Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-12-2024 11:14

General

  • Target

    ffa1eddf25c472a4a80206101bc002e3_JaffaCakes118.html

  • Size

    23KB

  • MD5

    ffa1eddf25c472a4a80206101bc002e3

  • SHA1

    2c15fab0c37f973a116b169ed035d85d5aea2723

  • SHA256

    d61557536c58fc15d405b993d79dbb980d8968bdb31242265d5c8dbeb0286ec2

  • SHA512

    e0b9550831fe5218d60ee3d9c3fcf25cdb3559631457ef8f42b6919459458b1967ad76fcaa5e812218abcba3f5ebc41463ef611fce05e345d3135965423215d3

  • SSDEEP

    384:xnA4ywGJzHpB/4wztvukeKXXTu7weHC1afMKL24UTpNyOcn8tvG5nTDuU5esT8a:514Jz1tWkek8tiUMKc7wV

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ffa1eddf25c472a4a80206101bc002e3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec7910e0efc6558f204bd6e8f1ff844b

    SHA1

    4c6c56029aba1d1a85d5bda5b539708ab0a401a6

    SHA256

    409f1ef916120b3b6c4d21c05a33ca2b672555d34d46d7000b5d7727d84e17df

    SHA512

    5a5304930f9bbfa7aa6d9f6b050a21d97409f0c2ca3b8ef11ddd95473e3c8f8177cca0c8f8d6df354f0bde2603c06f1925e013e7629f430de0b399b5580f56f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a44547e7b5c8ba69d60b1e2faede235a

    SHA1

    4e7643688bd75feed8bc4d6fff6562e558b5fb98

    SHA256

    808f1ed60fc05e38bc59b29bf4fc6bab78aa935ceab0551abec95dc2a9ea9888

    SHA512

    700a7d079a098e6aacf09031c9c5920961015d4e9aa5ef4285cc63087aef2bb1c55fe29d0d30795cc8688fc0b5ac2527d3529eec2a6574b51d63546ffcb3df0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc6c0ace7c369d4006432110d6137d05

    SHA1

    4c0a292558bbc2985b85df8f062e1b98e3fc37a2

    SHA256

    53e2588d432ad5022d52c1e91c4976b4200b5c3d283611445c2f220e5a46bea6

    SHA512

    fad74e43274c91c6b6137da4984f0ee51af222fddb1d8707dd784cfefa66c0e75b2d20a7a84212c84ac201924a4634ebad99e1e67e9abc8eaca819bc457b1bee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3488eacce83c4336149134614ed4b765

    SHA1

    0adb38707b7d6adbd4731af05927c93afae9f2fd

    SHA256

    65cd9747e3221527aea02aa83dfbdd2c8cc508af789e6377a28cbfb36eccc1a9

    SHA512

    0d149623d815a0c8944f9b54b693cc9efcfa51e6f414e141217789f6e2f4c043fd97fc6f666b12daf8157e19487087cfb53c9a59508bca6339d3f5a84dec432a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5bda78651698d51845a28580d86c5c9

    SHA1

    f2fb46f67aab379006d70bfbad381a806dd85a56

    SHA256

    78f07b81e0ca5c2e8150b3ad9badbafd675bebad1d7de3635830444c6feffa0e

    SHA512

    e7e2368710aff1682d9804806aa4f36ec3b4771435755c8c4a54aa2b03d09cf9839256eed1001265569ba0505a1ce0987d79cfa6aca81aa1b6e1ab7db9bccf8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b83081484fca98b5d636e02b7cad8601

    SHA1

    c3d45c0e11b27d43609d5114904a476d661b2a40

    SHA256

    643ca1958898a82603b3368ed226580e5c1e6d916dfe6c21580484f3f3d9371c

    SHA512

    b029e2a961f7514cb24b3c3ce97777d763406b56a54aa88704175711214d0dd63700027c08c26a481f70fbec4d5868a10fb6e28938e50717c0415a7ec02baa9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27a7aec8ac9263c68534b0db65682ff0

