Analysis

  • max time kernel
    118s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-01-2025 09:20

General

  • Target

    JaffaCakes118_e2c94c94adb4c6bc59a772614a3b8797.html

  • Size

    44KB

  • MD5

    e2c94c94adb4c6bc59a772614a3b8797

  • SHA1

    416ca39cd9e9af8844d731ef952b4a84ce1a3baf

  • SHA256

    4eebd66a0428e29a816194dbf2b3712667240c84357ea15529c21864863b9166

  • SHA512

    d2333a68da5975fe269640b12810fce8a019ebd1275cebf2e8898e53c1fc37c05f3edb0bb565c0ff5d5144826e34431f466154d5a1dff5ef1cf026db4e82df1d

  • SSDEEP

    768:Zcd9QZBC7mOdMgppC5I9nC474DAjR6QPd:gQZBCCOdN0IxCU4DbQPd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e2c94c94adb4c6bc59a772614a3b8797.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    807a64383dff8e3376434c262fc0b124

    SHA1

    94d1c5b04cf3dc60d6c6cfe81c0a86155790734f

    SHA256

    8c3876cde37139caa5a12fc58ab5fe6256be0ea09a4cedb54d7eb7207b5a09a9

    SHA512

    0829960b6d45aa6449a2a325912eb390e116a850111c4641bf2419bc14b3f45752763921dfcd95127603acf61dc16e6fabc0e470a683a81b98fdad4032602db7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    738fb8198242324c24acff86b5e857dc

    SHA1

    5c293c9884755727866b70f2105990d89a38ef1c

    SHA256

    d24e04d3c160819375dea14c612197890430155b51327f95550ec6bc67ce4bdf

    SHA512

    88306fb4e299c00f7f536a94d5ebdfb7794f7d8c6cc1d08f9cdd1f841c9f5ad9c7096fb948e166fd7b3d278934420a75f6ad926ad3fe60eab2840cc061a8c152

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e09dc757bd5b9bee5e4945b81dd89ebc

    SHA1

    052143e97f9c1c3b87f6ad62c38cf0abe5bcce59

    SHA256

    43a3683365ddadc1e13d7b2dc6977c6ba4d3b41e46d8642dbead693dd1527a08

    SHA512

    eb623f2d33cb2fc4c3b4cb795374be1f5a4f1cbf491e4d438c9e086d050f9f19bd5473746dee86a79aff89a1f4a6b6b504950a7266f60416fdc82e3de1504375

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0f69c29552038aba797364a9dcb6d6f

    SHA1

    67973384575bf37605a96d1171b9889bffe5fa9a

    SHA256

    b6c3c3e6b184adefa2104e1faf0eeb0c1052a96a0d252a5dc70198f127916174

    SHA512

    1aabf52a791257076b266fb6ea18358292d578ab3f24c0aa6424d2adf7f0e719dcb837a3fd8f178a4a53044f226727685ac3b0bc4e046184d79dd3536ada716d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    699ee996bdcda547ce3c14bfce06c30e

    SHA1

    4f9a972ddc6c158c75a2a65fb738b8cf73700f5c

    SHA256

    7c97d5ad832228c592a069ad9a196fed3b544c1da1ce87a4c409adaad3caae15

    SHA512

    1440347801f6240d8c0414fb80063cac96542f36afffbc27dad28ab95a23bbfbb8f3e0d8ca445b94955858a442960069d54a41feb23dd370d7cf8d1bc0e6bdd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd3cde35a2010eaccd57674b0432ede4

    SHA1

    43112a8cf75a9be6a6209f533bd7ecbac94b4567

    SHA256

    900f68c6f083c80a4f6eaef9a17c56a88352b25773b5ef872847e55a1e21f418

    SHA512

    ac3bfc52710e675eeb0bb48dd5be5f55e6a7691ba220c518b404695e6da2aa42f21131541b59d447b52c60bdc06dcf316fc63c11fe000607c0658dcdfe2fbbc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba799d2a164160896022408ff9bcb563

    SHA1

    246d0153219a262827412f17c15893c400c9f6b0

    SHA256

    06f25e8e35defab7ea4755e025aa0a91fbe5dbc8d51cc6b26eee37ab49f029cc

    SHA512

    62480f51eb1f0fe541d14777effc0267a4ed2c8d7c9ed87f5df450ec711626672ea5a880d2638dde80a6a73facda67afe636c1efd40265d45d19eb85e3c5ee59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dc007e9952176ccc4e74e03007f0c65

    SHA1

    a7ed7ec6c3f39ea5fb103704e97bef7dd301bdba

    SHA256

    0455b8977e54863714ea0b20d144c39f9297989ac3180cac1163caa704f9ea13

    SHA512

    713900e41ee869627d0ea190161ef38713ebc7691a7516de3f856d4ee01ba89ee89d6c9253950d96e508825668e9fe190193c3bbc01dfa46144431cc38aa22c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bfd5cdcd6346cec490e4e86a49f8246

    SHA1

    1d6c3d23fbd0b8e6c2a7159b534c9ff72c183d3c

    SHA256

    d0260ad826f95cbef77cb25f787a5787ae9cf21c3952958b687872152eb6d612

    SHA512

    05512299571d76efb1ebf3b63336dde0a3d025557889107579cc19578d1b6440b3300d531bffb479c43806ccfd5934b407da15b352ca68f08f9122a1a5c187d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d245537d9188f7df248e7e2a611f587

