Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-09-2024 17:43

General

  • Target

    f6883e762fc1b55d580f6d180b6d6f0f_JaffaCakes118.html

  • Size

    12KB

  • MD5

    f6883e762fc1b55d580f6d180b6d6f0f

  • SHA1

    23fe2d62d9a6ea6b4e686c9b8449529b93e43e42

  • SHA256

    dd9da2252a64c661fd1518b2e7e39456643315331b9b6c889f143f62994b52be

  • SHA512

    dd2048054c0a9c279a2bc2dd6b819b3438565d83904b584e2ce2cb9bd18097ead86feb4ddea2953ed20172c4e12ab06d76feef875c58c7f35761bfd04c70808b

  • SSDEEP

    384:m/8vpuIWJPm8huIWJPy8JuIWJP78euI+JPa0J262BZzm0EajKsoPO+soId:fga0t6k

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f6883e762fc1b55d580f6d180b6d6f0f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc3686044fa478033972e687d99b5def

    SHA1

    89e5c1f59b7e81af78b53fcfa64f77f148210bfe

    SHA256

    4441412d1829b7646bf35369f049dfeb0ca94429067f7d3f33cbda04bd981c4c

    SHA512

    917e3200a7ff7f050276c5886a4b57b61e1927f8bd28a6c910772cb9fd0f3d1b1432d9870121422373da69e10b96a77b25e251169298e6b562b5c70422b540ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55059c34113ddb829a5bcfe6cc62328e

    SHA1

    8690bbb3aa4c7993dcae6b915e6f5b8858074ced

    SHA256

    3304b5f19dbbf4be52b7ac4104a753e2584193efa1b0b888bd12d37a3e1ac494

    SHA512

    b8e2edab4585f2292b671c8d05c1428e273a774b8fad2836a8905a1868e038a6c37e83643661aec9d5b5e0d77e691db1347f49803137b5e5e5f3bf37558ca334

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e37397de9b31789a980668a348131927

    SHA1

    931a241fb535ea4ded5ab4b86d76a337ca607abb

    SHA256

    8d279973f3e7af6d416ee957d2802fcfd4714ca5b8a0aaea28f50dc12a7c0b84

    SHA512

    bf1bc2ea6aa81f9940cc85824241f5464332dd18a3f7317a747f9b5d0bd293ec9f03c4830a53451441751ff42616cd833faef63b84110a737e472b8d9ce963b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c55595ca9f580419306e2b59ec11409a

    SHA1

    48fc485839330474f27cb11b890b50bc339766db

    SHA256

    91eef5f1ea6f78e5cfaff3535ea23ed6f1f917322d3673271a970de5f077232a

    SHA512

    648787d1c87ab4a61c82eddde574294f12f3adf0cb103bddffdba7c6cc727784db442d478414142ad52dfd88e27cd801307417ae7b07236140399cf766cdcadd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    434d066ce9f1a03291300500020ecf19

    SHA1

    0cc495addde4b96f9bfe59ebea0895cf2a38ebbb

    SHA256

    c37b99bae61559a0e5eae9e9bbb49d5df36d5b6007ecd688f9c8121e1d9d1d97

    SHA512

    8b1f3cf6e547dd3c7a342c4a7958cca364087f8cce867650d0a0d6f6570e1c6b0000302789cd6e7bc48aa37ad9788f64d20b64e56219f628181890c08e9c60ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a840c2b02ec81ca06bc096176f723086

    SHA1

    8700666b96ca13ff5a8b47abb268b95fdd9affa8

    SHA256

    facff20aae883cf5927adb8a6a2c8cc41477a6079ea6fdf82e14522cf952bb88

    SHA512

    f5703d476aa90cc72b4601eb5c6f44be332ba05574eeb03e5fea8a61a02f7a0941bdc1f473394106182bffa85408d0639b8480d704bf5f9d95c1c8c9c1363a42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7cc2ecda823f088ae587aa1a6dd3a66

