Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 17:36

General

  • Target

    ebdb0e3049f3ceaa72c4d75569ea80d9_JaffaCakes118.html

  • Size

    68KB

  • MD5

    ebdb0e3049f3ceaa72c4d75569ea80d9

  • SHA1

    0b425d7f615003fa961f75519378df93ce7dcff4

  • SHA256

    ef07eb5db7263faa184727888a2a29606edd4c643fed89f7ed36fe521cefacdc

  • SHA512

    6274c4f6bafaee48268074043cf8d9a0e72f4c162f5bdd435ec3244d446de1d56f9ebd65f0fcce3a6df0c462c6417a26bda4e9b327bc947f3251ff50bf2109b8

  • SSDEEP

    768:JigGgcMiR3sI2PDDnX0g6sy6fQXmoTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVh:JTZsTzNen0tbrga94hcuNnQC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebdb0e3049f3ceaa72c4d75569ea80d9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e9e09a83abc9b080d8dd64cc88714dd

    SHA1

    72def913ef4910a2390ad7017b6131cb38eafde9

    SHA256

    ab7d5f799d37dfb365f0585b66559870b69efd10588651b3a9e1e41cdf2b6ff4

    SHA512

    573e437221985c8c79b6a904f8b4fd59ff5ef8a958d7311537fe0526c2b2851e269f2b1a598b79b41d30af330bf4f3cfbb221e1df842f7ef4e61b5f21dde66d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c15d40ab3c5269d49879a7a99a1c7584

    SHA1

    1ab4f7b0e7fe99ead35db3fb6d4c72dd093c7aec

    SHA256

    2eede5e38eac2f40aadbbc687f9c4a60446383ebf1370ba61eb02b62211bff4f

    SHA512

    f98ee323aaafa64479937f01535ca2f768151d03aaea9eb785b6307369f0237c7e2b82a87abf582211c609591d642c1cb61c2fc4a7ec0bf9cea93323ffc280e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    015ce7ea5374a759c5593f920fa9b2c4

    SHA1

    fe528ba50840ffc8cfc24a445c8343a6f4f10c4d

    SHA256

    3f3248ba0db19018b6bd13053f0cb2d66c2022a6fe73c8698e6e48097130be66

    SHA512

    1e5059fb13ffd35d17361e45469d115584995289273e23e76801777defa5edfeb173e0de6fb4398ee22a26e314d215f620422d73029fe10e3de8bf4468253623

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b33c4f1d7065694bf52e59c3ed3b491

    SHA1

    85cdfc7d0d7d315b110f84b8ba1757ca701e939d

    SHA256

    2150f0ff64a859c152ed3bf55c587e243734cfe2c90350e38ebdcf510fa7ad6c

    SHA512

    c6ab4c32b0983cff6d53787b71d72c0275dee3ae1168b0a77a6b258821d53a9bdbd1dee5fa6cc1e7ca6303653be1e5b64a25ad2decb3db89388332641d4ac75f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fd0c3d51f9b201c7f1dd6862aeccd40

    SHA1

    79a0546868b3f71e92da0ab22a0b8abdd2381f4b

    SHA256

    91fff4e62e3cd10cc0711c1b3acd7a3765b6f61e78bbcdf71c2f306a8a62e11d

    SHA512

    be9b2180c5b81c21c66481e990387be7b709798f9b47613a0dc9db2398e4bd4fe3b3620064a69b5f23484cbc564152e9f57efc597fbb2208e7095cb124137679

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0b927b8d7410dac81bb92ed5130d25c

    SHA1

    d0c3a20d243d91fc081ef9e147bfd1fc41f6fc4b

    SHA256

    5f6d916a72136647d36051c398f70ad4e47f263f91089ede5220961b4fafa939

    SHA512

    34535649b1c3aa8d464057d1f1542a953b27b3fa6faa77fb8acf8dce19bdc1cbf8575855aef5ff82bff123d3a5e44f2ddf76d58534e7209b5388311aa6cf0eae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3f3ed742989e2a07dd6d8d2378bc216

    SHA1

    5fec5f7552f26c643f2182593dbaf213e524c3b1

    SHA256

    b261a316aca60b4760a60e7ccf9419906986d87e6e2d70face99e23d402d1123

    SHA512

    90063f9c4c0b9e9fa068aefcb2baa35a43269e2e5be13242ef4d99814e1a9daf849906ec0a93da6850b5f675c4b97558804c67a8ad505a921bf40ea76546911b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6c3a66c9fd36e9ee941c0a0dfeb8d5d

    SHA1

    d1121c211e7b01b52ea6ddbd7334432e5b0729b3

    SHA256

    a25a595501ea6665b6c013510665a4c621c13be3788067005fcee00b9766d044

    SHA512

    862e8a01f1098a55c87f6536586ec3b4e370f5f09d41f78b660aca2bd29b7039c4d68cfc144c37b9d8c200e635f45d181562fdd1f7c75c33b1b53d75e7e19d83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70e43a90a4812805bb1b587427fde260

    SHA1

    0ddff94d81fef611c2e1dc5edd65fe789e2ac274

    SHA256

    0290170664bb524ef901054d4a19dd66c35395fa101b1fbe8ba7edb0104cfd7c

    SHA512

    16f4a7a56be066241114f3678292b3cd83abf7483b92b90455c68dab6622b1267008e9419b1ca2c3fc8efa35f03c7f1120c0b47a3623bc13848ed1f7a87e1e9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb40e925de62abc83186832f085c9c57

