Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-09-2024 19:16

General

  • Target

    ff34231ab7011f4fa07f2668dd46a9dc_JaffaCakes118.html

  • Size

    14KB

  • MD5

    ff34231ab7011f4fa07f2668dd46a9dc

  • SHA1

    ec349dad9e1ac913d0c9ab5633fdf629144fed9e

  • SHA256

    41637bb93806a7ace94c8a5fa44f9a92e59b625a3173a0c2f097d3104092337e

  • SHA512

    4d8bd7cd7d46fd934428ce41fa111c1cd4b3a950d48c49d04651255d47384a3830e528ecc61e95ecb1d661b4ecf50830901f82d8b6ee8716491409a9d5404221

  • SSDEEP

    384:9EhyFe2NZWzqw476KJzb2xJfrJ4CoSXcWFa7m9BEjFGyG:9Ei+JJXEC9WGyG

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ff34231ab7011f4fa07f2668dd46a9dc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8f484b5c645e8caf2d245baa7cd694e

    SHA1

    2a4f124aacf18f777f728f0059b0f8d39399b2bb

    SHA256

    810ddfb110cefd8d864521296babc13fbab7f1e6417d7cb9b98fbfbb7ef228e3

    SHA512

    6d29e6029158f4e8bb77b8abc3de4c5c46ca100e2b524c93ef42c05614e70a2fc05b54199517c99b62757784d340b0d3977480eefb0c756c891451925b533d83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36a79c81c6eb6dad24732576cb25dbd3

    SHA1

    474ea5c0b8dc7ef0bc812503c36f2a7b2507741d

    SHA256

    4e0c91d302fda02a30d2b056caeb308fa79b12215b17a3b35569dee2fdb5b0cc

    SHA512

    00f7b67917a2c3f6dc8f08a1f6992c5435fc71e26793cef864c9041d6298e50e1546b2571ae218da8ee0e1ed39018d8b4aed28a18fa495223fdc49fa2e1ceeb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9528c5d57844866ccfe4903e9beddad4

    SHA1

    a8d31bd50a7d1d81c6a51a300a0f401be38d1375

    SHA256

    943c74fc90ef211116c6fc09d9dc452d10fbc889499a2d8122cd325d49bf9222

    SHA512

    6b6fea5f31dbdf86911da738f90cfc9d0fa849c4996a94b256ada54d5e1b866366cafa84064a02311cb39cc6b890ac2922501ac7b6fc3bf87299912c64196ca6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a8844042e5a336570a1a87951e48fa7

    SHA1

    402a634d1cea5c3298aeac0247d709386cf85da4

    SHA256

    51db2c30b96a2b2c3f8a7857771c4816dc5e7da7237a2fc55cf0ae7eb76137e7

    SHA512

    d5e9358ad556f3473cd01475c0b7f2a14a28c45b3d53c6e7b49dbf2071c928df972d27cf5a0c4d1774a798f72cbbbb67f7dc05d88f998eda241f6d8ae24eee40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11fc5e16c3a461707f21be9bc4d38552

    SHA1

    8e2b25b835625aec4891f5f4654a4450f2a14c4c

    SHA256

    b4f086aa3f12225d0b6d08eb43aac05ed2581f3be91c1e50b8f94f76d049481c

    SHA512

    6623a886f5ac916484d0e8db881514c5a02535ea0f7da683301dc369ea6790313a5e61e80d5477ee5c6387963e308c7eb4edfe489697ea690c87fc39f83f60d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    254bc5034ac65e84e324f460ecfbc425

    SHA1

    3b8bb9a3d93affb440793450523d04ffff664854

    SHA256

    ba4468e5863582d9d4c675e767b6a4e0f5f3e7b222ec146dc6b39050c681685b

    SHA512

    5204952370eb1c77bc26085cb6a96ec99a86ab8210d6cd5abb2298adf9d5190c79d3e7b3774c9c801b3fe38f6c3a9a238b53220f5b1c1825699ff773e797854a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c322dcf70d0a3ce468c13749abdbde90

    SHA1

    a19dfdbe4733bd34dc3c96759d5ce7a2a28948e7

    SHA256

    dac4f6373054bb8e029178f7f1c95b32b5168044ad68499ae866d7a726909c59

    SHA512

    d6d979753f296a20754cae5da2b6aee91ef5af4502daa140994db457877080bb7c247e39d6bf0fbcf6ea8a3f0465a066e1a12b9e21df00ab771716b1fe59cdcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d46d98ba70dec129f3e14299e54f66a

    SHA1

    8482ff14504eb45cabd61fb9c6dd7698d43bff36

    SHA256

    6f086878227326889c345b65ee1c963c141a382b75874a4bf8ef0937be84c580

    SHA512

    c8c4cd500e5def2bf25a149088eac6b2b87af901d47337abb7f0e355951b2933d78d2ae585294a3cfdb3ddfa4e59e820dc35df3737eed0c20f9b1caff4dbcf8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5f6938e333f1ab9719f26b5aff0fb13

