Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 01:31

General

  • Target

    08432c487c174ac2b5d385f5833c7a60_JaffaCakes118.html

  • Size

    6KB

  • MD5

    08432c487c174ac2b5d385f5833c7a60

  • SHA1

    80f2a899b083c1b665b1129ed6cd927b86b34225

  • SHA256

    6eeab1d60feb27f50a40be86158ba1f8db03fd1fc408aed9c700a39753f92a3c

  • SHA512

    f627d7e3133f65c1c405e073d32ce0d1f818bee0026c6410b5774fd6d6ad3c6ee7617bcb642f64653dfb7c77ce2fb5d168ae273d995309bcbf33110055984f5c

  • SSDEEP

    96:uzVs+ux7shLLY1k9o84d12ef7CSTUiLcEZ7ru7f:csz7shAYS/zb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\08432c487c174ac2b5d385f5833c7a60_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1464
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1464 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78117cc18265b910cee5d0582e8d2339

    SHA1

    bf73452ce857ea38e7edab6567756b90d939244c

    SHA256

    91992a3d30a771322e6073a9532fa72d0346a52183819597e0cbb57b3274d008

    SHA512

    dce8fbc0061166108124947ab46feccb180e392cdbe258a9340ce184afc517b980d00e4dd79c8d978b26bbe9ce193dcdc466ea985fb90f3296ce275b8c8e76aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8dd05ae4a34b88763cd1c1232907a25d

    SHA1

    7f30acb41a18a033d1bfe79fa00a497421155471

    SHA256

    42747a54ac746083547f7a4220a8902227e42b05330a93f49c9f8bb8191eda8c

    SHA512

    d8df873074f86375c08e94ccb6ca4331e3cf6235edf3829d8038117536126db5f57d3f0c87c41df6c5bbfff8230829b82009c783b9869c617158dc2132a92fb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee1397d16f1e11831ef377b75f66ba70

    SHA1

    c36508486c96c983a672e095762621863b4a1be8

    SHA256

    830921f48b90959fa0d54525e2195da24ff79e536d8398afad7830820d24b1db

    SHA512

    94588de1b2f427d27c85236f3c3b9d4ef1d55d6ab1151bfcfb047e492b6a7338c72e50b9aa6a552996cec2f53488474f072beae842073b5c8bf2d7f44b07767c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fedd76cc0aaac1ecaa8befdd3212f51e

    SHA1

    5177a1d72579ab2f2c8f886981edc0014435624d

    SHA256

    54b4e4f592b22ab7c8516ba44184fd90a5f954470dce1c090c02f05a714c7c24

    SHA512

    6796ca0ea111b611fc02b3337084f0346076d36118c98fbbd93c9fbdf346208fa3f2c3e753aaae50d5ac5b4d8fe5878f7f3680d9b3482a2d835ced20382c9fd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2efbe5d5e3f46595503905b9d09e1b8d

    SHA1

    420722500a635031c812f6ff4fa374f684e73419

    SHA256

    e7827c9ad4fc4d64de427e859eeb90d5c71dac8bd5fb20609a01f71d87ecd3dd

    SHA512

    1841a85395795211c625fd598429d922541234cbe347a4faa6e9dc8b1f498f3ef803da3371fae1762db8d704fe692c6146d40b6f9790118afd54aef173c080f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96585ad67f6068edac65d327c23f27d7

    SHA1

    138f471db8ac697d80365ddfe87ec36c03f2a82f

    SHA256

    787f5699b8d932e3c79bacacc26a5367ec5b29440d881c32a0354046a78a2df0

    SHA512

    b9f3a44db44eaa36b2e5ea5b95319224a22374634a6fcd86806345b4f29779a62844435e8cad0af6315f1245c903db085c7958c3a44bc23de62662b7acd71b6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd176ffa42b07dd2c579894f63009429

    SHA1

    070286057114c07c4403566a57e1c8423af7c5ec

    SHA256

    e8bc1c42c62195e8e83849535952b711175a6a766117a591ae5200d14b64346e

    SHA512

    8ffd18da0a93ff1ce9e3566026f85cabdbed90506576ff5ee5973c72ced4c647d85df2329c47265286b9b4130eb2619adbcf748659203d71086fd0cb77085135

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c021480de4e5a1741362956b27098228

    SHA1

    dc6b7d1d190f2be32f5d36fa5ac6656400157a95

    SHA256

    ed3b18935b1ce97631a814ae882e8c2391bf065f7b828a9112b2331bd63c5717

    SHA512

    c38d55d3eb6e7fc2389bc6b5a5870aecd3333d1e767c25695058a702f249ed16d77f7a1a4a25ffbdd7150fe638f62ea2bff85968f194bc68300590ba06accc03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec32714643ce980b398dc58a4d6089b0

