Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:20

General

  • Target

    eabf8fcaecb99beca5a5ffe33fbca5c9_JaffaCakes118.html

  • Size

    6KB

  • MD5

    eabf8fcaecb99beca5a5ffe33fbca5c9

  • SHA1

    ac64366148dd23b0279ddd45386ca202fe4d7bfa

  • SHA256

    92f9c0302644c50876c4905bba8fbc73000535fe9ff589bbcd94fe0db5fea060

  • SHA512

    2830d1fb1cdba5a69090d0dc9ec698c55dc783dec717011625a96afcd715cbc536c7c0be2dc97d1af2ef8af07ea37a4508d29fc0891323dc2a97bd5697381cea

  • SSDEEP

    96:uzVs+ux7VHyLLY1k9o84d12ef7CSTUnZcEZ7ru7f:csz7VHyAYS/+b76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabf8fcaecb99beca5a5ffe33fbca5c9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63a79bc546d191d034857bd0e0608d8f

    SHA1

    2b54e748d011d0f88a196275e4494eab6a05f981

    SHA256

    7352827bdc78b6eb4b5a2e355865f2362050456366677c4379472fff27903cc8

    SHA512

    ee560ec543c7de16264bbde7be8367ef342cb9b6cc739cfc688547332aab0c9fbba6c9ca1408804d8c7409e839ef024fe9ce67781fc782021c644c25a8619834

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4394898bf44cb6b329aab9a223a1b974

    SHA1

    478f8405e6f8d8b025140682453b02ba5a89f191

    SHA256

    784353f809d40e3e6991f6364754b78574f0ce327b3cec1fd8364f0fb81ed9ea

    SHA512

    f3cd5544c18f778401a9f2ca63f2afdedd4d8e3938cdb8ff8338744f7a1a699b85c8d578a4c8853361c5a515a0ec7c7c8b88a8363d1c388f0662e7fc753fc7e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d6d9484a739aac19669c40027ef4f59

    SHA1

    e3fd7e3cfa9472103f68231f51368a368c6b7b00

    SHA256

    b92b97e42c8510356fa762d88c99b3732da62b7c8d5f19cbecf11c883b4e6840

    SHA512

    842fef8f6914ae9c2b330e07eb0ff2946cd07a2e3eb897e5fb8d278349a6dcc69bdade164d103e44e7354b8ec8794bba45a23d84b258b6bc6d0460140999b394

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11b20dee89ab6ce37b1049c29f1c65de

    SHA1

    8c0939dfc1485aa2159bba5bc8ea4e9e9af34648

    SHA256

    c3a4c6fea04c9b746e666480abd0f9bae4e7aa1b3e45aea40a67e4b2c93e5e15

    SHA512

    13dedf0214391bb5a3d6bed462d38cced37288953acb56c8cb545adb68f54489cd7c7e39823dbbf49e4cfdbc84f42c6e5c72a8f14357721157c2d1d4d56e5101

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37d612661e65ff647dfd1c257fdb4d02

    SHA1

    54cf5ccc9e8c8d1f76bb6a85d890127b0d4a1c6d

    SHA256

    6e8fdc16cab780ddb8a0bef77a0df621a6866740583ee5c0b7df5e799e53aef0

    SHA512

    134ac8131c7efde6a15dcc98247fbd4078f1c9ba7dcac1c22b17b073bc92ef0ff6dc0bb6baa0f8fa80afc77986e46354ff207844a6e8e78d0e2910e0fcec7562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fa6c8fe4a54f5c9c61059a78f385c4f

    SHA1

    5914ffde158dd8a063d659299949c449238da437

    SHA256

    9f188995078d05fed1b3b5924a1093009ac9358dbb1f10cae988bc993d2c6d62

    SHA512

    ea14809b9176702c0ff990b9f12f87aa8ef7b8d9fd8ce6572d09c811eb080546424ee38ff2d9d3d7b9d658a0f99d1c5cd81e1ed026ba853997d113fc691eaa36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de894f41a8eaa05cdebd07914c797bff

    SHA1

    16fc9a1679a95c9111386f3d4a19309095993439

    SHA256

    14174dda3a936b7e01e495629c08472aa6e67c8aaf238db29985be9c9ea67dd8

    SHA512

    61224b85bd35cceefd45363395cd3f2d6d8bc36890cdb30acfafd7f9c98183e45f1d42334706733395444969d1f2be4065510682cd6c49af921fc46094f195ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9edfc576e8425cd9bfc00302d532aacd

    SHA1

    e79669be104b350a92b403a85bf23383b943711c

    SHA256

    4ff3a8500f0d3578b71bcd17fa02b7f094439cfa28a087007ee2f0f04863b6ba

    SHA512

    4d1e709e0a5f2654781837ed5f7ea8a4fb4f53d029067acb386a862a914804747514a0054e47344a2250df8f900fc8b055956f6ea1423b845cfc758a191a3675

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    728ae35f0753f953239494fcf8b14760

    SHA1

    c79708b67ac8dd2a8d8e1c8483b3f37dc112f701

    SHA256

    315658f1f559a6c7205a2ef98d48013a6755ebb35dd4a57334fef1ad4c4157db

    SHA512

    aa80578cc7064ceb117c48ae9f6e472e20294557c49c58e5debe5c8f2045f023cd80ddbb636a42e26f49336721e3c9cd251ab1c286b468a770fc04912a01a1a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4ddfc89a880410812b464bfaed6a7e5

