Analysis

  • max time kernel
    121s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2024 19:10

General

  • Target

    02dd74532ebc5c6629371f7858cef03e_JaffaCakes118.html

  • Size

    31KB

  • MD5

    02dd74532ebc5c6629371f7858cef03e

  • SHA1

    f8035c4a6428b9cf899906f52a71cb095f1078be

  • SHA256

    b0160fa03e33d7800b7c046028443cfb6e504efcfabb8bf42fda4bcf82c2f83e

  • SHA512

    a2c0dc7176319573b29b48f4085df492244b22e0110ef7bb0048df1966c7a6ff2122e257eadeb6d1af2d0f11a00a264e9b35269b4dc0f1b8ac412965e578c190

  • SSDEEP

    384:HhlMiAjj65mAfg+ezH0MsPg5K7H1aq95IsO6al:nMiAjjexfg+ezYL95IsO6q

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\02dd74532ebc5c6629371f7858cef03e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:108

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5104be1e4be888e5ec119b048128e5dd

    SHA1

    3cf0a716283f1eb68e0eec9bb4f923e7a81e5b7f

    SHA256

    6ac64eff6ae27e8dcd8241c3eb56a978c39f5203f5604e43f56720cbcbdc60d2

    SHA512

    ffce1d3a6ea0b100178e8300656f03f6fd167fa3cac10893ba71b8ec52a5185563ebb265ebc0e42e5eb839b41f2c8a01cadefb8f7191edec4dc326a262f38153

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ce95cf8e7076ca5a77d97ed3e6f32b8

    SHA1

    d1128aa2b1d196a13f8991850f2b190dd997b1fb

    SHA256

    e0781eb77b12f41a6b5c183a46bbc0c2c4416eb5edf3b7fe0778c6fd2789d16a

    SHA512

    bff2bd3c7fc84c609976a9e40c4a1d88925bb986dd00d494f27d75d6369911ba7f6f2ee71d1b576ae4d4057ac1f10a55de4e27384b14bed66113bbc28d974389

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfb0cdc94682f4d9c61068001e18f496

    SHA1

    3ae4d79278563321c7d93209cbe8c54c64f758a3

    SHA256

    b498b76c5c1d629e7767dab7161728ad305b732a738c6ccd839b8a34a8b794f5

    SHA512

    579fd7c79a94844037914f344d066b7abe9e92fc5c6df02ae63d7747848f51825bc9e05c389dadee60c46c36b9478c1ce62bed02785b2d653a41b247fa62fac6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9adc441a865031a31d17db5632d5bbca

    SHA1

    db862b8abd35aa29c815cda176759ffd5f5373ed

    SHA256

    3e51a35440a2045f33c5239fcec01ba3d1a934631946ef096ffafa7a3ac69213

    SHA512

    c961bbbce307bd4e6db29300b846966bfcb8851e8fa78a2873a0a3af19402e48010e755a8187392993b3bb6db9d791f5c647b949a478d26350a33513dc278ef8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9623bf4d56ff1737b9357d6f86d45c9

    SHA1

    751f03dfc349f1cee9735ba4b599b71121158c1c

    SHA256

    f5ec7ac0fe879306972b3abaf5a2f87ea866f9b1209653bab4377d312847f03b

    SHA512

    e268125b0a5eb6a8104b95333909660ba0ce9130847b9c6611cf08c21eede87da45ac8504a0507bdf112597673baacb703b25e6862f84c18b787af7870ebb0ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5266301cc7ce2548f7d5a994417e5360

    SHA1

    267b9de28d852d84d669c465bf76a5fd9fd856df

    SHA256

    072ffb9849f7ac3193f8c482a341abdd0c7c4ba24df25ccf4e53444920ac9353

    SHA512

    a65250d214a5bafd53e9b58062ff188169c82437b19cf8453d74e07f3e196935167d83ac8a3a6ebf50b43bc742348032d12e4ce9de7a15913a1453ccfe791949

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7c7a7d2fd6e128eafd4270b8f419eda

    SHA1

    cffa4b34c879ebdbacf0871cd1650a233cb7f76b

    SHA256

    32e785280813af487559b5ca7b347622f789c485834e929adb1c563b07ce07fc

    SHA512

    3136bd2cd38fa079111a4cd6dbb2074ff1698dcc075994832520932e83164e4d9131e475c10a2619285df8766bf9b6c5bde20b9ec616beaec0625ca8429fd2af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3be626fe7ec60a57b33a9c042384e6a0

    SHA1

    2737a2d7fa322ad652aa8dc5f5fa4efe8550af50

    SHA256

    a53ab0c0999502cfc79a7e8941e4b614a73e043f5c22c0da93b21642db80b07c

    SHA512

    bff64822b9d10a3bc9aaf64c22bdd47cc2831638f96ae401f43f2c6a89c24d3405297b5c0a7df1d7b8a09a3df2cf5cfc0fdd43bc9f8cf164cacfcaf59bf46947

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b582ebd80e720d225c8be6351c85ffe9

    SHA1

    db0fd337cf874e85cc64b1a3eb38c5f5b0cc46fb

    SHA256

    4ef9aeead540834c8b5971de748f600138d05345520e21fdfbeeedd2bcb52c85

    SHA512

    f4511e521ad871fd51111b1b943531db2a0a5c94bfffccb8bdd057680c270f0c573d9c611868f76ce586e2fa5574f13e7ade5ab9b51307e4bbbb39892e233faa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc0bae2c8d78b0bd63d51ba2eaa1d4de

