Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2024 22:19

General

  • Target

    a4694029d2117ca5fb2cef94476a0629_JaffaCakes118.html

  • Size

    4KB

  • MD5

    a4694029d2117ca5fb2cef94476a0629

  • SHA1

    1f4f16d42dbb840ed2ac0f9e8cc2e86e2a217858

  • SHA256

    5e8c82c60d115a43a4acbce9f06c50edbe34cf5452cc439c929dd946786c8197

  • SHA512

    2c44f75c424129da170f06de52a7565c403c71bf484b8c7a7282c9ba5af47aa37eb0cdd6552489375a718528b7d3ff5c2cdeeebd0241802d490dc03ec1736608

  • SSDEEP

    48:t8MELTua+KyvLOJZavtqdJuZaO7D3qQk6kkmkTTi1Nakpn/bC1gZy:/EGIKLO2tqdJuZaoD3qM852T

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4694029d2117ca5fb2cef94476a0629_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29c872a8421b65fe4644ec75ad99b4da

    SHA1

    371434273d1021d84864e6a2fe396b4bf26e07b3

    SHA256

    f0c154c926c07fac8b38951302561e766542d210ab90fb2b447b491241d54ef4

    SHA512

    70713a8a8f099ab5bd2b603255628e600ee41b49513a19e72f5adf5cb91b71ad1e83ba17d3455792d9def909724bce396f70fc45fce7b3342427e072186eb6b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2283a317389bab42954921de73503f9

    SHA1

    a890b0f53e5e744ec3f4029ce4f96b120502411c

    SHA256

    5251561e53803b3e337cf3f62699da7d53ce99d9e968e0082a9b0f62bc4ca342

    SHA512

    74e6cd1cc41a277be0eb9ec1d3c2b654c10f0c7e25c47d2a4382c9f765df5403082211939ac81ae56007b0afa252ca1765112c70ee3f51845cbcc709eca1eaba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a82b970865f1655470afcd7d4f49e7c

    SHA1

    c4bdd1c2ba979650911b9dd5c79282856271819e

    SHA256

    eb851a73d2d8679f75b528df69e1be68bc85ced63ceb06a447c8eb8cbfc0ffe0

    SHA512

    159d89b28ab1eae48950f35e961bbd1d38587978ebe3f17cafa941232fb28a054bda0f1b749344c82c86ca8187e94a21c318c75cc19c104a2348123fc761f63c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2be5bb011184be1e3d4bc9e0c013e91

    SHA1

    834a13cfd3d5ebd44d20867f32f2b8887118ce55

    SHA256

    a6b15f59d58eb8cd7b0d9b94fd5d69bba96844396f1898678eec750292420a89

    SHA512

    10208743ab44a5a9414a2afbd134126111e1a0c75a9df651e95da3dcba563b2e240b6acd9e1ad34b20041d581f8207724d695589621cb5fb1d8cfe1efb1acbbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    425e495c1fd26309e9e55f39440768a1

    SHA1

    a327a63b72bde05a859153241daf0260b5fad324

    SHA256

    fc018933201c4ab59a25aceef52cd8b1a9d516f6587eac868a8afc7e855c83a0

    SHA512

    32e25d69f47e31c311faded2941e4a2fcdedaafedd468c76c7c55c62239ece5217ce647d0ebaf2dbaa184cf86fff5187fcd4928068d943c7f86e591042d5b3ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3448ad44008837116302114bf72130cb

    SHA1

    8f65ea3b4f237d2c0b66e8b211d7b4ff065d366a

    SHA256

    aac37b5fa05bc81d1df2fc627151c6856e8cba9d2eea3563fc7bdfd9373241dc

    SHA512

    74f3f1e5a7c9cd02e88d4c78835717aeb396ede5619f806290bda363d6f834cbe0574d95274aae7838e1ac40e9ce923f2332bedf8c731f5fe27a057df76363f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    152d962f83008aacba73658e4a0f63e3

    SHA1

    217af1e8af585e5bf1fbe9d30a605ebe5ad63da4

    SHA256

    599bc2760181b552b53845f7bfb171b64306d1e2a93858aec2bfd6ed273a076c

    SHA512

    cc9c0a23fc6b3419bf053ab9a29c64af09a2c50ee8482c2069d3469869430a7b3408cbee99120b710c346b43f9a30ee9dbec778a3626e81d3d8847af68f39e77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be725e673b39a6844e9907f042be5c4d

