Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 10:54

General

  • Target

    0a4f3f77a1100a26cc6208665dff6ef5_JaffaCakes118.html

  • Size

    53KB

  • MD5

    0a4f3f77a1100a26cc6208665dff6ef5

  • SHA1

    8fd7afb837692355e21712fcc57a30d4a5253ba7

  • SHA256

    9c031719f57a9a3789411a5339963a55a5bc2ed18fca8dc48c05de3a3fa56c34

  • SHA512

    4d14e6b0d937ba5d71fe9984329770cc152a06726460c448dd37e22e4926439267df75c8efd959d8837ae8ad245c4d679436da61099f9fec4e51663ef8f006f3

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUprunlYQ63Nj+q5VyvR0w2AzTICbbdo5/t9M/dNwIUTDmDN:CkgUiIakTqGivi+PyUprunlYQ63Nj+qW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0a4f3f77a1100a26cc6208665dff6ef5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11d0b602fd33441dd4a6e764a51956e1

    SHA1

    8d3545ef4af20486020d4d7df66c71be71479d06

    SHA256

    d9408918617b5b344d9f3ffb9cece2e4f835e981c5827a86598d79e74da923a2

    SHA512

    2473680e91ccc1b48d01ded559ba419510c4deb25342b60c02b4dd652fe4241782899dec03de009b84817db7b521c91c80c591b0a3c6854017f2de17c7e7b839

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35e89dbd5f1e1f3c1813e4e2762dec3e

    SHA1

    476f5d39cfc792a68775a980091e9099574625cc

    SHA256

    4537a86a09ff21c02e3df3387df773aeccb0ac74f8e41511614d370cd7cfafd6

    SHA512

    598ed818e6c515ff1f32fe489434e345335739678df1b143af43d6ea93d992f9cb5329ca4cc64f89a1acd36dcb6e5df15145691028a17c2b9915f3a63ac76090

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2d444f873012a1c1668ef63bcc177ca

    SHA1

    47e780c4cece7498420071a8454012c113d958ce

    SHA256

    3ee1adba523f6b126bd7928f340dde3768a569068908f3c70b091c03080cc4a5

    SHA512

    54b2952b6e56a4f904c33946c205a4d3d550aab1dc80aef1227616586345d4122ce8f58898bc041392ea6b627f33a40c57f073791d4bb73d9f9b224dcb41b8f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f66e5c383f806b3be78be4b4a63bc2c

    SHA1

    a608f91badb9b1d910e09aede86df2516351e794

    SHA256

    ca1cd172c6d7b77017fbc988e4c6d8d7ab1572901be290594618b579d9c6f938

    SHA512

    50cca6baa4506e34bdd89e01b49a8a4d00a86b784352de5e821bb53a5c2e53d02ad50558e1845a6fb8442db5638fb8d1ee1ce1dd68e94dd4cef994d3d02b56f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad21dc1e1322fe0fb01a73383cb3bf80

    SHA1

    b8456b3143552e8e49f431b444f784d5566d2ad3

    SHA256

    26ac4a59473a4712d2d815e336886a3326302e50339888971896a80d24b60f1f

    SHA512

    883e8a07f40de3def6d75357f8a4e7c279aea81d3d84a98e3cbda03ab170e745e0c051b25e7ecc90262f6220ab91a5498b1517681c4a357f6df8f5cc0bb8f63a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12f52c366ada853597cd2af2bfffd858

    SHA1

    4f0091125364d77ce6ddb4c84dc5f77240f81f7c

    SHA256

    2b9096a2468ba854c9ad6704da580459066d544e3b5389e85b3555d9c8107586

    SHA512

    41838f49a2e46da63a90047638d1d4baba3bab1134ed5ecf2cca7ae7104404872faaed09a411f01b3e39957817cf84b6c6f444b6eecc7de28960440971bf7027

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b73e6db1f02870f180d7178e1ac48288

    SHA1

    3c93abaa73e3eb47fb9922952342d39c44caa952

    SHA256

    216683dfc01de98d940b8c3773eb3ce8b3312e66ff5eed58cb6e43699de4d679

    SHA512

    9e96081aca7193aab54ead77f8c04b0b5fcb66d7ca92bed108be45f4284227d0416728ffc8453e0bf93ef76f192ea502d66ccfe1c7737e9c1e3dc5389df67f0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acfb463a077917adfd33186823512d77

    SHA1

    b37beca0542c5510082a3e208e1417503aed31cd

    SHA256

    704a520618b5ec4ff4a2c360e321339f3d1dd9452989f9541936eb6c9c6fca99

    SHA512

    2dfa7aed86c6aa16be2018e6e99c4df209c45c1a6c6a0e7ed3f68577291dd85d44383df37cb61555a84e8887e2197180b346eeb43aa9987333eda65555cd1cf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8278b4637873cb530334863ef7c64c12

