Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-09-2024 01:16

General

  • Target

    eecbb01dd3167b12b7f93a0054a29fb7_JaffaCakes118.html

  • Size

    8KB

  • MD5

    eecbb01dd3167b12b7f93a0054a29fb7

  • SHA1

    fcf28bb4e9e107115aeeb9654478ec33fca3f7b1

  • SHA256

    c4db42aacc5d33a983241e6b723f3bdab659f448dabaad75734d7cb5d0959db6

  • SHA512

    d33499f3161f8803103f56ee7c689557e471baa2b66792ef14ded9365c75354da4140c77157644648e385fd5c9be10c0144a3d43e648f3076a06f02ce11ee346

  • SSDEEP

    192:4ZYSAdshMaTi8Hd7cZ8+SkJJfwpneiVtkcmqtd:hS8iMYi+h+SEmtewmW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eecbb01dd3167b12b7f93a0054a29fb7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1364 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e9b7e08f82e6511385365c555df85e7

    SHA1

    9fd88db257dd407165e0a7fd8efb0196e0fa4ade

    SHA256

    e60a3423f3810451f421a5085809e8264ba38578c7bafeb9cb416c03f91cfc27

    SHA512

    a811b4c6bb57cf49fb9d9abb58bf2cb9b2cee0b882c39ad9c9588dcebdc5e501b43233dd0aff7ff3b348a38600be67ff8f2f94c3a5c741df82b319bf31d96110

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df338686b1b9f55f9ddfdec9d5bbc7ff

    SHA1

    8256702fb252a73931ea352a93c7271aefc2e46e

    SHA256

    af6737d53e98f170d3827b0edadcab00f96e29aa9bfce713bf8367f38c9380c5

    SHA512

    99648b5e4f0c6c73b0ec751cb12d0d9655957a3647aef61d751f1b3431531e6d975c08d8a047afcf1f0b310efbc54a96d29df25624db072867ca272ef5d594dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3383b0a19c3364610a23bb06d9aad3e

    SHA1

    ee9cee4694e42497c22bff891ebd80c8f82a4e71

    SHA256

    7e4aa59af783454d42628c4608400800e9267e8e57dfe2dc371fd7a95080ae16

    SHA512

    8e34e8a39188104559862fcd478c928edeb6ee99e1ff8109dce6e62d0af8a63b20016facad9affc37f7246b2f45925d2d4798878ae212a9a2555fea899b12cdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b0c9013f7550cc98d58eba53606c5f6

    SHA1

    ca90eddc736cbe88dd4a8a710491635ad7907b06

    SHA256

    4d13a5121ff9c97a6482a6c1ae84e24289dd56e2ead4fc248b7435cac431c6ae

    SHA512

    0d95aaefd27f6988e1044ced338c63b8be0e3d1bee90a3c7630faade82aefd4476f4ccf3a5449a2f28071b7615d9496fea3b65609065b356ab82d6b2ce9de6f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6edfd335e06b2f8bb4a371901bc12231

    SHA1

    007b5d9b74c11b56552b8fd1551bf7e04eea859e

    SHA256

    2383c0d5d65bca96a41d31f5f8790211b3c28021d9e263f235f5002825a131fd

    SHA512

    7c97625743216654e88add018ad7ee03a91c1265352826170246937fb68f56559947391b62ac88aa73e9e7a91666b1525f964aad63ce956b3bc979605e528676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1c0f3749e0723aa5c788e502e6d08e7

    SHA1

    ac32a1c3eed4fa6606a38df54ef7a85edf29e997

    SHA256

    3fd44f5c568d411c43a363878499f1132b8ad5d6c2d451aad208a4ef260d1d24

    SHA512

    7b56ca077bbbaadec2e5eba3b64b31f92c18603f6fc3e87769f91ac7261b35d39aac335a9143771e1bcd4c0a8c66613b0c82f083b9965ba6630f2d3a89248e5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4fc120af130d64170686c0356fb8d79

    SHA1

    dd6669981cb77f83a8841acbf77b15e9fe9ed5f0

    SHA256

    45493477bb00d4edc2d6fe7ae384ee1e3af5209cdcca6a16c6f71ef2d95b2afc

    SHA512

    ba910374ed6bf668590aa6587909b388479267bfce9d3827599e88b8128be92fef27476c633a5d24e0337a59c2e4b1a8dbb533968db0eeaf1603bee5b0e598d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a7b72b210be9b989663ef7fc32e03f2

    SHA1

    96697a36d4f81480c10b18290550c46375352df5

    SHA256

    83670b5de5410b732787aab919b18b5e8c5875516244f8ea2b7a75cb0082bb96

    SHA512

    95a308f362c30f91e372b4b7cbf73b3e89c53a2be185dcb7e4fcd41c0d9758ac866809f991fb389cdc1fdeb34c0c388e70e3d27624728a931b1f8015d590b0ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fc7735785764a5934406d194551c26e

