Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 10:32

General

  • Target

    eb2566c6ed4b8910d4899e37e19d6c4f_JaffaCakes118.html

  • Size

    85KB

  • MD5

    eb2566c6ed4b8910d4899e37e19d6c4f

  • SHA1

    8498e795ae486c59f0de7ab41ddb5182dfa5656c

  • SHA256

    a4b79c1dcb0c88ac34be0f878ed37f2fbcff651770679067d6d98e562806ad6a

  • SHA512

    00a8ef3d50af30beabcf02a3d0628a6b7520a9de6af2e1b823f1e61ef41fe80e67e8c55fbcce8a13812fbae72c90ad424e0fcd4d579653da9081577eeeffecfe

  • SSDEEP

    1536:IUhPMrDyeB1rXO9PAEgpIl2kolDDU0A8FcdP5waJlyp6BDdrLkDgBweQ4C6flS+h:Ir1rXOhAEgpIl2koJDU0cofgBw54Tflv

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eb2566c6ed4b8910d4899e37e19d6c4f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          1KB

          MD5

          fc26bf1f0c0646ccb9aa12f5baf2f3d7

          SHA1

          f011463b8edda0521577f88066f851f38e7a0f41

          SHA256

          2efd83280a336d33c2a97cbd9c1d47c6c53393bf84cf03aa412a67ed6f58ed16

          SHA512

          aa1b3327833548496c0fe39cae952c2ac472e58a1b2c1bc79dd890b6a4ead46d3e18267342f6e8a46507d67e92f5e67a894dbec630e7f4d1c00ff0034db72f3e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

          Filesize

          979B

          MD5

          621d518af6be9df1abeb8b3b6b66eae4

          SHA1

          7cf9ab5a7e3558d8afd6985bc0cbbabdeca277cc

          SHA256

          bba0137028953432024d26d0e6e52fa12f88210b48583059126a95987f2c6a3e

          SHA512

          50364198ebdedf190002198fc00709846bc12bd65cdf880295765c8cacdcd998a92c31d40fb3e1af0652bf0f15d19c0ad4a8971649e50252dfe444bebf192549

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0ff59b3729342914c97766536bde8a73

          SHA1

          c736a14a51dd01d0362d17a0351016a7f3077b95

          SHA256

          661f5be2397813cc994c37b83f25b9cc725fb3d0d13256770b8f494ba04c6735

          SHA512

          79c2cfec4fb7f931461eeadcd5817e1e87304475160f0cfa93d768f5e43f2144ca1510f9df3f6d6f3a365539a025d069f7b1709ff823042c2b89e65925592e66

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66ca90927eef1be9028f402f6c8b76b0

          SHA1

          f40423626c8cd13d6710099dda34078a605879ce

          SHA256

          61b5f16c5d910b3323b11eaeb6a2fc36474bb88c18212b8234453efacbca0525

          SHA512

          d1ea41df6fd05f157b21eee98fd6eb07f76b42cdafe55a19f01b9850662e61aade0807bdd41a9d993ffbf7281c0ede89f8785bc06acd2f0e9fdb605a73ce41d2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          affcac7714e1360df3a807a471bd8423

          SHA1

          d006da51fe58f5b4fb0ba71d1395822a045d2dc6

          SHA256

          d0872a7f5605d1c81d7e437366761ee1610e2f190f9b5ccb190bb8f5f924bdaa

          SHA512

          257e091b8f96d6fbc71eb685c6284550d61b3c85a12fde9cd90034cdcaf5c1fa1381f1112eeeeb245d6d23d2c214fa0fac0cf2cf6f3512723e4c7400d1819931

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e74d9ed679802197353bef11575ac310

          SHA1

          7a676a076874ec14d88535a840a9bc9a37bc3db1

          SHA256

          85f68bbb2688eaf59d5248edfb2f231a8430083902a4cc5662bebb772417d97a

          SHA512

          758f9c3bb5b7aeb5d7067de0648163b3c6d4011ad0c1cf85099ff7935bee0891fdca6293101267e89251af649f1422e37f36a3130b0843d264ef9242a3eb1c14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          49ac866d971fe510503323c6a272bb0d

          SHA1

          f96aa43772c87fe8dc45902384ff7f1f0cbbae05

          SHA256

          7d5bb0c8bc2cf33fdf449bf5733fed0d06094420a99b55fb978421521207c417

          SHA512

          212055578c2780582893568845d8886296f490ed6e61052b68c8241b4be1d92ab3b90c3f64dff0104a9fd445f8f3d2e12c0bac318469eb76ed0357359a52fc37

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4c7da687d1c510c7a3edbfbcd274867

