Analysis

  • max time kernel
    138s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 04:10

General

  • Target

    f9ae7baeb000a7e34216dca1aadf457d_JaffaCakes118.html

  • Size

    19KB

  • MD5

    f9ae7baeb000a7e34216dca1aadf457d

  • SHA1

    8366c22fce2f1e3a6e75f5e73f64cb2c46c9e873

  • SHA256

    ad4b2174efb6dca3ff30fce0c9f718db96e382009d45ea5971f431cc99ef5b18

  • SHA512

    b53fdfbd6f7270f029de9b53b0235f4a678fa28b4f9f438df7c6ecad8c25a410147e335693b6e20256474c2fbdf09279c8a22b6f160a9f7f83b92d9d5c2ab6a9

  • SSDEEP

    192:SIlS+1SsxR2H6DvkvOtXyAdT5ltgBHGA1poNS/l3vPmqlHog5o52X9MU6M:SI3xRS64G8GJ8poN2tmqZnXr6M

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f9ae7baeb000a7e34216dca1aadf457d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a922403bd1661ea7582a1325fdd617bf

          SHA1

          84201827b53b2ad6e2ec05da95baebed36ccd721

          SHA256

          28913a19e96cda28308a8c442e3185afe8421c13fd68bd91ef568057cce2598a

          SHA512

          38a52291f8dab8a2825379c04793d23548ef08a6d2ad6916c4936ef7cb182efaf6e0589689c75bb2f391c4b1378034eabb4e21bd1b85d89648cb6f2dfb4d492f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3cf0d9d6f4463526beaa86ca9ea10363

          SHA1

          eb5bde5d2f468f0b31b6af3d8032981eb8c6db37

          SHA256

          67aed67a474e869b813717b958b98aab04af3d808da0879c47dfd253f3554a99

          SHA512

          3cf8ca0b106b31c2756cc612be73fc5c56a5fac686cbfcd12844a9047cada16c35db1bf2765f5ec464a27c88fd9f25e552ce64bdc4f8df08c3ee802b40d5c020

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4d65c987c3dca5ef1a1ebdeaa50b79c1

          SHA1

          2fb5b6265ee71ed92f3ea56678b36b68d6681d98

          SHA256

          f757032eafa0f3824ec65079eaccccdd9589c97f0b3c1e3f1d0fc27edef23eff

          SHA512

          61891a366ca1559f4aa73c6f42a41e2b6e9d292843e7ef2b01eccc173e7729deaaff86b2a8540be02ab00edd3e8fafd1e3f11bca8aa2124810571dce14a87bf0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          06b69014ed8d3953e9972d6197d80302

          SHA1

          ae99cd561992d8a05acd241a5c6371178c16f829

          SHA256

          995ecef4cd84ca8d9a85adae99bcdb80a3e0c73121f63f20b010f1e436f5d091

          SHA512

          b36dc5a754ae582322456cf516e3628a393d747e27537f5cc93217bc70a783e1c06c3d6ccf27bfa5d254fb2097d08f1f35905cb4cde4cb8ddef1597da5d35fb3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9941c8ddb9b4155b6222c1b4c8320fd3

          SHA1

          9279ff50b5c0c88c9567c631f8534a036f8e4d66

          SHA256

          45c3a1d33938f54c0b2aa27eec11ae064920692e66de83b68d97f352f5b24cf6

          SHA512

          48d9c205ac23edd612a95431b932de1fd9181bd3055c75477c2f6be8cd42d7a498f0279921d5334067bbe875e74ceec18fadf5c13fcca4ced1e079339bbcf3c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3a45dbdf8efa981f015a7dc5f3ae99f9

          SHA1

          7e03ee5d8bb657f39e2bbdb7986dbdedbbd8f6bc

          SHA256

          60d5eae0644bc8c25edb434808000ef842dba63913c2a88cd9483239bd188e1d

          SHA512

          884a45416d4ccc04b85618eb37937ebd46f5d607ad9a18b791e2730e9b29bc7d9c86bd2fa67801a8ef49fe3526bd94f97b3afe9f4656f5b88970ab83c697dca4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fee0f5eec5cfc5c71393f8fa9dc54843

