Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:16

General

  • Target

    eabe89885ee8cb38b7891b1b8ed18fd3_JaffaCakes118.html

  • Size

    3KB

  • MD5

    eabe89885ee8cb38b7891b1b8ed18fd3

  • SHA1

    64ccb114f64bfe4c545effd36b68206af2853cec

  • SHA256

    944a4d417ea758b95045260671794a99394e131db0d431469264840a95028c38

  • SHA512

    46e6b29d4e905024c3a0185bf64c8cbf2838c3a9270503b66d06890ce930143414ca006da2329860f60567292bb064b63af4cab60d99627e365d934e43833924

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabe89885ee8cb38b7891b1b8ed18fd3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f802eb1ce750fa0a0f81ee4e2bb2c8c0

    SHA1

    0527e2aff213fd14e904db6168ecb9960cf777ff

    SHA256

    41b38c36184285008597573100122e7ba86d912dc09b0b2377d9ad0febec7ac3

    SHA512

    2df94f3a1ae8b649c918fffffd877ea0e7d562e31c68860568a9b7637ea1a11c499b5a148c1f70d51133cf293deef724ecb7c62841283ce02cb740650d57188b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f11c4d6d1f0e3320ee9cfa545fbecb8

    SHA1

    f80b702564fab17d8d5384110d7016a275665ae2

    SHA256

    1abac580ac397f3fd1d8fcd8a32830ed0c9209942e6dfd61ef61b4bf277049d0

    SHA512

    ab7775ab0edb00c2c12f605c94d264b63e52a3a140a77a2d96452a3317572addc65396d1e329593ce3daeb04c8daa9bf389a4f04fc785f186554500a45ad6833

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c80a0087e46d248899d7f70023a93f28

    SHA1

    bffcfff2ccedd4060f055196e59ce4e81f9da839

    SHA256

    025af95739da23f90dbba67a477153622110f690954e236a15ab0e0d83308581

    SHA512

    e9829c140af6324129bb97ff32d1dc889bc630d71b0bd3456f3a5482ff211a511884f6f534b877894ff88ddb3581f6252e852ee20e20acdc214ed0b1703bfa3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e1aefe3f8e52b396e46eec72b6fa51e

    SHA1

    187c93ffe14074d50ad7ee649a385a74e93b2d6d

    SHA256

    c6bcda11e31b4604238fce25abbcaf2541d45c8021c3b6734fe7d425e24f3c38

    SHA512

    5afb5f26a46580d6bedbcf3c05fe1ffb0b366727b1129e84b416294d0b4d9ea47b210f2c385da88b2ec9907c5465ac00722ec57ec9de2ab42785204f83be83c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    376146549cf5564152d2789032609d14

    SHA1

    d5352a8f725183dc5de42da875a45661aa5a8fae

    SHA256

    16b7ca3b8ef1b578e94e86a6c13fa55941340d9c336bb71102c60d8a72de1200

    SHA512

    819c257baddf93ccb696b322e7a817d1def2a28a6df614513c8fdcb564ae42546b227d252940fbe7ee033e784751d96d2a43baf4ebe41626a4cd9e713afcaac0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    085f60b376c5d0c9740c047035fbc0f5

    SHA1

    77a1d7eb6660086232e36fc99b64f1d85ab58434

    SHA256

    0318f6624d8bc14e59026b72845a960b2ca5a624687ffcf9e719cf3f53fd8728

    SHA512

    08fbadb909568056d0b7dc25e11eff548fafd672bd79be1aada98b6f0e4df5c275daa75ed263826fd3eb808d0b7a1d371e664b2590a466ae5b6ed41564c3268e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d52c3ec1457af49857601cf0996c00bf

    SHA1

    41d61fd8bfa0e8bf64ef49156fff4d5b457a8534

    SHA256

    5615ea0339db557a19638970fe95056d6cb11493224d7adc2a929e4b1e59e9e1

    SHA512

    1a3c2750003c12c6161540a51297bf0136ae7df499121dca27df95f131cda45e0f6b839fa2d119ed971d07636bab2e2bfecc4c7f89e8db311662e328ccb29980

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18306afed0e5e0e908e59af3ec1de679

    SHA1

    3387a0c1a93b41d57a02be867f38b2bed2df1b77

    SHA256

    2a2454248a81eaaa51e1685ce3c83ee057e3c58126270f89e48f02d44886cb27

    SHA512

    218f93ca02030dd1935ba1ab6f81838df3a61bcf42bbfde22871658fb4a016fd4184a7fd2f48183ce2ce621163213a28e8c75b576e8a88cc71dd6300de56c2b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7168fe7d744d21915d065352d6176bfa