    SHA1

    3c13724d656225488ecd1bcd4b137944b7bbcea1

    SHA256

    06341099b580368e1affee71c6464bc1fa2e0e75a9adf205a9774a0cafa0a2d6

    SHA512

    2f20dcd4eceb77072b32e96c749d4c8470ac6f4bb2003c5d92f7ecd6960ba41e101f1771d9740f5f274c05b58b8309c3b8f0e77121c0ecca64bee6ee8180d4fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    736e6d2eadd4cc08c7480b6fd4d97d40

    SHA1

    8f4873c3c99593d8f81a60591ce0c77b060f2d04

    SHA256

    e7b25feda248201d26af604253a19e59b3595ced94a1bff9f8324852cac13d10

    SHA512

    13e26db00e4e77b1c18623ad5d2c6a08b338d327fe9cc40bfb2e70cef531ec7e0adaa4b48afd05b7f3d0ba656ed5d5c864d643324de24846627d00e2f65f947d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1e816cc1b7ab2b76923e37cdf92aa84

    SHA1

    6ad479549cd767ea045df09fd02228de1fb14430

    SHA256

    9dac8c53ea223be5b80e2b5255b945a4ac5e0c6315933ca6ebf74aca78d93b6b

    SHA512

    dd4df5c9e6533c9dce79ff7718f9743370a9a8241df9ae4f7d2623a67dba2e8e2f72eb20792c5121a9576d58d2f961c097fc9ad83e748ba4da401c9188fa8c15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd25791b64c701b1721edaee319baf13

    SHA1

    b29e3199369ca85b3de753d456269ae88449fa3c

    SHA256

    c88cfe56fc76d80b44c1d573514ab0e1529e926c0102c452e3613fbf3f8230c1

    SHA512

    8d80cfc8ed427fe722439ba06082753e8962cfbe1aaa8ec6342aa61918b2e5c39979f1c7c4f86fd8d273eb39147d83085fb51d92d392d31589bb834540bc2cce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a40fc4376be90dbb9251e136d7f6dd3e

    SHA1

    8197988cb22d224e8c06c43b8ae25016e2a8aaf9

    SHA256

    13b900ad93fc0fec6699d6ba4ee09cd765797487ee9fbd442e86d1831c74eac4

    SHA512

    0dd77c9da35b4f109bcedaca4df1a49f511ea0b4544e0ddb3081839e2acbdf47cd47699c842fd30cfb634be789e7b41f8e66f3680329fdae36725a97dedbe804

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90a5f38502549024036fff2ddbd982ab

    SHA1

    ace710a20d0975e47fa636042b598cc3fd381b54

    SHA256

    ebbdc3bd73539eaba6d9caa9e818c9604b5d964078e99febb24c38b647980e91

    SHA512

    81a5faee05d880a9dc4f019ec53a28d2b3c74b5cbe293ef0c3400704359353bb7034f129d4966a49ab9699ca6f0e1e24c0cda71279c4ab24cc04d71ee5b13654

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1569e305d1e880e1ddc0f6b4a92467c

    SHA1

    2a0fca6a9a7841c9f6af5b69e1cc9b3167a888cb

    SHA256

    b0b7ef8205942f3f03b690c0a6d45d62ee83faf6ebd17e0c465ba416f4eeb490

    SHA512

    9af03b6a07662f70e67651f106c0519b1f43797058670e79d05c49d9f678e5287d273fca7125833bb35beefbcb13db23a5fb1ca251f476317ef634a0f473716a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5f20b813fe34a1ffeee85e18ac5b834

    SHA1

    b6b9069c02b392866d31fdafe4084f0d704c39c8

    SHA256

    e5aa9197f712351831662df028eedf44f9bacc2ffb23011888f21fa001234150

    SHA512

    0eb88fe2a5cb916b7afd65b388c70352d97914a17dc2355ffbfb78f94889f3cecd9505fab9b04ec340f2818f1381c4d3a00d0391a0592193897c2daee5ddc99c

  • C:\Users\Admin\AppData\Local\Temp\CabF0A9.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF119.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b