Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 01:32

General

  • Target

    0843b4c8d84151bb0c870a43bd9f895c_JaffaCakes118.html

  • Size

    8KB

  • MD5

    0843b4c8d84151bb0c870a43bd9f895c

  • SHA1

    c73751fc82f749d7ae56a8ccbeb1f12fce0b2fb3

  • SHA256

    6a9e7c8cdca0361fd1f5119778039772800929fc848bcc821b1081ad3205e4bb

  • SHA512

    e2c69eed6bc225000f12e6b2ef01f415157811f799a0412968a04e2b39e82e45267ae29130346065ff58b103a93eceef39413fc76d7fcb853a4fbdf3ae46bead

  • SSDEEP

    96:uzVs+ux7ydLLY1k9o84d12ef7CSTUIzfIOFu89lyaIsjMiIhO5IUFIDiL1I1xDRS:csz7ydAYS/+OEtthbPPRb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0843b4c8d84151bb0c870a43bd9f895c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2832
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d44568ee440c781c77c65ab41e3157a9

    SHA1

    773a93e30f4c5d26db17f4071c016d1e08ef23db

    SHA256

    46ddd04d9ea514210d67f6568c37eef9a7b793e9339f8e6081572faa8f3319c4

    SHA512

    16e986ad0bf5771965354a6b0e3a7ec09cb7cc9c1e865d61f2a1e647ef742bed9687e2488575b8ad0d2ff042170922d91b5d2d6133386be3633cc3cb3a2d3493

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d8ab397e874b37495579b5460531e5e

    SHA1

    2aea099b1d57e62d269c0f79e78da7d4aae37c93

    SHA256

    dad1e9b7c6c00c821f390efa76b4516abc0578cdb01220a565ea950937f6dca9

    SHA512

    c3d87e96001b42b51fdcd38592987a497c7732a6a07913b8e819f7c4bb65c88500eaa64d9a991658cbe3f2711dea116cb06c9a2ebd4c8fe3b12e36c586fa69e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d1b702bcf931540d0548cf7e4a90d46

    SHA1

    f68e19e98e5c30531c850a8a87fe779718d49228

    SHA256

    02638fce2f02b1588670238b48fe6ac385eb03c724a2f5a9568a63d2b7e04140

    SHA512

    0efbf2b2fc47b6213b2fab3321c85c011b2d598b0a4b075bc06e60e6fcf973f1125cc406cd26f31ef4a9f9b098666853e5343d180557932041bf1a303dfe6172

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    840fce74103a3e7e91d49b35f1c95d58

    SHA1

    8678d2f3fb85b1085e6ddd235ea69b3f3630b01a

    SHA256

    afc511b9527f1c11c0bace61277149c9342f2bb12f2d729fbd0338a9239c9f42

    SHA512

    bdbe2eb77730aed4c67b0141c9cf619f814c254972ab36f368a4c6577e656ca45a53049303becfd3adb2d31b3046382848ddf6fb97f8c2fed3acf8a7b01c5ff4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45c77f65f5690727c50e4442c3c7b6bc

    SHA1

    5b8d5407c4c6ac7ac054f41f3228c5d4a55a98d8

    SHA256

    0ddc983db9d733eeef10df00ee2dab64144885a6e902c62e120f2838ee0ca075

    SHA512

    635c560748412c2ff03191c56d23793de1a8457af8e9cfbe7f5ea165052ab4f4dbaa4070d8cc3dd23123b94b8f066728f1b0b90424d17cd0f86eef644ccb7532

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a396e4f64c22788556d7192ccebb671

    SHA1

    2569a47252fe851187428e02c0d3398bf33191cc

    SHA256

    4e19806ca9c67c3fd8783676b86f2b43112a2d468c934de0ed9500c3fa2f475e

    SHA512

    57a28c6d7ed327819f26f583af2c20c249c9ab4150564f0586743c1c48d1a4d23b2f6330e1e7abc467d4639b5eee4f5db6afe9a62e7b6e37a7ad6eeb02a6ba49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57f87ce8e8fe65f9959d6702e1af4780

    SHA1

    76993407a877b75fb49f9fc11fde616ca7861115

    SHA256

    9db5fc4a9d47779a71ff8490591447b17ca426bc0649f3a77dd5933916c0c7d6

    SHA512

    8b3f025707238a35e5e89ad8cd9700123e68563536b65de8a6a44282998e93b42a0eac98b17abb41b83260b8ce767b9527d62fb03c06eac2f2646c7367c7bab3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fbdc0df5e6437248d49d76afe4c28c8

    SHA1

    17f6b29a513b7a914c9d4fee8a6f051c9af0df24

    SHA256

    3e45bd1eb06a65763e13b0b296b757ad7140ce77d8d44756e9dd6797cc43143b

    SHA512

    dd631051b5e19625d5c5acb98479417de83bb94e5b1403d3ed2000f831daedc356d35f62600ef0a9fe7538fd9a353dbe24c193e761a1886b8729a22a71b62dea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc32ceedce37fc825af058293e795b47

