Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 03:01

General

  • Target

    29a5a4edb4f89c9932181bf3013db2ca_JaffaCakes118.html

  • Size

    26KB

  • MD5

    29a5a4edb4f89c9932181bf3013db2ca

  • SHA1

    393b24384e239b2752d7d6aaec2099cdf7978dbf

  • SHA256

    82ac4a1edbc0b28d63d6e811e79a2f5f56377ed81417f0d31acb79f9443e740b

  • SHA512

    e21bd15fc84592e2274d301c3877313c1c054afbebdae6637c4b14dd28572487c97d294422bba4bb4adbf2a0207227e5c00b3890049bd27f5c74e7cd27e4256c

  • SSDEEP

    768:OUNUybc9arMuGjdS790bssaFNnLioiQLwL:BDy

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\29a5a4edb4f89c9932181bf3013db2ca_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ff9d68dd6b8d85c4ce1be15983f9d15

    SHA1

    88b1f3874cee5d9b51512e757296ef451f71599f

    SHA256

    053749b865b1dfa671dbe88877a52d06928b915c65764c39ac21e7cd7c3c4400

    SHA512

    b55e1c5d7401c7403d2838cc1b075d6cbc2ea2bc15314a9cb6c80a3bd8815c58e15f9e37e582fea5a28e2301e3f684bd8a49a0d29bf5b14647d1044844509c9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f596c21f0a2e421ad87f538cc0b16904

    SHA1

    2fd6fd593225e94f63195ff26baefaa75e3d3987

    SHA256

    7b19d8cc6f7f118a675e92f55fcc37b56382dc6b38be4412b646b20002f6a766

    SHA512

    a404572251209a5b056f478226c8105043b7d0efed1d930f61a2fceb7ace4f1604d048d7923a6a5b117175e1f360165d2c49e1d027c335f5fd2bcc16d5ca259f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e345a5e162dc752d4650154991c81288

    SHA1

    a61e1ec04332c75605375ca7685fa7d4ccea221c

    SHA256

    95d653f4da90992c3d5232c4735f82a4e0a870dd6f0533c3f5daa2f0da1d0aed

    SHA512

    889125ecef1a5f1e16fec1fb1babe8ce2fb48811ed4bbf8fbb5802f420869ef91252b66375406d180f5830844275a1eef6a539b703b87c9974a25bf4b81d7f8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fb2fa8932f68f725e431a957d6d74ed

    SHA1

    ee117d45e0c9d5d9c42c07d8de7690ead5a93315

    SHA256

    b641801397ee721cd9d4c60b610ff9b211648b78718021b64b1228da7864402a

    SHA512

    dc4eb1badb982c79ba2da5a4e33b897c8e29cecb97f109d8358f781a8a9a1a5d3684535c3122a5ef15cd63482a041443a672126085815c70bf9565c7c61dec8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e62bc48ac4741fe9075258ba8f5f674d

    SHA1

    9f57f9198da81205856c3084547f3ec46720921d

    SHA256

    697793a6948968a2f5299a6c18e37b3819bf1320399eebd26b163493db01aaed

    SHA512

    2c2766936ca1e137434ded749684f69cd51802709392cf1cbecee6500acc47e5e43d6cfed8e761d3ebf0f6469d759f89b864c36ff15e8ba45805f6d25441fb58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0720fad891f057ef0b4a3f3a4465699a

    SHA1

    56636ea70e6a89439122fad9433f102a632665a4

    SHA256

    01a9e4301aa784a0e66e03ad67333ad8f3cf1d0ff13b49dc323ed0171687d500

    SHA512

    7c5db81f22e1d20579ac25b5a2fc825c96e49a09b8d5e6742cedb684b4b263cf155ae05e048a23d5de8f7f535f3922f3fedd02733366b279ff762d5cb7bbb389

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b69903982b3ad6dc4e69a7b9e3aaefa

    SHA1

    051396ed0fb5f76e260d58e0a949b47ddece736c

    SHA256

    59b6d9df2816f25fbdd855f444cdb8058506c73711e52c06aa8e6f344370b5b1

    SHA512

    254285e15e27457fb4f236424d141621aa0eca0b6587d4d0311185d678c7558f421618e8b83ee8054d431e26be16626838fa1ec93445ed914834030a78d42b41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e49122cdb912eb840180fde4e2adb20

    SHA1

    4a1d50337f84057864e139aef93b915213e822b4

    SHA256

    3374c069fb2f539efb3d7f1426863ad9ce02756fff31ca7b37ef780d98f960f4

    SHA512

    0a2782a7564cbadb7ef54c124b9297f2f41f8921facdc655ad2674f92d9f3d7da0c6c0d4ef73bd0eeb0cb737c099d2753018541bd77211a50bcda0ec054cc138

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70c9c564b37c5760b42b95b3b304878e

    SHA1

    2941d71683ad7a665b75a99e950536314a4296c2

    SHA256

    07acaa456e6a17d9521c341cdbb947f3e9f5715dd70e18060d9a022ec2a136b3

    SHA512

    de533120555cc8695b976b17c272213bd3fd0b217b144f46d946697841c3769705acd54aac536cdc5bf8c48321f19b363eb9138aecde490eb6fca25ebfc21c56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3d725b3996f5c4923e641867277e457

    SHA1

    221d27242b2802e986db19e3d184522bcedd4125

    SHA256

    dcc66b911d8191f1ac2ddec34cbc6f30da38eaf19ab5782a88357908c62f32d3

    SHA512

    8dd6ddf8ed3ee1c18188d9d355c03afd64229a2bc376c8d7960d6de78d466dfdce438e4af07c24ca11a88d7751e7654ba5757c1d593bc21aac5bc6137a7e4a9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26cb084558f2b8d9f1b1ee4eaf1c1a82

