Overview

overview

4

Static

static

4

JaffaCakes...d.html

windows7-x64

3

JaffaCakes...d.html

windows10-2004-x64

4

Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2025, 19:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_95c39c44a13641c7eda0a72e0f6c906d.html

  • Size

    41KB

  • MD5

    95c39c44a13641c7eda0a72e0f6c906d

  • SHA1

    1c78a0260235eba55edbbf69cf7fe4f091f69892

  • SHA256

    a73bbf48da29b5b1a12c787d267c4b317ec267c7133f91557160bad766d28600

  • SHA512

    5b709e5d1d6e99cf5860342e57c4aaacece6b582c9ec1e27af61ab7363b7477e7846bf729829ab9f895ee0f10c852c212f1360646e65f9673ea37ac1d78ed2ae

  • SSDEEP

    768:S5q3al8KwPUkmzUkosVUk2AIROUkGMmUkQVL0jb2XsOP1Wa:Sg3AaCQtys2X5P1Wa

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_95c39c44a13641c7eda0a72e0f6c906d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    071442fbc34744226818192d3516ea02

    SHA1

    c5d611b8b26b084cc7e492464f9384fae80018b6

    SHA256

    936951371fe25b8d220c4dedd07257463bdcf81ede50368f22d1c92b8b79751e

    SHA512

    7d567737b8a1ffe3622d015edfb4bcf69ebf909879ec2e3fdfb1f399c3c51860ae204752c1c245cde1e58a6ed235af93dd41d7e14090db6b8a17e4196fe11228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95fbb29868992536e0218162ab03fee6

    SHA1

    ff8aff69b9227a42498eac437df384b60777d7bb

    SHA256

    8f8e57e1a0b497304fb29f93eb07bef840a1a3902e043cea606d806879878126

    SHA512

    ab72a2ac25ad0566eecc2b73a8fb622a1a1f1c8b534c43db11db04fd397788e4987686e7e2b5daf96745e4cbb81dca0a313bc581c5f6f07f31c640217624a33f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4151b6b98cbf0546cbe26182aec82e3

    SHA1

    a54106be407c0afa3409b0c8577df2f34667d2c3

    SHA256

    f9940c3d820ce1725224b97c6d1cc4341e30f2077b07b7270c4d8a9c88a5e06c

    SHA512

    65ee25d726422255840dcbc4380dca7bf37799282c6555b19558175e90fa4397b5de67fb00f644e4c35e96f0d671d911b113286ead51b45a588d84fd65157ea9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95b86654b04b4b3874e80530196e3404

    SHA1

    279395641b1be244b1b61ff6cf914b5504915717

    SHA256

    49c0823d0c17ee6104b9e46722d3eaa743a601a18106b2520e5a4a942e750929

    SHA512

    d0accd4dc319930fd0c7f9fe6a1349af2a6dec0e53dc4dba34324f4f4bfaf4a3f32d60273f1ff27cdb69eb4accc61fd4b38ffbfc642b0783d919fc8ec1f9833e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7e6e0887b8609699557b4c678d10ffb

    SHA1

    9c3a37bb1b69f9a5968ba8d0e10ee0b8e2370d01

    SHA256

    aadf54c03c4e9de2eeb9d709ad18619553435994bf668b0c734c82c5c7b6b62e

    SHA512

    0d034dbd9cb9adc5afd94b0ddaf125eaad9893e0d8209de1a835caecc5528812a8d9c658b97a183b48a5464a8c960b515e74b86d0bc7f6ad7ca6bbaac3663765

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd0204c5f867387a198f326f83624121

    SHA1

    00eabdc44a02462145e34bbb2034415255d95072

    SHA256

    0596c5c1d5642834a0a9c3c03fb5dd7a1a7dd78efc0f22a84cf7284df455ed6e

    SHA512

    1b30f6c72189e5ba43bf5247a56327f15068e359d984d42324cc517cb94fdd9f2896aedb66348ef8c27f79be9c0dc7da0a0477b4839ec21bcc479c53dc8fdcba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8163d8041e9768cd72616572aac136fc

