Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-10-2024 12:53

General

  • Target

    4270847970796f70ce628f975f8c4617_JaffaCakes118.html

  • Size

    6KB

  • MD5

    4270847970796f70ce628f975f8c4617

  • SHA1

    c5805ea51c685a169a0b9b07f30ee78d0cd40c3c

  • SHA256

    7d91cb0013c59780223fba609448bb79a46898c0b5ee3ee6b3a0864e54f33a9a

  • SHA512

    f65969212b3f465ef9fa46021a9125c8486e284d7a61b256957e54a94a9b7d1a53ea3969cb9b14478ed181c1750f8ffc97d81b027c326645ed5479a33f2386ca

  • SSDEEP

    96:OEmqrC3QADy8+UeOQlwQ8QIQhBZAOEo7GDAq9jex7SnylnnZlC6TC:gzHyDDREo7hq9jQ7SSnDC6TC

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4270847970796f70ce628f975f8c4617_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a740ee471baf98d513080b91c9f91494

    SHA1

    e87e2e58ed0730db4226181820e324b002941d29

    SHA256

    a6d7b0ddd18a6f987bc0a3a119a29859582236565f9ebc014c1412a5f66a018e

    SHA512

    0c3e2dc4aa5436a0a0f7102b64cd87804676789ea54237dea553c52a481c140b98064e3d23ba30a9b28b6d1fbe3e5d851ade9faa316972202d74a25a73847d99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5388b436c13a9d736ed59b0ebab7fe9f

    SHA1

    107fef1af0c559b22c244b0b1081b14918469c04

    SHA256

    2e8fe0fa6e2fc30f74173ef63996c1ba146aae8ac3e43d62eb874092a36dedd6

    SHA512

    49c1b9cbfd573a7fa8db8543a64e7c2cd8f38c0ca9b43f03f69bc1e671dfa3f7f8c3ea89325c53458618130dc81fc2205de44aec0ba11fdea248a36d35099dcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec2e9d98f3050ee384f163100a11e129

    SHA1

    68f110e2497ca38ed8d281468e09cae5d3e945d9

    SHA256

    ba05f558fb4cf106854981d813744b97fd48080ae313d7f0335a22b45b20e8c7

    SHA512

    69bb57c3c769b4a718a2131dc0475679a7414e764c410bc6087a937e72fd2c62f5fcceeef7715019a8bada853dd79e0bdbd6cb54f09d6ac237650b4c07890a9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5564392133c72ba7f351e99a833a51cf

    SHA1

    39338cf7ae4751da4f192c0f25f24cb62c66bc08

    SHA256

    aad7ad899c55baea903772cc9e338c41d6e3b807f1c911995bf61c3323287790

    SHA512

    698334fbd0029e65ebe09433350d5eb5eebaf95390bb3cf8c0aa10e0c88520e7bda9231fc61aa21798eea0f1675d4399f3f6d7df726f6210cb53e526970dfab7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0622f12a93951344bd575917d1108de

    SHA1

    3fa135622c66433479e4c4ab78c92324cb1921d6

    SHA256

    5d92365a5d32097483953f8c07d64900a93105dc7d228df23ab466df8da09693

    SHA512

    c201832d641d4069fe2f935d5fc580fe9dc7629cdb4e75d8ed263d18dc681958a978a0fab5d26def0bec29a0e09f69831878336d60e0d1b97ea2514b33d465bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5134f19b699c3836f52222c716350ca

    SHA1

    b4ef5cb0d9b3c86ef319e00fa73360dd55dba838

    SHA256

    53f15b68ee58fe5fc6a7cd8b984160f68d663097b4b9c02d6bc2eca3cdba41f8

    SHA512

    413fd62d3b3164f5915db9770f60a599c3ec0f0f3d5a9aa372c1ff072c2b25db01e6de3b96a60d229a8cb704dfb1e534d33d89740e1b993a88ab07d3bb3da421

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66e845c0d0234c5ff22427e9e2d6bae1

    SHA1

    c0bab525e58c77f4cefd7213ee75d2537484efbb

    SHA256

    1b9db55ce5a8c52d51bc985f89900b8afb3bb5b5f7f199c031de03c048a5b2e3

    SHA512

    60be42ad728e6942dfc345e03537e2b1d91b4888197c5cd543f55a303a76e7799231e28454a39db97fd615d59e77e5c25ee20c4691f83fa8463838032e3f090d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71d122e51ef71541cb2a3f3a18a5fc8a

    SHA1

    fdad8239ece24fa78178caea99f9e6efc3713832

    SHA256

    42cf458ca1652aa2c7880ecb34dbf367b7e7d831706b5c7c1db9cb23d12f9d36

    SHA512

    234beb546bdf339203df972c335eed0f297b9191ec505589ed787eaa78c5d7931aa0c0dbde04316a4295f1f18471804f0ec59a05b9d7e43a03bc014751978ed6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c4bb3aadef0e879cc45aeedce438232

    SHA1

    c599e10cfa22c33125090a7ab37e326e70ce4ace

    SHA256

    5f78a57d0abd5f567ef30be206eb2d9ab12d94cb25bc2f2e10cbb75875033541

    SHA512

    2d7148a91a7e2fea0d5f559d91dd25f74a80722d90eaa79c274ba6ccc6a72a71aa7f75c1431c679ea2ce7067cffeeba95fe32c1d2e6f911528e1ba6307fde3ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bc3f51d57b15d84b568de8c96422fb7