    SHA1

    6d73bbb1d39a6407cd38d550fd57b80d9f92ed33

    SHA256

    6895824d5404d8c0c9eb7ab9c83fa2208bfda4ee0eb1a20acb83393fd40cf002

    SHA512

    2c6f247578b725cf85c1bfede4c5e9c3ff7483a076f5c545ec7d68f87c22ae0d29a8fa3bcf98d3021c1ad6ec2f6a2d1c6569341512c79177e881ea6f464fcb1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86150f512a3d9db0d1a440b7802c3a67

    SHA1

    9d7b76e39195f7af63a09d11b286138fd446c51c

    SHA256

    8d873a0069d0ed01e88d5de32761d03daf879bc3316334a23b52c07c2ffa3883

    SHA512

    681b37d97dfea640f265a63842ec5f623ce2200e93a5f36d55c95f1af447004def3f7199dcd5558b7f68699e4f1e64d4931160f8162b60e73d0ecd886d2d920d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de6be3e61fb6b8fc7edc672d416dbe24

    SHA1

    df9acea2640b174ac7ea83b364597691eb59906e

    SHA256

    f25c72e3a69c296b53c308ab92f4ec92cf20f2f1d89aa86606460922ac3ae9a4

    SHA512

    036dfed922029df457b260aa74ffffe106e550a03b28e49030d61d72f6965da6502bb3f4126476d71e6e4b9da11b099a5f1deb87f55a26974991e96011a9a038

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d78359185b01e9b3505882de07083cd

    SHA1

    9a29773d3ccdb60665c31a7e3c82e19ed2702517

    SHA256

    9d5dbff4942dfe8343c053640c01328fba1b9fe7d7f78430e41a42e9b321a745

    SHA512

    aca5be790270f2bac163903c6b538f8c310535570ac3ce105cd9f3ac6cf0440a8bd048036852a16b20bca5c4d57d72aecf92285252b92efb5d2e796c1147a8ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8356b3a5f17b63be41f3daea7069728c

    SHA1

    64bb78b6e2c33e91818fd8c03863efcc0dc053e6

    SHA256

    8894d2bcc838e84bf65a9e6ac9b8a104e1633c5fb6a25b39f910b2555c9e597a

    SHA512

    3f38926246a3f047dace7b6a03572a0d8098e199838191ccd0309973e6ffeec948c03c3f6c12d8b5807fa68157ae077a39106c8a8dd552e5b1c8abb1cd4e1e02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbe36b32583f2600378756ecdcff4da7

    SHA1

    683418298e16ba0ef710735a7dfcb2c6eb80d563

    SHA256

    99d6d39e658ee55b041da6526990c76a2cd0d68d9589139f0e51c53a895f5dc0

    SHA512

    70dad26027e46ffd2a4f1765b9b037491588b0d23606e20753fe3009baa666b33db99afaaa8ceeaf44989a92be47953bfcb6a8b6fcfbacece2d25bd2ea3c7ebf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdcaca89e1de45f92a91dc987245ef5b

    SHA1

    69f61a4bf5589d50eedd979019325c3f807bf324

    SHA256

    ed6f410e295751ee29efa94fd24ff493a8c444758ddaa9758c1bb295fffd984c

    SHA512

    febbd03703eb7045110e91fe78e3743734d267664fd0a3b26af5d0b65ad504c69a65e810f438e2b6720d542f572c34d6e5937abc38a8c1705e9f547285d25e36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b282a64d399c826411bcc693ec3cc1b

    SHA1

    f77c7163fecbe7e55ffefde4ec35d73ce1a5a748

    SHA256

    7f95e7c1271ef7e032b085fad56565a1ca84a6e9072d89987ba1f4ff9fc203f7

    SHA512

    3b152c9b776c2ddcb0a45370018519e1f28296b3797305910749d3705bdd5860bd2562ea6020b7d38d42f04590ff91b51fa170b2e8f7b836e22e13b9b6726143

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd27b02089a12c60cc289af2cdced2ba

    SHA1

    e65788aa4577776fcb4a8e563b788f812497a321

    SHA256

    763e4dc4b32bc5855b5b0d3211c74d73d284835ca333cc6ae393bdaa3b1c23dd

    SHA512

    2f411a26989d4a5613f1bd67b2026eb973dc3b3779d47249cac288ef94c21b304b11a51fa464283ee7657c9d3cc9251bfaf98fd0107bd6cc162ba0a4a4afd022

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f1d3c503abd6f23fd709089a4878ee6

    SHA1

    0921fd4954d2607b66fdcaab1676f5417733dfcc

    SHA256

    618c8f4100188f6e408a1a735266e282d8693cc3282678f3ea77e81b162919f3

    SHA512

    9913a0c76112736097d38c022ad862a6fcf07e61a5e16376a144e281a4da86e20c375bc65e561a5a2c8f57cea70bb6d166189b9d54c2b510d3a982f2c14955f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    089ae71b6f806e08ea47f7255148b8f6

    SHA1

    b7eba4698e2617ae73964e0008e02f3dfbc75ea4

    SHA256

    61fb340253f659041348bd9de6275d77de80a95d56c16202cb52ba424fa2dd9b

    SHA512

    1b0c33420893418b189161efbef00fd3332ef7de3bcd1838eb41b982681650fbe80c8260d50ff7a48683a22ac61b521d154a6638253bf6b4237ed568bbf06d8d

  • C:\Users\Admin\AppData\Local\Temp\CabC295.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC2A7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b