Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2024 20:30

General

  • Target

    25082bb69b4672162b3e6b2470d9dd18_JaffaCakes118.html

  • Size

    57KB

  • MD5

    25082bb69b4672162b3e6b2470d9dd18

  • SHA1

    c50497ff456f8ae29d07faf5d04261b46a4acc5e

  • SHA256

    70d2808e0a96a4b0358207f12dee457eceaabab4e6c0e4937d1c7c14315ed414

  • SHA512

    8649726487cd58ae03a0505493ac7653f8e14a4bba16109e8c76e0c92bb36d13fed3a3105c7b2ba3e8a3f18716684b1315fcdf316cd0a1ea4ec9a38dbbbb1c18

  • SSDEEP

    1536:ijEQvK8OPHdVggo2vgyHJv0owbd6zKD6CDK2RVroFPwpDK2RVy:ijnOPHdVI2vgyHJutDK2RVroFPwpDK2m

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\25082bb69b4672162b3e6b2470d9dd18_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    649679fed998ca354db7a65ff8b86a30

    SHA1

    2ade4c6db8846afaf4d5bc1cdd01da110d633b7b

    SHA256

    8e45124f1c25ccd6d40ebd7dc7bfb0de3190776e5d83b00e36c46e8bc1887928

    SHA512

    a093bf1a2defea9899fe174a147ba80504340a7fe82802a39f3ee5e94530ccb891b034dd33ccdaa2c144ca24709a3c3d1b88224b9755827eaf1edc5132a9b3f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    3d6473dee33751797cc188dc880e37f8

    SHA1

    065b52831b07a74ff1f503b7dcab7fe99674f5f7

    SHA256

    c4696d4865696b40a8c7af7a5676617411985dce848daca7566a3fb7d667ca65

    SHA512

    f3c7dc5759c07fb52d4eb0e787a0bfd5c2b20ac7cea2854c4fffccbbc32e358c3f5b157bc90f7900c486b3bd77e6eac23fdb81b1dddc135e48d5915185fc09b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f87adefde0d815290bee426ca81f03a

    SHA1

    e17968ece8d0c3164b2832dd849e20251b6e671a

    SHA256

    4b0d2e1621139a8f87e062660e263a7b407520a2eee5f0ee27fd883cbda57c5a

    SHA512

    0e1567c4d83674cdccea9774a7855aaf5f2e765075bc3be30a68ac8aaaed18f88ea625f17b7caa093b29c8a36d764346d840c193fd0969dbbec2596d9e44dc4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b7da9543af760ce7cf04ae47fc127d2

    SHA1

    462736d3fb0673edf15a2aee73ffce1e32681caa

    SHA256

    5ca6a4a88e50881543b80dcf6d57befb9f8eacaa0b8a75e9a3738b9ea1c7fcb6

    SHA512

    6af2d38c896daa055465638dc7d941b9e421c67c2611845bc222b0eb7a6c8a931c0dc51277834f8e81bd8751bcf057770c67040e43db4a7fe0854824e4486add

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0904129b8875968fcf72876cb1c084d0

    SHA1

    a31fe9ad120c267cf3b72de9699bbdf9f4044f21

    SHA256

    a940aed4dca0ebf693216fe11eeef15cad81bca1e6dbf7395a00fe4776b622c7

    SHA512

    5a34ca1b9efb1a717847a658da84796de3d313591533beb2de1497c22fd65ab3ac9ac9e4255399faadafe4dbd1d1ea80682156fd0552ba75e5c9626e52dfc6ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cef7acf281a5167d41da295c0614890

    SHA1

    d7cf7104ba7a20bf6aaec3484ff201a20c700368

    SHA256

    298b9a5f30cddca6e95fbcd3d3f750d7339f44534910a5e5de4b08715f5a7a78

    SHA512

    dd03e46f511b279d15f0cb51de29ae0e2228269fead531a898c559c0be951b562ccd4e18a61b4103ee5dab81d0e606b31f76e62fb3206ff8096075b704d4a885

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a2ebb4d523270bdac53ce83c8471ded

    SHA1

    a690734bf95fa20d32eae6001ed031abe8974ccc

    SHA256

    8bdfab394f9077143d3baf928a3d50e0fe760aa9ce3d66162c4605a5142d3939

    SHA512

    d83b719aebc313532294b8652756aceff6b9e145edb17661f2864f8a738f2531f9523bd912d8bb3ea67affe47ea1db207b3d79e29f5d843910e038d98ca6d676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba2a4d62e59ad7b36704cbd024fd8f68

    SHA1

    86ab64520df58eb727b8420b67b3fd91ff6b9e4a

    SHA256

    5374f2ee9251790079a27c92948810d41fcd3dc60973ad288b7f92b57a15d978

    SHA512

    1ead12bbbb127b50fdd5c6490733d9224b210185dfd2886f09c6ae7c1083f0a6edfec0aa677a3793c1cf2c3f62fcc2c9c49631a5b6d50fd8c76deaf3afc3026a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf5de2fce3e8be7834fdc3cf08bffe14

