Analysis

  • max time kernel
    136s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    12-12-2024 03:57

General

  • Target

    e497ea295360d953b968add2a1530857_JaffaCakes118.html

  • Size

    32KB

  • MD5

    e497ea295360d953b968add2a1530857

  • SHA1

    e99b4e6c8331cad4abdc0901fdaf67e0c9476fcb

  • SHA256

    0fdcd970bd797130992eedc41fbaac613dc331e17e0efe7aa4a933b63ecc3bf8

  • SHA512

    7b8c87b189fc6904d43cd3841b565db22c6d4b76cd0b7fc6b7b8a2d8cc46805fff73e286d421c0da0e8380be6051f85bc495fa8edbaf95825097f70234279577

  • SSDEEP

    768:ZZrf4EuIb1VsgaluMxY/kBvzECbY9f9jzWEEyaH:nf4lIbYbuMVbM9SyaH

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e497ea295360d953b968add2a1530857_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2580
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2580 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11a42cf498e002341c1bf7606613079d

    SHA1

    f027d1f1ded45b381f7ae98c0ae9e37736e40c8a

    SHA256

    67c219e1534376c28408ea2b803498ba1db43884bed888e84982bd0c001f6313

    SHA512

    8e3e22818b9b8ea0e59f0581a2b5aa92a5ad4e6217e39970fda86b8219797d53f81a2eae9bbe000d4bb5d803008420125609de44e67f2275c46cc31089719459

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d4e108dc639f3a0042bb5efe69a3b57

    SHA1

    eef07a88187a280213e421b4397b56230a680812

    SHA256

    2e0b4abe7ef5293d127cf8b94d36b1017c5aa46ac22c055f0034154aa8bff8b2

    SHA512

    de3d0db47b8eb09f94e92483d4b11f193358d945b6f620504b8401a893a4378faf0509b01145366d07e5a6924cfa96e20ee4704d5f56ea83786c0e9b5031839a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68ab98b8e241752705dfc48f0b78c8b0

    SHA1

    32388c17b5c121e32c84b04da14bdcd1600e3887

    SHA256

    cf28d1bec8dd539943a833fe774ee99ee02f9d6b2c9284b88a7cc5756c33a86b

    SHA512

    89e01e556e96cdc042e89084c6eddd9ea074d007a0b188375f54d4c5e04e567a4d1730364bcc4e94446d5711ac6f0ff14f77518282d2eefc92d7fb0ab349855f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    197069bbba2e2a0e4af4d289cfe3d0ef

    SHA1

    a6e7b4a0d9da67de0d1949a078ba8cf5493aef05

    SHA256

    c217a7345ab47a68ce9794da864ac3b185c053583174812565f56609c4533d6f

    SHA512

    47556fe11292644de056847df3888750c3334de6e57ecd1d1816f7341325c7c47a45cf4d25a29eff57b8a4d424b47484729efd29ef1bffb476092281797a1f7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ed2e8f3a5c082ce499a547153e023c8

    SHA1

    0f5d1df615aa53f3529b65250d1045d7bc0115d7

    SHA256

    10e6c760ce12c3bffc024ed54cfe301be96be3427a0dd7072e1d63a5ff4d2117

    SHA512

    274502196e6cb0a491af817bb4a2d46d835d7b7aa6269e93c020030eaae10fba53d41176df2a3ec5bc7698881c4cf437ac4616acb101e1aea9ba11fc3ae2c396

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab149885dd0050ecc160588d30a283eb

    SHA1

    c8211502e1b7300b076dd2bd50b0113e5fb41c8d

    SHA256

    30b9a0187089731b10c05ced00f61cabc6ce9c74e10719d5b3d7fb3412d209cd

    SHA512

    f99e3d7165c2565bbdd260d27f666943b95a90dbc39a9e25e61b27c981966d8be131fc956f8330e88e56bbfdb60265dae601bf3f8350c1ffe4a45f70849e7eb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5f0fb93b2e0b910bd11917401208af2

    SHA1

    8a66a8cb20a691d371c518b5f159a2563a0e42d6

    SHA256

    9ad0074e614fa645349d43476d00136588d80d57d0725978ad392a2386ad9929

    SHA512

    53835dfad4c0a5bca5c8bddef175ea62d4fe226d63b7df514eedb1e0f1db06283794e6aefc4f25871b020adbea8236c067c9b7450fa2e22d57aa1f17d93ce005

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ac9e9dc081906c305cd814342375410

    SHA1

    54fb1dcb7a0abfd2ef2a4d50af001f65cc39c705

    SHA256

    cb7a9d83c7843481adbf789a30e3ec22756112bcffb9c90e5fb0b0f19cf9318c

    SHA512

    8dff8ae72aa4b6491e244aef03310de3ab477558cae3a626012692ccbeab4233da90938b34fd6dc58d1fe0e2c1f801f9f93e2c145e9d2fbc1c9d0a7768f2d100

