Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2024 08:18

General

  • Target

    050071da37cedff66151dbb93ed26ab5_JaffaCakes118.html

  • Size

    63KB

  • MD5

    050071da37cedff66151dbb93ed26ab5

  • SHA1

    567bff8afcbe1ac5cd099f29fd3ab414ec0330b3

  • SHA256

    b5f9c4d16bcfab0b1e4debb5212bb88e860750a282fc62879c0d31b092e1aa98

  • SHA512

    823c911b8b806cec788e221855628ce57a3eb3f5062446bfdd650a2e5c8302436e1c9a4e6b07225d44da41e1f5c68cd60a61ea14f5df9468979c687c93f7cec9

  • SSDEEP

    1536:SGSHIzB0jmOCszZ2wQzRgkFZWJRigGEFhH2csw:SGSFCOCvTzRrIigGQH2cF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\050071da37cedff66151dbb93ed26ab5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    039922adb95b6959db7acb6e47f8988c

    SHA1

    c317d0b62f0a2e816478bfd64cd252b225fa006a

    SHA256

    a3461459c7106137c5ef12b9689c89d0d243e0dab523b09348de0353d4dbf255

    SHA512

    1a363d950acf75ce85c6775cbe2cf589c83da000637e273df9560d276e9eb4b662ff460aa9f071be7856dfb195a107d072743df640dd1a77b88ca4b2b66b2c65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    430101216e35c80a772603a5b2e102af

    SHA1

    3f823ffcc8ec17014ba8832490a8dd8c125c9f16

    SHA256

    b59d47ee9255193e858ecc68337191c19ac5aea86e002c778fd9b31322965b3c

    SHA512

    e535dcdacbe505cebe653dcec6fdac00410263a46174ef1d24869007f3d370d7ca20d6ef28bc6cfcfb71fc045c071423bb45b0aeeb8d36aa3e93c049538e05a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35f8849c1ce642b71256c48897c71d84

    SHA1

    1c0a13886c49baf3242cf5532f365422455205e2

    SHA256

    42ea1ea20badec7aa999fd887fee67d0f1b418c9463f2d887760de98961d00bb

    SHA512

    2e71ccdd5ac63096f8824e296594c7e204cd2921d081b252dc89bd29aa0501eb378d83218a7fc320841b821c9e111c6cd8578952aa5544d04974d2f8ab610760

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a5894e36906ac4829356ff4f561b9a7

    SHA1

    d1b6493aca476803b46ea75fb0ecbfd57ca40e03

    SHA256

    6ddbda6f80389659a9d0121d368e0271b37e83a4494fbf3bb0cf4ee0292eaa85

    SHA512

    ce98e602caf61ec91946b882dacc78d6bee66c48c0174ea22edd5451da7bb428709214ee61b6aadb5d6bfd736f397f319a194f1feb93e7f697c4215084b37218

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10eacd59bdd7d4644daef6551cb81d16

    SHA1

    7d3436b86c049227dbf96c1af555b311d54d3e32

    SHA256

    bb9ea99058e962ccf1af5accff467884a4a7945d603f7a0a97e46112768d79fe

    SHA512

    9fc0f49e75e7402f3e1be8c9d6985fc8dfdf19f379037fe99786ac3503300d1d6d3876ffe1b7e4f1278f6e04c77ea85145be5c5ef74e0479296d813fb791fc92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93fc09d70af679a21f151c969995e185

    SHA1

    de6b64277c23f1a2afe567423d77cfa7b86a4ebf

    SHA256

    7045400a04eaa2a925dff1ccf2d25b6c0651389f38153680bbda104892c4982c

    SHA512

    ef7ebefd7df2d1dc56dc0a7b3cca8c82d5e7816a8f331ddb1d3c5cf914b1418aa2cbd6c0a6174ce494400125d6ecdbcc245a638aa05067fab54283268b659fdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95106ab4cfa27b6693ebdcec4171af8e

    SHA1

    c2b533d08cf88360bbb64284c8e4d31ce67eedf1

    SHA256

    b7ec6486311b3d3ff4abedea7e180729feac8f79d3329f427c9f343d1dc2ec55

    SHA512

    59a953aeb34e9c6185eb1b79f4f89728702ddce65dc74bb22af24333cc1c1a73a94fa9616b45085edacb596d36eefd4fa31b92671230aa32f9a3d2f48b3e3e57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57006280ab5e1c9a7e49df19257eefcf

    SHA1

    8c8bbb9cce1d2234215c3170b56cb0394f910dd7

    SHA256

    210c30b8833ae2a526f29c679057b97cd688d391521a11d5add8f38a1511fb48

    SHA512

    593771f3e021a8c27b02058e4e8610defaa70c0920d3badfa7e4f8ede1bba0be1d17170902ac94f88541ebcd5fc6b1c3c17c8d52057bd70231321d759303b765

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2a7cd67ab440a0c6ce546edf93e4ad7

    SHA1

    f02f05b4a504e6ebb15fa5e2b80f83c2873319f7

    SHA256

    88bb5204e0918c2a8d5757a4a20fe64ffc00912c48fd72e65c85a6ae37f6f4a1

    SHA512

    38c5c5174c5c54cf3e576fbeb47db738e0805ffcc4400796deb0f64b1b97462685e306c782f300b4a5987083a26cfa03f46bf9ef138e44588ce30f55e878384f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a298ab61319969c5e06c4dc82508dbf

    SHA1

    f73f2ecb2f8e400b981518e9fc8a30780528270a

    SHA256

    a63c5de5a7dc351c702ed206455881d113f20ec3b63324a8165df727dafdc037

    SHA512

    f35543e7e76aa545e45e4e97d47517fd49e8fe003ea4e7c1e40945c35ab361575928f6fe69d562e421b734ab091b3c23f485eae3ba262e1e6fe1ae018e7d3d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    663df7b631a246e58e1293fe9596d80b