    SHA1

    4bf26041743953e201df6e2bbc8dc941c3791a58

    SHA256

    c9d2cd73ce3af032ddb727182143cd73260a701a9e35eee0e704d1ca18e982ea

    SHA512

    c3d6aea2eb6e07682c6140204374cc8e9b5ad51c8187731cfd97da1ccefce8fa695ee6861bb1253b2de9bf5eeb0512f84a3acd31f326851997a62833d1c0d0ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa90050cfb24c2434a0eda5660321e15

    SHA1

    1a9ffb7b1e84d26ab882bb224abed94cad6e258b

    SHA256

    df0f6cfa0799fbc372ed147cc4d18eb582fe4e0ba9ab7579ef8fc8bcfe2e2d56

    SHA512

    f92eaf11e3cc0110c46f9dfb405a8dfaf113447322315c039945f00433666df681527dddc5b85f58fe10e1d29e5f9902c9df4366bf0e3309db956d88cde12a55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d9908a6586723d61246e3656bb3a8ba

    SHA1

    805d97a4b77f411083e27da1ac81f2813a84b4a4

    SHA256

    f4448a12cef221b869786432e56c5af5d78b80654b0f8473be4efcffc1c1268d

    SHA512

    2e7897465b9f96235d5cdbd47b186c13eb79d9e93e088a31f2ce12a769d96380aa9eec50d9d6fde0748a261912171bf83e0653696f7e41e43aa60801b9009955

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c613e84f337e927c9a28e4793d3fde4c

    SHA1

    eed3178c3da80143481d52459f89efaca070be91

    SHA256

    d35f42d4b3c21daa4c62fa74967ddbeb2ff0c9fce1f90656381628d41f55e4cc

    SHA512

    2630fc2901913f11ca9657cc69231d110d766fbc81e90c31c95e2b2a59523f66a820889e1a5c0dd15b788abf08551786f0bc3b6006d90e4cdd2dbb97acc6e3de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf11a5e798126cb801b02ccb53c1cffa

    SHA1

    16b606e20a3aa8f3e0dce0bc74610b28bc7172b1

    SHA256

    9c3b2da49e1198e9ff1fce8703088efd5e65f6d6888115a819185c73fd0d548f

    SHA512

    3421cb97cfb04307bb36b9d11ca02717a0b45db292f043240f1fca622236a5d49abe23f628cd63bc42fe30663bbd034e7f941042811ebb07698c5d15c2d64590

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a9c3eaba32c5b0e72df886b8d5be94e

    SHA1

    042fa124fd0896060531007cf8433cf4bafea43e

    SHA256

    c7d79368aa1b7db1378bb8adb7ba8c560f6d58899425567ccef5620b689ca764

    SHA512

    8fc54402f6f7c97f3c6a3923f24f6ca2ac2c5d47f2ae5b225b7430413a58644e6bc33013292ec8ab927db9a12b575c8161b5bd6e70ea32d717e9060aace651ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5f915b2b3f96bc0295810865f9fc496

    SHA1

    9fc491c366ce13fa8ea36631dc5d1ba2189a1505

    SHA256

    751af4e829af15832d3c3a2569fa90d216eb6db1ac39a54c02bed604c74506c6

    SHA512

    53a683873cfc0106610c066d9494052d538ad77ac9b9c2626f7b810a3296c6770f82328edb950b28dabf085fd2b0f2fe69b94b6acf15db31cebbd860e3c3bf08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a179bdbacbaace73fcf5fe800432d06d

    SHA1

    db4b6407c0f8ed4dff668ae4081daf037655a61a

    SHA256

    4611d8f78645cdbe109aff8fc173a16c684f281b4ece61e4cf3cadf4d42822fe

    SHA512

    70f2c5110c8d36eb2e1901d0839b5983d761e933e65922d118b78ce901373eba4553af967a32110eb7fb3e2e7993a08032e207d4be9dea24bb51084650e84bdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abf7e8d33dd86fe03dab0c99fbfbb429

    SHA1

    ad806220238004e8e73a1731cd9bcd804e2f26f0

    SHA256

    24b7c9461c971bb46b56e753d2b09305c471474395d71b533248ffcfc6ccdf31

    SHA512

    2e52d5408d7efbb34c6c2417b15ce785c73347cece7608ae1d8203f0bec956ceff2b2489912f31fcff74d60cfbbbd15618d56f7205cfa20288238af797836fe3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f718da48b778bdf741b71fac86e79ec

    SHA1

    ac5922416cf7043f951f5e3dbd30a415c9c88d3e

    SHA256

    963ccea6e1c2f0a9c413f54c4bea16b175d093e5bd95d85bd56bcc81e501f47c

    SHA512

    fb6c1805f81575f1e7cdc81deca18b665601fc97d9fe4a395b4705ae58cb3b9205402b25bfbcf5725521ab66955d1e4440bd413cc3fe19c7ad7f0fb066f0ea47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ffe3de14a4c44adddc767f1e62eb90b

