Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:57

General

  • Target

    eacdb50d050f9a9de9b3de3047dd9b2f_JaffaCakes118.html

  • Size

    6KB

  • MD5

    eacdb50d050f9a9de9b3de3047dd9b2f

  • SHA1

    a2d49c4d9036c9a668df9b5c3c3cf3a2e29e9081

  • SHA256

    d515903d85ac33d55df9ff83dae93374bc6d6cb70ef10954d3f24827fdab8afa

  • SHA512

    bbd8c54563cd60fc91d952727dcfb366f1f525278045588fc8800fd5625e6a231b64beae9b71f4f855b93d9545cfe07e1e270ed7116b811fe3886cdd1361b7cf

  • SSDEEP

    96:XhM3sHfSTFUxeqIjXL+kemfS029leSGMdWhWJIchqq:XhM32+GEb6kbYeSGMdWo5

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eacdb50d050f9a9de9b3de3047dd9b2f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59bb4e375e72edeea101ae7d6ce20d7e

    SHA1

    1a66e4db53a88a1d852fd0b6121131d9a9a68835

    SHA256

    1b2be93bcda39d4f20eb5f78fb837fbbee80b39df05fbce13dbd43a7375b27a4

    SHA512

    3b88fc54311860bf3d745dc3ce96fa057aa183c65d7f8cf2ef2bf550e02cdfed09d0a462a0aa7c7107f3ffb3fa4765cf5b104d7f8e2941dce9f4cd3abebaecb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6cf174cacf03d16e3d11e0b4098c1f5d

    SHA1

    5f34be4411c30d8e5f7230c6d69c44eb4425ee1f

    SHA256

    a84419bea2a9cd31886e698ca05bfe2a88c60ce18b52ef10ac1cef05db017dc7

    SHA512

    af194a0faa52de3950d850259283c8fc0b615e0d60fbeb121895747a3280e87cf8e56d6b5befef6d832f636ca3e2de52668d9a7bdb3323b5a303438050d504c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ab582c8c045a02bf020ec22dd545ab7

    SHA1

    b5336189795bc8a7e46ef0aa1710369ea1d04949

    SHA256

    b5913e6b36b66c93146f61ca5e54f6825f6d131a622a3cc59f610ce7801e61ef

    SHA512

    84b389f6197bb019bad81b16db6067c47d4decf78541a5bb309f65a5dc73d213588acb5e0e6cb5a8eb585f9b012c5c520a62f5ad69ab9a812857e2c3412a1fee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    871a84bd3a8e80a877df630afbdf4c26

    SHA1

    32f5fc6702d9166dcb22f180b91367b36dd787d7

    SHA256

    fa5aea5e8be073b30fdf97382706eeec92f189e2c7ef38625d4f0b54005f8db1

    SHA512

    b2be2479108307fbef6bdce387eaaed7b49130367ebcd7ef6e76ff4620e695f76cff52b3c8126bbe5a79eaf61b3b8ebb1a3686e4e28cad4452a78b18dd05b2c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1d50d448c170daf22814c2db6f5f45c

    SHA1

    fc221511c41ffa14ab7d924dd938a8f9b6e48788

    SHA256

    a23fea95e3285fc2df28aa637ec06cf17615794461e8a6fb8c79486973fb866c

    SHA512

    97d5bac0d3ae5520b857b8639c4ec44f671bb4b2a7277d61f019b6f60c7594659142a6cac6fbdeb95e158fe744cbf63c10d4189931aa407d4de72fd9b0f53d39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0af389b8ffda4a591bd648814e472613

    SHA1

    9089cd6a9e8e622a3db898902cca62606eef053b

    SHA256

    fd394e5d1d8686cc6037f248d44fd5f6e6f26b5b46d4a5cd3c5b622039cd1264

    SHA512

    5fa7be5b9c63a2ce3f73e2bb0ba0e8567dddb23211d9083984072b9538883559f89ce66744546e9a9ef8692250798980a57defe0737bd4ea2691af594f076afe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc22d749b1701cb4924bde4b19174ca3

    SHA1

    65e5816b14c9252557065ce254868049d5d1447e

    SHA256

    90b6e058997601fa4f29a5bdf0a8046efbbaf5b41846fabb5a1502596ca3cf82

    SHA512

    e00b7baddf7a728ce9dd448d2db4e763018ac9266298d7ba1226e97be68405f61b445200d74fb9a012e3eea5d015a16d4a87911a468a774e88144fe7f3f04bcf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fc5c98b093e1e0932819e3fd4c886a1