    SHA1

    f744ddddb2190b0fb23095bb406a0d8e815a6abc

    SHA256

    34ba02f9400b56607b56d02afd5fd9eb4aa9376d8200b5aa22dee603f7df2b27

    SHA512

    bd1aca9c951ace3146c20e08bf8c4617323b1ec509ccf1af60639e44fafbb5414e2fa1100df20c8a08a01fddd0f920e9438a0c8cab51a1a25b0cd994d51c6ce4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89c1f3777f385f6aaed170b0d093543e

    SHA1

    f1fc3f060917db13bb8525cbbf49c7545438f634

    SHA256

    719edc14a94c79596649f00f999d3fd4ec78c5d7f1a4d87901e8be3a92d67bf7

    SHA512

    ef4c6c47b09fd62d71583daf6e62d59246e97022489c4b8927d77af820e9c795d7a193010c924ba6c1d4911adedcfcb7c1abf96f4f1cf9cb9282f14000074ed2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbbba2feb6981e059776c194002c5785

    SHA1

    17b9a30818bbe3fa7c51544508a5e5660707ca3e

    SHA256

    428be89ac0e0e2719b9f60b4fe69e734d94a0ff74c3aee33edd4740564e10a9e

    SHA512

    fec9e63f31e592993a11c6343ab40d4a598d99f6bd07bce513a935c921e1fa99409ccc5850c92b6ca8b6af3ba82029bd1e1f9e33f2cd7c82919a0588262cd35a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0f4d0bc2e54d794dbc64177f103500b

    SHA1

    7bc1cf298c3d753aec484697d77a1d97dd408422

    SHA256

    6acc7836bbd1a602453be8cd9331c78f9c871fa63a238fa96b59a02baf5c1e02

    SHA512

    02ab18be4cd458795e03e5054c639c044a2479e2cf20374f3b42443e3a901685816ae955a8aa66d02b444cd7752c38fcc4ab3deb17140795ec040ee7ba3af342

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff50bd6a276ce29c79d122965224281b

    SHA1

    868ff6b0debfdb394ed5c05e8a6767920ee91f68

    SHA256

    d54034aa120777706e979dfe90efcd030a602fb037a7ba88602cb0da23b3abc9

    SHA512

    a98c6d7e4d009b6e49ed02f4e50980ffd22634d4ce3ceda792454711ffa6f798ed0f44496cd7d8e8245ab1777c53d0f5783cb477ea6a751190d03e9ec4a96c93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a280b667e0f97c8dd0111034d2af81c

    SHA1

    4c15df9c5896ca41dad68345ac9de460b0d4064e

    SHA256

    555e2266ce39cd50e46d5339d7f1644cce5149504e2d7e8ae3cdf28e40476878

    SHA512

    8c3385d0f1808ac65403f043c79829a12d83ee673a8751ade49ca68c38a0492b172f23eacb8789b3269dd6acfecfdab95e358d1bbd3f9b96084a9462405cdb79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15a6b1beafad17d621910937bc32f0f9

    SHA1

    88788eea91f06dd55f840edf697d232fa8d1709e

    SHA256

    ba8b418a8602630ee7bf2a0727f567713b9914d5c50508defd8e82ce41e66f1e

    SHA512

    d9b862f2905d36b711700d6be8e920061b3176d92f253c8de14c6be6c5a21539dac68ba92862ee1a0ed8a76ec2786f09e753d7610c2a969d17c85bb672bdefe7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1dbc2a06776e156171643d6c0954df3

    SHA1

    d0a372f782eb4e4842e1336299b5a7ef7c769c8c

    SHA256

    2b68c7d71f34cc813a2b594bae21532a96b0c58cccbf5735f2b614dae67373b5

    SHA512

    56eedad2a890138ea35f20577182416d0c43dcd9b58183a2a3bc3af9ce1af17f5b03f905ea4f81341a8c8c6d93fe1426678c012ef031e79ea48b954bbe7624a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    562e02fd1bf704fd692f6ac982b1b593

    SHA1

    07668b0d80ac718c38b7ab8f968eb5b2714e7d0f

    SHA256

    9457197fe0b14c95cb31c8cd439b843020fe34019dec366700bebd6a51bb84ca

    SHA512

    6984586d4ddb511042955141764a58e897f317f6dca346f38566e630f3d0bf66dace32e58f0a85ec765f3caca475544ffbed150fdaa83616a483e1ab726f3904

  • C:\Users\Admin\AppData\Local\Temp\CabF4CB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF4DE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b