Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:26

General

  • Target

    eac1f63895f97836372fb361dd670cf9_JaffaCakes118.html

  • Size

    9KB

  • MD5

    eac1f63895f97836372fb361dd670cf9

  • SHA1

    9ff67194a10d08e9dd40b05ec5cec9336649082c

  • SHA256

    83f10ff68b321c0e33318570a93cd9ab6862fdf921e40da4690c4e761c1ce262

  • SHA512

    89ef30ed0be79f03c93227e71e387a14ed1a15c72bc1156575af4a5ec38dcdda53e8e212e2396a6f5df04ce56be6698615152a960f89b49ef08cf6527599ee7e

  • SSDEEP

    96:uzVs+ux7+YLLY1k9o84d12ef7CSTUzGT/kNQpglVHcEZ7ru7f:csz7+YAYS/mkgPHb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eac1f63895f97836372fb361dd670cf9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1800 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:304

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc018b42bd3caae5ba17532d25add1b0

    SHA1

    afc378413f836e057d1f6f192c259159155819ff

    SHA256

    1d67df9c135dbb3787cb27f0f1b30afae02d248803745629702d160a5bae51ab

    SHA512

    77c572809aa0a49783e26902e8e9d35a20ed21f9db9e06609b05fea5bb32e8d90e5cd5569597a8b1fe68fcbbcdedfb01456bbbaff1e3e1e02a58d2f6a57689da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0043790d9ebfe855931c47868fc2ee79

    SHA1

    62fb738478adf9ba7439229251af1a7ba8c13321

    SHA256

    a176bc5bbd38d384bf28c0fb68ba457e597b397f073e4c914f9db73d57e9f0a9

    SHA512

    d339bc6f6d2e764758d52842b61e356cf7d58bcf376a70eef31e334cebf2e24c969d5ed5df00152949f3d0c8da03a85b5d85df7cbe1a893364ee6e1fb66925aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39ab6c17c43a4e570d189bbe9e7e1f50

    SHA1

    7473d2759bb4b12aa3be1e134901cdf3a014e10f

    SHA256

    f352a8db9a5cb0f720899380b65e4533a5977e0902da5fab0affd8d1e06a7a33

    SHA512

    a580612ca35f717903a6ed9b96417f5c9373e3d25574c1b6585df761954682ff7fd985227e558b9a0998b9cd891013d768d07fd864849f30ba140aca0ea6d2f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6310ab4097a503a827a637c1603e2c1

    SHA1

    f16d27baa17d540057af284bde8f16a64afbe398

    SHA256

    9e81256baaf784a035c46af74967a347f43d7916a7cbb6f03df8c17a2694fc12

    SHA512

    b3564cefc29660465237a3482d4db8ef4064e20c89c16a8865e639ebdce46cceca1133d07bcb3ea457ed581f58260f21ff01678f36ac0b132ba2063f4d7182d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18271a23dfc02f2f202e7ea25d98ebb2

    SHA1

    56fc16c0ad7e6962ef7009d16368d5e470e329dc

    SHA256

    0463ec0a91e76fd1931ecc5ab28cc78ea4940a9ca6f872c1d31d214d3c1acc61

    SHA512

    1c25bdeb274b5de3eebbb835c17c4c91a5add0abf4915bfccd01ef05cc06c8e446bba5c0b21756f53aa9fdefe17ab4fbf15b4a3b850681af427713d2d26022f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04ca6213eab229170660d048b08049a5

    SHA1

    647256900be903b30c63bbbc3b5908e414d55738

    SHA256

    dfdf4fe19562104fad21ca1c4351fd23c0b9a626fd4cf75386e0adb124989a28

    SHA512

    057bd2e778e991755f35ccf4e67f9a50c3fed1fcc3402700c2ddfb78abb0037e635fe54d07a12fafa8db5c46e0891687966b6743c320090bd1bc7f7f19e0c39c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a690822148132e3d1541210e4698ccb

    SHA1

    41d80746e92e931353fbc11f014e515b69ee53ad

    SHA256

    eb2dc674d6d09854eb0336790d35f49c92d4f9d5746b033db33b72617791d6c3

    SHA512

    8905bacf63dcc3a13f421ca8895bf6354223e96871f26eb8b97c1c51e3e6b77c885354ced02be89b73d90d2e62ef46f16f63aded2668e9d1ca5fb9e7cdcfe1ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8103463d0c01d462663d74a9948b4081