    SHA1

    356b0e1cfc8e8f3225851d3dde36dee0768dc975

    SHA256

    8ddda1cace72766a480c1021e774e23863d78af2762c2967c5d4a8d1d7514849

    SHA512

    fc7037c1c5734a8203bf5f8e5f97f7290e337445ee4dde55846d881dc58ab5deaf1de8fb439c00d880142d6bd95fec8d21083ad13352a04bb9148c85386853e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41c78d7afa63ad4ebc20bf7a69842fb5

    SHA1

    e884c7e3d1dc32b5d2d1fdb36ce90c93b76c55b5

    SHA256

    1eb8a4440a9f5be5a60dd21068836ab9eb2f8902cfc8cd32e0c1873457e7eb1b

    SHA512

    f9cbc0ba38ed5b47d1d0b50574e2d1f11d571ec38a40564b9d9e8069319b612f26b86ece3f33f02e0ecd969d8fb2a072261f16355534b8d41e3698f21a09a1ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68e3312abee5f8f3ec0f8804b5eaa8ee

    SHA1

    37757e5e4ba2c6754d7931958986afc6f4898dd8

    SHA256

    9e76bdf168283a35ebe25ca412cb9b315ae61fc3f0db391af13c3acfac589703

    SHA512

    8e7f6ec0a2017fadd59971bb307c52cc872d81c55b540c39843493af124e74a25d933ad5ef2229b9e770116a9e8c1ca8340bf57d163f6f47637fda83e6a01606

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e07788d3429e2588223d9d77b5a74e4

    SHA1

    81ff64d574a360de3413e10ffc04e42b2c49baee

    SHA256

    0305bb51a5c67b043f8a9b2d02cf41b13d3441eb8a742d2265a3c90f86abe2d0

    SHA512

    d822f3ccf572c1a9b23a60a018554fc89766c394eed1ecd0c9dc7c2e62fcb2152f78282e443703cf66ed2b0c1e93a7b92bcb5cefbebb46adf2f4b66923c0eacf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3a4d654b563764837f284d816f20f56

    SHA1

    576fca18e3620d3054272696bb16b0f347f9f054

    SHA256

    a5dfeb6d0b75a679cd684f602c9b1e2fef38a0deaaf07abde988f0d6daf6bc4d

    SHA512

    453553681b97319c47c964e1070f310e01ca935053a6a7e83af6bf288a487eef0adc8289148698c876a546c74c20bec64c56464dd08843dbd63c75a17424748f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2fa8eb2458cc57ae9a8f0c3c493cbc2

    SHA1

    6034545fd295e033df284693478d43ef0a18c65b

    SHA256

    7e3e5802f8fb0456786db78946a7c7c12e456d17131a1fa0736fb9a891a61894

    SHA512

    8a69599ae7a9f14064bbd6a946a737bd3a57bdb81ecd3288c7ba3482ace0f260abbeb54c9743a9f69e3d062dc18b58c47042e7ae759e4ad8333e3865c1e90282

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    801a6c112f61639bdf67c2ac3977446c

    SHA1

    90cfdc11d76fabfbbae35874b5868818e3aa5972

    SHA256

    7b2c1f55e2e59d917a73afce8ae1b85772d0b559ca788fc0663f4d70177fe6b2

    SHA512

    dd650c90adb4919a9655908a4944e6d1572822d0e4a79e0865a4933eb3ce533f62055715f629892f93dedeb6f0f1d06ffc04425cd982d8977496ffa5c38750f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31b7e086c376834c896c7fb67237c50f

    SHA1

    7eeb35e446c911a36e2ad7061527a49e5fc20b4d

    SHA256

    4b71688d1f3fa03c68426600fd1211e26b79c41119ca0c0f55cebef2adba5933

    SHA512

    20dd5cecce79e2c8c8d225d89f055fde293d59cc47d9767c18bf2dfec6d317da04ebafd070db7a82ec091bb4bfd9c0b9f6d3c24b5bdbc4753b064532357aeb10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd6c44ec5c0ad572a4247f6af7a577b3

    SHA1

    c5f4a455f63a54366d7da38664a1f10d9311beb6

    SHA256

    e59b3653cef47b7a8d32680998eb304a07fbd6c7bc3084a9a80dd346104882cd

    SHA512

    9b1adfbb3b8e0f235da4cc612c61cfbb4af0e08f09dd5e56d1e3fb76d2b485b46b76c7ef1f4f1ae8049530f8ccba77b65b49980d2ff4a9c4cc8ef15d775ace0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e06456c9a58cf9406092bc2c25941dff

    SHA1

    f7fc7316f223bf86ab57bb1d237c02a62367bac3

    SHA256

    206a382dd623f6dd6d9255bbfa2652dfd8ccc616ac17d60c5197c989e4c00161

    SHA512

    4121801de1951bb0a810be786c9fe167b187ba7dc9eb614e2c893432e38eb93f133afaba0ff5001357559da170368b7835ba8b9dab59bf57158cdc054e4284d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2979f2dc57d56561e21a55a7ce86c1f

    SHA1

    43f511bd79bc699fcc0b30877018aafc495e28f3

    SHA256

    57e3c1e8814e31946a8569c5163ee04770ca50c7f8d239993a41c7d06c420c66

    SHA512

    c02292077f946ec7bb35fc0f67e221893f037ff4a320b352993a4fbc31c095280944d78c9ef189c40430050fa78589d36f2ce8ee75a9f0104abc5f43efb41aff

  • C:\Users\Admin\AppData\Local\Temp\CabE12D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE1CD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b