Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2024 19:41

General

  • Target

    3bbf6fc95c2a2d40b65f232a9e1beb64_JaffaCakes118.html

  • Size

    25KB

  • MD5

    3bbf6fc95c2a2d40b65f232a9e1beb64

  • SHA1

    834b7566c4c20174c2a867e3ea87820a98e3dd48

  • SHA256

    eb5d68bb6fdaef182e1511aa5a3aa7a5aa336223911e380f263ae9f0dfad8578

  • SHA512

    4142ae47f10f6aab3ed4d8305813145d01e30bac761984db2c9f56b42e43a812a3064d3c4c4a653952632b805a5c22c1d687453fe92d5aadd8a7d3eb024109c2

  • SSDEEP

    192:NoHoRlwb5nwnQjLntQ/kBnQiemn3nQOkrntehnQTbnYnQJMCcAGpdEAwuXMOnFnC:mHo3aQ/0KWro

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3bbf6fc95c2a2d40b65f232a9e1beb64_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77879ad4637fd5de588bd11f068f16b9

    SHA1

    d7bcf31556423981cb34b678e4cba02b26fbb693

    SHA256

    1f485a866e4d35b06578bf82e855e47c2188dc0c48befc452d4a768353ee5e66

    SHA512

    189f0ded2ef6825aed0653ae8a7f5cd919cfe01da397942a00d89d69ed17bf835ec0fa5302fc4c23747cd4affe1444b4669f3f2dec33d64230ac5429ec153e39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    283aa96adc4cca153acca38f7a8ca0c6

    SHA1

    80a0fe87015b5e8e78b40b9d58f936ca822438d9

    SHA256

    20cd432c72108b428ded9bd2bdbfd488440c164c1f9e95df976968bf90983ed2

    SHA512

    520d3534ccd514ea2b45e0cf2613e49cd149f25888ec67f05de0a5db9717fa20f7a090bc9997029842db9d069c266cfeb498b8d8a3826d84773a1666db5854fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83aa54969cbd3b8bc0a5931c2e6c5690

    SHA1

    d4eec50fc19c246b4e1aed2117a8dd0dbef00a13

    SHA256

    379997268464478760884973e23dd6b0a7dcd6a189010218c7ac1f5f134c7ab2

    SHA512

    cd10a3097399222408dca5d81948b9733e7c398fdbfb10ffda44c6bcba97e3b206aa350576fa75eb0588f7a9635b72b1ba27a89ce9d8d8b1b086ce95804948b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9815c9af007c8eaab145ac8ab3238b21

    SHA1

    fdcb2d495fefa4cf92bca6acf4f23e7c349a177c

    SHA256

    c6e3c44d4ea76a995339f832b36c9105901bd4bdeb7ee098597d2637b2322fca

    SHA512

    dfff73dc9ffa68793f1a70f570c95b145cd45b0b7b8c3fdfac36a3196e73b97cbcebac8adbe8c5589ec2a0256cb90782283e33c03b2adad1d0da7cdf7a8f84cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f988328ea31d87fcc7349a1238945272

    SHA1

    c157054e8107e31bdd6069546d52107a4be0b6f7

    SHA256

    dfa5826872ee5969745c2118e04e28a937298e8f7c5f1fe84f9f88f19c8eae05

    SHA512

    b076f217664fe0ee526123be1af2fb8cc9831e52f5ac49786dd398dcd89f33046f253468d3775ceb26f335789ec06d980c6ebd79a45f5b26dafe0c1a2ee67489

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22611806db49c56f95e7208a8061ef79

    SHA1

    498b751a0dcc627f4c6e57950aa99c8c4f583626

    SHA256

    b09a0bba10cd873f01317846d7333102a36816b2641be3f4f375ba55b75b6f28

    SHA512

    a64366f2a5d78129e90df46bd1dde77e24a2999c1a04841a54eee28020c59a0d18c0560accfbcb064dacc56a5fc532e7945fa24f0cd0018d4864d198f96bcf79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30894c42f1b2b0890db61c85fadc3131

    SHA1

    81dba6da2297f401a18c02cadea1213ff1c59e12

    SHA256

    afe66d27d8f38cf423b25174bab5117b7e3d84ff12bcf6286a444b455441147e

    SHA512

    f8e88af461fcab671118a0aee4703272394e13107c88b2dcdf98da6e8ff9f04f8b4902defda8f3a807d54e670a5c7d206688b6c587e022b5868fe6f8b3c40d07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb2fdb6edfe55f1443df5eb8ad6ada40

    SHA1

    1d17f7f96a378d7be753951587cca979e32ddd62

    SHA256

    d48a4cff9f533325b07f8e875913d87f259a260ae434f9c8f1fba4caaffb05d8

    SHA512

    b41e7e5e0a2f3da40dc49c2a10228e3a3dc27a8fb5768188274602a2a39c68a0309c27070390dc8c85e36c1cbf72a0054b07ba0e0eeeed600c784147fd547520