    SHA1

    1114707ed9fd4853df42ba34f8bb1cb4c95095ec

    SHA256

    993c6499bee2ce6a2eb4d197523241d606222970eb9746f9d406d2a94c611859

    SHA512

    41547d53585b6a41986941d23421f90c02661c8621832c78beaaf061270212b82c0ddd9b7aa848b7525cd6018de6341d3b9a14b264f8ace83672be9c3b176a89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf3e453fb6d90f17d6064c184130b99a

    SHA1

    d5a33d235fb762dab2193d3daf454918a38b7529

    SHA256

    8cdee3ebb3a26d8dd971e127008d3bb888f6bd3c89b8d4ef9f01d6c51e79c20e

    SHA512

    db7334b9d1615d77dd32e89809a8069104cb8ae9bd70e0392c49b2a414821e431e9420f935bc8c63a148819203612d10e128440df3b22f052bdeccd2a8b0b4e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75f5e0f49d90064df73a9e11a1eec6de

    SHA1

    d0ab5df8b8bd8c16b76fa145f84b8f89f996a91c

    SHA256

    aeda21f0a01c109fc4e44f46e422ca7748716969e62f1e93abcab8822fafbee0

    SHA512

    6fcac11b56524b3cca343ddfbfa425ae204784f9190265c437c6f52f3123005acd33338f38ee44558d893655ff36fe4a709310ca9adf3206ee01d6b3ab075cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04ca049653071f6cde16f06e7beb972f

    SHA1

    d0c0d53f7b7a96037c285141a027f3c29158dab4

    SHA256

    45c6d775ce4aba4205fc40b1aaccc2934bcde93231b799852e897fe360fab449

    SHA512

    3220ef770185ec18582c678c4fe2334ef17831e77cc8d06a04760150d687e26f57a70a789d2da095dd6da435e2f5a7084d56e49b236acb3cc7ba5016e22dc5fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3b6a17ae43b25fa6fc46a7d785ad38a

    SHA1

    3bf9d88a029596d52946f81763a982f361251742

    SHA256

    d8c98fe8b78b23ef4682bb82c7716c2cc5efea6eb54a9cdf950ebc818f31f340

    SHA512

    ddfab374196a6e9468ca0a9291028262395b2d4a26254709b8d8ebd1992b408eb878dc45f9aca1098d5bc246ca42fe7274018967915bd87b4ff60172e259b4c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b8fb6ff3bcdef62652281c5f56e86e8

    SHA1

    33446feb19e49eb176e0e2d02cb64a29e8df772d

    SHA256

    d786718c163c90ea887c3d3b919586dbcbfc659c0b993c1943f91dedd7f9cea2

    SHA512

    eb5ceeaf53778309e2e3960029a5abf3a1e712b6b641bd709c7f9a0000cbae6176a6a9def8427e7ed53a7015450797e68e295b3973a62ccd89c98bf5719fbf69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc90aba7af5261231cb691d32b2bf0a2

    SHA1

    c63b5aa072d3141fb0add8344f10819dcaf44dcf

    SHA256

    bc20a425333455feb4e7f02a5e8ac7692720676397f97a419dc96a0e8b229090

    SHA512

    ecd601450ead48af7ac40a739e753bbfb23ece7df14605737ddc1e952a12d691870b842ee28c1d58c70afe5e78f36fb05025b6d131a160d3470280a5f9ed7a07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    002ea6b1e81595be1108bc9ae7f7f28c

    SHA1

    5ebf2a52ce646ab51f03f4136f7bac88ca9534b2

    SHA256

    a7160105edda3c58f9081a909bc75659762aca765f4f81f72806597ba10b603d

    SHA512

    e9b3492c823f94259be883df9849995792356ad0f370776c6fb2462e7e3826b1f2ff0fb7408ac3681c608ba31de53b31bd8cd897a3e8170ae1e3eb4a65c9df6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd90f683e3aa5e2c4e0c31d2a21b1243

    SHA1

    35863666461ac7fb4b6eed99d798fa4ee81a90a6

    SHA256

    5f84b60a67219cf445dc04a257ba868982bf5611c6b2ae6b89a5d2b58f996375

    SHA512

    1454440f67955eee40a27f2135cc730f4eba5f888d7b3c84ef4a5cb45574de2e65cf99634c626f7cb57cbf56ef6adc6516c423dc361411bfd9a0484b2b2bca46

  • C:\Users\Admin\AppData\Local\Temp\CabF8D3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF943.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b