Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 03:52

General

  • Target

    ea88e6a17339154cb83fa4861e86dcad_JaffaCakes118.html

  • Size

    53KB

  • MD5

    ea88e6a17339154cb83fa4861e86dcad

  • SHA1

    76a668aa6a6b2d7eb42d6be72978fdab15ba20ee

  • SHA256

    1647b42132a8acc131e194f13f83cddc014a0795179fd252411a4f47396f9fb8

  • SHA512

    662b1b9236997d1a92daf43bb2502f1cf7610fcf319f4898ca91651d88bfbffb2c46b10971fc2fb089d829e24566f788f5e3cdee238f59659fbec1a2a4261586

  • SSDEEP

    1536:SUSKqz2WHmCCwzZ2wQzRakFZWJRigGEFhH2csw:SUSBGCCbTzRdIigGQH2cF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea88e6a17339154cb83fa4861e86dcad_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d032529c518fe6d97e298bac011d790

    SHA1

    8049b93056954090a9b4315ea67b77e1059678dc

    SHA256

    d2965fc1924c700f9d0c9f0b965d845058ae9bcf744b48b01a2c7363197e6495

    SHA512

    61d085e4367c82bb0d908139dcb8437752b83f281a92ca30742e6f7af0e68cd99ed6c9997c3aaed27d00a9c89ea176f8493d21598e54854a6ecf8c159502c1ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0ad6a0bf5987fd93ca9b028dbca53eb

    SHA1

    0a6b860625a884d9c35d1baa63ab5a7b0633cca2

    SHA256

    65ef2c6c920fd688916fa940f98acc30cc6e381663166f90f0ca19e2c8d62c12

    SHA512

    86f9500dfba95cb39cd530f4bb00456071baca66ad1dc091d7b19891d75993eb3e8a7d8848c9121a0deff6f96e0d87a126d853ec33a6715f51be78490a5cc889

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a984cf8ec62023da8dca05ad2ccbdf1f

    SHA1

    4a0f480cc174556683c69ff72abfd30df1b31af0

    SHA256

    84e8116dee192e077ab27d4a900c7bfea291c10ab031687f31de47d25b0f7916

    SHA512

    4f0c6e5af62883582b306ae775b7d7acb64267990cf50da7b134c6607cc31db14a8cab3455e29f4c34e8022d4e3a6a41281b823ebe059fd12eaf472a7ddbb019

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e943e57aa28806917c93345999d3e94

    SHA1

    87356edcc7966d9bab5c07943bdb7a198534b2ab

    SHA256

    3f44ee7013b371a634eb42f2878e3ca98c2486dad2bc2ebffb70d024ea04be37

    SHA512

    34e567a01dc4a4c9bfaaec8e74b040a964b7f60bf075e478110ef7e939d50f35eaa617bfbbe9847bdfa29ddafb1448c7d2a25661838cb6c33cc934070a8ec074

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94522948cde6386c28b79fdfd6594026

    SHA1

    e02d94c01e1a9811bb7c623481052eea61055f95

    SHA256

    c3816ac0605aad4d26d12085675e946086dec379c4f3b11c570318adddfa8c87

    SHA512

    f1824f2caab5daf757834903656d1627004820b688d8b25843c0243febe18c9bb29620715deeb412cd406d274a1f9f5c11041ca3da112c5b7ce942082684b01b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67bf415dd69b669d6c6307ac5a4154ba

    SHA1

    cd92fabb33948e4a72dc3fcae2065a43add246b1

    SHA256

    d845ce3d4a058f9abba6d12c2fc1845f56cf437a55bd258b9d12f913c49c4814

    SHA512

    8c513a1d4f30a85e83b7c506855bab112617e5b02433831eb8e7768c11f20d3fd66ad3e35a07a757fc4a56a8c3757eedce0476db15eb7a72c8d92f3c86e8744a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    074a368826ed689aaf07400a6decabd9

    SHA1

    f0e51808b6d1d53f426cfa135f9c65d7f8b8c364

    SHA256

    f5ec61ac9fd26f32a33c2adf860dd711cac058c0bdf4cac67498ed13757d189a

    SHA512

    79f2522f733f8165587727e8ccbe8c2ff76f95d6b7af03904d2713f74f21d0bdf37abf7d3b1a97f1070f060c430522ff34e4257a7248f2fe9db0007cf461f3c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8746937afb7c2a714f321d40e0e72a39

    SHA1

    df19781450c441e34feb36ff283eadde69b63eb6

    SHA256

    29e6e5704297d0c6b94149026a7af96a21b5dbf875ffa69d10c3f22ddc787041

    SHA512

    2288c924c2bd4e9f5818fdbb89d66563d44de9d9b0a2562dff1a76d485b7b9984abbfab1126944bbc1b185f1ffc4cd65445e552cb8d70a9d3bc4b7eb2a4e3bf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7705335c47f31ac0598d18842357305

    SHA1

    aa404b062462f58e9bd9625636a9709fe98806a3

    SHA256

    8080018f3d59e062921383f00585dd8c9a054a691f4cdf2a3b313fcd7bb4f3a1

    SHA512

    3bbbeb4e15c79ce06b5acd3357afc558be842befc44f8bd1071aab957af91f867dbe47fdaf71d335519d228f87fed1c57e96d1e607fbf8d2798817696cf3b099