    SHA1

    a7f413719cdacacb134fce89d1d3a89c6527b239

    SHA256

    1024127d4dd328ae920f831a5b6024d2ff3131983cf5a2ff607022373409e075

    SHA512

    daeef4968fd6f0edc1c722c9b2338c26f6da88bb5cd1c192d7b2c7119c5917f87a8d1e4cf104640db138e84075318ec1ce52e85cf4aaa8d8e0a2cdc0284c8ad3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70c59fbaa0aa9b9f26c0de27f261ee9c

    SHA1

    382718355c25a1cb5a211be2f66543f4d568c1f5

    SHA256

    76ae7d64211176fc780b384f48257f467ecd6205e5b040f888f2b0d3016f6483

    SHA512

    a3167188df629027007840070fca73b52ba355e3df15572e5f92564cb498e452ae72bb92681e2616a00c769f2f65b3fb6613fadde97b697346a8559603d8c12d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3468c323fc293e157dc6e3810c78a14

    SHA1

    30a897c4d8a5410329e89ad04f3aca49423cd114

    SHA256

    2a8d888fc0ebfaa85f1be50341bf6da9bef359b2b7053108e259772052af08e7

    SHA512

    83813f4ef4dc8ee926411cfe071932e804fc1125fefa2aea3cf3542aa72fb2964f420bf5d9ec8da525fc97c57af533496e5728622c50564ba36858bcd27a6775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f51f6bc900c2c0c5eddd34bf06eb7e7d

    SHA1

    73f61c33a2f220799f4578af514907120fde7919

    SHA256

    8cad735e84771f2cf149097309a284ff1ac1ebe9434c9d7540ab82796019e5f2

    SHA512

    ddc1eda472ed158cc05624f92d78d58a0917a51b2cc0bed2f06a829cfe49eb80d07554168a88be092e956fc543d46c65f0572150bdbfac3632c695944cdd0e14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    601333d3997936e27a3a7c7b4b2ae2cd

    SHA1

    8575836217612a90cd70ada6e4560496ec763b85

    SHA256

    9101f307b140580e082ec89822aba2e49254e2e9b8f9f37e31f3420314b22d5d

    SHA512

    238688c76d05b2771389508b8c94ab210e22e18f243527d4e3dd6f15210b3745d36f41cd2e4aad66a7ba3b225c2bb996abf82e6436064e2b0e4cd3da9218cbcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93ff2ca6cff9ad01441e3200b0a88907

    SHA1

    b8fdd13bb775da9c1088b4abcbb9a2e9e0357bb7

    SHA256

    d2139d96dc03fbff735bc3ea1808f01e7b901b0abd5221d1914c9b901adeb376

    SHA512

    d69cf4f1dc8c7e21bfa0af52ff4443d57ca03a088d308fab3a94df901da7f1212ad93c8e109ff7f8678fb66c07bfbb097e0efa3304b0a75cfd6806855c1e9b00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40d51f2f0c31bd5b48a12da74854549f

    SHA1

    c8f57c7e066054f791f3bb535c63281f7c854c93

    SHA256

    967ec9449277cdf50d4d1ed3ca50926252c798aa825d3db0b3a618e57ce7465b

    SHA512

    c0ae1ce4b70cf3b4a9ace73707039370411257c31c53a6ac856ce69c1b94899adeead9ff2c5f52dc78b4ea98153cde7524ca4c3e4c0637d5f981f074fe27a833

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e7a8133f53f5494e92b52ce7f5bc9de

    SHA1

    b845953e48503bc335536f7ce56e47481d8231a6

    SHA256

    6748c3ec0a966d4a33da4854352571275e448615e07f0a9edc33ab140243ddad

    SHA512

    01a3332c512aa4ca278335f6d5ed62d51d3653ba9bae60b09921dfe99956416f08d472c6b183dad6c37633f8acdb4e36d9702e56befbefbe634d4365753779eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db80889e9e14c8a2ea2cdbda8c56e6aa

    SHA1

    9ce7139480adb7acc302dd37aa90d08ed2502bae

    SHA256

    af7368e3646c9f4fb5579bfb1e48062aa3766afb15fac2675d6f3b095df0b3bb

    SHA512

    fd93d4fe72f05deab9b6bb410109097c8fcb54d015d4becf33d1d1be3bf4c148c629650c72246abc34afd53d08654693024dc9bca9dea68a69f265443a97f29d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa8f017d8543602ae13e9c208c5203e6

    SHA1

    553861a0de1b910b9c1209d8bda3fa5299f7a74c

    SHA256

    ef4e9dee9ced4e9b56d2ae84a72ab5973b7e118d43c3bdf365c6fd1ebc1e3e73

    SHA512

    eb242f806d8d697dd509acaf8f0845e711f2ea8076b2374c2a32a911ec8945ec3118d4c32f17b8bee517e7791c5fdb3be050ef17b3ccb418babf294209262f8c

  • C:\Users\Admin\AppData\Local\Temp\CabE84F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE8FE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b