Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01-05-2024 19:35

General

  • Target

    0ca9803a8e28928f09833ad6ecbe833b_JaffaCakes118.html

  • Size

    13KB

  • MD5

    0ca9803a8e28928f09833ad6ecbe833b

  • SHA1

    00e6c89181c77d2e3249166747cdf956c418d63e

  • SHA256

    482cc6bc24ee7548effa68982b83a1cfa4c7db5310d3ba24ab6da35fbfb33706

  • SHA512

    24a41bf6e53abcfc86d67761c7805f726b3d0cd24a5017aaf24057e4a7d71a420670f7783b8b5ff4f35c4ea05dc17337f21756d1a2a3c3620893d1262f8992b8

  • SSDEEP

    192:CyiZ/jVC1u96zudrTmvknwQFCVCf7f2uvK4Mj22GzYKxm28Vc5VLjFSF:CyiZbVWdkaTQFAi7uuvK4Mj2fYHxwj4F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0ca9803a8e28928f09833ad6ecbe833b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7192a9657ff6c32977b34f3af9af95b2

    SHA1

    861cf155bf0c462a346aaaddd0146ee584d2d387

    SHA256

    4ed292bf8e2b3d20db50186d269e7e85b4ca138772f21b9242b379291fef298a

    SHA512

    f9b05c0844232235516026f5a886efe2fa1a77c6e8db28ca60ec008b642dc0c2fd055adbe9b56db652f9077cfb04faecaabbcfc3107e0d552ac108cc6068a29d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f852c681f3ce19de367725c214439e0

    SHA1

    1c742d12213d7291b48a58ff44cb737f99628cdd

    SHA256

    ef432ffc528346bd58428c7ed093eae148f7b04b61ca0a7ffd2ac9a6c6014713

    SHA512

    bde79d2b76a6cc986a24dcda74323ecb82668d3b5e63bfebff94933e98e185baea84ffeb893eb38e46cdf7d89b742e99280b13e56bbacf3d26fd4565c1793df0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8e52c69226135a12764b7213f675d07e

    SHA1

    8dbd7b06599bdf47856dcc7522b1d49d47072234

    SHA256

    02bb846bf9883eab31975b93e447010466d8a2c10340786083e0aea03439a095

    SHA512

    b68a360b53cb46e1f11ee4b79334533dc106a5b5195a5c54846af5aec241343e7d0b4064e7e705c049ff9e8700c97dd887fd0ba3b34f321c04fb055667c3fb60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6b2a5d99a5d0d2cf1683944d0646dc1

    SHA1

    180a7e76c5f5945b184c7e7edff4ac8c2a97fd85

    SHA256

    5ff689799e13f98e18aac67f6a31dd75adcc91caa2ac9ee6a3f6b5783539e1ec

    SHA512

    6cb4cb1cdd856e450a0e365e87ce42296a9696d219373f4075ce05c31d6f1fd08a6e65356580820a8b210f89e515c6ca1d1fc575895d83613d62935ae257e178

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6d7fa6802a9c3844ee527cd691f8067c

    SHA1

    286e765b6a6612c08df193dbb6723b02948e54e3

    SHA256

    cdac03a010ded7c378ea72b293fc004347c25fda47bafe36a1b5ec2326645ae1

    SHA512

    4a1abbb8666fd6c80001a6467cf3762f143e9009d5bf31c69f09d11d3925d97ba3d123f5f38a0a5344e528664355c02583ecd197f5521c8af4b1e62befc16665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7571c27d5a9bb93d7620a4b4e8cd1abe

    SHA1

    8f385664d6a7c6741b90be27ff1aa6a0ce6d788d

    SHA256

    586c7329f2395fb44e5774e2978c074b0a19616a4ee51a48ad27c39bfdebdd96

    SHA512

    6c99ffbf0270f49fc4d58ee367fcb70a306e951050bd37109e08ac24e5669847f3073dc45d529b2b43d1d5a5c64c4af22bfcfe5dcefbfe257cb20c961ff5963f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9022634018b1803ab85b1b1e044d5857

    SHA1

    e84b3770f3f0e248e874b7a3bfa8dbcf2c815be7

    SHA256

    e1265ac30affb831c32681619a8cda3770337845158562d5f2418b72df8dd0d6

    SHA512

    048ce7d3a1c231626a2f1f0da48cf2cc2a685d56b48b6d4e3f528620e689c9916f302d6a5dd42018a9522167eea13e51fe958d441924b96f7fe34df3765c0a25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c239dc720461d554a99097bbf9b4f1ef