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f93a2f9f77a9895d4f9d4caac311f13a

    SHA1

    1deadb107febf61f112b463cf2eed1ea8ed6d391

    SHA256

    d4ec90378e799c71f3d810b6372eb3c4430fdad85519de4f1ca51331180221d1

    SHA512

    b472a137818f8a4a1176ec4277efbabadc17bb1bbc5c7ee41ab0121c9c9a237e7d057d3736beedc033eeab9a974d1ec168405d5fa27d96cb3907cdf4c24d6c03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7584f27eda10b504d8e13e4628e3ce18

    SHA1

    ce9348d48a72d34d2f80b9aa0f9f3a6dc84e1ae3

    SHA256

    90702fa56db5412f977dc0a9b7b9adffb4ddf35fa5e89c323d5cb3d16697f526

    SHA512

    0fd8855524f705d34eec73358e5e8be72f5eb3d5ae21cf01140a4f332151917fb0d87c1d5f9cbbb9529089eb988cab38954a77a337f61c604e802a9b5fcd1bda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6806d4e61ec5b073bce2ec1df0feed5f

    SHA1

    a6c6fb6d13125dc6cc24be2f9eb17d3a27baf587

    SHA256

    88f1f48ba5fa09c5a3c18bb58f6ba9a53e81c7dba22a0d635b202f30060653f5

    SHA512

    08a9ad3acb4e78d9a3374d92cbde41774fe7d0c02080c6f25e88d4cf700ce1d92fc97039494a466d658ee1d7f218422387d84ab0a74b91f1702ba413af46effb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afae1d2b6ea776851f478b4f306d7303

    SHA1

    e2fb51fdd9f7521dcee0059f4888cc879d83ca0a

    SHA256

    6271f65f64f0994dc7bbe03f3d60da0cc68cdc6c05d961639d3d8105d1dfc4fa

    SHA512

    ac0a9853231a00bd5dd814769441242ad4411fae4bc933fa477a305ca5d9baa697bec45d779aa5584c84f0f512c375b398cb5be330a9400f73070e76a22818cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ee7acf65f5f8ae6830e14b34ae5511a

    SHA1

    bead7cec787f2b774e0883c8a9f1c39d25bc5cde

    SHA256

    78fcd914cbe9fa27dcdb07c41bbfe63143a978c692516f1f147eb0b8e6c8d04b

    SHA512

    a13427711d1f1bf05ec08c29bfd7578f163e646a73c93b660d0ba89493f27ea05658879e7a7e1b631696e673bdedc2654f3912ff7b0cedef20b09bd011cd80fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7debb9099f614020ddd47fb444c2da96

    SHA1

    4bf1f3cb06320f5b760803968ba95fbf58e1ba47

    SHA256

    63658a3d9825247bc2e854d341ada6389cb4f3372729697d18300959a200dc9f

    SHA512

    6be115d28a18595b393a36394367df382cfb4838f509405622e0695d5964d952cdc16312d3bc0b2a5f7e944501c3e93eef4d7def90023ccac9d41824f0e657d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c7dd4d38acd879418c4d5085e67e3ed

    SHA1

    3f53f3e753b75e893be11cb5b977ff7f57445699

    SHA256

    189e1291552976ec72b0979cfc3dea3c13cfe65bb32049ecbbd2d92a5773a31c

    SHA512

    d140d2c3b028f854328178a73a160481a7a279e7c98bde40e5fe2c47099ca352fa891c2edf627f3a0d49117f40351286792d0d8b8bd00ab8c87b84c70af912be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca39a1ba248b5c1963678ddfe2a39bfc

    SHA1

    ca102fe84ae6ecfb1079d38157f1f0d416cf1000

    SHA256

    8192a17f56ed18af21fcedad49faa5382bf866133a0018bcbdaa24489073ea3b

    SHA512

    29b1946cc24ec1c004e891e77396ed5b7d38537e2c36f190397c76a72c4d0ece84d6ede64fa27ad8197908fbe3ad5777675f9a603e6ecacd99dd8fcb56bcd53a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b16b93e3a0401cfd34ae2d92bb0d0c75

    SHA1

    83400fccba13f966fa15230f1cd24c80be412e82

    SHA256

    4b6fbf59cfa6515cce470e8b1599ca0450684c6df5e049314aeeaf8088b1bb50

    SHA512

    92cb194c8ff31bb61b7bfd1b7439cf4326757e1f8b8bd97530632120a24f8d0d0c197d6683699245351699355ea330262f903a10bc233665b176b8829d64ae2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca8736838c13ba0580e42b621d461257

    SHA1

    023c1fa7ee09e2deba16f090fe5a1e2104c89bcd

    SHA256

    e066f78f1be1d6a585db4997c964e40770af2fa20ee8600fc297ac4c8fc58bb3

    SHA512

    0f13d5c21a69c9adc14a4af416f9ef909c4e5fb7b86e68bea63f119518cb6d941b53b107ebf25ef3169ece8c92fbcfa62889a49b09390c2d6205e0ce523bd546

  • C:\Users\Admin\AppData\Local\Temp\Cab93D8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9488.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b