Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 00:46

General

  • Target

    081cb9e5f6e9944e77154aa53c338bef_JaffaCakes118.html

  • Size

    18KB

  • MD5

    081cb9e5f6e9944e77154aa53c338bef

  • SHA1

    a7b2d0b02b88073e08bc776aad17430a603325c1

  • SHA256

    d66d618ab98720d07c773ba4db97aee2db68bd797151168ce33b40778065794f

  • SHA512

    a08bd17bd0464ff6b75f7f9cd11fc45e44b8f845ca8f0640e63c482b0edbd56b903a4cf1d0f3e69775b02b4b6303ff188dec995d112229617061a6d4eec50545

  • SSDEEP

    384:SC+4kEWeKzwgEeeZEykWQ21PXSv0kwrxkwB7Q31271Fjp:SCvkdwgEeeZEDWQP8/yliTjp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\081cb9e5f6e9944e77154aa53c338bef_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3537ee608bd310d0339fcb16fc1f118c

    SHA1

    f7e6e091d08e9d3f579e38d4f8be6bfe549b2054

    SHA256

    17d0da54d332e773eafa93c69acec2b6c97cb17f4916b6623b482b31a2c54f16

    SHA512

    e31a882a395acaf000b1b2478623faa59db466c1905dec1f113b6b9a0f58c68e7daba986ee6491dea7f04926414d8b297a50931c28449204b3b77436aa075307

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69d95fd9ebadacb929a49d85266d6511

    SHA1

    6d3dc32b600db6a79f06a81ec01a9daf9a049a36

    SHA256

    5a9b71196f5b4678908b6cb12016f2ab820700b46a5dba7b1858ae603b3ede82

    SHA512

    216f7925c6de4a1c4e065d901c0a7d43a65bd3c274251512a22cf8709cdd006e521c9ac6ef718f4543e22833cae1a191e7f919a57d3c88f287f16e79dbf082e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aff4b286d3145da72f1e5146f027e897

    SHA1

    f9aece3d069b5a2d3814ec663eecf5d1e99a0b80

    SHA256

    0c4ac3422391b0d2aeb985f4eb6f7db2b1bd4f4f22d48c9bb3945b5486045b52

    SHA512

    6d0655a1b68a76aa2e1aed3a0aaff2baba2e995146182a975d9fa9a1cfb7c3417cbdaf88f49544432ff422b28d58890eaaeb1c80faef76702c2d0784b4a87e3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b557a78c059bdd6ff6399f0da0480f9

    SHA1

    ea078868d43cb171e286c2ef38c58490988a7885

    SHA256

    a91abd93f35707b52fb2ab96bb3ee1e4691dfcf3ef1fd93895e0d5ebaaff0271

    SHA512

    1f04ac2fbfb5b3f0fc382637c8827ba0ceea2299872d014344cf021e72e766294e4290e7b676e0819f860a13ed77f2cb66815b28468bd9156c59d2f48b901f9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03c8e5d6ef8f8addbf1f77424d962d91

    SHA1

    d0623273c3442f314a0ef80014bc7490a567419a

    SHA256

    169a42c8a841a0ef6e849c4676e80d127073621048a7beab0d66e07077a949a4

    SHA512

    4aa2a84e6247d299bbd69e473a0affc2f0020b4ffac38b9a57f1afd3109160e17e8575a2b08a8c7d46a8a9f30f747ee83b5192b285a293871e0d87793e00b1aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06ba578831f6ce330ffb30637e198884

    SHA1

    baf65b2ece6d46b0f502343de89a52976fee65a0

    SHA256

    086c26fe97046307be787e5681a2b129216b81bc4aa15eef26a0afbde4c163dd

    SHA512

    719a28a42f04e77b3576d64a867514a54f494b98b0c206d8ea4d6938c1398fab9ed11107d06bb1c9c691f78145b2545e8d2fe1243b3edbfcbbf17f5f8cb211fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    217db5ab411d82782536d0fbbf3acae1

    SHA1

    0536698c7094bc1b8ed654317380aef0a730c150

    SHA256

    cecadccf84c3ac7d08c495beca413bb5adb66fcd8d4e24165cd6154060a9826c

    SHA512

    0a7336f89891f4c468fb0f045e54562659e91319b205758df4d45c74d215351599e19bf9ae2e9818d6d7628d932fed0cf4c320d815603f044adb0c5485adf762

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55a55299b9f9408b7b2288586470cb05

    SHA1

    f542a5b850129a07e18d1322a0b1517914eb8227

    SHA256

    08e8483adf86eb6652a499e8f5675480ddff4dd40f335da72d8270f27678849d

    SHA512

    2843c721cb2c47e54e7932fae430ee4de6e7a035fe43e256b732b4e533d4c92e7ec1bfa10625a8453c825c31ce639f4f2cb6920d391b42f77671325a147ac96e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d8e78a6d320be55cb5f1d36c3fa18db

    SHA1

    a1cb95eeda4c852e789cf1d4659962cc26c17407

    SHA256

    eea4f04b73ea29e7a67236e48fda1f12d737a106068ed0e6198745528dc95c79

    SHA512

    0926b42c18e8bda9c27be5969c022cf5a0effd0344cd1ab0f83d72c3e4062e9d8fdf4c150f9101a61c9b0fde35b1c0ab2ba7de9c99b0953bc8ad72cf989d3903

