Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2024 19:43

General

  • Target

    3bc0cd278d4913702397d7af950b7a45_JaffaCakes118.html

  • Size

    6KB

  • MD5

    3bc0cd278d4913702397d7af950b7a45

  • SHA1

    94d4bac7ff4ac28930595595be5a76cd03de939a

  • SHA256

    b653acd2a038e32b85253f2199825ead7c5eeedead03454518b83fca29ad9fe5

  • SHA512

    7dd252c13398022a0da082b9afe339622f1a93624e6ee06da98330a255dce48d113e1024a3e167777fc67b316484737c25011a002b64ad7c21d06229c6b460ca

  • SSDEEP

    96:uzVs+ux7U+LLY1k9o84d12ef7CSTUEbolcEZ7ru7f:csz7U+AYS/polb76f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3bc0cd278d4913702397d7af950b7a45_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5b5dc9bead333f9f517a2ec3ba88572

    SHA1

    d58a9c4493ce215b8334960da10a5e8bd8fed1f0

    SHA256

    2250e4afce79168254bbf9ec17661f61e4a2df286eb9f4b5656e4a3b5d29164e

    SHA512

    8f8e3668851a00a6ce1b5d2f800f672271dd68c9c9b08c3b170639a3cc40ae20dce32ad1577ce3cdf884dea663078544614bd54c8c07dde0a9da4f3d8a8eb1b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39567fa4dc03707a0cf405cf6e306272

    SHA1

    b73a75100d3e9c148bad8ea86c4867260dcaed67

    SHA256

    d332c54fda6f44277f05d6e7527484b0ef265fe2374d59524210649fca86e9c7

    SHA512

    ab76b1c4c71c98020146d0364c60a35f40e79dc41f59d1165ed2abb5625f4e615d4ff3c7539f14e05ee143f5dd57e40b6be63689bbdb2c16fe1dd99555557e34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbaeb0971382f5dbb7185a943fefa14a

    SHA1

    ce7cf91dbc1a1cc54d55c72097f9eebfde084c01

    SHA256

    3ef405df17d4293e37a0aca42f98f1510feceffabb176512568504d5baf23a16

    SHA512

    f3cfb6a147bc8daeeb32b4c45cb815f469936fc89dc81293efe4d86a4ab7bb6001ec102b2d631d2ef8e513c34846ab4a409a06e6cbc3a40c3217345dec1dd922

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    625b9eae38ef9f4f0255a4a2571f2f8d

    SHA1

    9aaf54caad72c258fb6c8ff9408f90dfe313126d

    SHA256

    dd04cfcd690cd6be84dc815a683b664dd553cc94db23ae2ed3b68b725c19c191

    SHA512

    d5c583046d3de709f5184ae41e55f32ab8db9156f9978dc7608567fd89e79956162fddf612cfe1a37332b632ed3202645a6c851088c107b36171aae040ed75a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f3d7fe11329ba2318f4ec8de45a31a4

    SHA1

    4ac3d57b746a55a64110a5650196c4d8860fa7d3

    SHA256

    b47932285e867cfdb436dde78edeace91835a20cbddba0c26808df5878873ede

    SHA512

    d3cca8b743bc23d11f61c76768a648e398a48be6fa04cbf381dcbf3a2f3647aaa7d898ecfca897411b4e8c08f16bcd426d9090d75b83fe0755767917149c486a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a606c5552493f506e571490c09c0b820

    SHA1

    91e0d27e787a576e563671175b7048f364597be7

    SHA256

    97d450962d4d81ac5baca1b4b70656c670e241adabad5939007d503228285533

    SHA512

    c1656a4e0e0b2733d09435ba6ec4d653455b4bc9662554708c39f82ed2b8f4af680cc77f7bc56d87d758f21c25e2aa95e62702c46988ef38337b39c02d1f84a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14492d925dc2f1704bd8a471ee4eb7a2

    SHA1

    127fa1287bc1c63bdabcac2ac7491f66e92c3f18

    SHA256

    323583d1ac0a152e1c0f1179d4ff0e0d9d60a76b32db1edddac62e0324e9e7c0

    SHA512

    d45aa9f8a24faf2d3bdd252b089f2fcd907bdbd3bea198950883a87bb52d08f41559b0e035c4d18c312ab61565c9c6d9174d5754582f3918e642a4dcce691de2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc7c298c72ed99815072a46802dcdd43

    SHA1

    2ee90b5d06afe48f004e7a837a4e2d148b4ec4c3

    SHA256

    3bbc779d1249bb3b2680387811a0171c461ae715b29f7fd9dd075dd77e69ce7b

    SHA512

    b87272cc64fbff1184d6666e1ac2c23719f066ab47884cd835c478f5075a3f072e9be351dd7118bb724654edf50839793fdc163cef326a55854c204b2c32f52c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd54d74d1e3c0594bf79c25c64149f10

    SHA1

    16733d2564f4672c0336bd7c163595c4a161cdd3

    SHA256

    74a4037c277e414a746a9f47959bd1cb4f71cab2865f788ccb58e9722e06e7b4

    SHA512

    1de6e6925cdc258058e4937d9a28f188acc8ebf1b81dfcdace4ef2362b9ea0f58f78a702de765834b99a4216cc518fe842543650284209df010d0c3453e5b7eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0deea1aafa6d6325e76d70ed73cb880b

