Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 09:51

General

  • Target

    2efda9aeee23c9e98f56f4cf2eb91ab1_JaffaCakes118.html

  • Size

    10KB

  • MD5

    2efda9aeee23c9e98f56f4cf2eb91ab1

  • SHA1

    88f466a9917d5ddde0c73bf19ee2d714692cd455

  • SHA256

    9bdc6397118c209b66cbb98a6862508113eaf0cbbe77f82e6df401c910f4ec8c

  • SHA512

    543a9d63b8aedf6793f4ac0266fca445be9bb4a4ab285fd97de634edcb61d4d00a71a6e69b26414ca07140129204437fc2d2a990733b6f977d3a2f8034e62405

  • SSDEEP

    96:uzVs+ux76LLLY1k9o84d12ef7CSTUjwGT/kQ9p/aQnfIYPlWNmWNCPBlVHcEZ7r+:csz76LAYS/qg2iQfpPlWkW+BPHb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2efda9aeee23c9e98f56f4cf2eb91ab1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2448
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2448 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          18ff04b8cf470e8464c7bb1e8c710b4c

          SHA1

          47a428edad216cd586861cb33e45c418f32c63e6

          SHA256

          41fa3fd17a53b58feaf365e1b893419e8dc56eb9400f29b004c5bb7ce3b7f54b

          SHA512

          c70a27680b3caf59e953c903800e82e4f788225b7b0856f45bc20bc57cd29dec2513be35673bc1cfcbd875e3388253841ba74e1d9687ea41ab5aeaf4289e84a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          71bb1f8ced6f453289d644001fd6a25b

          SHA1

          1a157d1c87e2e02670922baba48c70044d870eed

          SHA256

          2652aa83ce4852344eb64cae2245c7fb54a0d88990996b2ba4e0ce810a819d58

          SHA512

          f020d2ad09b739a99e765093ddfd0cfcd19a2afb0e9168a4eef656a8ac1a14a04021186286edca330cb991a3a3c6ff3d53e67e06fcaebe9da0505a5ebc78ba88

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7ab05e207526cd32e4b2bd751d42b4a5

          SHA1

          7f31222144da7696a9500407d0ef890a40db2b33

          SHA256

          9d122e5389820b293c368cf8d068fca33aa26abee0e1815076ad0dbd88b0364e

          SHA512

          8e8a0bd8cf666eca2e740b6a82582cf12aa74b55c3577da54136fd02689dd6961c06abe64e2734b6dd9204f095d480eb35efc698f7a48856cee6783690734ac5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4db8038994a10d5c5ba88726dc862002

          SHA1

          604a63f20e42f70885d2ba322894ab927b3c77f7

          SHA256

          9f28c346e06ee70f75572580a408abd92f4d9494b28d627ae9c1e7517bc16ec4

          SHA512

          dd11dcbfe561770b095082f86b9291fc102fae0cea14d14a62aaf7ec4e894989bdd4e028790ac5b5f4cc78b7311acb9ba67c3ca68002933a4f38414fe4bc7452

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a8caf7bc2538f68289b29db4e95b6029

          SHA1

          9521e90759500cc0a5dec72f52dc0a32827cc572

          SHA256

          6cbb77bd9c8b9a4ea31444bb8accd05f034261a8ea2674fe7a112480a5fa5614

          SHA512

          02fe9e85c7921b46953d5c6fc69d9b5733429defb398963fadbbf5324230a436ba18b0a54117001f91ba5bc5030beefe45ed793965978a8b4e5c95bbf70ed7a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          550c91a72955f483ec2ee9f21f80b5a7

          SHA1

          f267b6d3e5fab876b704131476906c3ab3dc9525

          SHA256

          9eda1bc4768b4612643d2be5ea2f3cd7947be2bf66f0654c2e3fe3d619c5872b

          SHA512

          77370560ab4d09f4c2de4baf6aea33ac80c0484aabdaa3e831b70b06c19ccdc4a09b6eea7a36f4c74ab8113edf5365d8502f456df0934049beae2a775ec8e613

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          789a0555ebdeb1d564fcd77b31cf6b40

          SHA1

          686218c272c3507f0a40a5c6d228a4423da29b97

          SHA256

          b6366191e19cb4e8a7fda7e6733f67f67684bfeb4a96b116baed08dc9eb6fd58

          SHA512

          7e84c5d0d1592d230a9a240626957895d2ce8900645ffdd2e7c1d7d592350fb7fede126be357ffdae05dd7ea6594c6d65f783872b902c59c3981fd0ad9e1f598

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1d0bb3a43ef76796ff4bf57a949e96b0

          SHA1

          1e2fcfd12f9fe93d6975bdb571ff13f819d9a84d

          SHA256

          32b220d079f0373d6368c2148315149c8c5f91abfc381eeab58d3672b068f771

          SHA512

          c3ec22fdb0d3bee1ce1e6d9e28187356bcd8c6aa814a219c2f746f719c241990e0c6fbefc7fa02dbe87bd6f2830221e7e328c91f57ec388ffa47f32f133c17d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9b04bd94d333b0ae4d8a36af0054d92c

          SHA1

          78c9e8a7af0ecfc3754cf6343d1300e439368a3b

          SHA256

          064408a3bc86b5ec8a5d2d5ddd319a79bc3b0479ee50a5a7d12730b1132fbf56

          SHA512

          df82135d7045ef6baf81ecf2ec4e4bc0c1fb5a0aef29da0c4990584e84bf25f32016eaec1e8bf3a66a4b199a6f466ee48f216501617bffdec08497b18a4d41d6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ec1f58997bc3841bca3de42f5014dc7f