          SHA1

          1c560bf7d128795a9346ed1668b6e264faeac951

          SHA256

          cd2c9f31de5ad0bf68d4707618337a2dacf65cf1be2678cd20f216f8b56bef27

          SHA512

          eda70168c266276f41da16fc06c419a10e5010a74c75c83ca05e83e405ef4f9b3dde24586f2d9b49793e9c4134eea7c506f1ca0430880c1230114ae46e628045

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4378c04dd6876e29b3c9c9020c4c7f98

          SHA1

          c49eca00daa9cecd5d74128f0c72954bd81d5755

          SHA256

          01aaf7f4dc7270f6bbaa0e923d3f954217f592b655d4a1fe819b9ab118a4e7b1

          SHA512

          75e53780cb1cafff3455a07d7257ef1f9eec52464f3dc1b772a13fc89a467e2c730c5472a3dee87f93c89ca2c4f3d3b06f8383d26a4b627da3a9bceaa6ffbee1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          92aa4f9ba1fb15523b79747247e5af15

          SHA1

          69185ce51b37cb72032696a47b405a488a6c3ff2

          SHA256

          d7d021e2a90b3cded5902f383307f7e8f03692d9bf72ba9402c9e727ff71dce4

          SHA512

          733dd386d2ed03ac909efb58f62ffcf77676135565dcb783387bfe52f47f898d1546cc9e20e0f25fd3b95fc25b00c1cbd9742891a3b7bbc724074a8981feaf46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1fe03bfda3e494db0705c03a3164125a

          SHA1

          6091aea915548b89409b0d84b137b2bc6fd639d9

          SHA256

          41e2c0a5d10798c1ac5dfaa4be4d06ba84ae4c0a2c9773165978c4f99eb9c982

          SHA512

          c851b44582507ae0ce2461d677eb10054ff940b65edc1b6a2f936d63fcc949ac134ed158c869322328d90794e72a3e7a3f5c830ed22cb2a5735e64449d815bcf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e24beffbbd4fc75ece2735cdf9e6d0b5

          SHA1

          ab4981a3a62e3e15bd0ea1fd7e3e84aeb132ca38

          SHA256

          6443cf7d6cde5ab897f06fc7afb43d5a44780ff0741ac90c22a62cdf99d723b7

          SHA512

          ae881b8859d55506e48ae8e0e7feafd8338a774e9e7e6e78f8613aea3ab4e9a90b40eab6d09be5174604bb44c0fc0c04e1349ce94c8abc3e5570dbf1f01fd8fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6126c737823e67bd547bb2de1a27ad5e

          SHA1

          1138d504c063a6868059a35a3dd02124e1eaa3f8

          SHA256

          eab87387f06a4350126aec3caed91e6de20c5ebeb2688324ebccb6262a35195d

          SHA512

          2f6d4464c778aa998ddc7265acfe7380fe6c11a00b9569241983936287e7168dbfc24800aa735b7f62697f5fa12941ad7e8d6fdc1e4cba122b99b2ecd24057fc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          067f7c2914639e27ce5d8c40e85a3c65

          SHA1

          b30dcb1e5f62a584220653d018ef4466b5fcfb2d

          SHA256

          ba24c22a9b30e92e65b49fe0f09b2b7afc96f07a9d1b6be722e087f09b9d3bf9

          SHA512

          47b6b5bc15ad36abbec66dc09481e52562c6ca46d19e0641736863a047b0229165855916856d00970450e5c2fbc583ca03cca60dc5c5938fbee334cfe0f4fd4a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          41ab4cadecbb3e1fbc737767303675eb