    SHA1

    5b4e843fdde3cba641cef63c347e9afc9514a2d3

    SHA256

    5d756dea290e520303ff67ebfe842fcd1bdae07e311b1735dd9e513b5b4062cf

    SHA512

    45c4e60f5701e1bbb3d7fa234947ca994c51be4726a2cf274102c3f3a8a211c2ce1ad58769a91ee6ea91105fc423b246001491d4a4a071bda4494b2286a91860

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7da7435d35807275c564e02c1ac538b7

    SHA1

    736f30a058ee576f08724456286579e619a61dd8

    SHA256

    f1fe0a244d2812d6897030dbba5167da7066dd950dae499a84a4e951aa6580a1

    SHA512

    853a241765a9aeaa494b1eceb257f7cff1528672c3e007a5b02fc207fce51933c4f586f396c4b043b1be10d17767dba35877369c4d860f4dd2df397b76ed4cd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f9652330efa4fe7cb5bf4d06ef7af07

    SHA1

    5f1fe1ae2f40d914ad5236633089dc3e0b8000f0

    SHA256

    f3f667832c817a71eb03db96d8e5ed1cca447f4e3dc93a64112cd5a53f029e8b

    SHA512

    8f4012d01554d53f7c48e7ebc16035b6fdf8ef072cf2cfc617fde4cf4f51fbd58cad43dd138dbe9f03233bd47f8cde119f2c839b585f88c39b168541ebc62766

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71bd03d5d5b36a896c0e39cc9db2d2a2

    SHA1

    e7eb98d7f3d9242515c59e419f779ee22a60d2c6

    SHA256

    cf1342503df86534d0ff009e124e46cfff68965209d68cb81ade732424fc55f9

    SHA512

    e25f8701d79efddbbcf99454778dd4abefc169519aa71fa7168840cb55cc4dc169b204034c85718b4c7e02556353e20596135c788236470401bf6c50b816cbcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2bf601cba707190183997f5f3066d96

    SHA1

    c22c68ad0c5596de34f30bb0966cee30e6f71f91

    SHA256

    6108c2610b0ad5e7c7acfe4acd7b2beffdac293d6471abefc9442b41e941f9e4

    SHA512

    591087575fcef380f7cfe31c4843fe28201e2ef8c866d93bd1a85a9aa0d1a8b16e407a33c0e89a503f32065ea0fcde46db4731112b9540d5aa16f536fc4e6a0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb57128a5522ba065fc79e49005b0943

    SHA1

    e914957592f8d6b0aa3d1dfd32fc88a0a69592ad

    SHA256

    7bb24f1552b016371e8df21163dbea25760093c05c3c5a22589c0e6b8e3c43c6

    SHA512

    7b903b4f3b25180a88232f0fa1eb8821d1731cd5af3853607c7164a938caa45e1f39e21a2bd14e793967368180557af1dd914d7d90ab68138a8e50370622c9e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcb69cb0d71696a4a6cf288ecb21a41c

    SHA1

    0add41f05877bcaa7f5d03be82acf8ccf4657cd8

    SHA256

    6b8d98ee478fc9c12ed803e4f75d17e19afeb1e9e1d8aebc048f3e5d842c7793

    SHA512

    3c40331efcfdfde5b6edde0c6c1eeb0d35099d6ac6b4af04a7dde123782760310375e6d8958ffcb006eb8b7bb47449fb1bb0bf85d573297e0d057d0ca485f8f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea06a88a4473374b014ea38fde5c1cce

    SHA1

    1d794c34f7d720a103028a648befdc094179bd98

    SHA256

    22245c5a06d9819eda781647c6062fd19f084d624c344d61d3ba4c5ea7844ba7

    SHA512

    52607944d8852f1ba349507236baa9db24e1e1e3338f2d487c6d02accd32f5744846cbc0d16420b7ee2a7bf2fd321e9022451e160f493c96ef3449e297c19a63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d922c21e5b1db79be8e9d9cb2760cf27

    SHA1

    98fb9c6e4f5a68f9859bf472c1b49a99d373d550

    SHA256

    721f7bb57278268d6efecd2529e64ac6d8e17089739d738978a3b07ebd0993ab

    SHA512

    d4308b35b16fb56c7d35cd8aeee888d4c918baa3f135362562a006361c4709cbc9a71711c030c4d5c17f6d16754b3ef101979c11b993224bc721f4c1debd6891

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e12d0175dfe7a67e885ccd3c6ae49afa

    SHA1

    57cc58504e7ae7873c8f09599bd4824b9a10666f

    SHA256

    ff7191789ae1cf71d8d6856981969338023a2a34982b16a524c811fc74d9d910

    SHA512

    f9d7a6dc8366b478fdda65f460942e8c12ff524aef3a43c7aa31024ef0490350f00af77559bdbfc76931d77c3400a8d4457947d6de146df837814204b7a6e58a

  • C:\Users\Admin\AppData\Local\Temp\Cab5D01.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5D73.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b