Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-09-2024 04:06

General

  • Target

    fdc3c08d531ddefb8b63c4fb83ffa4e5_JaffaCakes118.html

  • Size

    30KB

  • MD5

    fdc3c08d531ddefb8b63c4fb83ffa4e5

  • SHA1

    574c1d371391a9fee2c780a60e40c5579724df76

  • SHA256

    c27b4a9a3b9421722798694329d175a00fd3c53747ae39bab86f6245a33955f3

  • SHA512

    c24ef1d22327a53e77304ffcdbd4772d5c6072fa3e686c42f0d30a6ae5265f32189fe246b06c91a62914b73e968ca31edcb76f6ee2581d5d3fef6b894543aa1b

  • SSDEEP

    768:q2/PzN9ewwHABi02t5umxV8MCspZ1z8jaj6xFaPvFbOfPEboCG:q2/PzN9eDHui0QrVVC6HzOaj6xFaPvF4

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fdc3c08d531ddefb8b63c4fb83ffa4e5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e44d14e1fbfcf6f09bc9a99e7db9d53a

    SHA1

    15be09672e502c5e336b8c5e4a0790e14ff3e40f

    SHA256

    17001cb408e65610727bb11ac83be1eba0ed2caee8b05eb0748f578ba59fcfc8

    SHA512

    f13df5fd272f030d24db950e4e026abd70e00775eb0300e009ce87b5ab4a2a2043008558f592a6024c76cc432facd2fd55d30ddc290b45d5d545c9e0c07c8dfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f859e42aa485151aa48e2b85557c5c5

    SHA1

    d86f62096e447d94e673caaddd523667393e3a28

    SHA256

    25c2da2a4a2ad2aa553c2669dd0f7796ab66a04461130d0792056d28a120c4dd

    SHA512

    b9b78321b81d57006e0f2aace2ba3fe55a608b00732828263eb0b00f903f2e065f136ca1f4e9bf949aa4694d0949eea77344480e847805526ad8af2e7c4dda73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f6c72ce7455967efc8a857f548bd95c

    SHA1

    f934b204188564a0ce7fcebf8a3e8cf0224fe08e

    SHA256

    049ff8de47570ea94ff707bcc3ff37a8368dc381f1306352bb7794915da27e62

    SHA512

    59e46ad39471297cb6ac5d0c383e8a0576719ac4e9d33f49d695f8f3877a28e152ed6e76f4b0e30470d909a62895c8ae1e80ba08981696b2a6deafe0b09223e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    273ff3e4f18ff821ea143f7a4873661b

    SHA1

    37625f74edb348ba7647ce7de685c398c6f80115

    SHA256

    642560d26b813ecad0dfdacf2fb064a3520ef05ae0dbc4045d623ba3cf2712f8

    SHA512

    7e63a9c565489145db894fd37c646f08c3c083548c9cf04724f92ffc874408f2badf2f27f62ec68cdb6f8ffe054bacba5eeab318e1203953ba2687b935778b8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f936f6bcef851a9b326a721ca739c3c

    SHA1

    97231d130e07566bdbc1f1188af173f2473939cb

    SHA256

    46a5a1bf26ed8900a52e42924df92175a450a6dd27cafefa417bc3f165ee95d6

    SHA512

    06753af5bdc39c13598e0cb239ce62a3b52e8a5463ba13b1e70a863c3f62b55f4b679ebb58273ca46ec5c3b337387a39d77c2261d762f2f6a56b052c195e857d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29d3f3776f8b8eeac5ad18cbdfd295ce

    SHA1

    9f9025c3bb3e3bdc4089b4279eab7fc3b9ae6e06

    SHA256

    0b0a4e65234e702f546a491a200846634d65ebe950626f8c2db23b614916e454

    SHA512

    1741ab9e64b078a1527da74d8a44e00d6f1d2a1a909bcf230b58bde639f0eb7824fb558b45522b9e8eb0856147c2b83aac9d0bfe93965e5cac9e3f6e48c581bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5533c25a91e87a58795b6f3bf934b76f

    SHA1

    71806a0aacb9ba4a3bbb2f0e333b38913b62b502

    SHA256

    07489c8272c91098d934b2bc6b2cfa6834c88f78df365033c1facf46c9f132e2

    SHA512

    7b8bc1e79b92a9f1084702c5c64023b8b1e5190758be9936a0b46a4b3d6d8d4922db74845318e394333183e0258c766fd46ce1f394247fb804ff589f49432240

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1660fee89a0ca10539cdf0396244f00

    SHA1

    0f52bba25d207400affe2bb230559774fb3bc649

    SHA256

    aa257a6431bd5786d8804fbfecb33d54073d80eb329effeaf4f2f3e9809582b8

    SHA512

    3b487b84b17f914566d1a2f116c0e0d7d33f21967c828aa570df9b11440b8f2aeca27618054ae8da196fd4997312d74a284ad100b5f403d3827a3e1469408aeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    308d14d3a53ea319122c81fdbb528c87

    SHA1

    4a5ad235e728346d7ba0e9869b0a348c09fe5f57

    SHA256

    2194d483615785572fd3845de8bdbbb6372a237f8e00143259c7724caf023d28

    SHA512

    2e2a268796c0819ffc4273e81209b0e670ac7153c6c4af566d625e8adbe359742e8ce3b99e3eea65bccd618ec3648ff1e95233579ebf47e1b4029efb30752eae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1d30214cc666f2a460dc63cc22ecd57

    SHA1

    08ead16ea94d24f0e9ec08cf415134b1338c3839

    SHA256

    797348e5c289d9d1ea78a474950be939bb9d2ca0737e0428bcfe4bf13fc28d1e

    SHA512

    3895999b1af0f71735d6d7b9becd4b3bb1f8e4734e392ab4cf4daa3f19d8779b21d7bf58d8d9e684aa441d55ede9e3f5dd17da44e39c83f4d831b96952ed8962