    SHA1

    066f2e4f2da715c507d37d547d8e6e5fef4e07a0

    SHA256

    0a9938c0d7c76d7e0262c29c7b85cf5204f23ab5591eadf0b73aa2669db44097

    SHA512

    3226b72f77f59ea25f960c782dd60d3496e1d6c5459746c89cedbd07385bd9de083c4a7038675ad82f4092fa3efb4d42505e441c1537a320edf4142d65e45b81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf9921ac335cc2377198299216027db6

    SHA1

    d234c8c712b293ab11412d6cdb9139bfddafc52e

    SHA256

    3b3f7dda842b85ffa46bd0e72b86abab1fcf6f3a1a2e8febf04fc65d4c6b7224

    SHA512

    1c15bbc23532a4fb71199b6e934bcbd78e8c1d0377dd1229cd3685dd7d114e8afcdb6e68b5ee2a0230ef652f6cd2cd581229cff12a655833daf972f1dcb5009d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b5fb4328786292ed785bc0920659c7f

    SHA1

    a9bdabe43bb5f87bf5981b80d50fbaf5d1524da0

    SHA256

    49d1efe00b1ef8dc2894ed5cd216edb125c9aa066250510f436c5dac6d07b482

    SHA512

    f974b5f64a7470ea25c87314a68cf5d504f1d522a82b67d2769249c589ce8cd0d80075d4e4043a1f8a1e23171a8209a90252bc7ddfb9522ab4ed4f9176587b98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf9f4e97d7b1a0e96c0991262bee8a37

    SHA1

    be206ef44d98ecf5c3f35c29a6ec447bf89eecab

    SHA256

    36885bd3d13c5bf8da1ec38c2f55f326b0d3b9bd951f7c20dc7ce1e5147cd15e

    SHA512

    1a01dc8d190ef94f6d86e1fe7bf84a3ace697b7baaf3623061c73e07d86002a9625dcacb38c62f212b38f37428b93f9105abbc61375f33679f1eb90341267f65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    205b1ce6d5bb12fce785d75e715e49e5

    SHA1

    4dc9d4cdd4985f453d16f4e4627bc02fecac2d50

    SHA256

    aeb2a7a1e8e939d66df4edc6b460037ff40b1e7e15745b85d63db323c70ca84b

    SHA512

    66d3abc813ebec7ec210e29308962fbe570e324f12c8e99d68bfca065aa3b993725c8baece9c9c22c8093d9856a214bd20d34b3cb2a74dacc638c28e9459f880

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4750ffe69c59c09e6b3cf724596b0ab7

    SHA1

    a49381a799d202cd74199436d634c9edfcd1395c

    SHA256

    c858487f2c73e44019ba5fb688ba6471974065acce4fac949519d7613dae306f

    SHA512

    7eb6419332fca5cf4be4d711a1b5460a467ba5714df9da99a40e766b1139cd72e40e10422483aa25ce9e49320d84a81565904d902d2ba9c4a6292749d7d6bd88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ad97c1dfe8543a2872d631f36e406ac

    SHA1

    fd0573c3f0fb1385c38a2ef8c0f979a85d8cff54

    SHA256

    caa7aa8fd0e79d96c3f155d6b21a0174a3153f8cbb2cf4df1df56961670f819a

    SHA512

    5f47ca5b19890034f93201dab4bb0a9b742e99dc29161824f7d7f2622eeac115833e430dddb8fa5b8edf562ee4cbf594ce8b2566cc6d4382f1e6db6693074fd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c29c5cdab1f313354331d8a27053270

    SHA1

    58f6d51c50a73e6607033b414131ccf20ec9a789

    SHA256

    0d1b3697421a6827b743faa19c1f277d0c6f1cb584dba678818362925042b3c9

    SHA512

    694c60a6aa7d6763c095b68b5268ccf1bca0113536f349cbc49abccc40e3faa559e88779823c70a683168ccac3dd019b62b96c71f67eff378eaa833aa51262c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67ab443415c79aa57bffed2f4b805f1b

    SHA1

    a65932de9fffcf54942931a3f705ff12bda64971

    SHA256

    61d013a4e4ea0391322b9b22f31a6dbac122a7fb5dc5f471ec0cd320f232b139

    SHA512

    9edd8a8f5c99e2aadd88afb0ea54a678067553c397989ae46411918d2b92fbe3d5b180b5d5fa81a67b916d2674887cd2fb45fe80a6d09c95b1e727c7e52e6c85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cabd74295bdb5ea06a2759ba32bdb82f

    SHA1

    a82f0f129bdae20afe417c4608a475195578ca7a

    SHA256

    3fbca00cdc5fbf00162c4e22414e78b04030e9dc20916cab0ef821ce3cff554d

    SHA512

    9bd5fe787162a4e877bccb4b02751460e817cdf03823e12585221fcada81c94b079f2ab2a1098cd3f7772a6b61bb90072900b4280de24bbfdf40421917a2c3a9

  • C:\Users\Admin\AppData\Local\Temp\CabE938.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE99A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b