Analysis

  • max time kernel
    149s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-09-2024 19:15

General

  • Target

    f6af3e4189d697ff3f07b152bdea92a2_JaffaCakes118.html

  • Size

    143KB

  • MD5

    f6af3e4189d697ff3f07b152bdea92a2

  • SHA1

    b8b9258d13ae55efe0df8f5b22d8761de714b0f0

  • SHA256

    4df3b821494686cfe767a376f9386c75928dbe956935fb9dae5a54853ab1fb2a

  • SHA512

    1f2a436d74914ffc291e140a56fc745e294e2296adaeeaf1b02d93be9180a7d14c63f13fa0b26bfcdafb981d994568625dea5f89153881943e7181b761a6e566

  • SSDEEP

    1536:SPUlg22OkMH7ZGzVbgiiJLNeeOUeJls4e7g2OUok5kgPgytTgLCCr0:SPEggcVbxlnwY0J

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f6af3e4189d697ff3f07b152bdea92a2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9515eb9f62ede5e5f67df81bed1812ff

    SHA1

    83b5825f3846bba62dcb6478533a64f99f81da44

    SHA256

    bb6ad3a041357605ad5ef1f76f3981f7737b4698f86cd56342a63b9303d70445

    SHA512

    5d9784b838b8740eb13e41fdf88df2ecda99610180c9abf99dcb102fbb129b6ca6c1368cc3af752dc9dcae47c9afb8d018b4810b3e7c9c6d5196f8969d536351

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f6f7a3d8b9fb65ae2e1b815a31c8220

    SHA1

    00e6958b8187c7a120ec7cc9ac8bc60e3a3a86a3

    SHA256

    6ecab3fe7de1053c30a9afcbe8cb8d654d33cd121edb80cb7851055ddf56a6f3

    SHA512

    6f77eceb8b99850724ac59931a75f221d01b4c218313a2454e296736c18acdc1e39603fe9218b9476107b8a0f285de7c071495bd3232e62146f841ee1b624a3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbfa66fe8e41e0200bf6c60899e6f955

    SHA1

    6948e49bc82220ea00c9c6e77723d793fa3be828

    SHA256

    3ea81873b31de19df4b3cccf19570ee3b4f4f9fdfadab62bf4df1ced39ae5932

    SHA512

    f1294e1265eded931b29c07e93f7f18521e38250ce2500a1ed835998c74a0580e4c8d57a486f30d3058268f38d0ff52cded01f3a7b278eaf1e78788cbffd7bd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61dc1f694b47010716cf2aae11bc595c

    SHA1

    82644591649262e4b33d1b30ff255dc09d66679c

    SHA256

    13101127a42d36091713034dc9ec1c5175e874943eb4df269b8c57ca9c187c1a

    SHA512

    3b7b1674706f0078f7ae368a89efd3ac7c81b74b90620c7ecc01b13077c7b93832155bf3a52dfe905d69c6c9f03c119bc4f8d90240fbdd53007c08b1a21adf4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44659728651c5cf66d309a08811e1dcb

    SHA1

    d2c72c732795d1a1526da55b067146ab97348957

    SHA256

    f4d5eff64f8a035713cd0664fa70456197b14bfe3740b48a648221cc188aaba8

    SHA512

    61b9dd360592ce1ab528222de03f0c988ff7b67b83c31bf533992d53d0637094320ec54cacec7d2ffb38b22d836caa330e8f27a19a0563ced9d61cce2fc62b41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58c19c5e826c1af4fc65954839f85dcc

    SHA1

    ecda1efd560b66b97f861bb39a240dca4ffc26ca

    SHA256

    90e58de65cde2dc1cac1cec634d851376f56542eb798d1e47b0744d40f7374e7

    SHA512

    c83564a1716dc079048f150b2ac6ca641f31488d722e8624c0b2b22a14681e8166b021b37e1c1f16adb8c23988b0fefbbf6d31e9414a00b997d61cef0a3cc3d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abeb6e816061cd65c4e4d63879e75e9c

    SHA1

    7b646384d8c5902de9d84713a08dcf6c03948b39

    SHA256

    bad695e56244ee62d39f3cafe4751918aecfe5caaf18a3af5f55c1f2b24c56fe

    SHA512

    6e8b5c38e71e48801132526f6d82eb7012a6fad74c132d333b5203f77dcb9e848e247d5a3beecbc27ce09870ef8e8e4813a2ff529b10fa710b05cb43e4d53bfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4670a7c1ac09cc0ad14881fdbb48d838

    SHA1

    85c0616773145c5ab1f4436d8cd467aaff28a2ff

    SHA256

    47f05dad13be631a568ad98c504ae76b6ae0cb1466a2b8ef913a49c232d3c531

    SHA512

    e441e9f4f0b291031daed5d73a6942b80c8c28cd84fce69f30196b302dface29d570c97029f04c29f14bdb4b633d0ae7eacf995666a1cc65dde19fcf7b164418

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a99e45a0bbc6c519f65d3340e52ea605

