Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 04:07

General

  • Target

    f525116fe78675606f45142d2ba69207_JaffaCakes118.html

  • Size

    53KB

  • MD5

    f525116fe78675606f45142d2ba69207

  • SHA1

    6779f9cc095bc6d578c886db495c00172d0de17f

  • SHA256

    d853a8fc216c30552074f8dc80ca1c81c3ee33b69925f56bd2ff8084c073c6b7

  • SHA512

    b7a99e0a827bdb61fe685e1975effecd8614e2b5192f8c312408eca3b1ce6178862dcb29de2cc6046ee2aaa607087eec06286ca6ba1629bedad8ce3971950804

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUKrunlYm63Nj+q5VyvR0w2AzTICbbJoj/t9M/dNwIUEDmDS:CkgUiIakTqGivi+PyUKrunlYm63Nj+qW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f525116fe78675606f45142d2ba69207_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2228

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          38bd3b85637fd3e0480364fdecae5a3b

          SHA1

          8dd0378dc72ff0a4f93bba41fb312dfe3c8bc9f8

          SHA256

          23073bdc2cbdab174ae90f179299703482cda21693e7ffcc17e18c6a13fbf42b

          SHA512

          c5df4b228bfecea2b76e6d08fa4c74accf47b492f778d3ae49ea61700150d44de18237a4732e8121fb4f11a440e982de072551976ca17ab7f21d2a0719a51847

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5c39dbf3e0c397706332e51450191ef2

          SHA1

          41bab291a2648654befc3a0a16822ee49d213648

          SHA256

          76ef73d04c7fff3d5e90239f4f8b5826f39b2c471bd61d8fb3c6e88f1b400de7

          SHA512

          f957436803ae344795768da109ddf0a88f7006fa23e024125e312e398f28dcc85d5f177df768c70c064b7c7b1e19ea64dab50c19203e870faf0006c4fdfcbd87

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          50e77be062f3337c18bb950bb4a4fd24

          SHA1

          bb89ed1cd89ac0068da48102a319b176d591dbd6

          SHA256

          7909c61d357bf11b3f5503f9d99ebf908c8ecce4326586fb2d7438397e948dfe

          SHA512

          b83ece69007b1c8d1ff0749c8ca78767bb3a11129a617ebfac7fef13f584b2c51149c86896bb443bf84c329a6a5e30ede4909914172dd0b27407ed56ac779c36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          20b262425049a9fc711dcd2892f5138a

          SHA1

          00fe37968471c8667b03aeac3815771a7ddbfbc8

          SHA256

          5756561e25ada149281ae8c4530954ed65d2412c83ee7874bbc77d276b96d102

          SHA512

          c18edf2603d68a11f8ab7e58096fa58a00164369cb8c86dfeaf17ba7f5652ff91b45c2826858e4f014504246d4cbfe193617b5b295119781a1e87e108c3aa2c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d29fd5fcf42f174a8c00898e3c4f9c4f

          SHA1

          949f8e98f9ac137aec73e15fa3f8ca2b2df8d8db

          SHA256

          3304976d9b0be48c5cbf8022da79ea4ed82a499ae80d06907235702f2bd34b82

          SHA512

          90fe3615e77d8903366b7cd28cc12236ad419c5e0bffc87e550759bac90151444a3ddd2b5bff8b7922cf3e1eeefc6fb022b3869c546620a086aa2ea81b583561

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2b9ac9b5abd03c485577efed0d7edbdd

          SHA1

          59996f7190979a8f15b54fb35f4e1da8620f7e9f

          SHA256

          e1f46f4cc1babeeb17e37634a0e984f8c14a106f7b65dc8455aff54f8a2247a2

          SHA512

          69c4e622fb590ab0fa195d44fdd3a55e788a32662a815b605ab888b020267fcfaaf96dc978d7fdefba957d1fd1eb7522c773648d9e8b9635fe630eaa28d4f4c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e0b71abbe079f31d87a327250ab4b57

          SHA1

          17c43bdd5b005bf91b5fd043f1e58e4994f7ebd4

          SHA256

          8ea1a7171dc2b6c6ea87f31644d2462f8111b95101102aa235a9282ffc2f7f4b

          SHA512

          81ae33870d748c376d06837971c9492e5f3b2b482f0bde39aca2ad3f020e307123cc1aadc13762d2ffc770fc93c004cbc19951a21233de683ecf84f0e10760b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          13c0a78b64334196e22a2cf8b132360e

          SHA1

          a782e981f32494040cc4ecdcc17e16eb7964441f

          SHA256

          9db52d171b704e4cebf050cac4bbccbea4db12bf692f9f4089582a0a7371c496

          SHA512

          197237eb2dfa99714e6fae8e9e3b6326bf4b709ba8388170cb1453a7b9e86caab1815cbcada353909dfbb68193f7e96929aa5f3c2e6a72a41bd0511632a9f11f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eb82b0c0d2db8841599f378ee082b195

          SHA1

          c9ebb97933bb769805daae2a2fba21c1d6030023

          SHA256

          c8973f14c252060e0113c23544a8dd3cf6398f60d4bb25f361420373079a1e28

          SHA512

          86d87b64dcec84ceb823070a0986c47ef552809b587fd27cd747d68730cf8c3a51f22457ad8c6897c5c8d6570b547c1c8baaeb0ade7131c5ea78af5824b5ca36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c63d99bf2f0b2b4859c77faa158c97da