          SHA1

          2e31734913bb7553ee20cdfaf4d55cb1d67c211b

          SHA256

          c182702c3324d749b1414aaf5638334967a0417fb29bddac15bf1533c22d365e

          SHA512

          aa590b0e5b4598ccda0bc3baaca85e3ab23ed5a8ce47a044beea7911d65cecedddbcdf3478a20a1beecff66669ba800fdc8f47cac48ca96cde3d6cd410de62f0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          235d2238a39988e4223ef2f069676a81

          SHA1

          0dab36c12fd73b49219f01360339e87d292a2fba

          SHA256

          fbdfed03b0730eb742300a49627a6a784a1d3bf27dc50309aa13b722cccf939a

          SHA512

          49f4e51dfe298feb6a24c08abbb221652ad24a1e7238cf3238b6366cac29615353c5fda2cc331030478d127f66554e5cf9ed537020e332c1a66a3f9285ac9fc8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b13ec8cd0c5b71f8d45f57d28b23176a

          SHA1

          f88c6ea4b1d985fd0df1c4fdfc37cc8d6829982a

          SHA256

          2e79922a71de58535808266a003809769fcfb6f86be92d8be1587898513d7016

          SHA512

          c1783c74cb31334dbd833878bc8415e000cf646e022e27bfc05429b7145088f58182e8b636e651eae9970a539631f1f286c5a82408e893149a2477b7ac737d77

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          196b9be3862a009682b8131697a2cae4

          SHA1

          c0a2cc98d1a367333f3c9165574441d72931c5d2

          SHA256

          343773c5ed79d3097fbf240b9cdda6fec6a8bcc4b67a18e7c032b044f60e17eb

          SHA512

          82107f7d9d80e922cb15c35a90ad95b428a13d0cbb64193c55018575761a80263f5e4b62028a48f42b917935687125397a5bdf6f8511877887a1919913c54859

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          33b142022f2e122603cdfd97dd13ac5a

          SHA1

          c33e7b90bac74a24c46eba1bb049e5dd519a6372

          SHA256

          f101060f19e8ec084325c3e98b25220a2c91d49b91f49e0af421afc1a76ac639

          SHA512

          1c72551a33e273b8fd1f3cdcd59cf7c4a40b20ab385cc23c7290e7f0847cb795fbdd0db9cdb115c55129de6fbcc9be820cb16bd9f65e18ec5a823979787606d7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4fef4d453464ab239c140d9c8b978134

          SHA1

          e0a73e3a8600e1668429a49b7bcee3bbfca098f7

          SHA256

          9a04a92954cd20662e77c1d6de8aacb9f30553cfc6ca8ba0187ec44ce94b9890

          SHA512

          a6922d145f7c06d943ca903bef4ac0a9870c3abb283ed5e4a8eeef70d732f57f50132c17ed26bf38e1647d71b947f53ef3716521c7f140b0abf0c346e8c10cbf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          951cd5ec364265d2882500aaf128ae44

          SHA1

          1d7feb4822945744b31796b49f5c0c27d6a147d9

          SHA256

          b0eb12ae008fe0c5a1d7953c008b9ceb0db114203bc4826015f98e5c78140a7f

          SHA512

          5c68f04d5b52fc93279ccdfea00c9f6811b8d51c6fe864dde3d004c6064d9bc05aae5ef9361b3867599c0fa9df818f2486f35fe9bc0dbb796e0b874471ab9a43

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5936624d5576a640eccce48a50ff76e9

          SHA1

          4ce99eaea56a2caef096c1a3eea3888b2b9c7319

          SHA256

          2d466fc058f9fe42cbd3f22dd9d9668772ebef293c56fdc37aff0ba395da5fc3

          SHA512

          0d66b627af0685af091267ea3c5ee279f32f7de712e82b5f602a381673be2246cd94e0f7a6d1ce997dc64f12c2b0dda1d516a5a54227528c904786396624bdbc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9288d77d9ceb0872b477ca79a6cd9625

          SHA1

          6ab03b653bca5ab473f53fbf1196232c162009a3

          SHA256

          4c092075f939e048e969ee07140129a476b20c20938beb89b64f9e5823b89898

          SHA512

          f42f9852ec7ea381f203fe90a664a83529263f31e63ce27c7dc26b85a0ea62600f807eba90a2900486c2cb7b5fbb6426ccc030e03c5c58401504c8cbcdb69538

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a56491eb293f29dc111310f6def890c6

          SHA1

          e9c559ce7f6e52e7abf0aafef8c6deb1eed40aaa

          SHA256

          e40bc9a69bf0fc0d42b1e3b789b94d2ab39e8aacb040810b966f355e359d86c1

          SHA512

          a9bc8a7585a474d40533ecaa4d6a2ddd7191e38b2231e7b4945817f6f2e29bc601b7b338991906db8d60589eb2c1d2ed3e4614b2d94151e51a897e635c958fa8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e11a72a8d170eca225db24244ecfb94

