Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 04:16

General

  • Target

    ea9123edab6ec97ab274508f4beea1a1_JaffaCakes118.html

  • Size

    53KB

  • MD5

    ea9123edab6ec97ab274508f4beea1a1

  • SHA1

    71f6aa724ed072fb70e256b762a1e061add176d8

  • SHA256

    139c636d01329d82bca368cb5a3abc882f13d92566a5ee2e882b1fbdb59ae941

  • SHA512

    48fc01b591801946cb8fe8e82a01a1a7b1b0485b04f711300f47fbcf13b4f3b91fc23ec46fae29b0534b1a650caca60180b6bec80fbb1441c44a635019c39902

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUBrunlYV63Nj+q5VyvR0w2AzTICbbdoi/t9M/dNwIUTDmDN:CkgUiIakTqGivi+PyUBrunlYV63Nj+qb

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea9123edab6ec97ab274508f4beea1a1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2484 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d262164e1260d103f39f73648f6a6035

    SHA1

    5ebf2ac06511ab2325484c510ae599e66bf87af7

    SHA256

    eb880305fbbf9b5743cae345721dec558af732191a5286cbfe4943bc62267a63

    SHA512

    e904a5d77055db0e10b978749afc3a6d80ed68795361db2e63f87b01cdf098728985c4e17d963fe6c039d3cf318b58f1622f75914b7c62c29822653d0a748abe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed5dc6be790204a9c579e08bc786e930

    SHA1

    eeeeef2f094fe8c488ed7095f84778f8a2c202d2

    SHA256

    07a755fbb9718a25038eb2c3bb7c4497d5a69684d7eecf1b111154e20bc17dc7

    SHA512

    0a92a618948ba131bd4b4c20f0b6b1945c3e53b8574fa99ce2d35eadc22fec2df6969615af3161add0ae7e26496f14c15ebce51673876af1cc1c150aa978a8be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a64c5cfa15733298d9d61ff5715a1437

    SHA1

    081a6c805f2796677c24ba773a1e59e8f6a1e547

    SHA256

    74c5f3c50b68a06cbe8a1b754828f46b5cc5096b2a92052ea3fcf0202539a8df

    SHA512

    42f9e5c347a733e8442f06f9a08e7fbed7473cce47b7d8f64ec6c3a679cdaa61d20e717529e35a83b9c07dad2c25c801401834dcf194db39d861d46d6441c329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87bef1a59afdf721140771264c170c73

    SHA1

    6ecd41bad42d19c92458e80c67f052d20d5b95da

    SHA256

    b20b683093d3463c1877bf4df090bfdb6edbcfd17bfef248ef2b88553a6a89fb

    SHA512

    54f12f6bbc8a1f98edaacef7b92e22ec1ef5125af5080a4f539a05a14c66ea4d570f3ee1b4d2bbc238e45e8e8ba1be1dac125260a350c6c10d46fe76c1e6f929

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec5d77049de0ffc26f27f2b10246aad3

    SHA1

    e09dd3fdadfd6b8a2b96b3bcf3d029fb2dd98c52

    SHA256

    5e82ede5c22ffc43372c299a2bf158b3350d85b9feeb326ac089f45c8b8b54f7

    SHA512

    4bf85f3c35437bc5aba5cd82e0b937efd36151244418ebc2bd30feb52fced32487ceddfecf4eb99ae5b4dfcaba92a0f81f7cb82f62cac16d10f3889eeded5fb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57fd7032436825834b1479d0f7366e0e

    SHA1

    5cdf4b48ca74dde34a125902b230b806e0d74a87

    SHA256

    af947b084878d89f722bafb2af4e45900baf400eea42ba19ea0d579dd8645a77

    SHA512

    5b840987ada80d211a3dcfd7afd4e82281a1e395b93175bea3418e55bb3560e52dc597ca5406e43d9cbd0e13d7036543a254b66eb4a6f35b7ad9397a567b36e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee5797c2894b077c458a5e23546a572e

    SHA1

    9c23fb51c37d40bf0e4e3dc1be0cadea3f23549f

    SHA256

    10dff0d73814e88d3a6f7f7da44eb98558da32f4ec7f65cad15138392b375eed

    SHA512

    65d2cc07a4b00a3e314db37d56d287c4c1805fcb20cdf92ae0a579311771513b317350aa1a564bd170c080d051e91c7ef149e2ef23a8e609a9f89acfc26af677

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14aebaed727f56f265927c65c5bc6be4

    SHA1

    9f33459682f36f66dbafeabee129b9567cad08c7

    SHA256

    2bc5d25201fb68438757e44df522c58a25aaa4274bbf772fb931401225e1c22c

    SHA512

    6192f7a1b9b7af35a9dbc60da1867620e90b0cb26111dcb0c1018659b1c269e63e4b023d736e81665fe48f3fd6da26829fd6528caadca8f517217f39b964a543

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9c3d7a74eda719c6220d30fddc5032d

    SHA1

    a0f0370510c49048c6b3ef42141cedf392e8d5ae

    SHA256

    cdc39ff6fb98b437fa8b6f8ee64d6eb0dc946b399a991f20b47707b1c20382c0

    SHA512

    ae8696afef35bb94acb507a0e274ca6f7b0b71b3609267ccf0acc548b11549946edc2edaed6397163a12c1e98a07077ea95f647bf7fd0e9c9fc27794657fcb39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42130af83407fac0cffc4b85190a90b5

