Analysis

  • max time kernel
    144s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2024 16:16

General

  • Target

    067db25735ec97d273f8fe1f84fe97c7_JaffaCakes118.html

  • Size

    138KB

  • MD5

    067db25735ec97d273f8fe1f84fe97c7

  • SHA1

    9a9d1a4296a3328888c8a7d0d0a18e81852daa2e

  • SHA256

    5b515d9a340f7cb3e761baa6735a37f357739df2ea620a0dc175091cc6fc20a3

  • SHA512

    8f8aa737969ba7d5a776ae84da3c593042e374cb792fab7f5b3b3322636943fbf7d94a48ac2b6eedeee8304d9723202978930747cf15efc08cd7a54ad93ee206

  • SSDEEP

    1536:SVR57c8ylATyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBw:SV/xyfkMY+BES09JXAnyrZalI+YQ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\067db25735ec97d273f8fe1f84fe97c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d151b7c7e14306c3fefc088cbeb9cb3

    SHA1

    2bd9430bee13198ab0db573a6e5fb7380fda96e8

    SHA256

    7f07c6323ae52ef82b0cf543177406be32d606c78aeebf3fe4c6e27868098b2a

    SHA512

    3842eca01bf9d450fae60130ef43b5dec41aba306838695823af4b4b38bbec6eb4782505ddc33f981edc6a857e1aee63bab7b86e6a524891572cc9a009553988

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21622331c108601a839cc6d4d32bd36f

    SHA1

    80bd6ced812a80a965e785e0fa806516ba1b1f4c

    SHA256

    b6f1edd78089c40dedce5fff209136a96befea12df56d6fa596be47999a033f6

    SHA512

    55cb899d486757d34bf70e63d91fcebc12a6c579ee3947b4c80e40cd06b9ad722e9c1f5be329b1d370f45863b4794d7100f413f9b74f67dae4e80a7bec75dc58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7d5d47b2e27a3d8403bf1589949892d

    SHA1

    be209450d7d7511574730ee2dcc9de60fee23797

    SHA256

    9b0d65b1beb2d9f9ec89d324dd540401335664520385f93df2280273b5ad598b

    SHA512

    a0f8b8da97a9c0866f0068e6a8107bd33578278c9d1ab16f00f2396fcaeda654b7d7b84b0a20291d27b4aa9bf371ef80e78795f29d4358eea9faa86ef7f25ce7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3227a8975e59f82d89e91e4988f56b1c

    SHA1

    b0edba69768b4d40b5928803896e5b6913909953

    SHA256

    2d974114989dfc81683fdfb3a75aadef3fc089d9e468883028c327a98aa78e62

    SHA512

    4a86f1e7b5ae4d9712495b55b9c7fa8e01e3f473097637302f9bef9a61a44ccea5c26a393f7269bac08784b44dbacca7604396dcd17da28e090f0d318939da59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5648e9a7236decd9f9c82cc03faf8d9f

    SHA1

    65947f374a1935569fb38069c76e714cf67dc966

    SHA256

    69c32f13c30bfe06ba0c62f165026875a9fcbfc4e91930ce3849d049f872a9e8

    SHA512

    223ae3fd4731e84c4457e56543da0f7ef9369f74d901787de231d411d6ce1b0e5a7d2a3fe7e40de206502765b5e3b475cc832df18bbb73e5f3438cfcc493bad0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13bf61bb09813089fad584711f20961a

    SHA1

    d39040139d42a5eafef4670ee15411fda89a8bcd

    SHA256

    a87f7cef5212ac52ef123b4520f352542c4089ab83e1c5cb4dfda719d4e2808d

    SHA512

    3c2954f2c012f608cb41a4b3034723807bee46bb33b43f2a9458879c1898b9d0bf99ad941661d9a65f225371c628687b0aa2974ad54bb0c924d371a7ccae28b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72ff92892706fbf7a2965100339c3b91

    SHA1

    aae79971411719ba7c77a21cc983a22128bfbff6

    SHA256

    55b44901a2bbd1ac4c59cacbba136c2fcd6aefad3937c01a461ab39d313fbe18

    SHA512

    1454e4b6ed71168e5d4ee1f5f0716b560f742ce369536b70d42753f5d8a031b55e9d30cc7c43c2a8aab465cf513049e20a7ceb55abffb41a982f602b2f880cb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a74acc163f81cb044df587d0a261368e

    SHA1

    50d32e3275751974237c23579e09856d9e362eb5

    SHA256

    4ef89cdb292db37bf6fb6291f22695cea03c389bd951e5ae18d1c5499fe01a1e

    SHA512

    03a03b460f379623a1f866d2b5f31ccb1bf826227f16d059df8b066cccdd7d5b87c6fc3921a000ef692503bbde9b8174675746803acfad6331fc0f9f5920eb3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfe2c5c9fa4fc2503f5d3fb569ea9b25

    SHA1

    b0f2dce99d7e79c29d28029e7d3870c3ba693c88

    SHA256

    5d072c7799a68b82085263ed68e3436902c81aa90b72d76f7c5003432a7b24ad

    SHA512

    047d87705185c0f4a63cf78bc038a6afbee31281d9dc1783b9626e02fae9d431259fa60fb27d53ba6f988298a8f6f81966ef68600ce93126d177ed1f4b3e006e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93aea0a27d5b29547feef8acc84ec406