          SHA1

          2845193d6a40e513976763a746b6f388c5ab7edc

          SHA256

          d0a16ef5dd6e36dd9f523d03d735e8b0f53dac6a4f56999db00c588f6e49e87a

          SHA512

          8dbf4cb60519787a669576b6e2cdef6bdfbd41e7ccf073ada363bb76f8c1da351c592302bc833ad0ebc6bd09e8470ed1fb051705dcd3c34066a2c2b264efebc6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e566e471ad333110bb7c2a1ede9bc8fb

          SHA1

          3add412494033415b4a3801a5210a92e1444df39

          SHA256

          b4bf73ad59242021c7d3fa64539e450694368e6177f6a2772941accbdca3726d

          SHA512

          1c5bf720a4479a33c8de0213c83331ac6f0fba59c3f7327b0f3922dd97282d469a33e321d108af02b409c29d1f984caebea15d74ef9ae36e2b4e843771174c41

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          29da60cb09e814aa6bebc684ff39c977

          SHA1

          9ccb461da75f5c58ab9f1f46f25e276735295e35

          SHA256

          abceac65e2f2d01cea293f6ac12ec9ba281e0a8bfd4df02d7e259da1a474e8ad

          SHA512

          1b982730104d411dad6ed6ac3c14efa9ffb6a939ff6d222e0be68636c6b7a5c6fd491da063ac8c5bab0845abe7e24de468b0989684cdf8474a5b9267398678b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6dc89be00489d12db8a09cae6c66a584

          SHA1

          8985806bdf10424108af53a62952e93c8132302a

          SHA256

          c2c2f3e0037d58752a6739760e2bc65cb35856f82589ce953de0b6b04090040d

          SHA512

          f646e7fb8f14d10cb1c6f21bb26eab8ffe24b223e63bad1c901ab0b2a5c7270a099d495b2a804ce129de8a1a4f546e8cf7a7f2ac53f1d2b418ad520515e5e5db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2b3aefc9f3b5d3a2c9bad22412e25826

          SHA1

          0ec9be5dc0ae125ea1473c9698fba28b4369962e

          SHA256

          1284b62fdd1304e7014a98763c5e47aa12d4797b32d958699d22073865d46add

          SHA512

          a274e50a93404964029f765149181aa2d48b2cd1ee037501c71cad845def36e9bb861b7d68f3290a379f5a17fe586a012dabbee39597aa04193c76ae7140f777

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a47eadec186730d6fbd5d01ba0c2b9ad

          SHA1

          23abf6c3f04658c5893d3ec1c3329c1058a9798f

          SHA256

          df46049cbff282a13abb6eb2f45e8ce6393e18d82dac89e1f414ff8582c5646e

          SHA512

          70bb2c5974980c7b48dc7efdc0a0e0c6c9f23837ae45c72c5ba1b98e7ea12393fcfacdd2f3ebda920090d7dbebba28c6983184bb99ced75fb4d3394727875581

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fe8fd52350fbab7eb2f28db5977183d6

          SHA1

          8384d9ab5d2ecabbe085172800de9b870751beb4

          SHA256

          580cfd0d4143fa01c7ce464e033064b9ed2ea4f1f99c96f003d48573a29cc155

          SHA512

          6e78f0211f0eb6751ecba8e73eb80e7345ba2c45fe13923ae586909e72130825ffe2b0a07d99e296582068e2e9534692730fe7c158aa08787bea7ccfb2643a30

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c75aa00af733647f7cfcce5f92174444

          SHA1

          e361ca48d20a3d9e159bbaab8b36c99b1563244f

          SHA256

          893035ac644f958dbf41301a3ed8e9f22b62cf49d4f7da49e9ca5400b3668bdc

          SHA512

          e0edeaf814b900cd665c8042cfd4ea11c08902a70fb375bb534a49abece79d691a4e4b661b39946efd5400021d4d4e322b8ffcd6c24ab9806a7719b2cd18c31a

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\style[1].htm

          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

        • C:\Users\Admin\AppData\Local\Temp\CabF93E.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarF9A0.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b