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0df6eb374b6f823afaa08f91194bad94

    SHA1

    7938684e0deb19fa77a88f6b962c1a5f8bbfa072

    SHA256

    17007ddd02ca38242fcd62befc24856f531913f7935ef30acce0f5dd118dbac0

    SHA512

    4b877746b80a28b298dbe14719f788d37970b5f9ca816fbb549ad161adeb3f13e4c2915b4309124eea8ee1dab83571f1660335da93f3c86e8f126dbecfc89590

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dac93d2cb92d23329ec33116370bfb4

    SHA1

    6212afb57c08795ccb338d1ca33e155ce272a066

    SHA256

    218837eb996d337a206a889376ef7daca063dd83504b25c7c441515d95b05d80

    SHA512

    b93302f52c46a292991857721edc53fa48f4b5e260cdd4dc211a376be0124d2bacf9332084d2c87157060cab67d8f40c3fed988120a4a543f4872ad030d429ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8949bdf29555ddb6c6b53a14d3e298ae

    SHA1

    57db3c5a9acabe8a15625a3b0851857e5b487103

    SHA256

    33741efb95231e9a01e535618cc5b60be3633dbe131248a8250b4097e8370127

    SHA512

    d4af01eb4be76ce13d639e5eaf2e821f571404974d91531b44aa1b6714b005e1de1ace657cd292394a7608a3ac78f176fa5f525351cdc99ff60a0ad56b436885

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09baa548bc1bbf71ca7544a046fdb538

    SHA1

    f42265aa8494c5bf9f70494a550d60fc28e3ac62

    SHA256

    6fc4ed2343b7a926ab865aae97383f837b55693c429524820a7328f780082f3c

    SHA512

    b595d338a347e0907346c4adb6e7557275836be93d8ca0f7616613e76f0bcb79326f9c7f933d3d7bdbdf587dde62685833ba9939671d2532ebcfcbf232664911

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41049968d0e5765c39816b6f17daec36

    SHA1

    b0c2475913abb581428369ce5985ba05e58e3693

    SHA256

    9d1d61ad464c5053c25b9b681c7f4c9aed7a1b5e391de31565b014d20f9edeef

    SHA512

    929ea128c562175e664b3a7dfe925be53fb296d5fd1c853209b27561a6caede464a7dbb76aae80b6b52fdbd3176eb4c0960f75cb3ab61af8ad000d27790fe8b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e81322a16a81efec9433a51950790a70

    SHA1

    be40f199aa55f7d296c81b2032cb4a766bd987b7

    SHA256

    901836985b7ee712f29ef4164b698b8d51c8c0e0108c7328e1a183ee0e8b10a6

    SHA512

    76612473059ffda082d440e8dfeee97772bf0b094af8edafeaef7fd4de38d3d425d90deb9a921f82c3303abc99800d900c5c8049716729e8679a2eb9eaec7f28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d757797995034d0d3ce09ffbf14bda9

    SHA1

    6206c1c07f922420252bd607df2a02f47077658d

    SHA256

    e638b536cb46c81a5e36eba304a49f8e494d4515ba51136d66f5409bb04d206a

    SHA512

    3f96f77a46b0944f91e99b261976aa3e62283cc8570e7ad76aca160b0a1aed364c391d0547ae036639ad3f07f6e561e8dba35f5911851a2e6063faa7b5b9c099

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7af40535392de546cb20ba68592a3607

    SHA1

    05ac7006b8fc40ac24d10f730ad69a02f497852f

    SHA256

    a1a26875cec1d457a864b567a6cd81f642ae3e183ded54670f55196fd21e5ff1

    SHA512

    4ff3451e126f2310c8c4737e090ff509ef24ec79d171c47a1cc3067b6be2a5f69a2cc0aa4805e446ec0c0dcf59f3105b26b79bdf7354403717336bf98aad93f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32502c6544caf78705dd143c5cbde972

    SHA1

    646e13e21cae788a4a7f08bf5cc0c5296c6a3f59

    SHA256

    1a53cef9bacdc56bb1d5da6dda7c73deea88f21c70c950b1849ff14f60be149e

    SHA512

    ab606430102ddf572b09c70e4e266ea4d3a3b102ccd240d21f5fe01112c23643a792a8942331d6068f60007c1218c30ca24022136dd4662e23d93843d61b9ac9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87b5331933993ee8f6df6e1563262413

    SHA1

    af6780cad31a7ca4231902ef16e0101428142217

    SHA256

    87662311c63a4e24e4b13504905eca8e6af70448fb5779cf1c6554306ccd0ab3

    SHA512

    2511213225639712c14fa7206a99f39d33c00abea67321f5d6b1d5186bab28ab89939d3da538d7490a1148a8ac44b12a0f1f0abc9cf42a2445dbcf795798cdbf

  • C:\Users\Admin\AppData\Local\Temp\Cab7715.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar77E3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b