    SHA1

    3c6b513835a9f7f64625b47352a8c5b898dc107a

    SHA256

    18f471d518ec0e705f70ec0af219fe5e3f88db93aa81ade6fb8c911907ed887c

    SHA512

    ab099c0344ec98149ebbefd2715cca6fd1e22901408b791417fe238ac36a9f9386836f2ec8ac67a145f29c16aa86636ea2ee183f13b0948e96028749912ee4e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc6f237af23e8e4a17e2f198992dff6e

    SHA1

    a0c6d38432d82f4d5d9d61eca33ffb213e828992

    SHA256

    4eb4ec11ca0e5ff598a1cfcbc570f0051db637c24ebfa815db2ecbe8354c0d5a

    SHA512

    34b403f6844e341e29b301596999d742d51e6cdff45e63c71d7688ae05e8a6f2558c1efadb31583c1f71b216b6697965872c482a6fd2512d66f6bb31e7e41da3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6bc78f6e55bee09bfec31b9fe3175869

    SHA1

    994aa59b41af1a03457caee97d41491d56e76c89

    SHA256

    56bf7037930e689111365248ebb2d4e74b5711f9ef0645d13b2f1435efaa4f84

    SHA512

    32f22a45575f14409d187c1417fe04da6af3e468e48fc9fdda31e2bd411edb145bb13254140226b20a3544381cfd886e5bbf724e2842dede420a1d273b1c97f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4300b4c1e3f79b62049580a73fbb504

    SHA1

    447a2e2b9bcc259d714a8eda6cb0e11692544d72

    SHA256

    959d8a3dbe3eba645a6feb1696d56b9ca49d02b79e3e38af68f2c4809fe26d1d

    SHA512

    9a258a9486ea3b1039d7d1cdd743c6bda157f096a7f6caf7f6c1ac6e8a87d00b53e182c5bb4061ab5c3902c63d4d97d7b32e5aef10a8e23acd9524ee101befcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80e961b7dd8ad96baf6145ba63c03c99

    SHA1

    e4957b317f25d9312251cf233c3c7e8f41b7f6ad

    SHA256

    fc4e67e344c08f125d4050f4beb86b4c2d74d62bb21bfc779bd679cc6181480f

    SHA512

    c204ea1a487974ecc3becdaa8746123ac8c79135631758409695cc433b41363f85ab1fadecec506a8916dbd0ff8bc314b6703a44526ecf5da158ed58c107374f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f857fe226d021e14222ca95211e07a50

    SHA1

    ffe0377fe59121ab7096c1a8e6049a6b2f068fe8

    SHA256

    e8b08a69338aa164ae7bbdf7fb7519dcd3a86f4dad9ccc8e40f82c7a2695e085

    SHA512

    fb8443df482ca41fdff0137aaba554d9c38da12b5e8fb8a4c80c2a1577abe8c9ce78a07068041ca2846698daa0cb81a944f13a7b7e4864c77fe196b67679f244

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d17c6f8218df0861cf34f360a1320a2

    SHA1

    fb5c35ac77d82f98d826a940cbbb48bf3b425b11

    SHA256

    e1f4f251b22ad4af02466debb96a123b42f1099a8084a296629441df2c547795

    SHA512

    72076ad3bb92b08805e6b721eb383021c826f4f106ebc840da8182dd996fe9368959aae821d3cbb58320487eda1109965abf87b5e23f89e9a39a1bb996dbffc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d1d5ca91436a4241ef80ca535e841cd

    SHA1

    11bc499d9abd535d8e19c09e4732edab4b238498

    SHA256

    e28e6311a5f979cc3389de2ec58b5d47782ae9d621b6c5dfc949b2fdf64f0be6

    SHA512

    5bedce30e4fadbc5633cce8620e08f4b0664b31c010d527907f1559089cc95caf0c05635e08b788f9d1d6620c68ef578ebf15f6d04d0047d002fc3a4f56c74d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    286e1c0c650ffbcca08937bbe76314b4

    SHA1

    74904f0c09face513e6aa7db3a8430639fc759c2

    SHA256

    5c2937b7054fd6d51c7f69dc91141e38eb6603410d5054611a557efd9f1bd74e

    SHA512

    ca6b318a82a6b54f60bc4622fd113e7b71278b00f996f1ee3eed79ded8fdef17a001e9258c584dd1cf4cd385e3417e31627da60779b00c6dcca11ee6f12fe709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3caac4e6ab53335b356ec9c63fe8a79b

    SHA1

    fdeb29ada0e2cdd8c931643f55c167bf55388c5f

    SHA256

    a76e0fcc18fb5fae63619c6a6edf00a47141b6482e3d8a17dc629b99ab80e06a

    SHA512

    343a83e32f040a475ed4c17d1ec2e21083f6384bd1e19793ed20dc6709ce27308490e2a4de3d761088ee5ef92a1dfafed55fa3cabd1fcc72c1d98a0a3481f9b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75b3a4f4f46931be7166df3d669188a7

    SHA1

    7ee15b32084b25ed97ef50574e9beda8739fbadb

    SHA256

    8c1de90d7b58e62e40079db45b245786dec5a5c078774014d09cc54be02be34e

    SHA512

    d5e85f5e1951e2a067d742ac375c97f04b2c4c88a4a19641549de22f3d1ace1577c41dcf9d5b571e2bbfc2e471fa85d418abec4edf4ae9ee3cb067074ffcc920

  • C:\Users\Admin\AppData\Local\Temp\Cab293.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar322.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b