    SHA1

    e2f65edfe87115debdd67106b2b4324c9fc3d0a4

    SHA256

    99b0992e17902677cc2b417256afc8a8a70b03a2f679a4c80a4599798f63c86e

    SHA512

    741340d95c1c6c360cde4f53ffd888595dc4178eef5b3c8560ef14c1a0d4837674fb0434977410a405171d4e99c39fbab8988a58eb6df720a781af520320dba6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef90f0e8d0ff1120a1788b6c93662b9a

    SHA1

    2e9eab08b169026161d1a3bc80458c1d2680fd0b

    SHA256

    cf01e99357158c4590c9c594e6c4b14a8dec3d855e46e9d6439c7db7807e6d47

    SHA512

    24acae5a9326d8abc7727af45db770de53611d9618e85441a4ebd7e454be61d475be34589fc94b225ad65d57f644c39de1a3852576b166df6a363dd833256e79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fbe869f8b09a5d3692d7aeb315d2559

    SHA1

    7a19681f27db8c405ef306d1f81e5e9ce68b78d1

    SHA256

    f7a2c1d5005d941d114a8fa54d66d4265b56526840a260b9423409a31979db65

    SHA512

    c506362011352d32895462e35edcc82bdb3d5e4c56196fa43012a272cfffd82a9e655f489b61da72cac9ade02cd855c197a2a6c85f95e08f5e8f8288aab89ece

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c8dbe34bc1d9531b61530778d26d16f

    SHA1

    fc73fb0f0f476818dd4a5a29e7197ed9d035c0d4

    SHA256

    4332958cced1a8a1b751acb48bac0420be8ab0bace07fe447ac005f965bf2ba3

    SHA512

    b7f7409e449afd89c49166679f95b0bedec83d301e250df64c4f0fc86ef7da93e172ef14431e0bb12849b5d917ed8a39b6284d1a677c44c813464d1fdaf6fcb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bedebc3fad4b8574e615f07adba3b536

    SHA1

    911c01edae1a7c57fbc7a88a7202cfc3f0bc9b4d

    SHA256

    471722d414b5e88e700a81535dd2afa8252c755f8efd3bba5a922fd9cbcd399b

    SHA512

    7b7a37b667b0885c0a7cc48c80fd1f72557f49848705d2b87238366f22c23d86c8dd33e8d0843e0951503eb47da0662f0a53f299ecba434d85d8f212cf817847

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a610529f13e14452dab5d3ace8f57a35

    SHA1

    754b23efc79ce4cfecc2e5aad703dd5a89f62680

    SHA256

    51e3dff7b1caefc61cbcd183371424b0448ac7211b9cdb7fab7c018775da7bed

    SHA512

    fbd17e7c92b3b95c929f8626c9f7e16165ae0f3c693f842e4563ce6093348ab412e63f9651f7535a4e7f937122543ee49c34accc398f634813a16d08f79f5abb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f34ece7534f4a266023765b0008a0edf

    SHA1

    cf309ecf033bb75f18b3113dc34330ed7f509c8a

    SHA256

    9e563f2c6d21a0baafbadab5d4df43513aecc2fcdf31f0fe7fc185b860ef66bd

    SHA512

    a3d887b8866a7f8b800ccfdbf834ae951c523c4b14bcfe6d0e32276e26b6da5f5df94ae7d46b220c0ca5b7b98b97baa9576206263e420bc39faaf119859dc45e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc8b267738b850e54b7307dca8ef50a6

    SHA1

    00040ba7e5e8a95dc8d4ab0c0d57f76c2724b5a5

    SHA256

    455ea5fed0af5751325902695db15be67f91fdb2c16faa9eeadd56240c651492

    SHA512

    268bb83fe08ae7bc7087f79b9c2a36a608b4c92f9c4401fa3e6c1d17bf221655975e45c175a25ff188a21eeea8662959698d698bddc1c8a0d5db0d5573f4d1c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e36bd746c58f02e9310967994e8a3503

    SHA1

    a8da7a46831230ce981161b2d0b7ab996c292686

    SHA256

    59b2dfa4dd595f5b4d2ffda1c5eee58c93af5b566ab728867bd97c60e424ace6

    SHA512

    c088c685e4fc60dad81ad521c3ae5c10d90685a0525ca7a2131eb1a00c3c9c647da6f4d388524b8baa3327c5e9fe84c13213d82118e23e039ef8efd92f0f1fec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    476108a9f8082934d8f0fec0412c4540

    SHA1

    71352c521f0744fe7f89a57728a0b61a7f7d5a10

    SHA256

    4b166bfcabfc656b9c4c7ba5fa23c8c3d5c7b54eae6d5f9ff6ded5ef4f086bd5

    SHA512

    357574133675561baaaf3fabe47a948d5c1c8eda660bc82c2476bc341965fcaf1361d8e837c8ba2b442a7cdbc29471186cf7fbd654e29247faba99d860c1c943

  • C:\Users\Admin\AppData\Local\Temp\CabFFA4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFFF7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b