    SHA1

    4e3bb0df8ce4f41dc7b2bc40a68b21bd19c2af6a

    SHA256

    fb84d61e0b14c55c443b51c2d048b1ef1a8382afd804503238c142895f785114

    SHA512

    c71ad7816146f241f35efabd9fa9e885327018ba84156e95810e8af5e62aac21350ef85dca612f46ed6e7237ccc0471201fa3fd3ea2964b2fd85b2e6e63ddb53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a3ca8839cc8be69c5500a92fad1153e

    SHA1

    ceeec8ac9032e01255d022cb8c6c0192f56c7bd0

    SHA256

    566d2a616cc0f424887d57a72a81a77793ef80f66724ec12d3d08944b59a6ca5

    SHA512

    5f7993be2cfe65cb7ac887ca521d2296fcd8ba7d2f25da18be6e901eb675e940f89cc86886d4094025cfa0468c725e15f8f39e971e1ce64caa289d4087f338b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc761728dbb3ce9951050e85e33fe2e6

    SHA1

    422d5a9eaf1a47908c7dec8df76ed75c4a0f1421

    SHA256

    48b8e262faa829bdda0b85f07a933c93c2bb39ddf78b4aa9c7916edfe83f1559

    SHA512

    6ad3445d6cc016f2d1b99f5ee7d8b8697af859762e4a714e7b7f01229031a5151aa2205f81555c81e43a0ee7bf786f4125a4f1898f51243b08db41f73da16e63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4211381e9ddf477b8e828fe465966ef3

    SHA1

    e065568db3fbffd3ba64044e3a0f22091d370082

    SHA256

    7c6306184b1fd33b9b8b6b90c9419e9be1eb9ab79fcf7d78dd336c37c02e56e3

    SHA512

    7f60863a020d796288af37d771aaddaaf714532d9684afe19cd176822e92f8b148610d69a6d71b65be289f538b2b9bc2f6149de62049819f8112c085a910dd90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dfb42df5be95d316785304aeaaae60c

    SHA1

    b8057b7e3e242d8d473b52cee9b82f7b442fda78

    SHA256

    3c91065798e376afe1cf2e908ce805d7a4f79849e568fbb1ff8105eeb025b710

    SHA512

    9746d70ccb2a3b0622a88be092ef6c2d9bd2513af7135f4679ec4b081de20d92df262e86b20ff8f77fff4fc9b4e5beb1b00c5be273be0257510e9a3d35b43814

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a25b940a8c871bd769b2f5ab8c13b4a

    SHA1

    607231886b99e8bed802d12972e40059ad194e9c

    SHA256

    3655d61c56543b1726e0eddd88797c92b48a55e5fdb331423bbf58a5511685d7

    SHA512

    9a8a76cac26708f5828806549f9a55e3779cb70721e642ce6d029c7cf93265381808940c554a092570a14c470a0f3c487b7d31341af27e10d1ea19e00b3714de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65a588f18c870e2e738a904066b6a7fc

    SHA1

    389fa9c27a676e36a4cbe6aa1b9408ff55598d24

    SHA256

    9b58062944691559b3111caea5c8a2b5bebcad79bb5dd7a1e55c31f417a9694d

    SHA512

    7391624fb2fd270d8829316539edc4bf6e111f01d4f7f5374f5265ec243243d13123415f82d610f397e7850d823c0de0b88b556fdf6414d811ded6fa7b8a7a0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcc081e954e6fce924691f9eb220d2de

    SHA1

    fcb15de4f211f822f7d0fca7b26bbb4ef6126452

    SHA256

    d5614d6b61ebc48b141e49c9bc5fd1f01f514e2494eb0ede1624933f47329b37

    SHA512

    cbfa24a9bfa108b0f6301fd801e280dfe4fcec917e06108fd0a334156df6cc66bd6e3f954965b3ac4bee93a53b70bbbabcc4eee12fc572887c5b1f54e186d9f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd25f98ec9caf83e01a129ad59e78d77

    SHA1

    4f2ae64fe177baf1f4a881c9fe27cd887572c836

    SHA256

    b8c601120f7da96734eb4c6e62ce9bf440b20167a6188684c44adc8af6065342

    SHA512

    dd640facae7ad7f28c3720697c792b10a6ef02c9a414fda241b7591cda776358bf7518c5ecb0d87f2907ed5c752a50c30e0ceea4b516e9ec8dc6f8ab0a831f6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0afc510ad3189c913c7a76a0b5d6523a

    SHA1

    fd225ef4364086d32653c004edb00e78dc244251

    SHA256

    c1b45d3346f8c8f1582885076f7eabfd322ad729adf441046734c90d6e007284

    SHA512

    3f05495b9802122c02b417cd2111674a74fe82352ed5d01eaa4157800948a3bcbbd4b546b618016c067724bda67ad5202bad8e0cdef9fee6c0f40618907bba72

  • C:\Users\Admin\AppData\Local\Temp\Cab96C6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9727.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b