    SHA1

    eb98822d4b27b048e2852fdc80b108de3037ea6e

    SHA256

    5a2910b0e08922a4af721bc065309fc639ee5c781bdd92a9b27fec7f9653f4dd

    SHA512

    cc32a11ba69ef3b356278386da208e1c2f4281b745f1f9d76d948fa23edd5d2a2368dd11d6d19dece9ab6a9e7fd02c3a75839187422ec30c24b9f4486b75eaf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29f0e71f335a559d572f58a3a38e9978

    SHA1

    ac456278f7de73f93558f837e2703158c089a406

    SHA256

    8e9f55aa1a9e79cfe47ca6a9d3f8907b64e1a09a548d5b83ef1117365ca7de80

    SHA512

    e0ad167b121b686a87efd69d908566f7d65f6aa9b0717469207165419f6095a5be8a5c0598cf6c97600d939ff48c10ae716bd92fbddfe13934952100d375b120

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b31421095330e5a640bbcd7e6f943e48

    SHA1

    e9684b12c9a70519b6a1c60fd69f8993313759d0

    SHA256

    b1915bdcac4b486ab65a333772fa5e13aefa3b1837ee3b85d14c9e5dcb8d103b

    SHA512

    74a65ffa75f24f185cbd0651dd92e4486dbb227d9690d516dd1f4dfc7e6cb7334f0449ac508bce0fe30df2d5bdc59f7d800d2435174d1aa8aa2d2803861ba24b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a13422ce65a85c92b2a5982f97ddedd

    SHA1

    d1f80b77bd41f032399d15d26cded8138678f228

    SHA256

    bde4d09de91e9dfb1b9d89967c4bc891e1a9784e81d5d840b27f1abdfd910839

    SHA512

    edadc916896c8b3bf951d985881937f77acac19eebd32c61917dd44dfe4cedc51b5c8983f6f0ad1fc1f9cedee794dadb537142310fa9e375b3280c006d6b9a2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dfa78c5c6ef1eb362284e7bd6b4fd41

    SHA1

    262bb0e5ddbb809523c752cc00cf672da5d41499

    SHA256

    d922e8c9e3626d9da7019af802fe47fb9f5f02c6e7eff7b536b2e25ce83c6dc8

    SHA512

    d42632e97ca9a1dc5211884ce29bd41cb398b622f7ad3021804aefe5ba3d5b5cd69073485cea018fdc1794f5908204666e2d9a145025f4291764a434a9d3e5a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c981488f3608cc9976958d40af16eb4c

    SHA1

    66c494db77fa36e9dedec740d016650f86f86710

    SHA256

    e78de1f7035b906a3e4b436dc4ef90f5c5e0569eeeb347db0570463ab0c9f4ae

    SHA512

    a3aee30df9e6ba0d05829a83f2c42e42d5473531d8a17f1a31aec45986038ac47b96640f252ff759f5b9af0b7b2b6365b9ec5a3d7b6e4e19216aae558ade2798

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    260b977c664b4902fa0a4af224aa5b9e

    SHA1

    403a658b9440c74ad26789a62458b2e4486aabcc

    SHA256

    310c367de64c50a6154bbdd0cb8dee61ca4d5135073bcf7283e12e647730dd70

    SHA512

    961e04d34c04d2b9ae18907a943870bb082d46c7588f08f0ec4921d213ea2e54ba29744ad61c2e4f96fa69ba980d79752b02981de8fb00ede77884eb4d8f313d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    deefb0e4a69a68a96336a512bf82e9f4

    SHA1

    e5874bed7fd96d05f7c1b4767674b93e453d2c28

    SHA256

    8c01584b016e85667e4e95128a3f418aae3a7f5869beee9ce4e20ff707b09fc8

    SHA512

    d4fe621b5e33a48267195bc2f0e3ac66de6aa0731d309ee668fcea89527c1dec4b7d1b04b52132d431ac050e3e5790b85364b1a20e07d8ecddf19207599815f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7312564b1cc308f8d079bde4c2986e4a

    SHA1

    72ac823f6d120bb944274690907ea7621ff79f36

    SHA256

    5738c0ec9e1d5c8b29c467487f2c9cac6a48c969036e646a854372fa40d6a131

    SHA512

    b5d2a553e642b2324a23bf178d359110928dea498a3cfdb0a8bb02caa493a34e8b9f248d8ef323c2458ac2ba1f463209edc9587fb074e39e0cd8b3875d84ea45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    294658b0763eb72547ea011dc144aa1b

    SHA1

    988c190df2cb14a5b8692eb1f0718b2b20d8e9f8

    SHA256

    cdb15251960ac11a16fbbd832d8c70e4e80ede0cb1e7e0aaf94c8202e1bed2b0

    SHA512

    f89f10ae6403ed5b11150c8b899d980dd65ae2a3c5f898c75662194e7dfdd8cc028cfcadca6afdfd5865f2948fda59e4e8b54659d9475004e8b1b27e82184b62

  • C:\Users\Admin\AppData\Local\Temp\CabB6D1.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB782.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b