Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01-05-2024 16:42

General

  • Target

    0c4d44a0c0f83762f3ab3ca07f8c3724_JaffaCakes118.html

  • Size

    116KB

  • MD5

    0c4d44a0c0f83762f3ab3ca07f8c3724

  • SHA1

    9b5154382612e9db574b46fdf0815256c57e9069

  • SHA256

    a66a8800c20caa750b049ebdd02207cf030bb22074e84efd65ca2041a1b1bb6f

  • SHA512

    fe8d5b05bcaac961d7d492f53cbe4b7e54a9cad37de2f7d113d941df0bd393bc35d69ec8a553b7c6638e8284e0c49f37806338d3ce9b0edda3d2576ebbf39c2f

  • SSDEEP

    1536:SqUyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCsn:S1yfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0c4d44a0c0f83762f3ab3ca07f8c3724_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1b2c4ae99858d6c5aaa78f5313debc0

    SHA1

    ef49e02aa51703374eab96131eed4066d494959c

    SHA256

    fa20b9b44cfcd59d9843aa1c6206f9f7baee50e6967954b669d4a901deadbf8b

    SHA512

    656e5450beaff5e28612748d49b4c249c68e4302f537ca90e14b7ae05b0aac829a175636c417adda56ba6a44bff14bc0cea50f086dc337716b98a4bfad3dfed8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    42c99d3cc3f706aac0e19a7c09a58dc2

    SHA1

    ebb88c6b791c2375c2149b760b7673b3469ade6a

    SHA256

    8007e6eb005d7770c0393e5b65c159e734e7a37b67713e496ebe544b3429bf57

    SHA512

    41c873c15f1aea4dec728caa0025e06fcf0cf6df841cfcd44f82987bfdedcc9a737976c465a5b01b8e8c833720172f71f17cd9edd574beab30c331779ac59a91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8bc814ba6e5e1b39ff7c2eb25a42729

    SHA1

    17660bca762d9d6d3debdc6ad7072e804444ba01

    SHA256

    79285bbc9a7376c18b5d9b0ce15b0443c2521230d7e66ca25c36183bb47c92f2

    SHA512

    5e8b61ac4948519c9d575e1f4010858d7c0b8e1dd23e3e70600ea44c4da0a0cd768fb0f639f9cc35b49d2c373165e34ee476bc8394520a8d1672d12364b38f35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b46da30aae1574bf0667933753a4d5a7

    SHA1

    88cc00c7001f6025f71d58590083762f297adc3e

    SHA256

    6edfb629fdf160aa20defdd68ef2f1a96cd1dbca80ba7921362d5fb5b3a9cbef

    SHA512

    3a4341c4b19407369bfc7df754d80465c2c6aa0d7cdd4d160214820de327ff043f1e1e5dfd3def98d162c7399caf3bbc1ebe92242dd6dc36664189b13848e63c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a21c59bfd8f51252af7afc4e9d7e5964

    SHA1

    9c700bf89f335aeafff9e524d928c305981d551e

    SHA256

    1165fc1aa1cd2b29d7cae52f7894bdbafd5fe3f54414099f893fcb05238d4546

    SHA512

    73cb74f7765b9f949eac1fcee37cf5deae2077c641bd8137c914e4918562722c1cd5a62d05bbe586c16c0fff8740511a4d00f372bda937503fd87303f07905cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    625358159da122a197041a73166326b8

    SHA1

    0935bb504a785c145cb3cd03bdaf5ce6b5db7a19

    SHA256

    3b65fb680c168422ad5e660f532a719c14ba4e0aba9ad7da13111016b8a2a8d2

    SHA512

    479cf0e7453a23d72ce6c3c54c4fe74b110f2c18d4a1924e148ec086f2b8f874ec19afbf082d61b8715ebb44d25f837132029941ebe456321f27483c490ba7aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0718f9ce9487403c3921f889b6100b0

    SHA1

    e62bb96c82f797799c5ac545b3238a64b48b70ea

    SHA256

    bd674900bd647fd6402604da1c578f31ae5f5df52f6726bcb5cf380158f57c85

    SHA512

    cdf22ee1fdd77614bcf82fbfc2880effd9fd76adf6be44c53ab1b22a0863f030b11cc49497c1b9017e0f6938dc2793a69179f63be14834493ffdeb07dbf01a97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdc31b149f4da174a1c01b6c48c9836b

    SHA1

    c9b86c97514228ef59f3c526c9105cf8332baa5b

    SHA256

    c42a00e3eb80031af473d3435e63c06b3bb579049c3ae63b6398ce944dc57640

    SHA512

    30670be801b20240202e7e2ac52b371ebd387fc78cacdaac0803ba954d1546d01a037d927e2bf815c52be0d6da44cea4c1b4604230f9654636349caf5519ecfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5e81bd8128c853b8c930e2c312fd368

    SHA1

    6e5a14566cdf3017b25fb2fde70d9ac63c5335a7

    SHA256

    ec6a9d127cfb556d94e87e0639f9d125724acaaa937e27df56c3a89845d60f09

    SHA512

    cdbd4d0a2df069b7e491c5327ade3b9002dded9ef4fa04d52bfc895a7aa6fa4f12008603f14e043a2cf6f0418c3d725db8d97549b0a42ac2d747e90e89888b93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10b169311ddb8ce618f29a6ba98cfc52

    SHA1

    349f5dcfb2aa9a0ca506833cb229d39ba09a6959

    SHA256

    16a7195df5878b1323b10a6a3c2ce39c2bcc2ac29ffed5e5a6d76e7d50257dd0

    SHA512

    f8c96554a7b6f5799abe41fa82258f0ad4de3c5777a25166cb05cc2b3bc5453afae97c9922700967d8aea9b69d0dfb8eecf42ce46d271b3ea7ab3818b7b11539