    SHA1

    f810e7ccd1b4e4e7aa4308a2fc7d8978f263c64c

    SHA256

    22499d18d2df8f2d04ccb3103e2eac9946269239baec1b0246a6098373f35ecb

    SHA512

    d2c5041e92cca8e0d8c09d3f95783b8411a4ddef71b36698f30aef724dce330ef90892d988378607a98ab813b46f1b73dc09c24e9c86f0fe7842383f9b87af89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ca3504938b78bdc265280e6f5c41b29

    SHA1

    b2b82e8a896a37dbf63bc34b44b449f49fad3cc6

    SHA256

    8be311f05f3c2601c84d8fe6d55d0ddabaac11389c995f56ba2fa55cc713af77

    SHA512

    9ea9fbeb17334c39c1421f57161bcbaa333ff829ea21cc25b3f1a1681377cceb504445cbd366bbbd62f9dd5d1247201252848de0cabe2c0bc502dc5d30e2b5e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44808ed9b40349d8f6c3ecbe9311af0d

    SHA1

    b43971db795d39d03cc86764a4a1c644d044509a

    SHA256

    4ef5230a8a25ebc48f697142bbf4ebfb7fc40ce184767bb4bbb6e5f391982f33

    SHA512

    85d97815dffa961b1559a326c0deaca9d962f3aea2fb660f821f0dc2ae49ffca772536d86f5c46c28a9c7bc096a54626a3498617d6ff99ca0e447369b66a4c60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25763b16eb3f0de104b890f8fd39696f

    SHA1

    cfa59532d08a761a09b8a03cdec0f387badb1237

    SHA256

    eba1280886ff0c10f6eb8e062a26568182aafad1e1a10ef58b8f0345f50e4cb4

    SHA512

    1400afc3b9cc21326b027ee5635c65591eaba5cc2ba7ee99ce680671829ce87e6d308f1485002980cc773b2096db43134fd7462eb91bddb8f4efec8815edb93b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9374971769ed147c55b1fcb6c143027a

    SHA1

    6b0d1595bfb835cc263a6a75e9da12b2371b1057

    SHA256

    8db467a65190f24c9160766b5abc03913f67299f6373a5bb1866f03363d88bd9

    SHA512

    c1f94642a509b9cc0bb4f150c0e8ec3da69df80c52dfd312fdbd86f5fc2760c3d2b5d400a6e63c85c6ea929c8f52b8032bd2c73c76522b88d5fef1c1554df2a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fb94126621d1f96d5225ea5a6c3b05f

    SHA1

    1241c74a43dab52255465971df63f04f462b3505

    SHA256

    bf9b733581409459e94ded422bd86b837147148fe60abccb5d0ca79950352523

    SHA512

    d1785d56fae232398280ac9d02d812d1e669343c2a3b1bfaea17423fe7f07ae76401d5fedfbc7584e80bca596ca41db3a9cb3d1a112fa13e20e86bcacff848c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cf22b1a1c0186bc66899418b4170c76

    SHA1

    7b2e388ed4ac833132b99a5e5e2dcb664ad6a337

    SHA256

    71281f2c1925bc2c4bca06488e66c87eaf7c46160db0a303185f6b077ee1e5c6

    SHA512

    26afd4867fa6135b1d9d09a1bb3e165ecf5dab228db158a2ceb5fcef0420a91fb822bd0ac8c287cd8f691c11d877208c8a34a9399e39306d14e6bed40df0dd2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdd8b15bdb919f1c14180d52c3a6e815

    SHA1

    ab8303596bd7af237994b1da8bb8f43751c99006

    SHA256

    ccbc2f2719ff961b79619c1ad2524d27740cf2e258e124044274999f1a7e6a16

    SHA512

    3fb206c81885f380811744d8dc72714f8b979be808212c7b8c82ee3320d37eff0b2d536ab2f4574c4e313f5391b198eea9b9340974f12d9448f79f680b0583c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5211fbb27df1069f25506be916a14364

    SHA1

    49efce2ea99557271c663eb3cec11bfe69ba8bbf

    SHA256

    7cccc00e558879f8d03a3637c94be9f968d66e4883de01d599a2738adbd1053f

    SHA512

    825bb391c40d9618f7b45c70fea633196e7be38cd9b371ffc122bee55c64f466fb85ae528b005559e30409ca95883f85bbe03c05f869a3abd6c8349a72ae6073

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9dd3fb847c6178253b2b966eb2051c70

    SHA1

    1a7fac069163395fb96db48a05788b289ca87fbf

    SHA256

    fcc059e89c97cf21e1198ecc5d8b0b73e256a659dd4f212551a749dee2e85ca4

    SHA512

    293759fabea292f5638ab8abb6152c2c00693c03278d9d35704c61ab27ad43ea5565354962eaf087127640c97db78a8074466e407f1e7442de89009f92724832

