Analysis

  • max time kernel
    139s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/01/2025, 14:58

General

  • Target

    JaffaCakes118_40bf91d70dcc489211c3fbe0d44227c7.html

  • Size

    31KB

  • MD5

    40bf91d70dcc489211c3fbe0d44227c7

  • SHA1

    adbfea0896c3aeaf7c452b92bb0a52ec000fe875

  • SHA256

    a9c9d28353c4ea0ae361800a794beb1035a49f7062853cc7e7403c522dafa7fc

  • SHA512

    58c4c91915cb4d289bd2129e3126be58029582ba201f23cc312fb28dd7cb0fba95ee571a8fbed9bf7c31a2f9f6708b9751a799839a66ab490ac7117f3efb0fc9

  • SSDEEP

    384:mAp3ZBh449GVCz3n1SISsI9xGfGdq2W9v3ePnuTvrZt0qnSvwiE:pp3ZBhhD1SmgWQuTvkwt

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_40bf91d70dcc489211c3fbe0d44227c7.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          83684ab49b89387e6e121d7ddc3b5a64

          SHA1

          113414e4aa2e26294bec0b922db4c14706a7da93

          SHA256

          4d23106cf0421ce9f8fd31268070c980b2e9ee25e4bdc1b460a7309a4c3b4f29

          SHA512

          b766f89ecbb968c8a0c180ba478e0129e9cef002ab95613f77ff02966e99a4b7ac5af613e9275499d58f52ad4cb16620adb6c5ec7f9ff0e7e23de39f6a208c35

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b0bef41cd511beed1e21e1e6b8d39beb

          SHA1

          fd3388083ff84c353537093d4b968f60d2fe7b39

          SHA256

          a2c401b62df62a3200d48dc1b0a79bd1f8d7b0aea70d261cd3573e35c55a3359

          SHA512

          0424469c42e3ca2745637d15e05806e63bed4ddbc9fa8afffef9110092a4cac6556109d840832697d53f014c3be7e8cba96a8b3db010dc79c7e15f6e5675810b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          636b942c9015de533c40aec881f1373b

          SHA1

          d7e4b8be88115ec9d0cb761c69bc6b24ca44327f

          SHA256

          4a83f6feccc011717370d53b61ef975c881d77049cd54cfe343770801720f8e4

          SHA512

          a3c719b5e49533086ad99cacb68258913dcf85aa2a8239cd738de7bbf230ca27c7206aa7ff0084226d71f02a4b4fa45d05596a2537230dc0598ecc3d45db82d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d6e7577a0939ea693a9340c8ea7efc29

          SHA1

          139bdb66784f75a6929d376f3a166d260fc7d426

          SHA256

          3f99ec95982d14d6852e958825dfea426d9d22ef7c14ab97f2c676d2b9a485e9

          SHA512

          96e417667dc0d948f45ffb718912b5193874b181e7cdb3bdf4b25977447cd2a9c5ed0fa3ec3a5c5a7608ef8448017ce2f7be3ce1be9f09f0ac7cb8dfb5df5270

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          68c1e76dbd6859c1d71b4a9852988ebe

          SHA1

          4f47203475d21146145685f8fd0eabc4720e9290

          SHA256

          8f2559e227679e06925cc46b837b0965aa0149176c7956d8bc0c44929806f435

          SHA512

          fb4aaaae845c4ca2fec0b2f63ec3c15103ccb5a54a79383f87252ae276c1130e87d9ecf4b9637e762374b4c2b1434ee46ff92a7b71d042bcaa530396ea77b742

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a1d8132e60bdcc66c0b123bcd75d650f

          SHA1

          ad7a3592cdc517e108a5a3792015d767e3ebac9c

          SHA256

          8ebeafb62c3f057843789e459c104f110078a7c03203102b35faeec24eefd211

          SHA512

          c00567b976c624eb186dc689d61865b5f408b02fe2815183ebec829bce856852b3c707325f31e49f1e6b4fe40b78dc7f8777608e3c511529a9790708b3a38c05

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cf3920eddb745c025ac644bee0dcda99

          SHA1

          75ad2115f7983d9fa1f3697dc19369b6987e155e

          SHA256

          e8391bca8d39f6c0ebde96578b565ed450317164f5ede057868be1843d2a941b

          SHA512

          ba77fdd0638a5d32e2487d43f73263c0c4530bd261980dae1739bfce48d3c648d2ea6945c48fb87c02a5dd45848cf6b1b7e64d01894fcd1071d20c94c6c3a793

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1582c756214f0676ba6bdd226a4ad9f0

          SHA1

          e1b05acb49f40a6725a08a74a76b8d29f292c228

          SHA256

          7bdc2112a4d530c1b1c01bf8cae5f98b598739226678c6111d8d7ab46e99de68

          SHA512

          bc9900809256f348f2fed0c9ab081d304bd6b3930d0f628c444f0be4564d24b08c176d987df85fb21b743130329b808acf2e976c2f4e9c99e1b9232f98b2de3c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f88410fd836774f72914f9fd3d8386ad

          SHA1

          1c8341e5e9b1d094279243ff65c6551a0c275f32

          SHA256

          01121240adf5071953359a386d97296b06b78a5af9eb39f80d2c26fd5aea4281

          SHA512

          c9c1c0780f5ae834c513ead45178ad7f4baca5749473d5612f61b01e6025c19265824e45dd0adce1daaf8c8fa7a1954942540658826afc393b1e1c5a417c55dd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b51bcde12fcd1ae872281d95ec7c7f53

