Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27-09-2024 06:59

General

  • Target

    f9f206a55b4c10acdf0e1568932b7acd_JaffaCakes118.html

  • Size

    68KB

  • MD5

    f9f206a55b4c10acdf0e1568932b7acd

  • SHA1

    69d5ea26d348dac162f022fbbcd6dd547d972b5b

  • SHA256

    6576a3a7b5c5a247a0611ed73600d823218e39d198888ca3b188be22b4e8255a

  • SHA512

    869fd06d01c3ca9bd89e02282b74f2730bc4b1eed005d5c48b3bc2d9236f33b939273b46d85fe9d1450b3d83aa5793624a6095f670db73847718900820096873

  • SSDEEP

    768:JiwgcMiR3sI2PDDnX0g6eqbG8oTygqwCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8sM:JCKGxTx4en0tbrga94hcuNnQC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f9f206a55b4c10acdf0e1568932b7acd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8373c3a97399c5a481e7a7be357c8c14

    SHA1

    e9a84a0575f4f310c2f8fd6b4163ad725824737e

    SHA256

    d13ec9bd3a158bf61dc7781c484b1f2e76e29c34c00fe722b94d55ab0abc7e54

    SHA512

    bf4125986d2416da466e6ef4f7250574f772aa2caa6db0f3ae30db220e209116369357b5020b0ff2ebde2c453e13d7138320c2ce1de092f33b9bbede2703fc22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eeec673d6fbe7131ad60d6f599023ace

    SHA1

    a348e39564f7dfbbcfdc88b832e71b0f580febc7

    SHA256

    1e77488610fc1b11e2b5ad6f51d31de2efdbe4a837ebcf92d38c431c7ad11485

    SHA512

    3e2beb79de5fb504361b634980fa2b5935cb2431293e667c1be72e90eeea52f485b7693cb22d15e0938919bf72e49ef8ff46e732bc6097fa40595d2e48e287aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f8eb487fe793edd830c8e4ea7235ea1

    SHA1

    6421f222e5137ffdec6c6e6104255daf95bc09b4

    SHA256

    0c5df5f58925883a4873b830cc88dd3f33727e88bacee480e8b6526e1474e9b4

    SHA512

    43fe5151eb995a67bb190e17d3899e0184fa02be6bfa479922c07c3f282803c666c96ff49de79f9b39d728b1e4daea7a3b50d1f53b5192e68d1e9beaf2b53814

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d53d0ab95fa6908689830b3293ee3bd4

    SHA1

    20eedd96221c9096a0add0b76f531ad2c116017c

    SHA256

    b07cf18bddb6dbf1f527aa47302ccd13040be0ed24f3a971010ef5dda6b0eff9

    SHA512

    d33bff1fb620f1f9d3fc083ed4ec06c86777c4b0b847943abf1ea417aa240bcb3b5a548705aba63547bbd1af612bf5f501485cbc5e5d475e37d29f9beeb8e0ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84262173dd0c02246a2406fb7996620d

    SHA1

    29101190aa1eac019bff87a268c7a5c1a9309941

    SHA256

    085945208de7d1ce5a19362bd39261b037a24ce225532f7b67c7f904d9253bce

    SHA512

    67fb0acca426aa9ad358070824d439d0a93faa4a31580e3ec5494cb9951923ba5f67636402c9293229ccd14652a2c7e0b16b26f4ef81a22b6774609c4dc392e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c460abcb7422e34ac8599ee28f9f6601

    SHA1

    63e40f052e06636132824003d876c0ce163d0975

    SHA256

    c6a5702ee08746a5cd7ea4ac9e65192c188bf26e860bc5bff69afbde1b364bee

    SHA512

    737473d122da7b6625eb0a386399ba366490cae6d05ede2f6511bd260b76da7b594eaa4008cca51c5c722d910e67978b4ef3c72c4cc97f2f7760f6730d82b782

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b32dce2fa225ef5a78428e0dcbff8889

    SHA1

    4b8c1bd521d0a44e4eb20bbb39acc234b4f5c943

    SHA256

    a9ba0e38afb610ff8da5ec2ec83422851eaa66b2440366b1ebd125708b5bdfcf

    SHA512

    93dfd2aa0d785a8f0b9b375b6b875c8b4501444160448321dbb692e0dd40929282efa6cba8337974eac718ee2c604f21c6a17dfdefef77af8971494f75aa3178

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0a1c46cc7a59145f66e30b82305eb8c

    SHA1

    18560ae5a376c459d29b08f35033e2e8b1a04b68

    SHA256

    bb77dc21c09e089dfcb85c0c26320d96a092717d09feaa152155bfafa1120f95

    SHA512

    f7ac822687c2dbdef4c77feecb625474d4bd37e0e33934806fec4557670e97f2d51f8e9aa183b0db0bf7df4dfee2c00713c10b4491d4e349b3e8cd5b509074f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    708892ba227eff7410599b5918eb8478

    SHA1

    d84e53da650a8fb59b62e1dd5c5b22d6afb50bf6

    SHA256

    4839a932f94d82bc5d39102adac613c88d80776a55df8396e852906251698005

    SHA512

    368e016b46ffdd19c4db5797aa6e1690ed3170b7e8b798c48bdd1f0ffc9677034de39db2589aaa07867817c303e3b1bef4144bc985c64ec04801baa9d4c37c04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5d8a39595eaee5bfc7c93fd124e7340