    SHA1

    5933fb39d4c5e17a37baeb03a9c2a73fbe4b2b3d

    SHA256

    dcc8801f090d85a7fba331b17dcb36952be00cf796bc07035c0199141df9b6f1

    SHA512

    19f87b6fe9e3aa3f75fc30a098dcb1174784fab29b6b1bc38a80724d8287a473e2aa58a2b61b2488f4b6174845ae2e2d6239b272e4dfe26e467816af42b3aeb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ebc65ce904e34a24c3580250069978c

    SHA1

    9303040e97455b352ceb11e1a9cb155974e3a0bb

    SHA256

    a577aa373836607fde5342c4d472d2b98bff536335815b1baf37fbe998eedec0

    SHA512

    1e6bc9b82714c8db7a5b0dabe844fc23d0eed2a7ecbce8ab4848b6d2c59d9c505418df49f845f6ecdc62224960c9c4f2f2e90b15657b6b67c578c07e71843820

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7602e76cb2e8798287882909b0a934cf

    SHA1

    4b78a0b3516991bd19401fd31fd4fce6c9eb3013

    SHA256

    0b46988254294cc3257286bd437ab3dd55a76b5fd4df6f670231817daa9cefe1

    SHA512

    4fd793f969aed2b3c246b6ede17362203ba321be8ea9633215f6e34af3e46eeab4cac7f1e07d1fae81ed5ae6be6545f112d5dfb308164d128855f3044381d2f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b533b27f68b87ec8eb6897f1e65c6a4

    SHA1

    a3702332602364d0332e3a096a25fdc46d921f04

    SHA256

    fc4b49d511595eea335ab05efa2e552d0c297bb97b9b16cd8d21231d3d5ffd43

    SHA512

    a165857e7c2c822499a228b06ab0401f327cc3c2065ca720b76059066b537cd8c16a91b674c5e0140eeaf51f267f5a581d2c9701d3efd0fec1e5d9dc276d28b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    241b39212d27505159a816b702f9df4e

    SHA1

    41f848eddccfdf2971f60056aa797c3fa5bbd076

    SHA256

    6f1f3b27c30ddc58faa16a3b08549214a4c185a003deec576196c0e676f01bf8

    SHA512

    9d5419dc0c480ec74d16da85c096bd9567443f31ef6b94268a6381d07917a4b97b21cd5024f04447abcb25074338edf67c7f87aa5fe8e3e8fc74bbc4103700f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e977c08e06cece2636b82d2c94d06585

    SHA1

    86898d39a1fa8669aeda051f91494ac05ee6a1d7

    SHA256

    f400f5c741222a2a882496219d9987f527733f390e5e65b5f973895252600b36

    SHA512

    c044aebcd0e207870b6f4bb8a4a975e644efcb38a49039ad569c2b22164007b9fe2dd7b439cdcb9470b6bf15744625283b05f5e935b84c71e56d9d20b2962ec0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2258c97bc156944aac0c255ae16ee0a9

    SHA1

    82c46291ca28b1ecfbb32c4f2c0666faaea0188c

    SHA256

    9f021d12d7329a340731b7be89955aaa3f275bb60cbf3ce42c940429d4cdf445

    SHA512

    0e090bdea99737bf2090c8ab6875376d04f5769029cbce8b35e38d3fcc86372440bb71d406d76a8c94db5de1f6d9dfb54e800f32cefe4d44bb48c79a3105c244

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94e8594fd1b33d8bc6d583ba7c6e3217

    SHA1

    27dcc9ffe79990d79c1e453b734932365538140d

    SHA256

    4efa0c657ae2512dc5c43d1cff2346c3106a669172f1f981d6c3e458ecbfcb6b

    SHA512

    646e60e334fb4a025d15ce6ae40e727a36dd9292fbafe13b8d7b23a8c88c61878baa67760e1a848d5adfcbcc7228e3e6f43c994b18951c625d6e8cdac47ac4fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c41516bdccbf1a099a7abdd90d379a0f

    SHA1

    8cdd8fa761055f86ccf568ae3a3953cb0ca057f5

    SHA256

    4750ff64c474927b6de7e0f48283d1c48664181072287eabaa7983a8b65b097f

    SHA512

    7e0e64cf94efd50c2cf8fed1ca492029f51004c00a9a1a54d2dea8488efa1c7978650934be5e92428108fa962d5ecb6ac72c22a04b3e6c0ce73d0f5b411ad6c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba65be451137cd4a378ece9b610bfac1

    SHA1

    61782b277f8636d2944fdc9103456dc40b469617

    SHA256

    84f3d5fed96c1cd76e730f8863ac6dea8a8228275710fbd43820eeadbbf924ac

    SHA512

    2ecf7a3d64470f16a0ca8bec60cf1dda257857ecac00d8af6cc295e0a5887df9e9f2d6e0dd95ee4ba409f64de67be22be9d66a18893b11685ec66d64d111b148

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    995ac307b0375e4398afaad7c1f6848e

    SHA1

    b6dfc5bc90ef897181c2329f32c70941a2f3ef06

    SHA256

    b86fc841ef8b7554e855ba68208a374e3bfc27c33a5d3bfdf0e63ee9de0883e3

    SHA512

    0182afdd93d4c86e8303d0fff9005bbf509a674668385897ad8952f55c9c5ad44ef47ee333273d0bbc4832c7b2c5ea3aa480200c5c30faa9e3a9889f06b1d3c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95e64eede82e8a2b4e2c58583662832a

    SHA1

    6985ee481a3d8343235dcce0a3eecda924d1f924

    SHA256

    e70c2943f451c72c6c5240278dddac90ed303d8c7d1843feacdf072d86caf146

    SHA512

    71bc376d439cba79fb87cffe501c69024e7c64b06518ea163df7dd0bea364304b9b6b252c113da98a4bb1b6c6d9d265da76a60ee90aa137a79b01955397edb9f

  • C:\Users\Admin\AppData\Local\Temp\Cab1D81.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1DA3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b