          SHA1

          fe1b2b4c7a8647af836681c07e2e3616f67d5ca2

          SHA256

          0de187753aa029475919867bd98b9ee1eb6aacb18703cc6961dea56a1a892dc0

          SHA512

          09eadb805fe65b3402a0cc87f536c9d70609b8926e9bd442eb86ed1dab9d2c46f7265d19d5ad686fbcd9f55d2985c907bfa45fdbdaa7598a85070c2d8b790d76

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b6001c368a63cd5f0462c5081647a476

          SHA1

          7a5e2e87dfc4099eb4b25ba7c78b99df10bcdc69

          SHA256

          7251dece15c780389ae50ba24365afde5c49ac06b8381f5ef463998a890ca78b

          SHA512

          a4ffb982cb39ecf5d339fa2edc680b59ad6fd074a14ad0c8420ade1ca08e88e189355223f0b53875f0e2ab190eebb331ca8c5e18db9dc4c0fd4276d094c87786

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0556023f00f460af84aadac97f0ae2c

          SHA1

          693b99a9f27eb2727879803d4ad05b583ccafa11

          SHA256

          0052157e668683def235a6e43a1b477b6b7ce46b720a5408d92d465a97331dc4

          SHA512

          60f551c27f77b7d73ffe374231ee0dce610cabe17059b9cb18b27a6f93c02644444d652e5e93a03aff76ca7a5f0166a9149fe1341b369a461ce9ca9ac926c470

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          19602762209b7aab752c19c2b56f86a2

          SHA1

          e69d1e061dbe4db1cd1846e478ac0a4dac45187c

          SHA256

          99dd83dd77bf7a236ba56e3f8c2ec22434ceb07cfca52658ef309c9f466b31b0

          SHA512

          6116fa0bae4d792746841c1d73c8a1f3af46f766fa6ec6124822bbc0889abf9020cc657e6298cf9cb71472a7c798189a055f583acb91020f6e7e4cb70c6ccff7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b13118b207b5f00a7e49855b6a910915

          SHA1

          2da4fcf7e44b286453aa07968bfd37d10b09fed4

          SHA256

          45852647429e3205a1ba8c6849f680facaff3e4538a41de2f4745cc40c65a262

          SHA512

          1c51623864cd2cc991c269d8e1821f4c374c1c651e8649fb2065347ac03511af4b98c0ea4b1cbcf31594fc57cd842d4f96e18888bc49c37359a589a3172f1b8f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4f1d46c9b749f32bcc89ee59cb69c258

          SHA1

          52631ba16a6b10f3a858622bd7444c663fc42722

          SHA256

          1278879337f393bb4be3ae4d0ca562861c77e0379abdfe43778e790bb0d52933

          SHA512

          fc2bf13cc623cb85f4db30e929f888622d06cb79e8d72bb3b9ad9c85d83cf235bf9e13c1b4f45109f6edfd676ee45f521f2b036b27b65e6632fac41c99714ef5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          04753a9394af90534f27d87c2413aad8

          SHA1

          b8ec05d1a8efced30f0abe581efdc8b119b1c590

          SHA256

          bd123b82f6ee59bf182ebed213f07c6bb8c5cb1255059384bfd7d57b6b6eee61

          SHA512

          284ca73fb44072a6e1bc8cd5cbcc8bc38f41252904a5bf8242d1c78157d02989687947a9a1dfd9c0b53c48673d57593a246db7a79d9d21f9084be97a70eea523

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9ec4696eb6351e3a503c0cb3ee86332b

          SHA1

          f93ada9422d938ff7476a6c0898ca204f9bfc006

          SHA256

          7d6d5e0e9d2bf80ecf2ec03d09ade22dfba35146e60a2da83f8da84085fb41ce

          SHA512

          a16acdfdf80b60fce1498ce8f5ad0bc598556714318642b9ebc3ee247eb9230c7372f899add16e97be74586a9c5c82a8255fe748ab85b5841e82142d72912f5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f7bcc05e0ecc19c22ac722d67b24e58e

          SHA1

          942b70bafd1474bfd76c70e5945651ec4835ff44

          SHA256

          4b6736abdd1fbb12ea27bba29b86ccd3545f83deb674cc484ef14b7acde03eec

          SHA512

          aefc7eac3dc89685c32ad52305d0e91e661cc66e02d739d833f2426d05f08abea52e005f36ac3ebd36625254ab7d89d4d93f65a2fad9b6c2f53337cae6811623

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8d2930e39384a4ce289b546a358d76b9

          SHA1

          65d8d5a656f3b05311ba3f0967ba39d9c62a0693

          SHA256

          e657dc537236f39a6bce07a7a63d5bdae4eb243c2c6416d891e9a4b3ee4453f0

          SHA512

          9576fb15061609364454b384a5b8723f12ae8f0867e1ac52a2de9058d9b5a0c3afacf2757ac3c2559bebe4ffd704fbc61bfa7721698f0be7f7389fdd2bb89acb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9123199dcf138c577ddaf8184f27c758

          SHA1

          aa3868d5b0184c9af6ba90d25cbe1efb99f5d47f

          SHA256

          28a11581b3cef568baeb262d9e2cbec23ccd274281f1414c57b13eac18b2f51c

          SHA512

          8e5b52a871347553dc04ec55d1020469843120fbd4d05c596081874f8acbe4e25f80ebc752a33efb5deb3a85faded5b54cd4500b02237cb4db3404cc560f87cd

        • C:\Users\Admin\AppData\Local\Temp\Cab9946.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar9945.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b