    SHA1

    dc128e49ac66c859ec2e7c00a466d6eae993e5c9

    SHA256

    56df3908598a4d9f787f38eeb5f6dc2df3219c975509910b7209007058143f4b

    SHA512

    c233a1dfe7aafa94a58e8be469de69490b9250620c489feb18f1fffaf4c9eed9eaf5472ddcf22d111db9cbdbf677f0780b0a0e30087524ac95375d463673ae40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9a57d9be196520080bb30647ea1b6bd

    SHA1

    bf017672418ef41a883a6b89edb0f31cdf210cd8

    SHA256

    772755f9849986911d008d570bbdc8c1961425a0bf05d257e2ee763881f72551

    SHA512

    49f9d77d4c07661c7a6f577683504c7508d64e64447ca753fbde0ff12de0691c521ccc43dda0f754be107588bfd4880edc49f80ddfed4b0cb217e1df7eb5e7e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7456ab983590f3ea6b5a8336ae5b5331

    SHA1

    bdad3b804c94ac499805cc6a8637d22839013a83

    SHA256

    fb83e5b980387782c60447dda5ede0b91da17c9db3a8e7a3d8f0ed9e4c7631c9

    SHA512

    4021f1673e26909ecabaacbb2655c25eca68af74e75e80cb7892928e94f245233ccd3089457490f6c35671c92514adfeaaa9a517af596c9eae5f532a2bafd826

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96fde1d63152202726138d8c6e4bda60

    SHA1

    ca8f5f2b70c46bb5bf22cf91c0d9491af04cc2fc

    SHA256

    4cf8a14b39d19bfc455c4aa3744acbc02cced507f4bf0a636ecf52bd37fcb4c0

    SHA512

    9b36022a1bb666d487d225becf3be99625a6e6c6c3893471c8f94a4319ee1bb0277f44e3b1e32cd03fb5cb00166b6fbfb022a88fbdad708bc3793cbe9452ba1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a7ef7d323c208f0bb9e6ee4d7457829

    SHA1

    e1db0146dbe3459843a42e6b3865f0add85dddf6

    SHA256

    0725e4307478b5499c85d27b7a17634366b52dd7876786f3ad3cf83b2a668249

    SHA512

    3f57edb6b4336eab4c21241e918bdc873f520653456e12ad0e2e403e84ba48d0716b93bacec0e9d0016d8e9c46c1b1873a3c05737486a97d631300517844deeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41bdbb67a0da75686c77fbbb66cee4b0

    SHA1

    3681adc786728ebda6be596f0ef73003abf9e708

    SHA256

    c42dbd6be58703462c36fe9133898fb49c121105c21d947608095974d847a60a

    SHA512

    2f5a4856a103d06b619a5eab76c0969ebfa962492f123cb1681561c8b3d33989be6ba41a15dc1c5ebe198a3c79cbc0197f06928ede8b75e3215e37a20ee36b8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    073bc21b58b003a977c26804790dd097

    SHA1

    e8d1222c8850d99c486f0da4fab8db55988f62dd

    SHA256

    69f2b49b7269996db4f4946f46772e0d6de4b80332ea97d6187112c55f8227b9

    SHA512

    6b9f55bdf3c8125bc21e47e5eb7cf82724a47035c1f2435ffcea4dc13c8aabe1a418fbd526d480c15f4ae3bd61ec71813bfa96a6f111f0a647b7f29456d624c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ef1aad547da26a2261d2104b0394b7c

    SHA1

    9aa2aa210f6c1d25d3f024807c5a6c9632abc178

    SHA256

    f46e8e193453059566a3e06227e56cec989ce44d84f54f2db0e3ef6258967712

    SHA512

    db3ae06efbed9496bed58046bb2eb9f950d7deb4610e9fc82b39e7aa1ae3a74eef0e582e9ac4a0a99e8a76e6aed2a5f8f3c77d3d030f6f508c2686158b91c99b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f75afbbb57a276c9ee41dfd91d0e405

    SHA1

    ebecccbda7e70c45f9514aa11f31d0e648c49dfb

    SHA256

    9aaf0cc818c7dd8fdf33dedb5af0cd5f355e76da1a0333daf222bbcade677edf

    SHA512

    74553b270b7c3c634767a488ab86eaec71356697cb297222eae7d8ee45136d2e1410698ece978289663294a8d338a0e2a3bdd428e1c91c50aadef00ac7ac0876

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0335b2c17dae11c0b4583589e2b7b340

    SHA1

    a0403e077ce7e650728137a4c0767b4abbd76de3

    SHA256

    e97fa7e2154118a22eee5e107f3d082f64231a5d6a73e640f68e6485d0ce16eb

    SHA512

    7859e3b06282335f033ced417cc9c01023bc2477c41311937b957fb75fd110e8b4c14d91b172522856117e9b1d982f6e35662cefb5dcaa7ce002fcb2cae17e61

  • C:\Users\Admin\AppData\Local\Temp\Cab14F8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar156A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b