    SHA1

    eefa04e2b47167d6e039a2634814ac65f1d7ee98

    SHA256

    727204ccb19e19f05f038a30f7c3bfa445b7b3d2124d7cc983a01a4573e6e72e

    SHA512

    e755d5c74752468800be698ba2c70ec4b47ac60a0b8ae4e373f339e7001799835019201da05449ef44c7aadc1289891d963442c004aa5aa2e69ca1f6eca489ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    799413e2461deb6cc7589e7ff9d71ec4

    SHA1

    a82078e48bd2bf9d2007eee1030acdec9d1db11f

    SHA256

    67c6fc88dd7680adbb8234edfd7d14e9d62bbab4f602b1930696fa7916c8297f

    SHA512

    96af2d5e5c9dbc3854d02cf8db621c105604c5954b5ad0ced3995c8be5595a0438e10960017112d4f6cec7f9712a7a688387a43b792763c8b3122cb89bb9e753

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c75a8dba429bac9c1b114ea42ed56f6e

    SHA1

    894e901d8dfcd8309213f7d7496ae02fa6e4f691

    SHA256

    81582033342c285eb8c51e9215df029e36024753cf1142ffb844a31fa519db73

    SHA512

    ca64908cad887019e212abf16fb2ffddb05fa1ff89b889fe7c8a761df392b4c2d897f3c7123fc84cbb26e7f3dd5a725c561fbee1098352caa1f84f8027b28bae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97b26c87e45e71a523c3407c42f1f146

    SHA1

    516b0a68d12b29b038718e90b92817c69ff8e140

    SHA256

    81c9c44501c4450cd5cf375cb3128230bc197dd3ab72f39ae2b30f7406151b2f

    SHA512

    2ebd320b0d25e69c558c0e3017cb04dfe005b5dccf21f8d4239a3fa85e1aceddbc721fc63fdc29172672b76ec2122c60e885385424fd6a32b87c368ce22abb5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16b2e4ccca963a050a87ebf2b1b42f2e

    SHA1

    9b321e4446b9c073b843045b7551456c11630af8

    SHA256

    9cbfb3198118a120e05c7e5094f61acbfba941e78c4024f7353756fa3b35e654

    SHA512

    b29848a268e3f51b227da7e93b0797f1bbbc12da54c4951116c3a692da5d27e34334b5b7f5dd25ac15c430455fa79d52052c747fb235787b8f0b0807d7a63204

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2db393f4453e77357ceb531d40e30233

    SHA1

    31fdb3223be2001967df77219eed275bbc2402fa

    SHA256

    58f40fb6e0de68d0c3c3c6e3448a8de7f474967fbd1c8627a6426343f41ab367

    SHA512

    8f5c15051b2566b442da2b38c181f4ad4dafd252ef70213a007cd278d26af59a3958a2ab11977bd6854dc352498d39429cb74cbfc0d6130ad114051fb3119d73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04a0b3b2196308d67a280e4d85b39443

    SHA1

    a1b95c015d1a4f19fb9b0729a22e342732e786bf

    SHA256

    0a8905820716db77440a91d50b09b5753aebae18805055e8753809698503adf7

    SHA512

    ddcfb282cd43bcd98f49b65b304ddae3acbf90775c8d469bb3148a0bad329a8f80b32a824c5b47b0daf09c125a41667e2c9653ff397f758013c845eb7a614b44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd656ece04e8bb2fdbd49c4a4852dbb9

    SHA1

    fe7bf04db1d242d592541a501f60039d278e7793

    SHA256

    64459ed2a5355bc87dbca216c0b8c80784810453b89f9feb8d7c42f8f33db8e0

    SHA512

    fd649be815cb19e06fc290e607504d723ca11b0c30bf0ef3581ba4e997e440234aca43d43a54e6733aa00bc6a020839fc5beca7f3c4e4588fd434cc8d38de330

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72b3cc9ac054c72ed5428401d79b1f69

    SHA1

    461f9ae8e5c0ae9d6a074518a63688a20377d2d7

    SHA256

    46d9fb0c67f8b1776c891f3c1bb60ed8387c894c2bb339ca21b6641325a226ed

    SHA512

    8f5d37e5a78246bb735765b3e61b3d242e08167ee4085c16d6b67715be6787f7823eb830bacda3649b6cfae5062c539b0df4c4ad52e51b5e9b8dd5565150557a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    380fa8318d2be74440ac0b63a1d5bba1