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ba4e014a51efd59435870da9ce6f2b5

    SHA1

    f872af1b967337e7ec6bb1109b814b052abbbf1d

    SHA256

    1abfabb2accb3663642cc28af53a36802417e7b26a36a29826f4905d8a8c8e17

    SHA512

    2071e73e5b60912a69db006a52bcb5aa7bd6f385fd94c55ab423f0562877dda949ca088ff9389a53720153bb48d2d5e489355e0e36182b5dd51b8e29238b3c9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaa75ac06cd88cb95328d080fafd6e86

    SHA1

    70f9e5b4e4069a870fd61ba6e8373bdbdfca0b26

    SHA256

    9c46450204ffb4c83812b47c8e53ee72524d4f8e3b442923685bf4b31e251062

    SHA512

    02b80174f70196292af7f4ac05e0ffec31331dc532d7621e9b6bb31f6f499b9cb2ee5f4c067f7ffa5522c0493c87b7a77b149e681a9c2b66f4af67737ec7375f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a26eec6d9cbfa1059bf95d22c208b53c

    SHA1

    588940a663fa444cf7df6d1c1a7e708efbae5063

    SHA256

    49dc080930be1d95c0e3af74f954362fb9ebc50521765b557678427a19626581

    SHA512

    a8104c6fa9c73d6767301cd24e45db969f7f7d44db43ac990c712c05a79a41c6ba08cc1752c4be903c2258b9cf2584b7919e594842a1ce9b02062060f5bc27cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f62ce0aa0ceb8c388ea6ed966b4e518

    SHA1

    7b1cb4e33804b906d7a8badd05e530f0611e9a26

    SHA256

    c19d68f7af3860afc4ee1f1ae526bcbb070707e6bea6f5b75b8cfd07a2e97f6b

    SHA512

    80e121facc472cf13b8b9b95cf46224f86e754952ae8ba3408a6ef0c119db318dbe26bd12f9d8905e26a81066fe014fcbf332cac89a8af9f7ddb9e57c12812ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5509fd67dd99473a58ea74fd1f61e88c

    SHA1

    e7c2e1cbf09a4ca1f6f784ed8d9a094b6cb94014

    SHA256

    1f915ee7955a8abfa13bdaab7c7d74d41201a1e3577e5b61bda70fddd8370579

    SHA512

    a7917230fe9f8529fd2af8bc3899212dc532e6fae5676805f37a975e9b486ddb3d02c1c14ab85235c8f43334a2a0f8093aa6965e77569c5ed25ca54fedea017f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5e469f24dad97ffb8e9858a1281e4e1

    SHA1

    3612487978b78e431a749b4664854f6a2651fe81

    SHA256

    6fe21b9ecaf750256d98913d568ba586aef7f17bd5124e517eaa1ea008d7aa05

    SHA512

    6eb888d951e275901ba54bd72531cdc198b8546e8e2f0a47a46cf89730e0cbb3310059e37ef4921fb9ceda783368c13eb92029cea2ec42be64ab6abbfe113026

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81c6eb981b90ea2d31ce60289e89c56e

    SHA1

    8d2e777fc669f52963799f08364ac6b24467bd11

    SHA256

    4365d9638f52698d0462cbb96800313df11088d1e07956d52c2d5a54bb9ec9dd

    SHA512

    94e3138085c855a79437be02ee990b3578f3575dcc66d8833d00bc769ad007100c1922253df149a4f56c226796ee24a87c9b0feb59a92a0e9bc999ef741f3212

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff6eb55d30081423a68b8a0285140aec

    SHA1

    9a5332fa72dcbe366e5907783a3be7fd742f2824

    SHA256

    e9a4cd62e8b66cc010d9fc498a726c9f6f44e279ee149ac94bc965f8d3321e5d

    SHA512

    02668afaca337ee5ee039f78b3ec6de00bf0a78b91d7c9cc9bfdc416641fd1de5e0266adc9707fd5b25eb7409c43333ba77fbf1da957503864108fd5dcc415de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    274a73557a856d0c1b6a06014bbc11d2

    SHA1

    0bf6266ff0e54314ebdba638105a073be5ec7726

    SHA256

    370c57b2239157200ed953adb0e145a41c758f1ae9d9885eeeef688a199d40f3

    SHA512

    658d4da4cd5a440071e7eb0a5e7a67aa21b9f3736d73ff4b2999825cf4e4659485f1a50a71028ecfb0942b4c335786b69215f57c730a8c3bd72b25b46104e88b

  • C:\Users\Admin\AppData\Local\Temp\Cab4686.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4675.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b