Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:09

General

  • Target

    eabba2a4ebc4df1922f603df94dc795a_JaffaCakes118.html

  • Size

    9KB

  • MD5

    eabba2a4ebc4df1922f603df94dc795a

  • SHA1

    f748027802da0d38289b5f94b1b3736a040bdd30

  • SHA256

    199530e2708e83ebd360d5153514c90ac06514887c9f76f285be5d2c942329bd

  • SHA512

    e9589eaee8d680cd82f1b7b704bf375c1bc7e2e43c3a57fa7f3c290bc9218ccdbfd4ba034a9a18fcd694011bf038e6ac82d2c1b560a16e5d868ad7a571b6bf5d

  • SSDEEP

    96:82KUt4RbR+5A+e/jftfHoJoEGH4X7b0qoIAgQzLZqiWOZqAj4RbR+25JzEGcf6TB:85UeRd++jlIpGrjzXgRd+iE7RD5NU

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eabba2a4ebc4df1922f603df94dc795a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0f8866701f7cd889c7e649413c7a5db

    SHA1

    03348a600c6b4d88d060aa35be67d1972b6d72c0

    SHA256

    f7d0cf0b76f1f400f4bf93b583e8b823cbb8211b1804cc7ee338ed98246b9c26

    SHA512

    3e8b4d5047de3f79a826f741dcb6f00b43604f6a7ecd9075b3ee012aadc17bed3d3f56f8878ccfeba26c560bd681aa1e099865932e8fb49485ea901acc4290b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f630662f58b2ec2565e58ba52463caf

    SHA1

    3880f6d7f4a88de824612d7f2f2dfe7baa099aa3

    SHA256

    8bb2e89d508b84ab74e93c5eee8c5a87569010d3a44adcc4ce9235d23dc91945

    SHA512

    19cfb141b9585df3bdea958550feef55757b9be8d6819937c5ebc6a5c52fc9167a412535a4efea4302bdf14baa46001a59e12d9357219e62ab23b06413947c26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06a66ea38c0da4e8029eb6ce9f95cc3d

    SHA1

    30a6193176c9444c140cb499bf114d8fc5065004

    SHA256

    748e101254b0aa2acb2c80eb75fda339092a3594c6eb007f9c1a0f0a2f2ce7c7

    SHA512

    8c59587f697f77950cc1c52678dbccf0387f1070625730a4c9fd9d39252e703fa195f0855f394279cf38b2714309db50f265fc06330cedd6602af6b94e8e2a43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2f6529e188b7a3d6282ae7670c4ded1

    SHA1

    0be95e1cd15543fcb7b4899918f8945dacbb6189

    SHA256

    a9506e0bb319f6cece6f4f29acb087b8522663e173dd388cc76166b089a8e521

    SHA512

    98e127b55e296359badb47d4d44e960e44f94f3de81455cb910e3647b71dacc14b26d2a65a84185b5ed72afe5e1f2b12d0e18dd4ec68a318139710d41352026c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aef9ef1461298091a25b6f97700e31a7

    SHA1

    befe19ca1a1cae1365e80024cb88f5141d9cd06f

    SHA256

    ca362b4014f5776d0324c46572d4b874870fd8dba4afb2f73ee4f92a8e46a9fc

    SHA512

    ab730148c97362e2cb15e0156d6243a801bdf28fd4c241672663ae4c7c23cdbeb1b09bd7d8b316241bfcc84250fddb3118d578516254720346b21cac87b773bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    956f4fbe5ad9b210e12c2989eba7567f

    SHA1

    8d6b81e771d097fd8d96a65373f0247a172dd38e

    SHA256

    2a792ab47536fe9d76fc7b2ebb919fb143c96971f2d85f80f07c2e13f57afe1a

    SHA512

    dce0f023147bb619faaad3b9cf0a1b3cd4daea6005c187f234a5256d5f84f6ef3f5fef25c232baada0e7635503ab3db0817a855058c7102b5c70e2c3309bd6ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec7f607be986d9648680827ac91ba97e

    SHA1

    53f8773e306999c602c4d10d6a099cb3d758a2b5

    SHA256

    feb9b635c108e921bb777005710ab7f4b715ab6063a0d37c933ba7bc41bca717

    SHA512

    af6c576097621cb9570d618d6e395994cce92813320c7de6a04e4ce62fe9f975e245af1add7bd46c275baae80bce83e8d11924646c697fc95efaa18368b4fd9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fefb7f7e562e225a3f95f1eb7d0bac4

    SHA1

    57c595925e4d1031bf815e51b085eb2e5df858b5

    SHA256

    cb4de33d66a785819966151f1a82e2f7a713d412d7f939e898071c8d14020ae9

    SHA512

    4e6aa14d5eeafa4630f61f041c69a5dd286b750f30405b9a4098b00f4f93b6f38a7d6b6f9ebc5114cebb540cd54b7375eef9ae2e2885a8c1d833f90f829debf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14df1fccbf448f326651177f5e295288

    SHA1

    45afe8a271fa62ab530cfe5de2fe27be96c67797

    SHA256

    54d08332393b747222e30e2779c95248e246868a108bc72c7b47956fb280d643

    SHA512

    5e146eee0d525e723898a2e358fc7e991136b04d02d2c9eecc161731fd7423842e275a71dca6045c4e19f07b4d41b02f40dfb4e352af3cf8e82d3912be00875c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f5fe4684410808a7d39a5f05a18b449