    SHA1

    a28cc7403a652e1beb57d83589221b9c239ec561

    SHA256

    9954ca52628e971d1faaf3f848c1ae6e5d730284d87ee9305631e651332f71ce

    SHA512

    321cb4b1bcb9e8ed9c5d604e2241c2ee7f4ef660e71f107518e6bc8f8616260136b6feb6a6ef8dfec7d87be486dbeca152edb9f3a654b0e5c0399f96e2d3f065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37b42cbf484f2038a9f99e23bc1528b2

    SHA1

    b12b1b14b475cf779358cdc0dbad5635b1c1eeaf

    SHA256

    b6ba62a4b95dcc0327fd0649651dc2b192eec3a0a6d6fc71323a1b155767554d

    SHA512

    ea74cb3b65404314ba0112fa23662792c3229c134097c6cc672789bbba91d1c4175bc72169ebda5f7cd74666365e1a33305b534c4322a540110d0f86dde93970

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    835839c5e16ceaeff80b264ba16fa74b

    SHA1

    5dc2e428213d72f862e1d35d936b37b5478c9a5b

    SHA256

    a7279a8bcce364fc84d5e56cb3e172eca09865cddd2d7918c3ed6e080a921f45

    SHA512

    42fd11595ff19c602cc032bbb74a4932fdceeec9dce813f9e73495ffeb83863da6d1c3e30277fd3c5457d1253db3d6021526e713901a0d0a4e9cfbf5271b3b6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    367fe50d9918e40e7670cb6feafd1127

    SHA1

    eb5886d994927c4c4cee6351c90eec35b51e371c

    SHA256

    7df946138b1874f5431296d488f4f487360994e7bb3fe89cf4eaf682e05d9e28

    SHA512

    129e6a4fe34795fd41172a058de6a4e9c2bad59dc3071b155abb0a14ff8fd22d3f579fc1c8a54e5a9defe66841354577c06d27f980cb2b0cdedff10f58d308e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3da49496fd26417680c44dbd03a57eb

    SHA1

    5642e142822f7083c7d324ebaa6df57e4062d0cc

    SHA256

    8c36cf534569e4ec1e057117092c025cc784eb17387986752f53a5d8b16363b8

    SHA512

    753333973b0d46dbf9e055be6afa67dc806a5fdbf34ea6db00a62173122c8b4753cc537d6a3fadedebcf1a36fb3f3e8edbf64d40f078ce604fd7780cd7e68767

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba5d1b9fe4205515c9a8f217eb089a7f

    SHA1

    404d9a3b732586257836a2d4b420a775b7d220ed

    SHA256

    a78afef83bd2a5a7dacebcf38c3818942d2aeb32516b9c6a908440364d0f2c9e

    SHA512

    e80693298915af4b60c38f23a0ffcc9086337bf320a7a40f4ffb132e5ecfd87d5b84a4e68b4ccc66176ec7bb97c00412e937f5dc03492243fbf9307a40cca47b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c39f63d8b068626fb4ce279cfb36d01a

    SHA1

    58a8f47dd472c5015da774442e87799d5e6851da

    SHA256

    8eeaaa77ea31b58f3e8d554f550536400328fc6202389339892e12de4b27163a

    SHA512

    3b813b4445986d0f15e2e3b69fbeb972fb8be5c2abdc093befe4eae6d1210b53409285510847d7b82d224fb923a15d80f0018b56a51862594b42b52dda0be5ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a59bd69d7c669c4ee8e2d71f4367d99

    SHA1

    1dbdb00cb76c1c1cc228245830cb309d2536f20a

    SHA256

    6c1a22bcdaf5a2891faa62d5469e240f610ea86823a70574c786d80fa58cbb2f

    SHA512

    4e6e79fff7994996981aee5900b77595233a9a19b5c489f880b091fb6b9d40c43a206d0cf4660e20ae35e58dfadfe9ecf0da07bd0d33157b3b226139800419cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ed1f123bc28062251436475cdb47136

    SHA1

    b2fd93c858c93cb3d54a95907447da98c2fedd73

    SHA256

    bb3b005e1fd47f550cc8afba12d076384c575cbc698cf0d629dd4c6e21afdc6e

    SHA512

    e8d998b60fe6ac27ac7d2af5c6641b68fb61460b3b0b7a91936eb7a06ca172eaeeeba78b7a1feb1fbffb23240584da31d1ed5caf8f26ac2125e4911445d13956

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686ed7a0637a6e5e5b8ded4870a445c8

    SHA1

    d8a9e2403e32f2431261f2b74db4b5bc9b852e79

    SHA256

    167505a27fd295d47232e9effedd968f34c30ad8590ca86dd6e4e72274920b37

    SHA512

    6884fe5d506d886c9da1496dc3fa1c898deeb59acc977a2b14ccd14aad1e9f8244dbe49b575d08bbfb0373889e699920a1db4e3d9e3fd96b6ae7e38f24fd89c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44f0c1d75bc310f830845d13579fe5b3

    SHA1

    bb6ff2066d4974d6898ea481912e5ee349774b0e

    SHA256

    721c4a23d69770a1903fdd4b2f981f93d421b0f0f404ebadaf39cf8a72bc6862

    SHA512

    34781e45c73c819ea1a33e1dcaf7148dfa01f205220600dbd048df84e273f2cbe9a683d8062677ad51e355cb74af8e556ae58ee00c9914abd972529b2e1176f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98c5846cd8496c68cd46eaa699025969

    SHA1

    05d63c89972d22e264f19d40b11cccbebc082027

    SHA256

    da5ef2e767d9c614bd912fb9be2eb250299cda83b76e0780550ecb556256a39a

    SHA512

    16ddd53166a1d83fcef9660710f643c69e106f9102760e0bcf06140cf3e75e6677ab74b20c75d579d7d327c29358efdbc9f9e8209a4b0b9f981c8fa3471981e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e44b4eff3ebf160c7aa6a2386255e518

    SHA1

    3e4328a69095aef4039cbd2f81fda1dacdf32712

    SHA256

    d4aecf9e67038fe8ee5b2416574c0b6ebbe12e96c53d65b558facbeb11a51094

    SHA512

    c9a34154c119c1e542641583e4a3e17d4025d01bf9b3e84fac02ae3666db192e908da407e2f6832feff8da8a2d04dfa34a2208fb2ff1877d2fdde3cb3e015857

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ded77d21965ecd5c2081136d0b8ed83d

    SHA1

    bef98c7cee25efbc90ea93b99b904ead74393497

    SHA256

    5caecd90b6b7c0007967f5a73347e751078ec877491e5306106544c454a0593a

    SHA512

    0cb33d68160cada69eb68c53030030eba5342e3a3a7dcc0b83a07c1a9fe5f7da07f60acabde9277c61dd7003536a421ca4b456ddb5953ffd4acfda51034aff14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f77fe81dcf3a01b98d0359b3dec017f0

    SHA1

    758e0c6512f9951a2a09967f40db664dbf6ff07e

    SHA256

    d96091697c72704b63154acda08841b9d3017799dcf8bcc2315e88a917c3d773

    SHA512

    c31746cfc2ad9677bfa78005950490f0b7ba87935d9ba596f04dccb9864063c102b02c1ced3bfff68a8d393737d46ff18e7f1aa747b86822198b57bba3154b0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    340713a7fe005a3cd1b1a160fc3cc482

    SHA1

    c14a3e3abb057c2d5c753f685cbb48d63eb01bfb

    SHA256

    37fa5474d6ae0770f3e9a7e6faca5f9655623506282ef2f1c35c208570f4c4fe

    SHA512

    8a5f4b1dc59f761768088e3d60b942911ea71898169b5ec17d90d336c155e2c02fdebe585d02e01af5a92da5f4f0b21d28af998642dfae23f7893c0dbd06b932

  • C:\Users\Admin\AppData\Local\Temp\CabBAD8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBB97.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b