    SHA1

    9913fee2e3888e5c7a55bea39b76b86fb7996866

    SHA256

    945dc3f9f4a68e5051bf5848147fdba79ab5ec5cc33ae577e54722a1648f2947

    SHA512

    5735ca1d31842d99f29a3f297027fb2085313e98581f81c10a00bc1fd39f86be4191e0b9a2446e3430fdb7132f8d0ebc0b7023d70740c1cb539a305eb0d23394

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9d52711bf4f79b28fe448718f15146e

    SHA1

    723f8267df188099e51057f40b4940164a240165

    SHA256

    9d96b5d3f8ec455414f87753ac416925a4bdc2c67daf238a35bf3545e4bce925

    SHA512

    9827c5d0bda4f96a08e632424ed3629b82dfd43364cab287ae110bcd02c01290ef2fdff73aaae6ed3631b573eed3989a73e82e5c7c2879bb6e2e02e9074fd5af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e270a1382eadca4afe8ba0c6fb3e21b5

    SHA1

    8f492bb2e9fcd8766796abe1000049acf9af9301

    SHA256

    54fc79ed39e7431b22e193a13ebaeb7d7a32ab6698ada894572430e04b16442d

    SHA512

    f09a63491f8dce0f8c5e1418ae9c6408d6ce8953e1d6b3b37acb68041875da44f4abbda06311103cd681b14aa767459ae7508bc56da37a1599318d5c0f986d9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46a2d13569aa7d18a8777d553b08102f

    SHA1

    c2275fe5b43f9175bbed3ca4033d27d845a8a173

    SHA256

    903a55b4815ea1450fa1afbe105c4b8dc4a437417d82e447c1b923227aa567e2

    SHA512

    6cd21c59a35eba930208a385fbce0f4f8ab8c141ee3c707580ac78904995c398ae5efa83dac18d9a632e988df72ea357cde1edb9888bc5bcc73eab75dd469bf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca2fc72a60123ca440b4a6eefeb8ffb9

    SHA1

    b06e84de8f54d9384bd4e91007a169094af5cbde

    SHA256

    cc88296213bec16c1ef4f43bfc25b815967db266d8a7b18e4b25cc1ef3ba79b9

    SHA512

    c3c1e4e91bc4f971dc289da703d3682603edfc48eb674e769dd3619fbc7b454ca1599c99980cbff82eb21ef7de73744b761627ee7d6f72bf0edd99675d39d4c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    870e8f20b0df7c6aa8f0167bbc9ee078

    SHA1

    49748a17364f783fe8a2cb57be6b84477bcf5ec3

    SHA256

    8f7dd8d8d89ba3df2b3410f1a6ca47a2ae25553128b6a673d42a758e95ceb949

    SHA512

    aceb64dd89e1bb2a84bdbea2d8c915f97564752a0d88521a957c98236b136ffd5a4a34f1e662ed188b3ffeed5d7703bd2b172f25ed0ec455cda7507a0264cd9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07afc77dcf1d7257c2c6290a2adbe21f

    SHA1

    1710351e910bfec38e7b111628a3da6e77261469

    SHA256

    8d42559bc2ba77c00ea415b538bf8aa910b762e085880d29d493d9442900880a

    SHA512

    a51633fbd2993978e7aedb53ffa2c6888df90f1fa7f1b1205681c02911bb8c4647646998e4e508bb7955459efed64b393e650462d7ade041420af773a0896cf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbde95ced81b523901a88be6c13f24af

    SHA1

    c7c9461b909f47c45d84a00df91564c944b72138

    SHA256

    31609187db61f4134b834cfca50fe246ab356c970827f7de1d81ca12de87e4b6

    SHA512

    9b8702041338328b7bc3d46cb8e0d6dcf796c41e97f9e3834e9ec4a90257f2fa6e72ad44f1979cd1d06d1e0de945377077ce468488eaa0e1a9f9e20f684c6e73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed0ab9cd641d98dd7edf21ce49144fd2

    SHA1

    b3d5a62c32fd657b945c8851166ce5b239244116

    SHA256

    370600a382ad5beb7aa44e5cfc6755133c8643bd92376701d35fd286c2620d06

    SHA512

    ce4495c9edf36be28d9926a8eab5226fd72fadc8c0560e81cadc0f7ecf3935879b81b0dae689ad7d50abc3a716c4e6af3e897924a7401eb25d03c5e2c4ac822e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6d49888bb3020e8d9c8208754ea3037