    SHA1

    b31b3556e56b89538acba3b546cd1d9d62945ef8

    SHA256

    8ed2fb605690d81b3e54ec0dcc217c2b1cba77d97848b3de8628dd45d70b12d7

    SHA512

    cd5464afab7a6c022ede734883e8957cbd265464e0f432ad30995884193e902223a2786d585f60ac3a02d3c08cda092b3201cdaf938c653833fd5e540f8dcfe2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b80eb5f421a84ff9aec19a3ac0756cce

    SHA1

    0c3698a394e675659b239707d215cfb9cfa19c15

    SHA256

    534e032d0d8b3d62df4472d86fee4522b866b00ef5fe04f30dea4052498ec1bd

    SHA512

    4b3b0b99a8f7227567d8963029c4ded17ef037395cd3a51807fa94e3ce284b57bee5f551f31af6fcb42e184e916f7a6e3a9d173c7a7d172cbf34e93c3d9cde01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    70b47cc1adcbb7fb34ed05307fe537fc

    SHA1

    5dddad956ac10827182af91dfd134dd9c3e06ba5

    SHA256

    cc70c35d08a96f97eeec4e0558cc997ada6c68daecdea942a37410c3c5f0c9ef

    SHA512

    994798b01e6feb9543f3a341ab574c078444f4f397d6d556354c2f444fd9ed75f762743c676b3aee245bf222db4a69b1f51f8ee80f2a47c6dd98adc8c6396865

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5acdc022d1118a40c5069f9b1719feb

    SHA1

    dd10b08656c19c2caa2defcfb1d2decfb6e9e77f

    SHA256

    07fdd518bdafe151cfc042b2c04c55463737767d9d3737eea4042723608e8c9b

    SHA512

    3c00a41df229c5372748c168c66d16a442607c27939dd8444bf08712c2e5e2868e84c6c118e69cd89a6c9c27d91cbf149ecd5f6bbbe3b8a12ed98bedde837e70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1c0ff70ce284e6fe152d5894e27b0225

    SHA1

    e53d491e48b07c1ad8b092442b4f04cf9c800861

    SHA256

    8c67806371d59c272d55ae28db45c7c9fb44340aec0de87b925e569477e9d391

    SHA512

    0b39a23fcada4cdef8eec1c37c054df49070a47591b09952a7b6421e4fd3aeb080873ecea518368dbe2463bf3461ce92414cd15d2cd806c49b2b7ccb23732854

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e4546b89e5940e42d06c098721081cc

    SHA1

    6596da17f25efd41eb30c8999290d00366d7e5cc

    SHA256

    bace56d57f5801a4b2c191bb881f1eecc8a151cefd6ef7eb1864fce9702538de

    SHA512

    3bf86c7f69a1c7b9b88021039816a85122815a1f9719f3eb60ebfe55e13b8306ebb875b4139d2252407d03b46fc23c681e965dc6169ce2a6525bd90a2635f9f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    be67f116eac37607cf30ec677f437b8c

    SHA1

    a870ffbddc4f88917c604e7914c56ea009d729cb

    SHA256

    1eb5ae1b33682518e3b203808de2354d7df324b398e5f5448c6dee994d2f1f3c

    SHA512

    5183e6cfd4683e3a2443a84d663865e9a01d7bc9797d4df24db33d07a866b86256960c1e4383b3acc41ad4050977cd3c4a446796e6609340034df8c9b01d6439

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9242304a47144741926b1c5ec4de3252

    SHA1

    f3c1922bc430c6417b1f9d1886aadac8f8bd5e59

    SHA256

    ffc04fdc4ebe8574625e27cab3ae452b0214a36ace93cdddbfac262cc4327115

    SHA512

    d7e2270309694a06d4491e6159e7061d253802f8e1cc83baf711af22a5d59c316b206378a71106a1c620859c4302f14951584744d36c5ac4358e5f4724aca8cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1126eb6086c37312a05f8bbbceefe8c8

    SHA1

    de720d094387994aa4e3fcb290429c242b45c8e1

    SHA256

    5798d2dbebd539018872d0969f673da95f08653d7e178964529edd179a2a4531

    SHA512

    c1f0a5c3677838690642acea3422dcd15450fa5d97148dd4df8203f91f3cfb8e51444a66c0a0b21c7501cdf5b43cc8134bfe045d2f1a4f3c776b3d5e6b282783

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    21ef1fea6483c81717a38e1f7ef69d2b

    SHA1

    192c72ff5974f16c95976d7c3423a037fcb7f566

    SHA256

    38bf30cb650ef985ab977a0fc94e70bfd516568600645a14a959e9c4f6ab244e

    SHA512

    d311ae8b08416386d1283891330a81107701bfb76b536237184bb29560684bc75b75ced95cf6f3032c2068ae087971d3c9a57ce4d924deabf266ff1a6c29af9a

  • C:\Users\Admin\AppData\Local\Temp\Cab95DA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar97D9.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a