Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-10-2024 20:07

General

  • Target

    537d7ba3db00f350cd866180eecfb4c6_JaffaCakes118.html

  • Size

    33KB

  • MD5

    537d7ba3db00f350cd866180eecfb4c6

  • SHA1

    c74c1b861b5c578fe6b8a7e75c371d551012b9f9

  • SHA256

    85f31550d69c101689a955fbade9760e8b78cf3dbfd9c6e7ccc9823d7e366e85

  • SHA512

    890d39e0a2d14480db298ff406a323d842235e80c30353d128c473e8133af9d22ae3bfa9c06e79801be2a760ed9e168bde16d271e18e77115fb9c34e94cbd12a

  • SSDEEP

    768:iqVkBQM5ZhgBkDBPEFhtxTFeFef1TFe8kBQM5ZhgBkDBPEFhtxTFefaNe3aEIe5q:iqmBF5ZOBUMrthue9ZeBBF5ZOBUMrth5

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\537d7ba3db00f350cd866180eecfb4c6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90f77fd6b941856f57c241ad24ae8ddf

    SHA1

    7d255ef9caa932d673c05aa0c027d16ce26f10b2

    SHA256

    aeff029f1bd739af40dcc3d67ecbe12a3577dae10e86f2c5be13e47745a2079c

    SHA512

    c1a9cd57a0569272026b99007178d8e221e861025801ce4b65e671e57e5001e98d654a44e4d91585dcab802c3ed6f440027d3a5e7cdba2ceb56855357bc983c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a36e2d599c4b5ecc37ee33a64f7f88fb

    SHA1

    74d8526e5faf745d81093eb9e305a3b0b4e0361c

    SHA256

    447e53c748dc8464cde54cd48a0679c21e44e002508e2e20d667e359f945554b

    SHA512

    acdbec62ae6a6e0146c9f50caaf49f6cabb4cd4629beff2ff77351d272b68491c1a191c75991d0e488aae9067c28a9006ca82989dfdc2844e61c2ee1428ef70b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9eb5a8d7d30ad806a7607628d7301b15

    SHA1

    2914cea8b4154276c3b1a35f92d50509b2482c40

    SHA256

    25944a93c56d23cee3b63b560af1abbd43ccd7fd915c22a53999db8ff09816e1

    SHA512

    f2d92c4b0489e3734483737503857567be40e5ab81c2df75e09a62c74d069900091f66a053bad8197022588affd3a03733c2cedd3d7a4c2f6a98894abc3a35ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bab2cc049575a932701f7b5684fe559

    SHA1

    dc2d1be0bb3db798eb4620b7f1854dc884138de1

    SHA256

    4b0aa1300de17730c328da3c64e7b1e1c1167eb3517fac4ffeaaeb28c248d26c

    SHA512

    b0c696ad5081c616d38a7e5c3beb1d68edfeacda3c4a8af19777fa6cbcad24f7d9362aaa92eb536077b359fbc99c033fcd3c9bbf6c1fe3637bb9a6cd86f352c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce67e7c47fbf65295578a52579631b48

    SHA1

    10631edf19693708ae837ed05344f25d938689f4

    SHA256

    a019c5d52dcc1699c89e6d8de9af8f9443d00953f13b8b4c9fd3f805a3b6d958

    SHA512

    d7243980149b46ff7fd2d4ec44b7132867d5b8e3b5b348c31a4aa399c27e7712d4e9679e4144de75d6b44a5a607af3dac5aafca4e645f1b091bcc4412e38b890

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15f0af40bb052ed3f194cf5a70353749

    SHA1

    de7afdac0c8dcb50797fa8815674a8a898f95e79

    SHA256

    77f1d041d4dfda83ecfffcf75ad87a6c11f2f303fb82f55779b802402f5063fd

    SHA512

    4ea2892127b0767a8338996ee43749676a3b362329c72a0edf535a9c7c42ae188d8ae7e56e82d272e0e3e82d0d49638d8eb7cf02a5bbab8b69319c55b026b68b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73ea4bbee77e351bc223c191c10d510a

    SHA1

    55da144bb570337b086daafe47784cf7ad9ac3a8

    SHA256

    665f3c37c936aa41a5940d875aab13efcd90f664c8eeff85ecab383c819cbc8e

    SHA512

    de8c804a8b4e75b2a9a709466620ef0bf08d5d4009cae92404b13f706cfaadc445c9cd330de430e66800a25d94443fdf03d4c3adac76498a756073561962c522

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b7b586b3013036400fce1502ac05fa0

    SHA1

    01a852b1c108cce796be44ad455bbbaab195a8e5

    SHA256

    4673390fad92ab7efb7d7dcd41a74492fe6afe3200d268179078458a0fece79a

    SHA512

    63446b61adbe863b23880fcc6f1f9b73f4d4e32205c09f950a3366a728ad81e6cfc11b5cdb3eae8fd17e67e0a2f6d73ef349386674ccce9f63ffe67333379829

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18d5caf9846d46fd55c3798918adbc07

