Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03-05-2024 03:43

General

  • Target

    0f988e59ff2f589e407147738b2d7b8e_JaffaCakes118.html

  • Size

    27KB

  • MD5

    0f988e59ff2f589e407147738b2d7b8e

  • SHA1

    df806d36919de5a99d7067adf194050257778c25

  • SHA256

    480a182a879b7357801dffb9bd32ee408bcaab44d6820a5137bcba1a7b504c95

  • SHA512

    cec590656cb3478921b397d0cf9d3064e4ba464beb9db3124fd07ab14f805251e5b7ba13dc70cffd85fea856a93ce0940814604a744d724c2990e7d8195a9c43

  • SSDEEP

    192:uq+DnEb5nmGnQjxn5Q/5nQieUNn7nQOkEntb3nQTbnhnQmCJVevo7NtvFo+NzQ4o:nkQ/Oygc06+F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0f988e59ff2f589e407147738b2d7b8e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    827b1e28882f322ba6a8d07835438488

    SHA1

    dafd6489e619774a7c4e6d1248227cecd86dfa2c

    SHA256

    0279e3332eac664333614f54ece9079271ccedd67a19f491025b6ea897d36c52

    SHA512

    ecc3731118e722ab449e510b2d1825d37bfdf60711b729eebbfb9e8ee79f139b0517d4fcdf661b2764313b726b9d491e57a72dac3709ac1288d89ccc69ddddcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46e955eb2063e132a58e2220f672eea6

    SHA1

    5607cdaeb5d42119b92341a799102e79ff22eb9f

    SHA256

    670ff0f5dc8faa2528d6e7edf6118f4bb903a8a773f67c337d8dd62c6c1719e8

    SHA512

    641c08db940cdbb68123d4800282245b5570c163a6c3a74f74dc2ce654955c9bf0f57996696939eccedcced6c5be543b20c1db5ddf13b396f3566c9662a74065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    246909801c9deac37730bcde79e12ede

    SHA1

    0fb44e93b063cb523d882b4c29590fb07a03bd43

    SHA256

    18e17281851386a85eedda966626737ea987537049df48089fb3dd968df41389

    SHA512

    f4e5d8b03653b60a2e2418066a43ed77b7d213c06b4e83d77a3d458a132069425632fb5bdf4c707744e36aea7be0556f21a829ed59f52a114677735813168da9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a0fac6a550d706def03c7c89fc22a8f7

    SHA1

    43e634fe97dc7ffc356d8984664298a97729fbd4

    SHA256

    ac1afcb408473e09c3e5591aa59839bf3f557e6cff8453bf9b6edfd2333f6c26

    SHA512

    dfe10cadf8989e70c917c6ed6485c86321f81981260a019c40d8c400002487c1b5ee05fb9bd6a4b961ed398b5fa6584e654eeabc76ce5a58a4d40f07765d1a7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a70eceafe663941f5828a4aef7c63582

    SHA1

    52e08dcdfaf18b1c44f530c1cfc729da54520797

    SHA256

    5430140e262a9cf24da140306693f8668063b8fff964d0a26787d52be0accc82

    SHA512

    4cdb4f8fac3b8820211f7dead32b8254789a638fb1d798e6fc2d4e8c8861e8c9b120d1b0cdf0d865d6e6e480e80bdbd2f25709d6aa825dd0586d71ad6884a9ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28fe52682705ec5bff5ccebae27a23f7

    SHA1

    09654dfcb231330a1b434c138b1767cb25a7a36e

    SHA256

    1672e1506d9cdbba5816e749f48af8e300e42600a41f1ae50d366805def72ec9

    SHA512

    a52d103f5c42d0ee6d1e55a9b560dfa6fe42a6ce0ae42fe1fd33410834b1f9b1284d6d9876f590b0b49ac2a4b05d90596587dd368827dff0e5ca690f44af595d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1bfd05cddfc278984cfa78ea91da0494

    SHA1

    a964133f352d867c276a0d3157d40324b8b63a3e

    SHA256

    11c78b676b2b0fe0e60c95b09b172ea16a3a4ab3dee1b0e42d88b1f33b2c8817

    SHA512

    7dfa812ee91dfe7d32191c22da7e30bfaf0ae8efb65b2e130001344099b0f5de77dcc2cc6be0e0ace5f2c68042f4ac8d807fa9c46c23cccc27d263ab398d20bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0581332a90a900dd8762fd6f0c14ded8

    SHA1

    fbe7b6a625d645add11454b5baa41c9e32c07100

    SHA256

    3632e9639b9467c0a5c1279315504003c45532366205257a7a72cd542cb7c258

    SHA512

    d73866cb14dac82c73291a7933d9485e274e9936c223bf72b7bb89f93c137fd3be23a18b9e018dbb5dd6f817d3eb355799a3be4d730f3096a817fc6b051f7c84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    725d9bee63047791c2b4875f71e92740

