Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 01:16

General

  • Target

    0836dfeb77f16db7140da7969b06f473_JaffaCakes118.html

  • Size

    11KB

  • MD5

    0836dfeb77f16db7140da7969b06f473

  • SHA1

    6444fdc770784fa80b5f6f2a7e5359f4182c3795

  • SHA256

    a85fb792010bc9c10f7d300a7b1a152c58f2e84c0edc82c2ad0a150ad1db3294

  • SHA512

    887b1b9a79cfba0d08411489b1858dd8193404a0b4de11b463fc8323d9c5746cd62595472a15a6d84acfd55e0a804ece7bde1da6f10f23047d981f04313a84f6

  • SSDEEP

    192:csz7mQAYS/6SXMMMnfLCuowPmIm3PHb76f:cBQAY86SYIHS

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0836dfeb77f16db7140da7969b06f473_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:576 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db28b7f6732723d51a19c0c2457fc1bf

    SHA1

    67f1f2714253c484967faffb01f652bbc3a348d6

    SHA256

    3a19ceadbdee9ce71ca9dd9e61281d9b56a0db4eb3263f4b4314b0bbba24f285

    SHA512

    1a69c4558f5518a4aed2d62c6bd5ced56cd7d690bade80ff99f5663d7a0316c29e09f59023c945611f89fa972813a6da25ae5252799ad331a9becfe3c419a137

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e62d9f2c9e188251a9e647c2a039cff0

    SHA1

    4711c7bcbf88d2a99a19f097b4ab318d338a1097

    SHA256

    8b79e44f6340cdc7ae15e4db162d7fd8ce2e0bb11ea1bd9c39f904afb588f6ef

    SHA512

    be792b8b42d1d86fe6df31423d05913be61e59dbd660c0b3093476523f190e414e36c0d288bc5e37e23ded312baf0e530a747502286c2fc7bbea33e1f19a0310

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0939f4d218a6f5ea1e74036b28e6572

    SHA1

    13a82e9f4f3dab05146aafa029b91a60d75f0619

    SHA256

    a4a6e69f2078c9d3634edd41e414b0ce139c02aca018fe4ab06bbd6043cea897

    SHA512

    8f7cf34c442dcd03167b92d5100079a44c825ce972e1cf38a5dcaf031ce06075ed55455182aec69329fcbae8cb76f21f4b92831e53d45c15a722e3e10562b140

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb2732067e0f2904aaffa030860991a6

    SHA1

    2dfa19e0c36a592562653483c703240a8b14bdd7

    SHA256

    d207bfd0012c4069137a34db4f0917476145626b063db4de76d3a88d6a05d388

    SHA512

    1d1d34f346fa8ef9a88087c49cf193c51f0ed1a3a0ba26f844d21f81de01cdb230369c15b238f28b49b79b4eb0fa7dbdfb5552802c8575d10fc13ffd20bd5684

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07423ab89853b7754dd3cc596fa44009

    SHA1

    d35cf211deab9ed5d4dc524d7515bd1b686bf18b

    SHA256

    dc86e512de4450f477a3aaa937de6e3efe8d668345d6c39d1f4b702fb75d6350

    SHA512

    fa877d7a2dd6b19cd967881f98e0604400d347da0be50238c41b14ca7099ce07b1c026e1d08cedc1522eafdcfec12c024e2e3c2c602c0d7cb2f22598fe50784a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b8d6b5a06cefa14f8ab36dcc57aa1ea

    SHA1

    352efe33fae8334c51fd4d5e315805ef98212462

    SHA256

    3aec7b03d49cbecabb7560bed2c9643b68faed2987fbb530adbd56c8cc847d08

    SHA512

    7d30103f446423bb4ec82bc582f3ab69933afa9374cbd5d6eca186a01ceaa673da4554091466e18f03995ab910766399ef83eab05e3dfaa7d259f5c3f2917d36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12425afbaf6f4170c8c56cacffb89124

    SHA1

    75ba1d0d043bfe1dbcf2d4536ffaac2c0643e46f

    SHA256

    6fa285fc2e8988a3b8451574500802eb660159949d20b86a75c9d71e955fb989

    SHA512

    802a16749e12ef8854026b24163156578c9eb631966d3dbcc45ecd17f87a67d22766c3aeb9ef24f2017e533c88ab239e25782c81dee4cd4c2c2679e528b10bfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91ad575a334aff76de1ad2176f3c0774

    SHA1

    fd12ef5160efe321e881e69896a6b29281547af3

    SHA256

    fb389839b3deffd401e711b9b65d9362cb35bdeeb0efc0eb5cfa2999a6daeac1

    SHA512

    d78095d4e0443d4f9662f00d50a0d2182132af54340d1ad0e6c136aa456e60208a0bb16cb796a552a88242c7e207f03193451fe11091e0ad293848a67a3d7e76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b6422b012029120e8996182b50fa1ca

    SHA1

    15ed2bb88076c8696bf6f2f282b79a6e0033189b

    SHA256

    7d104a179219cc5832c9132d87976893acd844b9c3f99fce33cf40b3ee210826

    SHA512

    0f2b0254875c72f44f89d12323798e19a43de9468af5bfec5ef5291b0a7c59032e250eb8eb6025e47a677aec39ba9638e423a61754cf31d4accd4cc3ff2976e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b772bb58a8765bf35aa5cfd8f9b06b44