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25c7a8874f4be9a84089073b60e9b575

    SHA1

    5a359e313d107dc352b6e3758ab5b91bde5b4e1b

    SHA256

    9ca9a156f6d8558b2b9e464f4e5e4759784e8b36d2dd65c66d9b85104e72a32b

    SHA512

    d0804bdebcaa482d033c37c6b22156b72ae576442432ad7345cb02fc976e7807736be439099ca01274ebb94a80062bcd4046991e899bd63465eaec223b722694

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c27474289b147cbece364dfa59e17de

    SHA1

    405a17a797d16254a250ed68d0d93381579f8aa3

    SHA256

    c414c7127bd078526de2c3b838139deac7eb39f20a82bbccbe02d8209b03c386

    SHA512

    173913381a64f1d4ffc39d10a133e48ee16596cfdd4b5f1bfb4c162ad16987d5a09d0fa617e43c01732b98d64fcf4279d223ac68437c265e2a57587e4619dc05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0f60097dbc8f00c7b982dc8fb644b40

    SHA1

    a01536d5f8a988efa8df411c9fb9c2ce4e713eb8

    SHA256

    197e88f8548bf0b801caff5497d52313892099a63cb349add93adefb56a7aff4

    SHA512

    4e42cbfd3999fe36abeeacbcca595799d029b9cb65740292acb207b6304c021d541bafef3112405106f05c0d2a3c8dce85bec62210015b0b6f138ba99a8b13c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64ef92541d4f7a552ec795a7e113b2df

    SHA1

    9a08ff1e502bba305a474069b0914a5a3e1174fb

    SHA256

    0236d1b3b4f51219932fe297ba8253ec5f1a7296f07a635d505496752de862b6

    SHA512

    798dca9e9909c55af725ec512f1cd04eef74a66f30bb958c8082a0033bddc438758becb4a8e47e66d6c39f25cdcf730c09c0957a9fdcdcccc5b06e633c674b15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e787475f4f2b4c04ad777dabaa641cc8

    SHA1

    12735109fce9daf2ff0ffa6afabfdac738114149

    SHA256

    79c83b61503a93f16accaa61a632ef145d81140bd41ec4e02ea579db88484427

    SHA512

    5ba81dc32fccfb8ef5b6bb8da6c5c20d106e8275328bd5a53fa87331e6ce75e1ea584d72f639394f65be89636edf389c0bff06d265efa3c575a7a448b8731ef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c989f7886fefe380851031372ce878b2

    SHA1

    fe5b74d4f11cdd810b92fc1a825b9887f697e4b1

    SHA256

    74365997bd1a568e32cdb53fe3e46766371c00711d27b18d216ec7d5c00c93b2

    SHA512

    abea51f8ae87dd01f67c725549a6422a26cc9b5a224554402fc7687be5ba41ee89363c89bd67810ace5149ce70a1ec00fcd9744f7546fac1fba2444a7f31350d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aebfd17a3afab91d4a2736d87c231474

    SHA1

    6e7c9aa59f9054867d609f98e0b7b9d981a72446

    SHA256

    4a1769d060b9485dd65fee716f576a291016a4fd59041ce4c46575cb3acc4e73

    SHA512

    0af9380912a26cead64654384f403db5dd2e8b75ce722e322f6ecf4799318a2f422e615b0ec31502a99e4dd8f454b53b476995ec103fc5e4d656afc96166d3f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b367da0ebf89a3b1aa87ea2b7ec69239

    SHA1

    a0c05338320f217bf62d6a984b1d12ff2d833683

    SHA256

    6bce2c0dee03bd5a39cec9690dd6930d47ed0e8f634f066ecb562bd17ce91b37

    SHA512

    61f398b4613607f5b8e6efdd20917a2198c77d2819d356cb4e1f8a9512d71b91624f99132eda5343a25b2e92064352ae246b774d24e09ea9d4504308989c45c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a0ad95c217d3e119aed773ca4452b4f

    SHA1

    7a4095476f0ef78a2fcaefa84876d10e5dea2e5c

    SHA256

    3469cde6fb5fa53dab9ecebb99f8ffcb09e8827e61b83e87894d7d38e9df73e0

    SHA512

    666a49e37aab8c7abe308d8faf88415b973d656f6157600f8a787d62a39cbf144b26521ea62d4b57873743cd19db5ba056f8c7bf50ba6204dea73d5733b48904

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efb8b78e05198d998d4776f32678ee00

    SHA1

    58ccbf83bdf6adaa60e4127c9661eaba0263de99

    SHA256

    ccfd7ddb18dfc2231f346153e7f95d5be5ace56769b6f7a9a91ddc2a91519aab

    SHA512

    1ca1c9ee71d377fea206aa96efb00becf7496f1d8db48156294e9ecf8eeea84adef211e775e4b92e78e06ed89f8c27be3637cc2d15fc02ffe29f1638eaf04fc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a2e1b4c1a87edec53b44c0b1f03616c