    SHA1

    699b47a30954a68c03942ff8f2e0d0d54e28833b

    SHA256

    e5e4684637f199118658835fe65aa4a0df58ebf27ae30d23f7f66cd443f43fb8

    SHA512

    37a430a9242a9da6f09d6a624b023af2af93242247af29198745233ad8149ca2b28ae12d88c06f2db627ac8db1b557b0b4a5ffd177e1eb1885c5841abc8504b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2073c97f665697329f2efe60cd378028

    SHA1

    e28f119a374bfc9ee46b2a7a94b8b5cb691fdff5

    SHA256

    98eb4e5c322682db9178991c82a82943cf3e652795d177098f8c81515a485286

    SHA512

    e61f46c1b8e0b4ddeda59276a8747733cff071f70962fba77fae48becc6a550b152bd2d082afcb77b905e063f7108c8a7a6d8dd869d1c6363fac2969d6dcf951

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    965776c145e9d7fcfb3ec5352c8a652a

    SHA1

    87ca67d65ab4ebee476926f31a93219e98cf4ea2

    SHA256

    39c267c39f7ca380c688c97b35a6fd5693b68992fd9c391c1a63a69c384aa4ee

    SHA512

    fbe4bd440e3dc8a3427fd744b5bd9e3fefc1c27c99a4c4f87f54b06a1ee53328f99ff58699263d050820a20b822eebe54f935b08d78707a701c558cb41a8fe16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c9b04a40940f955eaa8d6524a531968

    SHA1

    515d18286690293f50e9c6ad2e0d8ec966212163

    SHA256

    970a91329151ebdc85209e382abfe4e78177872922c4caf4df00bf1b75a0bbca

    SHA512

    143de7d7e6e0492db948e3a1544215e3146baed39f23ae8e17bbcf4dd0a37cffdb5ec52250ac9927e0b29c95b357416c1898005180315e0af37c8d9dcaef536c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc691bc81169c468407da66b43b8fa96

    SHA1

    a75bb6a53877d063efe74504ceba85de16888c2d

    SHA256

    5f203c3a514600aa467dca1b91d20c952cf6cbf5e14c099191b52db6d00f8087

    SHA512

    671a29c96df0cbf7fb0b9303a9a800f58f7b3e2cd22b6e7da87b3ebb4b3cb8a9965cd0ddd803bb2886455972eb89e35469671c101b733cbe776fe72dacbc3879

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af6131f07abd0f3a6f21214882ca50f4

    SHA1

    a343c364a2e38edb31a55a27cb0a7dc148dd1cb3

    SHA256

    6bd5e87b22ee6228eac356c0b4f33db016c21bc998f5055487fe73b7af78c2bd

    SHA512

    cadba57a91b5fb439fcaf53853cea79c0bedeaede2f24156bfc05d6e74b0c23cac4739992660627d0dfdaed7df5dd659dc683384417cd0501863548d3e5b5caf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    187dcc9e0723fffd07cf8527c7b7d63b

    SHA1

    601eb8fa0e87cb71f287a3c18440f652692ade2f

    SHA256

    56c7962b297c2d89ea15d9b4df9488782053e938e1e8255057cb0b5206da18f2

    SHA512

    7eca3d2f724985b398118ff42f89bab9d2d46aea5c10e7e45806a732bee6ed0a0931b477643cf8eed7a508654a3bf3f6ccfb34017aec3e6091d0bcb8c3574ce7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    112f7cedba05fc23c76345c00d608f24

    SHA1

    28b887aaba11dafd80b6fdc947fafd2701746d6c

    SHA256

    3df0b51158bb2bed7bc2d2af3450dc976e10ac2fa2eaf4c39cf8e73e101125ba

    SHA512

    765a62491b3ebc9af8f4fd46514827cad490ad138e616e58b43aefce8deafb927de815627c7e60199c71ed4844d315398e63261074c299ad56e9ee893b90e3c7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\e[1].htm
    Filesize

    47B

    MD5

    06b05ae9614bafae9b0b09cfbeed559e

    SHA1

    9b087683529b7b89a117b2d5cbb35a93e7dcbaca

    SHA256

    a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

    SHA512

    f97936b6f3dc025fd55cd6a9bb59bfd3a58ca1d03e0fbe68bbb63e8a1875814fa8c367bda3b59029b549a5aef20abb5bfccd01cff1546ead70f6b07123be11da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab675D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6ACD.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit