Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/01/2025, 14:57

General

  • Target

    JaffaCakes118_40be31f9acd0bffe829ca9193867ea6f.html

  • Size

    20KB

  • MD5

    40be31f9acd0bffe829ca9193867ea6f

  • SHA1

    f1d3ea2b812d24cbf486f9e69686785240034aa4

  • SHA256

    9494b9ccb055f5f9ac4d69b043b0954ea6dd7771927670e7680be3ca547dd907

  • SHA512

    77bb69dadddc6ff8010e150b1c18b9167dff45b681e50e20809651cb12f8bfabbef5a1a662c2857c698eb3c68a97699f99dc1b47d76b6961700b8e37ab43b3d0

  • SSDEEP

    192:qYSPRgJSSFnJzOF9A+3gA/ee94dbLq4ZLvydFOov88uigLA/0HPXxcJTtlaR2uA8:qYSPcAFG+bhy1Y8sVlvb19W

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_40be31f9acd0bffe829ca9193867ea6f.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:808

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          31ee71f5c1f0438dd18468e143bd0e5d

          SHA1

          2da60a78eae6ebf061932e4688cd902e11762683

          SHA256

          f0c04f64e86b202e80bc99489a61ca609dfb8ecbd07694715cbb3546e11c50e7

          SHA512

          ff84aab3ae6fbfa3fa05cacd5ed72d6f6e1280c83f8c98cfa3d080390529af5144f9b9576b5c955af74815e11c899452822b7b4355236388a9c7071d36a16cd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9a5f59e90d10d63d9ac2db85855882bf

          SHA1

          c0bc331d827cd2eae99146c070a5ffdcc8adf100

          SHA256

          71676db40ce2f487dd027726cbe38da34f36782c76b2d5fe900fff71f669c5d0

          SHA512

          e155d1110721abf37fcbaf20f702809ec32e1ff487279b09bc480c96dd92b4314de8367c7aae5beb47508dedb47b4f298c4d0808ecaf5e8c1fe8123f65c2f7ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fc3f82919cd0b3432bd46b7d614760b3

          SHA1

          eee230fd52ca5869a40b1f707dd8107dc78679c7

          SHA256

          abcefad0e91f85ea12b7709cf7ae6c034f41c6d593689be8045cfa0f36788b56

          SHA512

          24a8a589d07fb6f8c7b3685b9aa3f23d8bb235fae835bc09c885ae665d33ca6ddc8a34365e33cb59ab9a694eed066289a160b27a9ca5a8325c336bc5988169df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f49f20b5086672e08983c83ad42c1e74

          SHA1

          598ce3627aa37999d70f58ead03fe46c32a19364

          SHA256

          eb69548be23ec7e0d1e0d7e07e66be726f536dae06ce5ee66c86c17f771bc8e6

          SHA512

          f5863d8e77d86685dd4432d0c8cbdbd9167d7ea48ff7a161e0873953b08d65dba57f2d14cfa518a31d1f74106688b77e4fb934eceadedb7350dbca571106b412

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3d9632ca5344895a9e91f38a3c5c903b

          SHA1

          ce0f08ec4fe0c2d2c8fff88f49cf4d91b6c06c8e

          SHA256

          adefe408e496d20c45749636afb7de7bfa20bd8414887232c55f5aaaef72e218

          SHA512

          9cc079353bc6a4411d213136272a70b236f8e468b42446da9e6f7257550328ffad3d708402fab568a7cb601cf7f07159977d0273dda97b0f6e0620972f3435c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ec2656bb367a5cc9aa50c2557fe52889

          SHA1

          afcabd5faae1bcfb7e14aa0fe922cd971c61df8c

          SHA256

          23d5b3bcf73d3e0ddd0f961c8ed8fb169f257ec79c71cc512ceb109782857ce1

          SHA512

          cc8fc230b90f76e59ec5c42916bea423c3ab74fdf3096b9187f5a7f7254c24d585f3641f46f2324c81adddf88755afe651ff98d0618cc1edad74dba78a9beb70

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1e1474d7a2bb9015a9ef3b20b2694f14

          SHA1

          3cfa4330473ebc914f74530604646d5a5a89198a

          SHA256

          68d44b632bab8888352b28ef1dae4415dfe573904e278c1736152246dce913cd

          SHA512

          7bd2bfa43508de2576b27950d3b2e4dbfa2046190d280df61b344603e1b7ef63b07165540e292e9ef9442223194ad958f4a04a094ded9306968b57015f918792

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3822c8e8ebc72964199186b9e1fe0219

          SHA1

          df671ef16ee1d90c8b8e7008aeb33ad8c1ba486c

          SHA256

          d5426e4d7f89423b66c32c824b15abd0170852a930ef6a4e8f3749cc08631264

          SHA512

          8f957096ed35db99dff64250dd49a48f57aaf29b5727f8d0238afe493f1e5bd3e1e196c1ae18708943b1cbc0da261a479212628cd4eb7eaa201e59327cbb19ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a23f7bcf7e45590247d7fea2c8cba241

          SHA1

          5020271b2ad1721a6c9f47051d0727bf82549926

          SHA256

          bf9a46b550e943034d2a4f1c5b643e9fdf6bc05e1d123564dbbd704321b2414e

          SHA512

          d569d298883d97f708d67278dad90b3abd5495d10d4bae72048c3919cefbaa84ba71dd99821004ec846d79cc773e4a00f147207b90f6cb72c83b497923634a02

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e2de7564a498a67f1b05f0a1930fd2d1

          SHA1

          70fad1f6b417dabed0470f2568f620d74122740d

          SHA256

          7d47da07904d47b64885764ea1a9db5ccba1d74748ef24ddc881ac3f256dd08a

          SHA512

          013e54a7c8773081d81ba91bd08fe3918e81d832bb0125bd3f22bb282c31e86ebd94a46716340c512871698fb46ae6a406bbf885d01e7b5173ecece0a0c25754

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          88f4f6209150950b8af658e2e6dbaeec

          SHA1

          e1e99aa402ccd24c904a5b1b85ee27ea619adf6e

          SHA256

          f38fcee7332028c0feee552e0fd73f616b19d98f056c25abc2c1ff58d0fc453c

          SHA512

          7bb1028b516769827a8106cf7ffc61cabcc6e1ed495626acdef3b3f27fde1d0570e935693cc5a46a98c1b6289bc2a87b49e534405d2498c163c4c093a0c3e779

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          44d8e070f1ccc8a155717a0213772fa1

          SHA1

          8dc64497c721e67440f3e01d0536121c2436f0b6

          SHA256

          dc8a420989ba1202962444af51d78c7588b5537aab2b467e7acc30977497c6e8

          SHA512

          0bc462c31da5ec2cc2e48f446af525078fb96cdb8f0cec56c7d17d4a249582bd3340ca2934319b0a08905ad1a92ef23b45de38d733617d7cb492f56f1fc49deb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3150c16366d40f46b82d2d7a169e2b4

          SHA1

          40a8b423b8d3305e2c34e63192f3e93014068a42

          SHA256

          33d48d8697a193cd5b234c8091c071921cc8ce3c4552cff7ebc498b956526b21

          SHA512

          e9de84fbc88dc2e501bf6c5c09f0c151db0ed53ffa200fd576cae4701ececc10546e9b02d08e7e46a30336392c376668debe7a9d66dd207e8b0816498f1402c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35f319fac15794d12216742d565fe1e5

          SHA1

          c83e12686baa55cd7700e9a4e27d3ac310c9e3a9

          SHA256

          7cdb144dca814a8feb3263d4ba5325f7f179257fa30f08eddb28912b90fbfa2d

          SHA512

          6ce09ebfcc92dbc8a0b1c99986aeb6a57c088429f8212595b389257fe871cac405fa0a44c41656b0bd375dc067c3776cd119d7227df35f0ad6acb57e2782f600

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2d35261dd5006880589eab9b017b1df9

          SHA1

          7cc675b9f63812315eafb12f1c9bfbe34b1e4aa9

          SHA256

          862b2c6125cec5da39dba2dd6fba8948af231f698e32e31d1294cc52b3053bc7

          SHA512

          bcdce899561d3b9184b81fad13f1a80fb43b9f0e1efaff2b11121bd2d74d824d32560339b17e40ec6ec6a284aec81113c1597f26503f766be037a11fc627447d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          082d95f9a49f72a8afc8fb52f9f8a66d

          SHA1

          82eae041898fde00bfba79f086ba205adee1636d

          SHA256

          995ef7a51b0655bba5eb50714f9f5cae2b17d675567058c62f9cc9e7ed60b929

          SHA512

          d8eadf30c23a3bcbe84813be8d557963dda228a32cccd33fac2b5f6088d0522a3cd625fd1a4875481d635e7265eee5938e3d3429526121f44232b7c8c4a68968

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d779b6c84d8a25d636b8f143f5eb2d6b

          SHA1

          ea4cb03aa793dfecf6ca0b0295650aeede83eb08

          SHA256

          9ca27a59d141c49392ebfd5b4467c057be5b164b33aa8325a7c22802ddfab128

          SHA512

          e2f4e8287e4bc0a710dbff75af99c1bd2f5991db01e47dc4072652ccc67ac37bc764ac596275f2fd77c21912f97e9ea839b3397aa92e6bede75e4347c786beb9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c2a0668183af3e0b3e18e8c810fa33d

          SHA1

          d64510a46f70f9f18495c5db517c49f0d170d300

          SHA256

          2b55946b1044a9c63a384312f5318e8b551f37ecf441733aba79c99bc413de48

          SHA512

          87d0b3c95d0b2fa48f628e852dcfc7f08bbc9544c9b1590ea5f5d466c04483a2f66e6216ffba67c08cad8be5b5be38c3bbae1a7a0a4f17cf1d33696f6d8b247f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          683fc8d1bbde5f8e6a9f5c2d6ac46585

          SHA1

          2393288a92dd48661e7769ab2dbbb4a6b83f181a

          SHA256

          2135daf0b4689b271b0a1d0d586241d1584b308bc9aadb013ff2728d8eaf6f04

          SHA512

          1e02f69cb8a9eaeffa0b220b92a38128bf914de050d94ae0ef83ea53f75b7338601ce8b8b24a8dbd5930cd5603c447372701b58d6d8ddae12dee600ce2742966

        • C:\Users\Admin\AppData\Local\Temp\CabB5EA.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarB699.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b