    SHA1

    c92cfa9815c2b2788bc0226e8cec47eb5bc010d2

    SHA256

    67b7d3661e5e5a753066b5536b543c25c5d5e6838b33d47d7e27ad9858c6117c

    SHA512

    80d47bd913826cbc1f5c6b24a4ff7151303bcb86d03dc10afced05e66b023b9993572a4f6a6681dc9c05570d5d30106d38261654f92b5d6e5d1cfe7a6bac85aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    417e481798e8f18c9457bcba0d0d16d3

    SHA1

    3d2c6312d830ee2fe1b7995a7fb08be31dd68b16

    SHA256

    b47c4d5360e2c3db8e9e5ddca445b8a0d5d4b21259ef8c09becf45f207bdeaba

    SHA512

    703dfacef66d49cf81d13bcbc7be0ed1e7b11b92655c623c19bf78962ea3f27af25206d5d8ac0512a6ecbb5aa48c73fae458e7bd89ff267ac36626627896562b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f96d0083d43e46842a64ab84bc6825d

    SHA1

    4a6e748b6b3ff03cab13f477a42fba107112fe12

    SHA256

    91976f2d70cd8ba2e89840d9b30c87e377dd201f45b19a0b456c449e5b3e4163

    SHA512

    19cfc24525bcf59d1e0fab33ef913984bc284187bdf5d9ec0839db84138503ead67f376b0c220cf26707a438e1a009769bd9829fe5ecc0afc7a38b3db5b969c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cbfa7b72807a190151919b99a346e25

    SHA1

    4863f96f217642eec9d64df565eb0925d8dcb853

    SHA256

    b2417b93bd2a5da9eb213c71a5c5768d3d1ac05425af8ec863860a93911382da

    SHA512

    79d1999308a80a61bc0681e67594521a0bd415fa7972dd9ad7a7b9584b312db0d91c644e6c6880d8cf2279d9118dd0e5f2d3aad9f6b919073a7a64b172c86568

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    243923ae526f48ca4fa9080c638b3ede

    SHA1

    62912b37ecdc5c1f433cfb693c6d239561c84ee0

    SHA256

    ba63ed0a8a800b752641868aaecafb23573ba66e83cc3c21f4edcb46a458fbac

    SHA512

    35e276f59a4d90fec20a3b51fcc317f7bb5e26a30ee9f00803af2db664e819e4c9dbdbd27728b464d98373d91ce9124b76294f96bd50b2764743014e9fb67c39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2381ced2184279b1051bdf4c87683586

    SHA1

    2ee4cef041a0cb8b0b9c4b8904d90aefd2cbe71d

    SHA256

    7af57c881cc31463e85cfa0f5d0cfdb99a6a969bc0171e5d02c3eb9407959d20

    SHA512

    8415753dd14e65da6d65b9faa71e9f8b507d8d9c89d054f1890fa3d14219a6aba6cae9ab3e581eef0971a5d6788ea51d8ce6186d8cf1f3fee1f5afddadfaaba5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19d60dad7cef37c076951903170fa692

    SHA1

    b73ff0c511f7055c5074c81b1eeee68401710ba4

    SHA256

    3950d47446b8923c959f96f10a2913df5a267c55193f7854353e4bde18a5c17b

    SHA512

    415b6d9c765fee5554d5e0d6db0a3ab027f66ae7966e8bc9aab2a74a14da593d73bd99b79279f93ad509efe6798a2f500e95ef4b0b002e3f6828fcd58ea6ab6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bed94b99b970ef2a8f7ff4f5b37717db

    SHA1

    c01899e487d50aa94b66392698b1851de1c08d4e

    SHA256

    e099a2d578a7ad8993d09f4636efa09d85703e033d1be9d116d40714f23e5c95

    SHA512

    d7a3955c70d60217c03dab34d35bbf8e9ac1b36f14764866263fcdc0e6b9c1dd5580090a8ee4425a984f7038cdb4e1f876a678e2bb02e9b0d6545d32ffe37deb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1640e9a5f7d6d15aabc392d1e3fa00b7

    SHA1

    42dffca6b538e10049973463324329af39fca7fa

    SHA256

    e1ade877715fd7e5d642c4980078ff5f4deac3b9d96c5d56793dc6c9c5bc3241

    SHA512

    f3442b9c993749896f1f0f37510829fbb7bcc9107e5b17f57fc0c8666c95ef6d1c1f3f7b154dcd508593044f252616181879c84fdfba02e60789095dd1223de1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba098752b2902ab98f24a609a06ba09d

    SHA1

    d4c6ff181aceef7c344d59eacfe166adf1828201

    SHA256

    930e1884c888ab0bfd4f72a79253d4787a4a08d14e30bb1cb8ff0f4e79d14a2d

    SHA512

    2d9cdfd8008e640297126369fd51f1844b2b8acd2f5bcbabb7af5825857f3807153400657bddb2f873edfb8e7d3730486538fcbeacc864ee7b642bee77f15bed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e253a4fffeff1a76ac0bd4b1cd1af5c9

    SHA1

    5bd92e353b40d3a8bbde568d501ef30c1a3641f4

    SHA256

    385a15cba48b03287bd6e3ea54426d355752f9c1eae78e165855549362eb490f

    SHA512

    751ff83cb8b70d899408edb6dbbec841b1fa08cdc319ab9f37e77c6632b5e190de1f0b00c918ede9b4ca4cba44751acd23b00eb9e4b4cd41c5d74499879b0767

  • C:\Users\Admin\AppData\Local\Temp\CabD8F2.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD993.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b