Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 02:18

General

  • Target

    08694f00bbb64a5e232b8d321b78e095_JaffaCakes118.html

  • Size

    35KB

  • MD5

    08694f00bbb64a5e232b8d321b78e095

  • SHA1

    f78c19525d2ac5a12879fdfdcec33eafed2644e3

  • SHA256

    758bb4f468f3b6369afc7b92dc903f979dbe5c0c7c179e9ea40d4d82543f172d

  • SHA512

    9b0dd138e19f35c731cdbf78d2458176d7a20529903d92ac4f6e952be6155e1b70111a7a9bcf5cb3a8c9464cbb06f97176c1e30151deb98df560b94394c22bcf

  • SSDEEP

    384:fF7FQFlCLFb71n4cC3cCeGFGUIF79z6fnnfq6r:fF7FQF4LFbRnYcEFGbWfq+

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\08694f00bbb64a5e232b8d321b78e095_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7c8e74cfde12d3676bb73dbb86d4a5dd

    SHA1

    5040b474eaa0df53e06189ee44dc7fbb34b790d4

    SHA256

    5738ab7681eb4197bdc0877bd74e8ef2f11e5d544d436284410df7e3348ca3dc

    SHA512

    9c16fef3a86893757aed51811077f65f6d56a82b4e0b35df37a4a9c3e89f13938fe7f091bcd4ad42890a54fe482df0389c621b4ea3a8a123838ea02bbff91d9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    602026a69693d76159db160346d7e7c6

    SHA1

    ed41e8aa298c680910a016d0174d6c2f38111ee9

    SHA256

    03dd4235cad5694e4d0277a48f240b3dce19d950d4603fcc8e60d98bc223df53

    SHA512

    3f72ec6a27f9a26a8ce10c5c524f638235b23c166b64141af330256d8b02437f66ddc728915c458a89145785a6a89243f44d39b769e20081916bfdf57787db31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    464eb43eb1ec9e34d8c54d76a55752df

    SHA1

    c2a57ff6b1b44f1d92069441f0a7cd3488fc57df

    SHA256

    fd3babdbde245d865c8e0926e42c274583f5de4e6b5f296451f2bc45fd01e95d

    SHA512

    113d8fe6e8615bc729ef9a32f82fc317a50420cdb21eeae5d620c6c6cea55c9992c03cf6bdf8b23554dc4d3ea3a8ab44b3ab7bd6cd0bcda2b5faaebb90d7da00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5df68459fd0d30d199153f1e69bb806

    SHA1

    91cd1e0ef4732de3ded91a49084e9d8226c27791

    SHA256

    61ca4c3a0f0414bf65aa173b9e040d14678c3d30a0961deec53b458fe764c9d5

    SHA512

    212802462e56bc06bead564e26e7cc9b69727b347d5dd01f0725c7abae7199db012cbf373c7fd25edc7e399744af9e6cb5a5947c5464bb2677888fc864bc88fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c69b782c92eeeefcf2a8b226617a93e6

    SHA1

    000ffe3aa43885e06a5d1d7355d612aeba884c04

    SHA256

    126b95ca2ac9d74fdd1c21c4c558ca6380422d1a1447c201fd8aa55ac2d8aaf1

    SHA512

    736ccfc8a11499fd13f3abcf9adcdd661d81c57476f450777a2ed3e402dd92845073af3bba61481083f9de911a58fa919b95a39fe1755a82e66850458c3e8450

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1259256c7f3837a9a490326b92f6654d

    SHA1

    7bfc9020f940a7f91cef18ec300c80f06e7f1fb3

    SHA256

    5627aadf691e2c4dff24842b79bf1766b043d6e91bcf45681b8f5ce130deb3da

    SHA512

    9f7e06e4cc0479cba45bc16ad06aeb72b05f57abc02b69406d62e2ce8c20f93790eac0d82a5106acbb0c0d7b300e55cffc211a5d10e4693f5c5600e389a3d47e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a906d8ecbb081812bd80b8ab14294802

    SHA1

    fbe94ff85088a4fccf35518459b734cbbd03293d

    SHA256

    3e9be7a1c8d72bf970f852e62c2ee4cf1a71cd6d7b677b879c9c52ebcde04728

    SHA512

    161d2eca00e35ce6a89b943dae1f43b538ecf3736c6095eb583790520e69c94954a05487593809d0bde49bf07826e22cc5a22135f3cb4a72e6fe3fb927f7054b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3160e81f633ea79058d13f9bb3c8bae6

    SHA1

    7cab5eaff552e5b941e4c74e1939178ebc607ab1

    SHA256

    72c944ced0a476f83f5b603894a4b175f85b322023a91db89bb373693852af9d

    SHA512

    9e349950f0154c7314360b516a6b70b5edc5744435270627be2249504b6b4caf0a84daddbc2a77583d4b220f96cb20418ef8f3bf8384c7834cdea717d735ea5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b252099c60d9a9704c71b554f11242f9

    SHA1

    b51f1e78ef4ac89e4493f60f20be95f66a03c87a

    SHA256

    fb524115138738039702ad4b3a3d18e809379d654df690bc8282a8f68b984a20

    SHA512

    98e1333515b514b7f5ba09b0192f8c74dba69bd29615e3589dc80f1f842a8ee75e9317eb004bd96cafc284b7e58367134a14348d7f62dce241b5041d994601b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fae8e5bc4b1069a957236cda655f854