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a86f18b19522320c9286e9968eace0d1

    SHA1

    5366abf3ef55ec9f624e95986b99aab27db80e6e

    SHA256

    b88beb9dec5f1ff80180c4795de5ef00cf2378811183d3602d7ff2d8ae1bbc4e

    SHA512

    5db4b2eeaec98aeab0384919f374a7680e37969048de6f4421c331fd25ce07e3c922a45877f2443bfc3848e45e2f72ca70fae65370d43362e6ba10799083a839

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a81d1cf5302f9fbdef2b99086490bc7

    SHA1

    b2796519036e601160c0b657cd74b48a5cab83af

    SHA256

    e8123af3f1c64bc6790e0e0bb6bb0af608d3c50ad0e59f912a00fd55129d1a4a

    SHA512

    7e0c1175d9540d574e260c22b2296d04c4b3a22742752ca526ed5eeeca18b61344710f90c6dedbd132f0187fb731cd00f482179dce5f7e483fd3db034e572590

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2da73293f9da86bb7f1358ce54d0bdc

    SHA1

    12d0de24062da875dae4eb63e604beac3426d76e

    SHA256

    52f05004585a93bafacead0ad9196a5908cf930e1ba466ef77c8b19a1760309d

    SHA512

    f4d092a2cb7526dc9d3e0fcf6275bc54789601241e8bd23ca3c2361518d25a90360f6beb6948abd0d8b47809eb709d0f8f72b0bb87464f67f685ce50bd2ac0ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15072419b159dfa4baa83b353c33f5a1

    SHA1

    9f447e958d8a3b7a003f7bcd903ac14e8df1927f

    SHA256

    c15d8a9bbc6fff7f6f14dd09df7645ed573ee50e74e74dacbbe8f0715624917d

    SHA512

    6021baec6577603666cb4eeca14f562d97a24fa951969aba76b32b1ee07c55624520ba6292b5f7767603e06e919433fdb52b88a93b88ae13e2f8be052cc4d425

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c51d22fc277c0673a124d2dcbe78b7f5

    SHA1

    1939ca8dadd0d04b466a4ebc07bbe1addedd78c9

    SHA256

    af29615faabf0c90c657e0a2f9e6741ec6af98c1c2a6438d17d261167bd223c8

    SHA512

    1d9565cb40a480853457fe8ff893f3cc152802cb7b81a80c323aef3b0770fbddae033fb5b11fa3a5ca2d812f8d0446b2ec09c8402f657f91d4b9c2894e484219

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bd5557d0ad3ef240b1c898559552f8d

    SHA1

    d768247619f5995ca80c7168fdf4ceb014e446be

    SHA256

    eec6f0fa73c4b9611300da459bcaeab035e013075023cdceb1c058fbdaf28a36

    SHA512

    5998cee44c6a755584fe803bdc608ce8d5d121e26a2e5681c6b499ff5e31adfac6ab360781c2390f86d0e29a7b25b7667bcb4206711b1ba2bd53c6c03e5b182d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b83d1bc1e0b99e430c0a182356e91c5f

    SHA1

    1461a97c910cc03a9e33eccf268139bd2cf2cbc0

    SHA256

    caa4b2e520b9cd5d1d1e5161e519c1c39db177c2a2e0e00a5a212fe37f0f0db1

    SHA512

    4ef237048f5d301c7e77d4c9876d14e7cb976afc4bb9c0a429f6c29bb863034fb10c8cf38e8c797763b565468a64a1a703e8328dca92cd2d18acb0a5078f4f13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    506d2c59b871840b697ffff0ccb39a0e

    SHA1

    6b70cd2deb11fdfbd5034d3fb281123ede61cce0

    SHA256

    64a177ed5d331b069d66930aa1e91bb8746e914167b81b0812a45d3e79612928

    SHA512

    68d1620b55aeda4dd885997a4e81c56bf350a066646b11c5436285861c9b09282df56592294235ed96e46fb9e4e7aeb2bd780decc2f8d9681be63b1a0bf1ad9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d42bcb33ab736fe01bb08d3666010ded

    SHA1

    07a6565ba09b5c127d5bcd59a138ff8ee79feb15

    SHA256

    6bf5f36fd41280e36e4db6260caf6722409f355604b696802a29dd2ddb02fd39

    SHA512

    702845021504a5ca7d2c72b120c9e8366f2df3e9168cbc5dd80a7a618ce5f0eaa0ea89e99a537374dc1440235b77599ef14e756c7fee379905c2afd611016e46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff4452bd8c57ba25074a9b5162a319b2

    SHA1

    cc611ef44aca8a915c268c1bd4ab059174d35486

    SHA256

    8533985a335f77ae086b00fc2762ac7c54f1ee8f53bf1cd3dffcb144016ce9d3

    SHA512

    37d29c5c50c747d368887fea4e635a0e4b8b0bb8a645dba0e3091622f6507f2380a0f1ef3b70262227d3b89e9d95fd7fd1d3b9ef7bb38b8c3047eb83f0bffd70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b772104f907ded5a925900e5863aad3

    SHA1

    a53d9b547a55c5dccf25cefbbfa55740a6abfded

    SHA256

    dbdc454548ec5a55b4b982bc2ea02a9adc100e38a06d8f1235af58d2afd7e90c

    SHA512

    0ea48ae3dc6b1ce22ceae4d2de9d0c847902c7bd56658a4cbe09b0a3574791b0f0125fb431837f08fdb9448ff4e9774fdb160b8a2383b8a3f3b21619a61d357d

  • C:\Users\Admin\AppData\Local\Temp\CabF632.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF635.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b