          SHA1

          4b6305b997de37f24304eb5e747d30aa2706c6b4

          SHA256

          065731180fdaadf1c3171fe625ffb22d6e5558de2dead12a013e2f0fd97c2180

          SHA512

          71e75a769452a7d2a8af3d94429816250cc329ee6f00b73506756af0c02f89af33434fabbc4a1e689abb580e154349eea39625e2a975596fae73ff6eb70935ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f0f42cd4adaffd6debaba09a4ac6a86a

          SHA1

          3333cbfb1aa4f7197992dfb6a151831dc2ff7575

          SHA256

          dac1d6009b4203a5e0eb6d3c976e0da5f8fb80609ba464911d15ebf29fb19097

          SHA512

          e742f5cd7db112fc969eee6eaba4bed4e74603879c2094738037f376ad6c55febd0eac2eb06991b8f1d685a90bf5ff014350a9e30a3dc4f9564edba49c8a3ab4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2486eb85e63585dfc4673803e2f884f7

          SHA1

          3f6ec42baa2fdce4637edbd954827c384ee01622

          SHA256

          ee00c67f728087ab9f521dbe207346299e14ec5c50d140b9bd2a53a9a61cf69c

          SHA512

          7b1d871a70c48b51babbf7eaf84961691ba6e25d3bc9f17d2168046f788d577c6a644b5aeffff8e8eb7a59584a1ab1d82c1a0a0d95eaed7497a8442d0886142a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5d0b1f961a68727659879b6dc26c1c41

          SHA1

          a8098f4c56b218923e2dabdb2218792338111844

          SHA256

          7716952a9f261efeab36db7682105d3094a9231a15ee9a4561798832b27d2778

          SHA512

          c53cd591eeec0ddbde902b758d729f33df9b320c31a9877f699ec8226f555bdfa40e1fa960a94df48e214266046b6360c035ecde9fc27bd764a68cea4cd8382d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          028be0d08971dabf5e1b9e8d9a3c266f

          SHA1

          1cf0a9a88826fb67ca2460407fb6f50c0f13f2fe

          SHA256

          54236a4773f78643d5df51718766509234c82ba3d0c379c38288909a29696b23

          SHA512

          d54427dae91f6ac6eb6799ff57e8f2ba54d877d7ca352f985054a9095faf56e6ee6c8e920463c9e3239e7dc1999e3bf9da826fc9420f451c0ff9812399014392

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0bd2d36cf439c295428d828de8bbd9b

          SHA1

          bbf624e58cf12fd4b5539941021ecee25746da48

          SHA256

          72789f63a9d005c48048759864b4579d71ec2fa246a7937689fcb752cab520b6

          SHA512

          437abe4b3fc7209fef0aaa99f9e132d25279e2afeb2067dca0ef5b0b93e4d82396e369e9007215c4d6675c34b01b740fd0c76e01feb16218c55b5a82d36a4c9f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b9976ff49d7ac9fb03b89d5485cb526

          SHA1

          9c337350885540de7495dd17009970f814cb6a60

          SHA256

          d554fce6dcb9f2f5d5f9fdfc77f315daa22495d27f552e0d65c3d93ce375cd3e

          SHA512

          f44c9c232748d257326c6b0eb7a5b777524e3bcaca932116a0ae320c1ad4ee5e46d0b5d409664380682256b6ab6d6306acd283df50207753b8dd7bef07c1f13c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

          Filesize

          482B

          MD5

          40080cb7708004ac8d444ba476b80b8b

          SHA1

          56a2942ace81e82f505430021cb5e5fab2236ebe

          SHA256

          06434926217c0989ce4242527eb3a66cc49678e82494aeb114c570b57eb9730c

          SHA512

          04d7bf5ef1eaf10d0308dfd43273e0f023221bd8e94f56c022a1062420d502bf65e23ec896788a35bc115c4738e61e18da8b91f61f5aa0f385240e28bf469b28

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

          Filesize

          480B

          MD5

          b53ce3631968c2734804ce00196cf8bf

          SHA1

          91adc9d643cb249758c17138b288a888105d59f9

          SHA256

          680617bcc8814a2d6316434fb3a131ed72a9f8e6aeda47d6e1bf87afcfd3ee65

          SHA512

          c9bc2757210d95eb16b492c8f958ab3ef114f3cd418a1b306c2b751c4fd3b7cdff15f69f721da934714860f995d3688169825cb1cc509e81ef5bc71e3c7072e8

        • C:\Users\Admin\AppData\Local\Temp\CabF0F4.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarF0F9.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b