    SHA1

    7548af9521f2342f8b4031511638939c3a34f7b7

    SHA256

    2b037811e7d54edb38779e1f9c32f20b456e302141df980a3bb7f89d1439ef98

    SHA512

    ae86c4f3ff270e8cd3d7cd99acf3229d744f5c73b95af9a8c0309f00a08bf8f0897246bf15d880f2cbb208ed811707dc607e101eccfeedd7779f2f04fad32861

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    889eb76c45b999d9587551eceb1546ed

    SHA1

    b8bc9c762be7d3d2b409995cab45884d13823d2f

    SHA256

    ae13f57cd0fc03696aa467bf00c33c10cae47a15b099e7e76b9666f0713a882c

    SHA512

    0dd545107c98d94bb2fd7d4a28aabfbe7e6f2ea07b56b7188be10d0f7e66b9ec638085ce84df536c31bd5392e4319dacb266a3c1aa980636159bc058d5d8fb98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a22016e0542d41f39d23ff0071ec4ac

    SHA1

    63e18b0e820f8e42f6734fc9b3aefbec15e71186

    SHA256

    0996bc0fe4270285463768f1149f05b28ced045acaf469c333aec18a2a7546c4

    SHA512

    d17bba2b4f393442b71fcd07d4703a57a5ffbb6071d1019c27a936b479374444f06e3df49826ddd4e7d811e0dda2c6368f41ec8da31c15895f0e69b9bfd41bef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61481c5939924f3d0964e6eed99a8894

    SHA1

    a84a44e362ecbe3de053e0c6bc75096954ac3f62

    SHA256

    3eccbf0964623ccb9fa77f828863f4501447112bb37ea8cd1669bf7b0b3ceca0

    SHA512

    9ee9953bd6f64cb69b42cd410b3da4d631d2d6ab38c915e794e4077e971a48d65c5c369fb09f78b4681f024ada18639be2360fc78fd4a2a9aece8f174e81c005

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f5ac36ec0b173fe3ddcf418c746e894

    SHA1

    0c0f663123124afdac59fe462739d0b80ac029c7

    SHA256

    565f84b8485f3507336cd735302c4ea9b168db345f371f9335d5b1294b1bd926

    SHA512

    19ff3c934e465f23a87b53020615f096a9705013c44153724f35e38fafd4cf1d67e69df1d9374a6c5fb187a5bd23919504d0115702701a23540c7f4b0e079574

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9600bf69127f87cc18f73270480b228

    SHA1

    b36188ec48c5c4b9006667d36db6a01e7a53749e

    SHA256

    d63c0cc990465a070ccce4ca4034400ae253e14a319707bf126583b0f05df91b

    SHA512

    babb3f38a0c818bcb63367043e6d49ba843d6ae3f45856b8aceebd0402618f32d3e6d6cd36c464b237631ff3bd04d412365980b575ee03a93fa74e069c15357a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6aaa29f72fe7b8fa9f69c70eb87255a

    SHA1

    d513b0dd24f16f05b6aceb33074b5f2073dfee04

    SHA256

    da648a3a8ee439893865b7597279e2b33c37868afc10759253b79512c877a6b5

    SHA512

    e02b534ce62af693e0a55d1c7a33161c5a2a9acac8ecb5df5ddf370e821fb1baea6314f0fc3e9bff09cfce0ddb190bb88bca3f5157474a2c6914253223c8067e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ea14163ce1d596d2f7823bf0f62be5f

    SHA1

    a7d625c2b1826daa5756695e31a8533c57978298

    SHA256

    705d77311428e628f2dd296dae019e2a2ee56667e300aa84b8cb162bff8945ea

    SHA512

    f305ab895eddee7381415a0b21d5db9e535d4ae033f6c001c1b6772fd9434c3bff7de91a5b6a872d5dec6d6d5de57cb48adeeac05cc13bc89444defd8c22d95e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2116469302138aa2f3f538d9524ca7bc

    SHA1

    57ba40d2e6d6f00ded7eaff031feff20f4282df5

    SHA256

    0556e2e144b82bf6bd9f2a9137958d32ddcadee3330ab79ba66bd0cbf15247dd

    SHA512

    81129fb66d589cfbc0d240cb4999d16979d688b6fd17da6737f3c564e82f148c8e337ee3df52af711510da4914ac024bdff1c196e1a8063c9e04d5ad6a43d8b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7cfb4c73a68d3c63f61c3a623141ee3

    SHA1

    8d080c45a2375046712fbcb79127080ca965a959

    SHA256

    ff0a1f1de34b9f5ce6da513a91dea6f41d1d0665f9f599d833832def37c2a831

    SHA512

    5cceff663729ff12c8e2a2fccb24ca1e9c00d36935f9670997f075e3b7c69e214080a5e481b75c1c0e3ea498c0676b7d1649262a4826a331478f50c598d1c939

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOYL2MRI\in[1].htm

    Filesize

    133B

    MD5

    314417833b0d327beccab7cb68cd4f7c

    SHA1

    f6bed9edc9ed8e9ff928194670f5ec3eda2763e3

    SHA256

    37ed866abc19465aa2172d651bbd3ffe2836add54ba3065ff7189f1a75410d9f

    SHA512

    c8645c0528d9b7309b2d6870f8250384654db64fc605667aabdc26d8429a1d03d3306a3082b22afff395d2e1669317dee96f9c6dd839ca440283cb2fe1a223ff

  • C:\Users\Admin\AppData\Local\Temp\CabFD73.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFD76.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b