    SHA1

    fdc1ac7f99c298a9facb75b9c7811a03e45507d0

    SHA256

    d06577a4bf6bada2ca73eac1d80309b904d72b991599dc26bad3efa048866caa

    SHA512

    c4ea5457891c5bc1a8c1a378da7fd7041f84112ed8a0ef16a6d552d35345309913cb4aeb4d6ffcb872590155fd5bfdeb401dfc4a5f0fba04ee14b2034f0f6916

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ed3ebca6f0e4d737e70da637c4f88c0

    SHA1

    a3c23d3ec50a0eea19e8f0ab5a37fd4671b69f19

    SHA256

    fb343dce6505fc07c060b26f6a15b0641f05d59a35aa711356901dfc6beddfe7

    SHA512

    bce56614c7daa57903c6a450e10134c22be85b7f0ec009d145ec42c62dca8a0951cd21bf339ab06801b89bf5bc677deadcbd60eb70fd6056616b074de2426b70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0aeefed67326ae836c3b6d1357f54dea

    SHA1

    9f565561768f2aeadf4b75abd2a918be2b911a38

    SHA256

    774bace0d6e2e73bbfbe173d4da9fbb31db91b7396d66dba7ff102e0ff28a5eb

    SHA512

    d7613f1bdbd6429a82fa38a570644945798276f5478050efa9b0651ce08b718937b40fc59db71f8bbde66a1c1420ee9b08d463e1cfdd792db5877e8996877c65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b71263b19c09eb4bf9a3e552b3d0dacc

    SHA1

    e462a191214aaaedc37b741f781656c589f29019

    SHA256

    ad01cbdc51e58a1d6b492edfc26600328ffd9f47fea7f5c57570eb8bb0ec0897

    SHA512

    7910d0cd35bf04ff7e90986c4c5f6c412b231e5434dae2dbeaa9547ecff893bd195d2ac25fc7ec3cac82b93184ebb90f31d5f46b447cfc5a39ad7147e56542b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49a0c0aa738a2a30855808c4a2fc2552

    SHA1

    e39fbaca9a77da4b9f53197af861aa5c75887139

    SHA256

    6d17f758153c3beefd971c9c5e641591b2720a2a77ef28a80b0bb5d1277ce575

    SHA512

    397c9780e79f4b919707d0145cf139c9ef898fb42d443c6fb2c9d4bd60bd047730ee552e615aebf44487cf772ebfc01be8ea7cb2392741b25e3f6d4e7d57e227

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d83d1f2a6be93fae7212ad8ae4eefad

    SHA1

    42d29a14682923958d541fbf5aa94340b44aa868

    SHA256

    f0cfc41bdc8eb554b85d2ff71792e4f98cd671748375be412d5b9bf3352d9a1f

    SHA512

    7c7b44c476a7f4f6f9cb2533c9e83358cfcfc08b8a4b53d0fa97b22a2914f9aacd044c7281adbd440926284c91b59f4e4b9745456654531ea69dba19b62b3f1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c61f2632fd32b7cf8b25f19ec04a4909

    SHA1

    bdbfe08d6dcd205dad7ddaf22624a1107829aa7e

    SHA256

    19a1a580258f671c02256c1efc83e44ade6cbec501284804b4ae9fd2eb422401

    SHA512

    80654a4dd64e4bb5dc0ac6a5891fdc68cdc346a73341e551a349cca94d90fcb5bfb8bcee3c0bdfd2c17a712a276fb2f2dc7197ff1cb93121b9b519563b8508ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68adb1788cdf069348e2dda89ead3051

    SHA1

    e65e552a996018d45561ff1d60b2863cade33468

    SHA256

    d385652c3c9954c502e8940d8a4813cf5b2f71d9c831c90a3d86a975c75c9646

    SHA512

    6083e87c29757b206651f6041b93e5be5287187249f72ea87cce97ec17abf59854c47a0d96a2aaa5b46bcaeff2c33728e39ae24a97995e2eefaa611fc28c368a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ba40735437e02ac7b3f04d3481116ef

    SHA1

    6c69c6d02640b2ec54f86934c39880528940b59a

    SHA256

    a6951bec8ba22831165f8770e0a4274cfc408b812fe2ef988883912acd5611ef

    SHA512

    6ee8d0d5d2e7fa5d0a1abf45d29f135aed2962be69d1735f41282ceff2c44080e8275255b195fe1f99a61b0582e35f1a550cfce0bda6cf87f7b73c851b3accb4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\glossar-js[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\CabD3C5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD427.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b