          SHA1

          74526bb593b3dad440a31cfbeff0e8c15f010b3b

          SHA256

          cc0021bf0b04772b019a036b7fd18cf6819971150009dbde65708d1aa3e60308

          SHA512

          bf3ff991efccdc3e655f0e24a2bf1bd5dfd268cc85465a47bfdbf6ca1d313cb4614b385e2b6d4631ae6da3120e0a884339f5ad5fc3a6ee6321a0de5c7737d419

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0af2d6b53597f076880fd4d2f5ad3978

          SHA1

          b991d2144ce9ab65bcc1bbb5da2118a0dfac3269

          SHA256

          5a0f44fd7d255341b82c848a22f94d2e155502e173deacd3a0314babdc982126

          SHA512

          62d1a907f461e53f062123431d77cfce0878e8d397582a5a2317cf6d4fd630873d98cc0f6b98af68367411760e9599fcccf15431b14cfafdbad5cabed3da88e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          37e67cba1549f136680e9c5e01b1c15b

          SHA1

          f2b4b9b08bf7493cae8ee0dc859ac2b39bc4ec23

          SHA256

          d101a52fed98f85ea683fb3ece1de624510cf3ec5bf75e1d9fa090c451aeea17

          SHA512

          970cdac85cd16e356b7e2d2dc7c197b3ccdb1041c7924a097f301a769bc12ad32e090d4a1af887ae1c74375c21e8a086354b083c4ae6905a044f95ed4dcca451

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73cd307ff1783bca93ccf85b91818ba6

          SHA1

          e71d6abbe2daca9df133f167c7cbba1e8608c3e1

          SHA256

          789f9419ab2bbdd443d466c92fcc7bef4bd16889e92a0f62c5ca953d24c8bd32

          SHA512

          abeb9bfa820bcaa10bc077e3be256a32201dab289fd97d83c6ded54d04983d616c63cad5600d8df39950661436e04836b4b610d1c5554a591eea9ee2b81fc9bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a0b0930086563694c7e9ec17e681f9e7

          SHA1

          58aa522f2e17538eed6684c68b327859a9a36118

          SHA256

          bbf7b6edee9c2c84a232e3e9b21bd2a8682ddfd8dc7a92f866dbc7bb0307d181

          SHA512

          415c62d90d51f979c46cd1db5757e24c6350bee46d09896a4b41576758e5f9ba8fd66a6fd22485b93abeb16207be5e4461613ff0948b8a439e1fc6343c6db92e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f42d549fe779e2ce6a807ee9648e82ca

          SHA1

          05871ea13888795d12df402ff8d37e9ba552899f

          SHA256

          8361e5e9a14780da49ea4e02ca5607265a768a9424b71245a843736b26926072

          SHA512

          ec37db352896252c59c55d21ea4012391295319b0cbf75c4da2f0ccc78ad1e2d2407b2c39a2fa2bdf9a45f06fe22cf5b5debd7a729babb8951421045082a0462

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a68fab1c72a27cf0e858da9e9d01cc2f

          SHA1

          1fb7beb7dcb9299172befec1ae2c6acaa7dca94f

          SHA256

          66221b6d8cd3520fe15988078f123d9debfe4b4c4b559cd4e0c0c3beac7aec0c

          SHA512

          bf03af3516859113f42713a502ff44c2a2cfe5b5d281359ba48695fc633eb5e2c99cf9e5fcb2779c5804a470d6ffecf90090603cda91510db0365b9b3209ed00

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          af31c6a4ce5c4453fc24283f12738e8f

          SHA1

          a829b119414599063781821a430344345b4942da

          SHA256

          89504142454e0af0d975d1e3e1de49694240f16da1aacb478e2b7920b77df870

          SHA512

          f4a7c690d20581277389cf8f9405347c9e8da8cd611788eb830aa1aac1d4716811f5a729d34a4028e0f3f5a0dd276837b70634be9578016c13e343a3b7f01fd5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          466ac7de9ab3def738165af8496f80ef

          SHA1

          86147719483e4b423cd6a884a1cae5a5c9c3775b

          SHA256

          a0398dc625e81ece141e122fc91b4866213df140c06e811764b472b0e9af88cd

          SHA512

          46738707ddb12ea16b59b22f429b0a5ce8686b299e10f27ab8ed5f20d5a70a8e1929a01aa65bbbdb34d4694495a3605eef355791bfc4f33b1bdbd4d0b63a401d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c23c4dfa4386ae60445a85b094d3243

          SHA1

          6e5586db01371d3b0a7cbe627c9d0a2f2640a65e

          SHA256

          35f85b87a733169653badd52e2d38963e5d70ddaf9b28085b337d05b3218c635

          SHA512

          41c052a654a2606c9d186e7e8004c27ac56787cf0e0f98df32862f3002521140e71da15e7944e98ece064768805d1e17f08cec86dec8d19ca8de477f38b47d3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aff7d32c3d19256b6ae02cced6f51ae6

          SHA1

          6d352f0ebed9bd54bda8c952ac48e9687413d23e

          SHA256

          043b2814de853ad4eb9e76dbb6d877f2798548dfceb633fa8e485cdffb944780

          SHA512

          670e76dd2930d5c3f58d9118eba5c602b8229d539227e63c95dcad6136b0ed458c7783f84e6ce1416a3dfdde41df23827f76d76ffe2582a9ccb14babdd298f54

        • C:\Users\Admin\AppData\Local\Temp\Cab4C5.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar516.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b