    SHA1

    e65bc702244052f9cc3b098520e1e5c6ea704c37

    SHA256

    044dc3e4a415d9f1a7fe81c9772be141e36f2255221d54a26e25621834ce3521

    SHA512

    d703853c87cd4a1a82727983700e5759c4197c8f6c182f9c918fd523a7bfd86b124d86cd43216edb029c4b8a9a0953c2476cc1e3322e1384e4b82677595766dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f719d85b94588568062cc0520124e025

    SHA1

    8f6caf8ef0711bda5a74f49e2c6dc9780107079e

    SHA256

    e2beafdeae853580f1540b05b33b38cdcf717f371fe1b58bcfbfcea54c8ca9bc

    SHA512

    352796967bca1a5a77342248f8cc1f1b8960684e44a830d5962be126ff17f828592b27f65250139f32bf0ff2c3b4e90365c44f6f719dcb0a8b66edc85ff65234

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa3a508fad320337a53a93618946505b

    SHA1

    09c30b1267a1861ccbe125765549a06cda88b586

    SHA256

    930abb916f5daab89eb7d20cc54ef86a9cb139d869f4760db0a9d1d619480ea9

    SHA512

    1d6429373dacc50a3c80682593044ab6c41ff9af14f948c69785a6649c50ef471bdebcab97fd7413d569ff99fc394a3623fe45257b4cfa74e4e96d443fb75e8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17d5c6bab47bc302aa8a122cb1a0f2bb

    SHA1

    03d692150d55d53d0c449ce40df4ef6fe2306d80

    SHA256

    730338ea9bc045eb7c803fa047876b58b512925f38685f1891b9e21940bd9724

    SHA512

    da8985b1de426c7240563a0bd0dfaccf7ebd68f30066c14c4174956864df739b54c574316fbee6005ce8f66e5af0f971d5dac27982481ff84c0f8154f642a14a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36ab840766588178a7eb51907e393286

    SHA1

    e184df41a8779c45e7c2bc233859a61228f9451f

    SHA256

    f79b0c52dfcc1c0ff1d693c1255654ae5734eb5a83681a4f2756d701647fc502

    SHA512

    5453fb5e64f84ce21c3703af4a28ed67da70d32b61b7e2124be03f3c87a9077002f1126f5d96597d46a73eecb8afd716621493d5fd83dc406b3fec1df7a5337c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45caa16ed560ce6886b0ee96a3b7e45c

    SHA1

    cf7cd2d93855204473e0c11d0cb4d16ac1771502

    SHA256

    d3db4b7d4cfca025932e380a40ed0c7802685dd74ddea613ad832426bcba085b

    SHA512

    adf57069a542809a742e98169fd06bc31285edb3067804f7d738a5c115cb12f511cabeb8fe215ab0ae8df632c9518836bf87589124cb38a0c7fd9ed5e2814dc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0482cb06b7e526fe87b33b3d7c28718f

    SHA1

    a1079f4ffc2c39b1461dec5b8c877c363e0353e2

    SHA256

    f416b35f8772e873788eacfc242fb352cc0b6fa6636d96ea0cb1cf62350fbe0c

    SHA512

    6afb24402fa62e6045aa084b7729d0a99ff7be4adbb93cacaf41546e6d5544f7a401921b6b057665a4a37d76113b17c2ad3a53d530c1b66cf3e34c67bff56041

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78b2fce01618ff4cc9bc4853de13f6a4

    SHA1

    67e0c7f1ccc5447c52f6e1104192667273dd4d16

    SHA256

    dae5e57b5aaca4a8ff6a3fe952364adf1ac6fe29c2b916235728f0f199dea953

    SHA512

    7e20c547d8d6b24cc9c643a33e52b0294d2f87ace7ee1967a49470df139d278f66c2aa5a3f1bd89b1639998d698a95c776a3e652ab98419e77fc0fed768a049d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a25b085449ec76e97e844517dbb0eea6

    SHA1

    88ac48b6dc58cdf20f9a7ee2b402111d9b2392fc

    SHA256

    4c557b9e294333907e99ded9c4cb1989c23d295218d742c7440f825fc6757797

    SHA512

    4f8aed1a4e5f4a8918648628549f67e62bd9303059a552e57c1e32b52cf7b12d14268dcf1f1019446334b15d3ae9044d3a01f5c80f7073e0d69ad5004dd49371

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68fba4ea72b0604e31645778308c5a7b

    SHA1

    ba9549206aca17a7911544a14f4a8c25b1dc7929

    SHA256

    ca3a3f29820297f064ff3e524fcb6c169242fc6b27332ff4150dbb41ed6bd3b2

    SHA512

    b1b73de3ba22a4568b3764a859c92ae17e760f35eed597b8077c802da820d9edc9e3bcc52db107a5819d22ea001f8d5de024b3df67215f3e5795bd65411f0211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21b4b466eb80396f78b1eafc44691d91

    SHA1

    c4c243e299e7f3be7e8f92c8183594629a2ce3f0

    SHA256

    971f86a67b8b82508b59cb2724145e9f6692d1f6a6095546a0c965481c82c7ff

    SHA512

    aadf68253d1129a97e941ba8e5c7a38b22725620cc81810d80e2871e11f8fec407c52ecd5f8e981a8d46e04c87cbfbf73a2fcef5d778f19b08debb510924bf74

  • C:\Users\Admin\AppData\Local\Temp\CabEC72.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarEDA0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b