    SHA1

    7c909f9b516107f5128fd4cb943509459f1ca9b2

    SHA256

    f787e5e6701825f0499d915e9e9b877e109d2ddca26005d90eba50f07c1f3c23

    SHA512

    a082aa925fe62b3463096c88bd7fe117be39eeb000aee7d5d7709f010c6c3a61c74aac314a6159b02b65d080a60073642236970d115a7f30ebd83e6d5cdb8f9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    904589a4def3a4055d977a04fe859672

    SHA1

    250b712ad232b56627c1b6634ddb520a9bcb8e23

    SHA256

    d169d5818dc8329b459265c6b1bec9b4224daa956dea8ee86cbc13440dcb60ae

    SHA512

    d22ea0db9ef69753ff5250256a03606a00c7ca54ba0c7ee397edf3d5af1a865b417c8e63dcc57b58ddaf214cffe4d26e4415bf1ad5b54c03ec48c8190f04ba2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0558aaddb32e5117b5fb8b02cb20d901

    SHA1

    57dcbd28425420b4da0a37dfed7318c1caf4d704

    SHA256

    1065cc3f140e370ff4b2937e37f2b6bc094683fb8dfa857eb063c6066bfb4940

    SHA512

    788211bbba553121fd3ed7269c02169d3a664c63649e8e657492a2e5f26c0b82c1c09f0ee60bb48264db83a9c57d3afa49fd241318f02a04a51e7cd8694aecd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b47f00089e75a1c17bf26b7d9c48e16

    SHA1

    bb6f5d7081ff07140294512039d6c127a1d842bd

    SHA256

    ef5b01ed0e76cf2386ae37da12fbafd420d6d9f91549de13c2ffeb0f1ad4ff50

    SHA512

    006a0e20b2efbcfa01e2021b0f4f36ab425d041db991d5f00f68aaf4fd8737ae162e5133a563a7cd9f81315330eb71e6adc4e9ed7a8d5fd13e0f2ddf56e0aec3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2a6968e0452df9c172a7c441d355223

    SHA1

    31f694722c7f0e6c963fdfbe77f634d691554362

    SHA256

    ab3d801b0f240de008bda2afb9d5038aad30363325919be54e3d44bc4134a469

    SHA512

    bea295f91d10b392e2278a45d4e072becb35535db9a8354dc0181345823180fbf4bd17e10c413c5c620d282217e6b7df4ecf72d71b4513002e3e9e4a667c70da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    012d93169404293fecbc4ba0db9051ac

    SHA1

    8d00980ae3e0587a04b89d604660822877e4932e

    SHA256

    f5c8b71036893d07052c899166200c560e8df5a8eaf6c5941127d6eab287d9c1

    SHA512

    d9bf1d79f80a41c901fe537e8ab3262f3ecd973ece231ade610337672c9459eea81efe7cd25977d5aa173769b69498e56ff275e4828bd3b704a17a73f3b55dfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d21e009ee675402c8f2d44cc41a3c501

    SHA1

    71620372a815a2080c16642c1fdacbe3cd08b09f

    SHA256

    bcca17f5078aea4ebdedbe35fc310f5cdb553f4a60b62abcb34a694f1177bbeb

    SHA512

    ac26120cc6b2998d79dc21dbb3f6d82036f41035021e68b7485df3eae5c5965853bf756ffe1abb9bc206bcf486a680451fb97196f1d7cb3cea883a2ae6a18ddf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e40db8932cd08600c5f7e944dd69c23

    SHA1

    709230bac36496c58409fe0a07dfbafeaffa40e5

    SHA256

    844ab1efca11a995ff82a2d29ee5780abd752c4977520c87448dc5a9baf83c57

    SHA512

    5869465c9a878192dbd09a2144c657d686a16972b1bdcda8c559258a1f4368f96101080099184767b6ae23ccd1db9fe2cdfd4a166b8ea277367d131fa4a2b773

  • C:\Users\Admin\AppData\Local\Temp\CabB6B4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB762.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b