504d01ee5e381c1a17ab6910c8

    SHA1

    ee02056c318caab7d279b20410002b17457191fa

    SHA256

    833666b6965fad052768a823624c0c4ddc4eae4e60e171cbf7682c3fb0aa6cc2

    SHA512

    d49f0ebf8ca1a8b5966f5db94b845f49fe88e0fa28dd0d61d18a3613b48f950b60b05d8f940dd94626f18063a7c6977fda00b3bae6e326c328658baf5787bf2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c1ce02e36116a622a88b7353b98551e

    SHA1

    fb219e50b7b4fa2018a9f66b97bb66057a34e102

    SHA256

    039430c19155656aa7cc149b0cfe041131d6bcb8704f383ee5cdac3bb1aec5f5

    SHA512

    61d35a1438c8f8e1058acfb8aad627bc0087395dba4464052897de9b9678e25b5d9f7cc5990b11724213f0065d7b4943a6d78488c6c0f5a4d5c8482e9cf047eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b270c1b6d3dadeaa54659b9880fd1ec

    SHA1

    08c1bfa83fab832cdc1c95b14271391f81087e85

    SHA256

    e81d5e724fe1581a116de8106174ed1a75c96760098a26ba91afdf6728f720d8

    SHA512

    d3f1e044c25a6a490543ccb6dedb18fdac25697d24d861ad233c37975662a3b368c3c24fc293251b4173dee0fe59cc30564fbec23bcd0c0f703397f89b03c00f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d311aacc8a331bb1aa35a8f25a94abc

    SHA1

    8a492c4b28472392addc2d36098b80ac68356e0c

    SHA256

    4b534d144db448800f6a2ab85360363d9f6b0baeb87a9aecc5aa0f73d1d95fb0

    SHA512

    322b4e1f6f9c65b6938ecd0074c32f996dbed6f2cb8c48ebd06b291894669d35e8937d262e36b2f4eea7728fb57db8dd669b410eb5cc3887127c4e1637340f80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    572f28cae5871eb2b0bea5a94e0c0eec

    SHA1

    8a00538c72f912349d11b4a3b2f17c6b77206433

    SHA256

    32b64afaf8b717bc9ff449f70d843605cba79a2afd0c54f4f415a8f27d7c75cd

    SHA512

    b48ae8ef514eab192b4dce79186d455268d7b01e8536313346e2200d492913e6a3ee7108e2f5b6b6bcefc4a55cace7942521627d47b8b70f8fd84e424c8db4a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ecc861cba742ad791f0969b2743e377

    SHA1

    0e69fcce0cafd31926be3ea5aa25c196b22928ee

    SHA256

    66318fe1a4ee64626d6a97ed83a43bb8be40139b22efe32a4e970cc08ee50725

    SHA512

    cc29debac53e36182e71bbc053649b91b45b10620e4c463c99e3431ee236f751bb528f3592212bd30d29fc190eee5a01faac8cad20f25f88ed7a28082777c41d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bce42ec10b4d1ae1f32cbd69c1fc6218

    SHA1

    6f48da3d6d944aa990f115803d8eb858103c5c3e

    SHA256

    843041e8801c02c096caa778f31c050399fab48c62a650daf314fd121be3f664

    SHA512

    d2a31c073682d52f064c2487e44f814a52fa077e09975915d72fe8e9f01113471ed437f6692c80f30e9ae03caf92b040d44900d01dcdfafe12263915ee2f1e38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5634abee696d6d89f99614d63fa558a1

    SHA1

    f30a9d6a188a1b8df83b5cfc11a55e310747b0c2

    SHA256

    8b6c31c80fb7582bf8e4c85bb9964ddad4c69222c18b0835722511445a3959e7

    SHA512

    1d2b1379e8cfa11cece71bbec2cb1ae0a5a64faa78a85f86b02056b6064e94007365b899f5f2c0f0b96684d4b07a41ea1940610bf742a9b6a93ee3c6b2b99a8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34c1846f870c763dfd9da7e9d18459fe

    SHA1

    68c9f0d13a82a3c8a5316cadbd865dc6deea417a

    SHA256

    643e9ffb10409aea5f3e472e74deeb5037af80a640f61a678d91ecc5238c2360

    SHA512

    83696f115adb9f2c7a40a8574ff7120aa5c4e379297854c41b2633f5b5cd6d7b7799b80c5787cd278bf9a05b4d10f7417ec306219dc570da1976143cc2d333a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c54d374fec874841afd41f571cc24f3d

    SHA1

    abfbc4b41487d5e0d1376e6efd31f9a401e4018e

    SHA256

    6131d4254825ff99d9d935c41c8173ee59f5105c6e401ada4a2ce80034136bfe

    SHA512

    b68520da1cbacc72ae61d0910f7d0add33b4a379521efc6ab8e18fc7d06b70c81f68e846be7ce08f7e56f468d73de6e53dd37a4247f6ae8d0febd1099e6b638f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17d3fa70692a7bb12dbc2e042cb5f6c7

    SHA1

    18c6d617eec2a36e8cb99d1a561b7b785f6fccb5

    SHA256

    673317ffb60fb23b539b35abdea42754ae100c01404a0e3736c527584df6aeba

    SHA512

    06d618d66b6df59c974a5f23b5e1b482894acc672dc196c901dfc8bfcf1a13de92e2fcc7cdbd76f4d714f998a92b28f645e2234ce843c1bb935baaf2ffe2dff2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    277d63d9a5ae495bd572ebde578cda14

    SHA1

    280a73e2bfcc9065a74d926f8976be4e4c75dfea

    SHA256

    dd682c778b2f33bb190c671654d2e42dcff8628b10f1a6e017f52dd8afe1709c

    SHA512

    64467e13a6d6fb8058ee184ca3bd5ddd8f0bc399976571b55412bc82733bd76ab35dba40672490043add784b1c4b558ced4403d4cce8d15143367bd37896cbf5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f612a68d6a904e58a708c1c62a91101

    SHA1

    8f662521a8206ee54f40e10c8220b87f76fb6677

    SHA256

    fac2bcde56b55517013738ea4633a58714bf66dfc84c802a95fa6b2c6f18510a

    SHA512

    60ad7bf0572901e20c543f080c1117dc5559b42b05f7b5cbb164f927d2fcc6a99ac2520795343601dbb2a636d67b1e45f54e2f76ce46165ae7eb739f6a9f3f9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2674367c5ec95cc1eae5040327a3ee0e

    SHA1

    70257f02a1a072666b411c751b4f89d4b037a7c3

    SHA256

    c609459a8c65c3b626bc0321c15b5dcd661704ee709ee07153ecd73bf1d3febd

    SHA512

    a6167fc0729e8e5c87479d6590226658066d1927da4b5a99f170764338eb065d0f5549504560a16168937cf23e8544522c7d1500d25f281f5a495e4982dce36b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d67f5ae125d92ff1483ba197b7e5851

    SHA1

    40ace5b32f9a7540a4c6a9f4de0bfa1421395f29

    SHA256

    cb00845270b590e6b1fdf5f50a2504e13bcd4283655415ee1811efd421691f2f

    SHA512

    9242d057a186bbb6f77f14fa4449e3884c1906021b047be8fb36cd5e40be90328325bf029cec04b16db4c95a18d9cc7e372a6941eb20691c4656ac04b732881a

  • C:\Users\Admin\AppData\Local\Temp\CabAB6F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarAC5D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b