    SHA1

    436d5f92a7125288563a728716a4cfc98705dbde

    SHA256

    a0df7c074eb222d8771f8f6d8a9525824be363a2346c45a8f1428717181cd4cb

    SHA512

    2452b6330568e0863a5fce0f39d510cfc482117f0121be0ea873f5eb011d609a60f0bbeded408d68a82519f7ade5d262803c451d967e3f5d518ef572fd0e5d23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2d71a93aa83e60fa0bbbf9df6d226dc

    SHA1

    b1f0841d63e3cbfd92c5f68e96a47412dc35c5fa

    SHA256

    b765cef989f16ec3067def40150662948faa45eeee625c75896c2ea75bcdc1c0

    SHA512

    2439ca5e40a1e76b65d794509e24ec58570ece1c710b9b392f2b621069216698e14dcdfe30a8e6194fb6b7bd5f079e6af6940314e73c2a51afb1dc63c1ef0979

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0276066f72555c59a46a9aad9f3e0f1c

    SHA1

    d5a787c4fb07a0ef8bb6e61b295c784216dc16e2

    SHA256

    082e44887da2aedb8da7cdd4e663c6f275cc2ea4cb5776ff8bc74d8ed332e5b3

    SHA512

    fc8150660e832e13adf2f494108cb34e9567ebda411a1813b30ea192672e75d1f0102cac28df2e85e7ccee973a1a146b3441833795d95833c2ef79bfb2696587

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2feed501dba184975d7e995ba796911

    SHA1

    676550cf58085f98e611f12e875892a9801c1564

    SHA256

    a2c8aecf16c5c70839dec8bc95defc348b57e710a30807fda5f375b9ab6a528c

    SHA512

    a71154ddbf10998c985a17c98da33e29e804e5e57b94bc72a469a86549ed317a88e56eb6bdd2ae554689975baac6c88cbd6dc304858991a01bc36901ac173f2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d3d73e831e1c940e94365e6297a58c2

    SHA1

    76faf519b67e1d55a3674237bfea77b6a5ad3223

    SHA256

    af6ac5974c1e3c83ed1c080b62cb3c3c144f0f0046b56c015a9715696f099628

    SHA512

    1996f315eff23e82871126f53f7af1b88445e255f97849e04b0ee30d6a9823d5761535719d1349c03f6ca215220159b4cdafe834e89c629d55b5dea9242c63b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bedbda2e1ccfac42142c75cc56166001

    SHA1

    1cb6ff97c6cf58878242054b3bf464201efdffea

    SHA256

    8f69d57f44f5bc73ee8bb17b9b107f87d00b925acb9266d019486b0145b6169e

    SHA512

    7ff6903947ac39aef0a6d256d90b865ca5cf4a04311d2fa9e197d2c46e7739d3ae7b80491ef55e7bce7929ec3dab3aeb50fc5e2cefbf4605a9db00d0e8d4d54e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e72653ca624fe5f77db8cbdd53353e12

    SHA1

    77286b82ff36a5bda0f3474f43e29a343995bdb7

    SHA256

    043a8bda249a87d3097f346aa6fe114dd264fa5db0b7c82bd015fc5b7f9ac2d4

    SHA512

    cbe157d335af719bf2763f3ddd51d89808c107d0c7f371c02934b7be5161f77f2c0513b13d6e46061590943c6624de4c6d90d5c3d2a116c2a63443b1cd1c277d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afba0fc8b424cfcd552551316fe15736

    SHA1

    694e766b0190098a6baf405916f7a05b9c28c9c7

    SHA256

    3cab3a61b8883af47ccfb6fed1ba07e9990d1cb35a281a13e652538aec52c2f9

    SHA512

    f7d484b68408f40d8a0af85ef3c24f559e00d74d198f51b881aa24cfbb57319a9c1f181b51b3e4096562958327f0d5f10298a64deb05fc203c46810bec57c603

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b156754b96feb9d9111b8adc6e5862ff

    SHA1

    e09326fc1796b4cd02d97e439ea9c7665b1b8dc1

    SHA256

    c973b88a4cd0f406a4c6a7e9fc0164ce5a88607f8f312b33144a8663df1cbafe

    SHA512

    1974aff7cee841fd90baabbd10ec5ce00a5c3220f2fc68a3b0077c2972aa28e446ea3d7a09138e8b71168b972665530bb9a767e5e1ae98d77b3eb5cf1f9dde0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    324e802559d6a25c2f9ca398513ec957

    SHA1

    38de55862cf26104fed2ce03353122bd586cc174

    SHA256

    17c7c45640ff5e5a5db9842536467f9aa054e022e4cda0bfdadc53c1fd98e740

    SHA512

    43f304ea9d7345bdbf700e184dcc5b23b752562b2d7c3c17358729a1587fa15d85faaaf903e6ede43dfd349f2d1a0792c8f31ed9b00d93687f2455fec400c518

  • C:\Users\Admin\AppData\Local\Temp\Cab965.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9E6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b