          SHA1

          fa63471d6f2f97d4081f422d6064c90d64969644

          SHA256

          01cdcc8ea2d021bf7d91e19bdb39cfdaa3b64018bd1d74aa45e67d30d605125a

          SHA512

          1fed98de75ec09d46961e0963bc2b4cd85fe476bc460726db15fa569e2a39dc74bddce4f08bd0f74b5071f9052cdb8d3ce91bca0b40712c22b8d4ff5d1332191

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          baf204cfa566c5553d9b8dfa8fbebb55

          SHA1

          a4f9957f52e543b9e432b1376faab306b095c111

          SHA256

          1ab210616dbdaf0261ca60c0dd4c956f9250ee5a969dea42cedd9cac4dacad0d

          SHA512

          f5a6a1574965bdc9d95da884e8b4557e86413323e0c45b9b590f97151feafaaa585a794492aa0f12daff61458da17033473c38839e85538d181359e343e2ac5e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4027e4b6574264b2c77b7b3937644e92

          SHA1

          a6b445ca8ccdea48e1b7efffda91c745857e648c

          SHA256

          c58be4a13ea418ed96b5e90b2ac67636b8c93eb5d3c61303f1db91ee64175999

          SHA512

          5ece4f049a4d7fe2d3646fd7fa10c74f41dff10c7364851ea6f2732c4aa138f143547c38e0fb44142188c9192c834af00e74bf67232a7fb4fd67d935470ca477

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b513cacc87b3a4bb0bb8b6e41633830f

          SHA1

          e2354db9b192cc0452c3cf9cba01806ddad3ca72

          SHA256

          b8d8f61a94e1541415b77cdec2024f66472bc12ad6db4d517c719d252886a962

          SHA512

          4b317d6468aca8ce196ff09efc820c13757d510f05db99a1adeec6d3be017e4d6e99f128e352edd8e41ab17b468c6ba16ad8b569b9be16f556284da764df3751

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7373ac071c6a9b851596bcdb6bd3e01c

          SHA1

          dfc4e4874eca06e8e760766f7b16531c169865b9

          SHA256

          f5dccb98e9433d4bf867883ef63d3ab2a21ec53e9365148ccc217b41abefe929

          SHA512

          80bc2a43e82109d25576384a0adb1bac097170f5b42232a82b68822c33866c847f2cd51bd5a8d016d48fe2e47ef3cd4d40b80357cee5c3211fdf83c025b28a26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          185c0625d737ac89814c42328afb3af2

          SHA1

          cd942eb6814ce8a0243d692390be35b0364535bc

          SHA256

          e66830eca33f74611243baf5c73ba8a2950ea2bb58522a0ac34f71d6e3ca721f

          SHA512

          26030796a6fa61688ea0a4768b7a8a65d38abeaf0eda85adedfe5d5036bf3a5a76a8c6f93710e33297c161b7be874c15bb109bc93656e8e2fab886647d5e37d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c084c51a0246ad0b5a114c47aeaff51d

          SHA1

          462b55a35e8a3e3bbdcf187453ce4e13d5b9875a

          SHA256

          d79d574e0b2719a56f9358a7744cfd50c554b44eda958ced52a6e9edafd28c78

          SHA512

          b294a8a936633447164b2cff682c40dd03c57064612306f2195e8d725ecf000aff36f7d9c8d548bcd142e9a19aa84f8e472fd8b8f0e1587032700456f864bd37

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a9af066b59eedf86079e540ed29d5b82

          SHA1

          2b270059a80ba4bab17172ce63cb41fe2f455caf

          SHA256

          83a67076ded9000dd44f03f497e999eb720fab78d0ce56f8272de660838840ef

          SHA512

          613e15025f43cb4ad5185f8ebd55a714e8be2bbf6bc37737f3515896488ba97d2204a455dad78f3ce45de7a1aec44cd1f8ff82025ebddbad2e8412ea1bf5e344

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ed299fbd6f66841429e0ff61dfb86ec1

          SHA1

          813ba31305a978087fed9911e5c5d2b1f57ee428

          SHA256

          e874028069eb098a293be0e195d18e2fcdeae53d0efc8aa0ef4f08b4e40c3dc5

          SHA512

          753457ed5998c64f13776875780b2754efb5fb30981e42a65dc28ef79160ba233aea2d85138e63b294e446b956e04dac8508a969c7563e7e7e8eb50e3a877909

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bcfbfb40be9e5d9a6430028d55359f87

          SHA1

          826f32ed508f3799c84b95f96f77d851d1b97f83

          SHA256

          70a22e7eeaa49a8cd54fed70e5af684b957eb33372a9ebd98a5e8334f8288e3b

          SHA512

          69774b50080a4843807f6c7f398471d9d4601c2a8db61899c0de9fdf555a1454d6640df03b2667b1895737c4fc1db2c080445c2ec8c0ef7290286507c8e02dcc

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I0VVMWQ\wt-logo[1].htm

          Filesize

          706B

          MD5

          67f3a5933c17b3ab044826d3927d0ba9

          SHA1

          5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

          SHA256

          97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

          SHA512

          03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

        • C:\Users\Admin\AppData\Local\Temp\CabF4ED.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarF54D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b