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41de9bacb3cf1f1a0831b14da5a2d49c

    SHA1

    e40888f4d65a2154ccc87a270b745cfc731303e4

    SHA256

    4dfd160d3c74ed8fbe2aaf6729470bfa4aee08459cae17a3d3c12167273204b9

    SHA512

    059a9ee3370949a4a5b68d74661b3c4daaeb6e6926d93bb700aa156788a2237cc0249fad9b4a58a034055cd333db256f20f353405109f6007d099b5b40f9b4b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3ff837e6bf986422ca1d9efaa4e9a3b

    SHA1

    3976dc3e2fe5ccca13cc3ebc33dbe13fd40633c6

    SHA256

    ab981dd8ee2c7f14bdef6386db3560d584c30ebd97812cab4ec83c1d3c793fe2

    SHA512

    327c6cfeaa90a790be0f80783a69db81bf756326832a8d8440968a1e5ea1f68075151ef3ec0ce260367e350cea4d1a75f94e92270f6abdcd15d9ff73f8b74728

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11a0c1b4292e4cddfccf98840212827e

    SHA1

    da3f9d23deba84a1cb7d3e8f2b05ef198e397d5f

    SHA256

    3c5506a590fa03166c26e280f2e5ebc78b1f85e81b991d8bbfd62f9569569478

    SHA512

    a86ffda1f9ab8447c51ac1ac6905966163728b41214e42fcf96cede6f747149ebc3ab647a1c322ad6d7932146efd685a74b5da4fcfb80278e09787f0a2637ed4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2703616a93468c6d357b9e4fad3fddef

    SHA1

    99001376b23c128af4ab48d346abf0d2926a9589

    SHA256

    6a442c94129d376bd99ca8693ab511875cbc5e4442c35bfe0dd275accb526cc7

    SHA512

    21f5f4ea867fb67c0e2e614e92f6c82f6aafa9213878c20e20a0ad8aabb335067cc778700bfd5206c1d65947891b6995ef98b06e8767b9802e8e26cd767baaf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    881c29a7816f71123f44438a5770b204

    SHA1

    c6795039cf0f6aa742d371a2871f710a624dfbb4

    SHA256

    93861963ee354e34a95fdb5c84c7b7f418fec314ac2609adab1133cea8882969

    SHA512

    b023cf8b2ca6a65d38f4c8cce206b1670b6d9b43b2f7ecb60f7ab996e1b376cc73bcc3d85861f32a54d4c05ffd6a743c1b9bf1baa9c3d6e62e513023bc71b929

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d2685bf925c51552be282e0737ba5ff

    SHA1

    4605aa9c1f4f5190bdd2dfcaa4c57a6ac89ad5f0

    SHA256

    eb236188e5916c8e51611f99c6e6f50edc18825b9c113ab977faf8c068c398e5

    SHA512

    ca216533613b87d3c3c76e9bbb5b51234b059c90fc7eb28423196f022d52efd4679f14c2f3789a91b93336e18d518423603d352b51e73d04b7fe709da8d6aed2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1cc5659842e2a9bb13ab116187f35d5

    SHA1

    beb2983c4396250e61674c067025c0dc44a5a86e

    SHA256

    bf8a9ba4b04080e24ac7c8bad3431326cb6a196c0b0367829d7bdec778c73277

    SHA512

    5c945f8f22e21174a19077e6f1c9ca119bc96fca1c85f91e9b7af1a6153dfbe77873c67af4cf2159b079888688d1c4122f778a7c441f7edafa5c8c55c764297f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f2e50daddd2d5df29f8d9c6e34a8ca8

    SHA1

    36e7b2f0746007ff88f8329de33cdb765fcb6e2b

    SHA256

    982124902bf5dd2c700b4e7305963e10c722f2d6c88b69565896b0a4001f0b0e

    SHA512

    b7326449090662a3baa88084509d6e43897b730b9ab8a3d3b1db77db8e615289a739e7e57e8f4ffc643e863a0d1d1be96300e0d5cab1273843674b94ce62278e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92414206d40d97445abe5553dc5d4770

    SHA1

    2226f74fde1e0e8538e4b96263c207e015ae24b4

    SHA256

    875419adec81a386ffd1c17e96240baa473dd51e7f77520d1e9c0881aca6050e

    SHA512

    4cf206f2716b87f127ed82b173b968fa2150cdabddefbc1e62047f62637af59b35cb4cd5a38c6872545a61d8c957713ba2dc0e01e1c312fb306ecd6b104ded3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2bab7172c49f865a501e6c6f626d234a

    SHA1

    c18f3b00a3bf4b33444881eac87292e50ed321ee

    SHA256

    40a3ccdf9dd0ec823fee966d0e331acd57fe61921cfb9248ca39aedae2e4c1f1

    SHA512

    b068d9e79baea64df6c13341b0384f78b1088bf77fa358c20b500ea18909644ea76d21ba35db8166e6f94dd61f6699924aab61b221ca6871538fe34192d38dee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23cd24d3050b7ce15e67a866adc17415

    SHA1

    021c0b01bb9a391ab4fe24c903d1015a8b04ea64

    SHA256

    53906a8cd85af16d3a2b15daf92e9202ec77c3a11b4d6d48c7444899161c4fdd

    SHA512

    b0ad538c88fefded10a03e97782cc80757522d3923ed5058789911e2dd20b65628826dedb6b600dd6887c0a9f1739b0401d431663d072fb0424d3d2a987cff4b

  • C:\Users\Admin\AppData\Local\Temp\Cab906E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab917B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar921C.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a