    SHA1

    6f64beeac49f7057ce539afb7b0cdfab3cc8712a

    SHA256

    c9d86c52e3bcedfa1411a2091f5fb3678f8dbbb6b6f0d78ebd9aa4937bb0f0b4

    SHA512

    3272ffb32a6191041fbe1533e7c03a5a803150593dbc47b2140e073f10893ea839865d0d5259d80831d562ebdb48bfab6c7e55724fd395b1effaf1a723b45397

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a248b562b80bdc8098ebfd79625e859c

    SHA1

    5b4d39cf2bcadcf3991143c9716dad32924b9113

    SHA256

    da2f3a20177d44073091800b81bbdabd5c164e8c210bade69691c5d64119b245

    SHA512

    26fd43fb222e3c275649cf4ed346a8446998766c14b42e3943aa3ae14100d3e7f7c3c86e74de084ffc51958b85ee554493d2db7f34c0c4ea2535f83ba4ae077a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1711238a143cc4cfaf57ba36d109405

    SHA1

    62fbca7942e8c6a786f0c8411f9ee5f99db1b8e3

    SHA256

    7d73c5eee61ab570560e6021810f1fa5a988de9eb252dad5bd08f8883c7f7b14

    SHA512

    211ddf49b36726784cbf254f745adfba54b4777b5f48aebf857efa443d8fcc526df64bbb493c503b75cc0fa8bcd3c716cc2be29b09adad23504a826bd109a07b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd4d4823035f4804762de53f5a6f106a

    SHA1

    fea4cf37a701621a5afada3a95b3864ea3f88a3e

    SHA256

    a9e40b30a1f6c7680744024fe13cbe1bec88a68ccdd3c2c3af173d65a2749ec7

    SHA512

    40b39952dd1e877d566665cfd2b2a9956ee43c3aeb9ff668a7e4a5c3ab16a2e537237527b76cfb5961440b354742fe382b857822f5ba3e41810fbca5e8de1b96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b01e2a4784906e3baefea20851323962

    SHA1

    391b4ef4e56b65236662a1fb0cd3b43b6090e581

    SHA256

    f86e39f126d5a85934e657ef2807b6a288fc6c9c3cf4d34d911755077748a0f3

    SHA512

    7ee2ea9e0659f149070910b4642781c8194b5cbfc286fc1c34e8ed75948d20c043c471c565020524021d10f5b7660630db37713a743551a975be76d429a9d72d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67b00c649960d817936674e53073f6eb

    SHA1

    480afcd9580e3fad2d82d2c029a997d4cdd5daee

    SHA256

    d952d14f51a2fb4638ddfec5a2ec2907f4ca3ebe4a69e7b0711af9e30842b9a7

    SHA512

    f7d21b482d38862fadd36c977627e8fa4d8b6a5156103418887281b8e460e1d603d45222428d9f3aa8344133c8376a4e58580c4c3eaf8196efa5ba7681acca08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02cdf1239097080d133279d4ad1e093a

    SHA1

    d157dbe942962f8d9a19341774b9201b1b5378cf

    SHA256

    2a6f43d9d834ae02dd7a8654230735048a63751a914e9f8435bbe19b2f6bf75e

    SHA512

    7c1c4fa81d2025547c2d4a3ddad5dfb7c14ae44e9f9d8107bb8d556bcdf2c15739a7343f7567e41d846d5a9d4597e930fb622289909746d037d0b2715320a0c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1300c24230db7381bb4d16e40d93b2e

    SHA1

    b886e728d82495c468aa84f992c54c89af04cedd

    SHA256

    c1d7218f1b6de5b587f5aa5be39fdb62eaad2d31228112aa527bdbf7fd63d8e1

    SHA512

    f3d1909ae9ca542e639f641a29806e58ab9a2aeec39f21fb3af15fa85995adfec4dd5df5eef8488976508549c6e254510cd37f81d36504791ef0b59484e18f62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    19afc645a3a51a7a35aa43b884e4412d

    SHA1

    89f77a18f90ff93589adabed567b5c57652ce391

    SHA256

    28de7ca9366e5a835528a3b6565e68bd97fb0d31af34bd81ea726c4e00ce72d8

    SHA512

    c38511144accc5dcce7835502907e0e0684494ec15457406bc6ab66368adf3f9127218db9d240d413d5c0f0db471e166a633d1b6a8c985a1dfd9eb1724dae99f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\f[1].txt

    Filesize

    40KB

    MD5

    613dde91e2774a6b7955d1e7a6af09ca

    SHA1

    9e196a284401d45c1f49eef6d1b56ae2f32e66d6

    SHA256

    ed3be498fa88c74c993b1c034ad77f532d3ce82375ba66049edb0df14464a8ac

    SHA512

    df334970dcbd7256500c167b03f9dd79d60ad6acd257b3a35980373d9fc3b6301b4b85a7d0e8cc12d06eaf76e1d74920d98375bdf5b241755686bffba3f6fd94

  • C:\Users\Admin\AppData\Local\Temp\Cab197C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar199E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b