    SHA1

    606ace585628f45b9e5ccbe305b0456deb527364

    SHA256

    d91d8a38a4d9789f372721b508a1f38cb8dff72543c0cd99e246430da2dac4d3

    SHA512

    cba795da351264e2485f65e444e49f57545fc3688e717c195dcc80e6441293822a9dab13adf023ffc68f933894e187e45d9ecc7b61a6710929c9beca762ddbe8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98421fcfea1f4f1881d358f8379abac3

    SHA1

    8e461dbaf8c2491d32360a96f9d387483047a9d0

    SHA256

    cf19f887335228e8a38db245973683d589d24d1b35ae01e67fc001df4f45d596

    SHA512

    c06446b1f0de40053a5a66340be7193b4e1141f4dfe296f01c2a6a22d269f2d081674ae65ba4cf62cec1bf2af0241c52ea61bb2a479bb37fb63c6396e51d6304

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    164a2d1453296f095a320bd43fbc028a

    SHA1

    ac21f9a0403a4fed425d5f3bf7d1b9bcbd932cfc

    SHA256

    85fa85176af87033ea3159e856f34091a952ed8cf9678559c341a4a041424746

    SHA512

    d9c0ec2487fd90b0168534a5c4d810632df948cf0bb9dd55914f7e1335246032b4a816787265d73922e9d1d06f9a1fb693deddc7593a4f6c615156f538d30a2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    153aa18b1af02792ff559f0069f8f974

    SHA1

    da1ad1980ba1ebaba27ff49a4740f36c86c1140b

    SHA256

    87ec4b257b967fedc0521e7e42541439f7d0b3898aedbc65f4725b66cd1b92bb

    SHA512

    a91394641e2e4a335d604035d161607fdc9293672b61f28e024d6effafb2c8dc894c6ef9e455e15d5fe489ded8e0c8179fe22f95d4bb0a886c663b8f2b485c04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f90203d7a6d51b68aec3d99260a6deb

    SHA1

    51808f58d3406ff676396fba551e4c1671cbee5d

    SHA256

    91977292191355700ae657f04ed9ec2f1c7a165ee4f068f9e8f9e4d62d069fc4

    SHA512

    873bbbb3b7a6071bd2b4accc9f00043035c4597bf98b7df59ac9cdbf046ecd3fe3236074abb0e9f9b0cb0c7308b6b5e5bae157c1898a18ad7bf8b39b11d5f6ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    feec6dcea58ee05eba91f4f6f77ba73f

    SHA1

    800c03308ff7b6733215fe24ac879519d23bb2a8

    SHA256

    d6f18bf5c6eefffc63d8961d394b0295897bcdfe781624d6e4a0b03b65c71850

    SHA512

    96cafaab5029b7827f268d4f2821a6a5fdf3f5013f070b080e9c58110871961d1cdecb2b14f2fd056841f948c0fb6143799744c9b7a3398ad8ba3a24952a5fc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ebd44f38f27bc8e60030ecad8c3bff9

    SHA1

    e1ecdb06bb9ce047645a94307d09e5fa66909f8b

    SHA256

    bc4703315d8d05f295d762ffc7a7370a8095f8d5b3555b7fe20ce215dd1ae9de

    SHA512

    d47cb6176757d05f0910feebb3d32975d27ffdb2ad6dc0070af5c77a6becc418deeb6b31092612a28bdbcec90d4f560bbd7815fc5cf3ae656aeef3ae19c63da6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    552820838424074d26d307ddf41b326a

    SHA1

    7ec25e18ea51f3442c09d881557091cc1024864e

    SHA256

    a89c9ebebd55c58039a3b65f9e0166d9422f74df3f9a5572b88837f8715411b6

    SHA512

    0400bdde1765a3d838a1a5d17cc2dd18fcf39cb1a8d43528144885492cfb7eeffc3624cd32a47fb149cdf1f4409c2926740d391faf58a3dce18cda74576b6f6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7d2e0b0e4c954a10fa64e7c8692d481

    SHA1

    c8fe29f6b0836e7c77cf2206203e32e9f4206f5f

    SHA256

    052cfa73304671af19283264616ce686db539e6ccdce4a6a0e4b489bdcac57a2

    SHA512

    b6bc78ffcd1348b13fc4ff980ec03701c4304698c15f80be3b9f5a4e9cedb787e9cb3370d2d1c1004ad9b86b0aa969806515c37c0ff28811af0184229da5a4b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1901e97ddb4614bf30dfe346db743121

    SHA1

    4b485cdcc2c5cb19fb8a55385036cb78936fc5a8

    SHA256

    b40250e18ef15bb3e064a39ea64435cace15f8c0c3ae039d7ed80c0eb9b4e67c

    SHA512

    4ddc31d6b6b6e07e3f8f81ce1dc94e01da97a17b3c1a386cb112d00f4adbdab1e695f46adff691b36abffe33f1680da04a2d103df435c1306737c78bdb56ac14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d41138e2ebec8a5e83f5b6081ab5054

    SHA1

    e37cbbeaa063df40b497e4323b5bc1fe9e4bc4a5

    SHA256

    58d7818b44c269551b14f58f6fab16a80a009955eec9a89e4356288711f7a86d

    SHA512

    5340b8a06dab47d48e4ea9e3f3f37ce08e9525269cf3d19a7924b70a9148bfafbafde43a7f37497388cdd04071bffb62996ce0f6bf0283560b3cc251f36efc00

  • C:\Users\Admin\AppData\Local\Temp\CabFEEB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFF4C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b