    SHA1

    625c31d7ca1b53a479b64bc392bdb9fb50a29239

    SHA256

    f0e7c1800631da09fe246d74187bf3346bd180b70d548aefe38db0fd9f0a5a10

    SHA512

    e8e2c1e3836c47fe443ccb72cdc2af157bb1047035378a8b5c1bab661faa8695a9eb300204fc19164d491256e170e761f6cd8171b788cba36dfc2e85294fd16a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    715e7e039823c764da4569db124cc847

    SHA1

    aa93c6a232466ca28fd32907b658f8737be047ef

    SHA256

    88ba6f0f0339c55034f5bb87bb8ef435f79bc15fca5a0c98147dc6388b82d8c1

    SHA512

    079f873af9fde6cb6e235c4fe8ed690f305a31cd4886575a1fe994b2c2ebebf225efa022d13a26a4c68db540c9901b355fec49958a6cec5180603f3c14abcdaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5004c8cbaee568f3e0964a08a7ff8b0

    SHA1

    35db9bcf45fd7c91ae7f86103ea41f233487eac3

    SHA256

    4feadbf6151a75a020f4a94092ca925aeefb0dac2fde9437fc9e884279d9e2a1

    SHA512

    ad69db038da1ce1ba7f06aa1b3ca63f12127b27deb6a13303daed1557e1dcab8bea9644afe794dde9427df3200a5284dfeb0ac68f40ad349949f8c2eca76a436

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    531842f8938d8b1fd10f69b794b353b7

    SHA1

    73fe80b03e857fea2329f984cb5a02661312d9c6

    SHA256

    cb1c3d66e88492e9f5a3ead60c1e6d4d151e88b3102da91911ac28b4055b5d15

    SHA512

    64f82da19cefe4c80236972c6800405f35891212b1cff7387c97c08f5a2f3151794ed9694a93d4a4538606e52c85488f928b47c37635e010b19e16ee0af19c9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8ca4c3356fa0e744119cd4d150f8280

    SHA1

    aa42405232a74282dd96dd842a2269e12110b8a2

    SHA256

    9874a9557b957051ff223c86ee2dcc657b252938ee6b7f76ecb03a223bd49b15

    SHA512

    867cdbfe210d0468aead5e9b5d5b6760c5b1f089340ed6bb87e8e90a7d975d91d2cb841cd80c54990aa6ee6766418082e46434307b43f84ace8a514acd627485

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58e7b61f1ea27e83a5f0ad8554cfd988

    SHA1

    23dde985bcef46e2f6db0d02f5bbb1845fa8216f

    SHA256

    4752ceaedaae5c5f5d58a565c9a09dd740dc403068f0e6abb5b66d941cbbb2d6

    SHA512

    177d064e98dffc097b7e18e1fe1f57bb2028fb6f7e83fce9e64ca63d6e72a08fc2d994a0a280ba56227f5520e6578c3074870f685465a65a17e8150eb985a1e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d680b52a1fc8528a10cfc6d3b554b0e

    SHA1

    9272eca6e4912816ebc6bb84c716f4c6aaf1dd6d

    SHA256

    e5cbca93fe5ea762b68c709806994bd402013b254abe287775bda0d1eb258993

    SHA512

    070b064d0abdfc7f3378e3a177bab6f058ced8d18385cd68e6a537c88db1462261605ac6614613b42ec677fc424f0d2bd878525c5ee0ad6f6718cd40b725f654

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23418a0af968818278c382748009fa66

    SHA1

    5bb43c5a4c0abbb2f6a9537808c053897b1133bc

    SHA256

    a28e2f80615599904e7735de86ae71c2378103df968e8d5994ae13da5e392ca1

    SHA512

    cb46d162a02ca35a6352d73cda16f4eeb1df5073f597cd5929a9b3772793c38a29616456e395ff72bc6ab93fc889be460bd3e0dc57d886a5d2dea826dcd4d295

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8945473a11c14ba987a40ccf5a7484b

    SHA1

    4e7739a4c71e8bd3fd6ebb23c87c6ffc5b6b7621

    SHA256

    ec9cc9cb1f55935149796ece1aecfabeafab682f013f0c092a4768c869386968

    SHA512

    b52f3faa984f386ed69f0a7330558604c966a6d7e074caed32fc2ce06a50268ca2c43e53ba488aed22a2c22ccaff57f4b6f64c99decf9821d59114175ea370cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    def2f4a03e80bcbf33352328403de86b

    SHA1

    20c450fb51ffd821f3c80f8ca535b086e11a5d6e

    SHA256

    fb2b1e1de8a0baf72e978f7c32bb6556cbb13d8d97ed7eb824bd4146632716ad

    SHA512

    985b37797489601e182c35ab97dc6f7b86cbe228641332469ce6e67fb654227718e44232f5c8be50e0aca52ed9f13548dde2fe010426eb4b491a599e7caac0ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a46aa173557337ac5fee26a19e4bdd7a

    SHA1

    8ec1084f263aeb2dd684d14a4f67f8555b1c8a22

    SHA256

    14bfcb5bc57da35fcd0761c0d22395570c63a130dbe32eb5f5b6b64e24544f30

    SHA512

    6b2e80029bc7214b885c9c2a8731129c18013f0fa6e58406ab20e22e353684d4b7c8f2636f684eb90bfee7eb7691799a170683e16872245a012e27f4a4021dad

  • C:\Users\Admin\AppData\Local\Temp\CabD21F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD2CF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b