    SHA1

    eed6a1825aa684b37dc9fddedd2b61b5cfb154a4

    SHA256

    6f4f46a41cb7438b8684c60ed988f238cdd73c3ec07a82b94e303adbae0a0177

    SHA512

    272198a1635149454e572dc1001605a53d70dd7ca15540869fd8a26c1065814163555d4cf8cc1fc733a6cfae9437e06c782b1a95d503c39265adb00a679646b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d015bc8e135d063a74be1061b3ce112

    SHA1

    a726ae1c464b4a5a7674e1e28b021868c60d81a4

    SHA256

    24f6184957ef4d44dda72debba041f3cbba14e45dc1a3bc135317d5cce720554

    SHA512

    b97cb079970c00a8b915653a2d35cdc63b89002de0f220eb8983d64cc822f54f14285ca80145f3049c46787463c56c2357a3fa142d6d568d5439e101c6352ce1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cc0bd38eb64164a3ce43474868e0549

    SHA1

    272f795136e4798904939b4e690c573bf22a2417

    SHA256

    b7b519e9bf4bbb6d3e2b91c275725dee25da65eaf4b13eb0fa57a01dc1a15968

    SHA512

    f45f37607c60f19006aea25ecff3c331f1eeca6eedc119ac5ec1525c91096fcbdb25c2484f1130d696e2dc72e17f7e44ad1f502ea206ff277b48ac22b99704f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6deac44cfb8853f5a861f6465cd0f22

    SHA1

    0560b8d732e5110a14936256b0d9d8ef8aec16f6

    SHA256

    a468ff5dc4dd9d22f8a0147ffeafa35eece6565d040cd25337d2e177a0493c96

    SHA512

    8f217bf6bbae576eb08b71cfa754846aa9222eb59a508892967d0d4385706840909ebfcb81d38258fac1eb025c420b731aba4d0786758136ad4515250386fbbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75d8d0610fba65344165d40c4eeada60

    SHA1

    d81ccb438bc50aaf9228f47bd9c6aaabba5d4954

    SHA256

    9b55ba497f4f96db50586706da28dfd27bf8a6c61277fba99a4096e057b697e3

    SHA512

    b4b79896b59b8bf316c7f9686eda0e0430d26941035b6cd62b60ce97be0560830d6d4aa07a78c77ed4923faa6019c43880cc9d3cf4ed313fd76e8621f125c438

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20ff04dc35f5f1b39cff188eeff6945a

    SHA1

    a1d19443c7bbce1465e2e1b8b06c82a209bb4bfd

    SHA256

    60491d826a499d49eff658f199696473cc59357744dd4b3941a93d302601ca3d

    SHA512

    71e99c102b7eac2f9dc0dfa4e8e80cea9d6e358bcad6dfe79c3a8e0e78a5237e1b3fa1515027bee770140d90a476289dd10864f78a45f3386a228808cf415710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73ce4d1aa232b9cb74f0067aaf02180d

    SHA1

    6b38075c44c44267645d1641f4c966c90c0c9335

    SHA256

    ba5f86d57c28c571c99de108985fc297b5fb5663cd9c3d21a99493108db1c5fa

    SHA512

    eaf0e8f804e35a3b932db1175c85557de06056900968eed299ebdb77e942d818e3fbe5626c12e8b0f75ca36af69443a8aa62f127b64e1aa7242d01955c88b32e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad02f9e2cab4ece6d01a742d0de6bf34

    SHA1

    1a1a1b2784c1c7b57add397272df1052fed5e95c

    SHA256

    9cd706cfb667f7a37e2f8d2420e4eb3153caed5d090b090fc0fbdf0d0815cc29

    SHA512

    ba5cf19b4a5e7eed7676a16188295977644fcf97bda92adcbf7831355e495d3da1c9e4f6ab059ff0d5efd52f345978b0e71005dd2ddc94d7f547d67cf25565da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31d9b9fe475f36c0e6ef32275636a71a

    SHA1

    1f29a98cb1777ee0f3e90c7f1103e44ac8601c9a

    SHA256

    381ff5e0be263995be0af48db163f7d6d937b38bf0877b622687ed988ce51110

    SHA512

    6821c6fef3e81991c5f1f2e9786ad7697a7f028b39d67584c93ab0deff9dd3084344be688a3ae20fc96707f4d4ceccc453b77b8a65af8ebeb3e31134431a29fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80062de190f0f9c64326988538e595cc

    SHA1

    e763befc07a8c901580ad8b1e86de8c43b23e464

    SHA256

    7dcd859fea0f8a6b8abbd3d6c0f7f95bf8ec536ff3d401390bb8e66a528dabf0

    SHA512

    c13ffa40b981f3c9683210b9e892cfbf5b03518e1438f17396bba6fe9310836a6e4657f9a6d7966fb59236303ad85c7155670980e3079e14e0b6bc357c7c1841

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    db35b50e067420d1a43cb28c125eb1ad

    SHA1

    ee82649d8438f8430de4c9e9d6bfb7bd85942d35

    SHA256

    fcb84c5316134ccf6c31b3b4e5c3a39b55475bd19477def7db573123c095a989

    SHA512

    eb2286ad72c65eb3db57c1226dd3545c4f298153777efb1bfee5a09d7f79f9baa5f55aac3b270064ff7b4579fcebc50c20705c0320f89d7b6bacb05fbcc85497

  • C:\Users\Admin\AppData\Local\Temp\CabC295.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarEA80.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b