    SHA1

    dc7c4871a3a1ddb88e16a7d8ad1dbfbf24670562

    SHA256

    654bf9bf3ebebf77d456286647ae2d2151b1b4baaf087a2b040c6dca12558425

    SHA512

    e8f78d7d66318dbec5fc1768b96007d9e38243b6fc6a40456e762a3ac18aaff6a846efe17c4b1ff6a8082e049866b41bbdd02bd62d6d8eaf25ebde7063c97abe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2bee191a165f533423cd370a0ba43d2

    SHA1

    e156c164595fed2669bd554adfb716a2a894f50b

    SHA256

    e910eb63c3e02544a720b2b94d4993781dcd7e884c7254c7939a1be32c8c3647

    SHA512

    be25618528cb1e303ee36bde0afb07a75bbf1512bc0df46ab16cdf74c307b04b56e78cc6049b198a4cdf22ed0f0e3e82ac63dda3a9d4d98013b714e48d2fb2a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d3dfd46def20d2c9fd399f698a25b8a

    SHA1

    b158d5012495b356a818e3068f76a49ba5b01054

    SHA256

    b2e3a6bd5080bea236b02ac64523fe8464070b3074e55f9dfbd691bce85643e6

    SHA512

    b731c39bf1848672ccf8e9dfb04b93958e0fca5f931f56507961f58fe7c6134016a1757be12411fbcb41fb3b1a6e21061bdc0db2f14d8371282c917752cd2917

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d21cae2c494f7007a94e3f015b3b437

    SHA1

    57f7881c7d33ef444c73905ca7a1fb028510f61f

    SHA256

    2b6a3ebeaab98055ddfb5d24aa8f20b604ed0996df7a6cd1ec6f4b7b4c438281

    SHA512

    2efbb12e6d66f57e4788317c52c5a316b423d09a47cef2fcdd11936a5cb56d2ce755dbceaa267f8875825a3a51af0dbb314433475b0989ebcee642777892225e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fa532296de2c5806db8677c2a689cf8

    SHA1

    7382e065adb9a40a0fb571901f765f104ba1cde6

    SHA256

    d8642181ef8239612cdf138d7048b1aa77dfaf7f6c9d74017e5f2795bda36c7a

    SHA512

    f7ed280ac84f77d4e0c6da5e0c9fa37dda81578f48738903f54ba4521a93d783144072b22c6bff719e52e1278809457b1a13a6b46acb3600edcb61ab37dd386e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19ffcb7c4bdf6f92755a94554ee9a355

    SHA1

    9e55829e7b7e96d42c54475f21009c18ba29ec45

    SHA256

    01a0d81fe15c2c665511fbe011526e886ac9c90fd08fb1a6ebd9fedb7e59b444

    SHA512

    52ce7564051483363c9a9734a135204862d23c360657d6f667dc504bc35e74e169811d9436bac23fbc533f1bd0ff61f0414d116269a75e8269cc8a1d5ae589a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edc7afd56de475e82112ae7d7e950b18

    SHA1

    ab31409de6eb12188e863ce2c9e1a9566c71f29f

    SHA256

    b43bbc5ac56c0d624a6cfd99f6021df088ce1e861ae87037f70611c4b1b916f3

    SHA512

    2093c275ce9c42df72c36d93a7b6d34be46c9a3599745da771e33ea30f5f5b18fc1a704f68153176917f9cdbf395b25c9c8e2d0b88e5f66ca8f3d08f907ac4ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5369b943f9e12802f4f3b1732227113

    SHA1

    c82e488ed387abf5e03eb44864405bc03733a1c7

    SHA256

    ea65dd736f9ab5549654139835ae40059e48ce0031107dd9d9cc11a370eba325

    SHA512

    c9c1c7b7c55994f4d2b07600e9b775b0d4bf654d9522e83242c7d15a387b68e536ed7c051c43e7c07712356af8c9ff9d27552467bb3ad9fb2f6cf4d7af906a36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    305e073c47e339dda680379ba4afedac

    SHA1

    04495ba1de05feaf87e2236e0050df9fb4024a41

    SHA256

    6fbdbdf2005802d19d9b6b1b5a5225bbebed90d5ae1f10bd4d7b9e30056e966b

    SHA512

    5948a119d36e2691407e7a52f407429b464d6396fdb86cc25b853889e89feb11f8fd80f6a7fe92f891915fe0aef0e2da8e76d1892f781889691c962c0390d6b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11eb40165a4b603ec95642d7525396be

    SHA1

    63b701b308a65f0a6d450e8d6cb4aa1d6461854c

    SHA256

    273e2614a2f185cc98818d1b7a3f711034e34812c34a8f564257dccf22b0e02e

    SHA512

    d4371f5d3cbef7c8cb4a7c328730afa7d8e9b7565aee90bf47066c730f067bee835fa4e59c7694daa039739ae7278ebfa33a1247458087a38c05f5444da87cc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2f2ae6d59a1755830f9c583722cdc17

    SHA1

    d325c8110366d8ef398e5e25a542da5ea12df956

    SHA256

    ba84150e9fb6710541c0d7fe609a40fa3bbe4edba5559db743ee1ec1afcda831

    SHA512

    6ad85638b914d1710c9ae84448441c1ef7afef03551ea07f42bb13e874864361cd03387db46b5e230480a4c5f55d89b537e6f64c30e6bf76b1229dff54142fab

  • C:\Users\Admin\AppData\Local\Temp\CabFF0A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFFA9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b