    SHA1

    1c6b8fa67b6296f5fa13c2fda1776a0b1fded594

    SHA256

    ed8254c64ecb30692cdb88e27dc016a5151e26f68f3f39a38276a7ee6cbe541b

    SHA512

    3dd309e9be10753c8a970a693214c5ad489d1b7ae4854ab471058f3d8fe249727d3ab61492284fe9c6bdbd01ec95dd63dd4a22a010e544d0a85b4c9190ec6d5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    449568ed847e2dcff9eb758ba349d40d

    SHA1

    412743d3de843daa0bc622a0395488756a3db804

    SHA256

    175f6e83a2a8d91cb9f71bd8a8cdb2bed648b6e2c54ff13a04543567b96482bf

    SHA512

    746583c5fb14db47ea000eee972400a238945cdeb8bb4c7c631b970dcaa094ccbe5697d3598c84fe507f57ea7518afe017e115a71f7c6adde2d8616615b84e42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4663136ec94888bbd448cbace1a3d093

    SHA1

    8f32a41b31f11178c04f6a2c712fc6a2208541a0

    SHA256

    7678548f8951057b46bc61f7ca41b37d31d1b07072377d8b0949e9e25fc07762

    SHA512

    58331f4e23bbfd14f57af13742c21b7ed6e299e4b899d47d5d807e152e708426efc1273d7b8fc1b1bdb7e072b3e5da73398321708c009fa61bbc46299db5ef51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7074634bda77b0e775794577a5a51c26

    SHA1

    e220893da5ec241f3c09aed569cf95e1acceb982

    SHA256

    146c62d5744c2654184983900912d50abc9e02bc395bb8d8b20d712eb24db888

    SHA512

    2a5a1e99f6d28d4602c61b38ade9d81216523450eb48f8d219ca70f365221ca253cf322400d1f8a29ae89bd1d494b073667181b1c63a92afdfcf3207941e19c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa93ec8307c5686b4970e44d3bf34d87

    SHA1

    7bfdf8fbd75bc7f5724f5e7aeed42dada32ea650

    SHA256

    97fa2e50e2e054e121fa8c53c89d14119834aa9c14f9f735d90a493e03a26ac6

    SHA512

    293bd193b4dd754e7808efedabe3deb971bda388870dbdf52ede6c793fb07d2e55ccacdedf0bf22062edf501811db614ab77a1897ce182cb1b410467dba3d808

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b2f5a33f808b5ca8a93b5377a0f602f

    SHA1

    fea27601b393ebcf07651d3de6f190481f7baba6

    SHA256

    791ee81c5144a4bc685e6846034ee2105bb099d7348bedfa1a151c6d9b413c1e

    SHA512

    1383a82e7951d864ed94a12c42b8938d02a27b7ca4daaf4b90e21e589c822c2c926cae8c60cc27e56f4ac3e455a92111032af2b3009b0ede2186016b5e615784

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    655e263b4e4ebed336ddafbca5f2f039

    SHA1

    eb7515d3e077817a09a41be6f11a7dc189d60e3f

    SHA256

    01381a0d64e6b801a4540a292e1e4da4d90e3cfa7abc8e57aa3ce044cb89eeff

    SHA512

    ed9a0f7836205e161a504f9f15407d6ad1e4509eb530f6f12d2b17d2b958293910df6c84d8f829462c2ac3f2f99950beade8fa8c221ecb1bfd2fe9835097f464

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c65826c7fe2a6bc8202f01e2c9127d6f

    SHA1

    8d2e3aca21738b5cba9cc1386c7a182321ecef95

    SHA256

    f253e7a47797c428cf4b50b912ef187a01c1d70f2f93884cfe0f6612732dadc8

    SHA512

    74f0c092ae78be18dcc7b30e9deb499071b59b093e799a5369347da7063637abb1a8563d559bdf2c1c2e05dd20da3202196c3e30eddaf90f498116c6340bacae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc2b360b8c1ea9cbc0fa9343c50d9526

    SHA1

    f19462a939da51a8e186fa20c39b0ea1692ce255

    SHA256

    6e8ff3ac65fcb3bf3c6d42c9cfef851b10d156e695aa572d277fd27cf8d688e4

    SHA512

    f01a23119d539c8255421810c17d9107ca6dd00bb81e6935f94f484a6d737f06793501ed26af3b2d1adf9a69018daa65f0ad5d31a6b4bdc4d84d2a21820223a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    193299ca46b413f6d1f3d05ff7a394d3

    SHA1

    ee899ed4424df40e5ab29aa5a22fe9502a565de1

    SHA256

    e25ab6fdcb48ea8435ac8e018a9ff63488dbfebf75740af3c8ab9f2430d86052

    SHA512

    c1b6230e13798215faef8b8e1c79b8afb262cf03e7c355cd4baafd7304ed5c97f40cdd6d04847a6ec846ef8fd51da28e8a93162f2b4a5958a4f4b3e7b0f0712e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8UFEBH5\style[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\CabC258.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC307.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b