    SHA1

    1e03f0e80965bb6ed75772865e696166c18f0ec0

    SHA256

    0013b1169f9d06bda09d2f544e4415343e3b5c31b75143bb1d9429be3b0f35eb

    SHA512

    7c826399fcad0e5e6aa2d9f734e1b73e97a7cf8ffda4f261d65dc6d9db8d8487b0e4fe49569154eecf73f3c86b1a6c6cdf75d42c9d105bd4254e43e34100ea62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    713c0616af745cf4d82d4f678c5bc3d3

    SHA1

    29223cc5023bfb4c9e4f90fccfbadd2f2f0f79f0

    SHA256

    53040aa4711d916eb81f47433f2640df4b47113012ecfa1c527d1d2b6f38466a

    SHA512

    d3924488f2bbef3476336903d3cbc9337c3209fac275cc6e0a14803ce0fe4f7f1c0892ea4d452dbd97fac09a3a633f3bdce1eb1af299bf823f02b9435cd51b82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    826da823a602180a206483e2737b314c

    SHA1

    ece396b7625daba03e6ff65192ba832f6d3fc575

    SHA256

    c7746c4ca93691626d718af1253d8fc5da228e3c4fabf3662bc437b3c772c485

    SHA512

    91448e8ed5f1b92f4120a8a5c90865dfb07b03127645ea4ed9daa6b0cd792f2ad28f91a99f9a1d50e469296cb5829fff89a69b2c348abc2bee9e67028660b318

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c3e6f7c8f09eebee84d8ac76bf9ca3d

    SHA1

    1ecbe582f37fdcfce34e649224b6850e2dc22433

    SHA256

    20893d14502d2517a867c9c5167aab75ef4c27e2cc6224ef111993d793866dda

    SHA512

    628be2a5c277950ceef1818b74062e30d252777c75ac7fc75388127fb1f80e6ecba9c6b3bb69ac938d2486e950a2f808b942f3ae91f3a1c466934202407941b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b362f04ec95b57b1a21c2b76a50e115

    SHA1

    4534e3c74c0e3088c7fb4b8e7c8e899a06b6eab3

    SHA256

    85bb48d3d04e591125977e52df9525bb89311ac4a009b9d510a5f53717577c58

    SHA512

    fbbdf72a274526381a054418f96870ce8305897a7eac570810fb1c4cea15aca36c8da1ab6c511866d02c254c31d7f84da8ff3051f9fc3ef52522e94a76d46b67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d66dea8c4927375927a86f50cd91dd9

    SHA1

    b75abf7509aae83ee5a5fdfde95e6377660b270d

    SHA256

    5d7fb855ad1f240abc4bfc659434dd795b88a0f2b3422e9dbc26fdd4b4bb05b9

    SHA512

    36f0574f201b3ef05c38f8340336534da2dcbf7318c7771cd38afcfdbcc5e508b1c97a2f2bf0de312d05ff35ca1ebc94e84284795b1a23d72f92cd6100981e5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90f91d0a6923d6a23f72f214b106e096

    SHA1

    1f02c1829ed9c83c44809ccaac3e514b3fc4fa5d

    SHA256

    536c6b782a2553b0d85635d669583e9a3132816f9699ca6b80d638734ce592f6

    SHA512

    356d75e3717c5bb7daf59f297d2f45717ea80367374633365203bacc55b997521d11120a377b29f94dd4ee871a3dd42673472b756d9b1e9b3a96960d92e8655c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3067d590ad9ba2fc69fe1fc006f9b34

    SHA1

    d9b8c8a8cc7e0af2e3105cd034e04c12fcc6a3a9

    SHA256

    f91d45c0ce60dbd53f3d101343369ef54b4b2c941cca1aa1dcfd287bf48a4740

    SHA512

    ce5a18d36681a3bacbbd65821e8984ab4aedaca2258c1472a7033a5cdf26bf418227d879a898ae70c8c0e076c88bea87ec289fa32c56b776b274222d54f1e0d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27027dcd605710a272877a6f3de7a99d

    SHA1

    6e787557571b1485885173772b12858eb5788ab3

    SHA256

    f06a223a523d693b5d4f45fd504dabef5e675daf276ace6f0096ad87d9087001

    SHA512

    600fdfb5a1006b85199f8e712a0fa80fbfe4610d2bb0c81f6e0b87356a57836d79ed1f1abb1bc05e086d42cc0717c413610e32470fcbcc6a3d9f90ad5211c981

  • C:\Users\Admin\AppData\Local\Temp\Cab7E84.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7FA0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b