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffbf5b402f6e78eba2b6cc500eac9890

    SHA1

    6c59398d83a6cc55b22c25447bf772571877ef48

    SHA256

    d2650b666340b751c5ca36474b789eb0b49981b48d457935c31b561d489927d8

    SHA512

    7223e62ed3da4aae7ac71e9d3f00e0d6a8a496a04c8da36b61485ef49eac1687962b0cadd1224a65031db32065791c4db7044c1d0a29b1b812da3c6a864b922c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f22cdb76b555507d061a9462a8c801f6

    SHA1

    46443c6362d9a4606d9aea9bd6bdcf0659b41492

    SHA256

    55eec7d63d1b6528a05a583851f3269c1e18d207609cee42f3664af8817c6618

    SHA512

    a99fcefcbd820391437dfad346ccd41ef0e111d7f0eb156d7c639222d5196026e392c8460e3da85e4f400f81e3b5083662fd0a1de08e3040c418b509a272bac8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1b00354d0dcd71ab13bccf8b2009924

    SHA1

    78b258333e0ac9a3651dd50949df19889d7a6ffc

    SHA256

    bdaebc273115f2c73223305b97a5f3f9592fa5b82c60f53e4801ee3262ea344e

    SHA512

    8c22cc43c6d0274c22ab2f7e649087e0810eb7f52dba87f4565cae7f2c3b18a2f0b92f4dd7911f0d722f32bbc47f2a923324fcafe57c738257be87dcd9d8577f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5937804b3922d2ab395ad2934376b34b

    SHA1

    3ef1fdbdab272c6c2c6bdd0d46ec457ef42ceefb

    SHA256

    090e60a597a32fbfddbe22099598a725d7f48d9540344622ac8de6628921fa6a

    SHA512

    49233d7dab5583e5dc78900d1a752ac78f15306458972cc61c24c0c46cf6d240f9a86e29c13825de3e571361a1728597c370518de5e8de57d551a372330dcb66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa35252792de38e1f4833aabe04ad959

    SHA1

    f28dc53bdae7f44f17b24a031c6ed178a8c6b0e4

    SHA256

    ada8692c263d415f1ec516fd4b9efe9aa869e3d0a13f36efa7750b4166a0e73d

    SHA512

    1db25e0f327bbd6a4eb19fa679faf90e6eacdd7e36e4ed4b84d320d4ba19401ebef2652ad9517626c23552d3fccd286228d3ad0d534b4f0f3ca6551d9e9d6a90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b81a0d4c69573a39f9c6f6e63e9f2ae6

    SHA1

    03acba78e98ce7efebd5af18d87039db32b1a6e5

    SHA256

    f9ebe8d8aacfc116e37bd56d8ae85c1d9215e122be8547e9399b731954253443

    SHA512

    a5ace4e9a3f57c3a62bfb8ac9cce27d65afadcc04ecfb7e99a6e525089f31c729cb8362ff95c7e4a835d394c17be077babbbac2376038eee42a2a89c850ec4e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9435d1734ddfeea1cb5e0502dbe8732f

    SHA1

    97918e96ac4ffe7dfac899985d64a8cccd758063

    SHA256

    902a02e7a799693e074f56efed22a8b1aed35ea94ee7b6e8061747f28b140071

    SHA512

    5248b67b2619c8bf97405512eaab9e6daa0b434f9debd8a72a12c5d387e2ba435eb41d3cbf17da3cb2f0c755aa5a8768bac635017b45ef98b34e7e1bc1bf42ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3afebcbf41864cc712a88f934204abbf

    SHA1

    efe4414aae9901d5bd0f9cc9a9245739fb5cfcec

    SHA256

    503dca88dea51648a615f34a4752d459ef64bda176e2d195f6dec7d52fcb4d0a

    SHA512

    64b26efd4a152901ce855a29211bc80bbf191de5e650c82fcae18846797e7da4fc21ef2a19169d2725f619fdb87da702b0f171dc093898a1abffebd550e69f6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e97a9b0e5e89200a85ef4b2147e766b

    SHA1

    703128cd981993799b61c9d6a63988c47a5de0b3

    SHA256

    ca591d291b557c33e106d5d1e05bbb47cd476acbfe053d0cd65d294d57ae9d6a

    SHA512

    cee74f8f62e0fddcd1ef861bdc785e6dea9576f1d1bb9bda7540d7e74d08e351715f2c13e121a3bb510d9527528223aee8788efe61b2be0b2a19576f1522e7e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c3d7efe49985806b976d67bceb8e111

    SHA1

    ebe4f9c01fbd78aae9bdc28c0ea6af7777854426

    SHA256

    bfa9e03ec63503571172c6711a75e7c2bddb8f00fe31fb86fe01d110c7192ab1

    SHA512

    eac496e5b89bd7271934214bf5908de244f63c7c540b1e19b4d26c99d809981f9e3d9c23ed7ccf21a3301bef14d91ea8acf11ca7205596d536095b0334ca0ce4

  • C:\Users\Admin\AppData\Local\Temp\CabADC.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB7C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b