    SHA1

    0ab6276cb3e06aa6901aaf58be0ffdec3aa79f3d

    SHA256

    eb7c733f774a35e901d90fdc2b92e7407f68c277deb6cb86ebf246aa2fc75db4

    SHA512

    71a9fc9845fcdde8ce5536bc52de3d4bf55f70f8dfc7140c46e494f6c867c05034c3c6532ec2b1574c13cbe7707a06fe109a26ba19b8a6db4f8ae0ede5bc17f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    421c5f8d09e866dabf1a8cc072f85b3c

    SHA1

    e4eab796eb6d09f992e562f6093b8b63d553cf62

    SHA256

    65957275b70a8efca27ea5976929c6a707aaf45c69fcd7563a793abae3a7c91e

    SHA512

    0bfeb3d11c6f291f5b3256b48779dfbc0226a220285083cb2286922c6d4c3d8fd005115d24da4bdd6f9a24bebdc944c59a27943f36923f3e3c6615efa08d9baa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fc3578845c3e01b0210510bcc523c634

    SHA1

    91778c8ba6080a232e17f3168999c8bb3cf0f227

    SHA256

    50ff5faa6c7f7aeee44d64db73ac067b3179487ba11054f0a75a1977384a466b

    SHA512

    06c677f6da7c5948e081145cc55da9d9682eaf2abe2ea5d462f155bb32c43dcd16c06a1ec9f19934fed85994ef67b4503a4c5b8288f12f1d9c2c2e67a99d10d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a2ac7083effe0f7478543a64040d277

    SHA1

    34e424bcfc66a3db3a09d15edc803102fd6e90e9

    SHA256

    268d253935ec3d1924f16f2a95c62235506791ebde8dd8633110d60588131b72

    SHA512

    64cfb1be7c6f520b5f4ecc08f6c5f15e3fce8feb3ea32db611938ea4e373175eb53ed0e7f9a0469ff64fd71ab7d0ada6199ec0825e1eec87fc030042c54fb663

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28751b90660bf6083cea4b0fe75bf3c5

    SHA1

    f269facbb8f4125b2abb14718c0a3ddafdb765d9

    SHA256

    610bec71aa8028cf4022a21c49657b1be36a2852dd1d615f41f09916f9d199a9

    SHA512

    4243c910a87d4c45414450135994e0f3878e629b426bed71e46b6a1cab889204c10a7906b6eb7850666a0921f48fdee6fd621ac89542dc0397dae9a8cff47ac0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9c5da83928df52cef357afec16ea787

    SHA1

    c728daaf2009132390df6e9450a94d832f45dd3a

    SHA256

    8463d19e6ea4c8c5ab3f60e4fb0083a0f42a7466257ceb02a78e5155b932a106

    SHA512

    584ed6cd129e44e8b31ae6a779ed30de7cbc997231aad0388e3abc0eb40fb3516d05e042d8240c80282c13abf4e33ba6f0a8f4c4f60c6c56159f6ce0a5f8544a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    877810ca51010c1f407d74d8f83a0bbe

    SHA1

    02b9008e89673bf224fb9930310e91d9c357a7da

    SHA256

    7bca67aee05631ab8631527d02837ed1240bfa4e954f9666b0221447eda69113

    SHA512

    0318345bb345e6334a1817b65a3e4a80648a0f4ecdf0f5a32d700b3cef38d387dc2137d6d6cd6aab1d6625ce41f238fb546d0d54cf36b13f19d4b3cc6025ba8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c356a8b8b3d97ca25699482d3deef7e5

    SHA1

    aa89bb9107bcd6e4ff40ba766e74e875efc3f651

    SHA256

    955e61f726241cdd84fc50db527c0e8c236d18cd3fb933b681b305c1e3eb6f48

    SHA512

    36daecc934e01bfe9e7f05324aa9472941fafb78d841e16ec14a0c7b99302be7a5930848e0489189240506588f828bd650e710582a080174110d4b1bf4d0f845

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cef8a0ae27e72a16d7e3a5faa5e9f6e0

    SHA1

    22890585f085ab4c21eea62aefef77578ecc8dfc

    SHA256

    bf5e4eadbf85ecb18e05ea665b45d68d95a46488351dbd601918e91481d44747

    SHA512

    9571c4ae1d04c11c676f2db1c8edf5048275114a7e3cb2cdf8f472951ee80c6c8105fd230e3b031920b86a96fd4332d95ad0bedda7a897821caf3e587021d7fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57ae26b8c1ae85690b5fedab5a4a86e4

    SHA1

    046c55b4b1e3a0038c243c7427cc71d27f8114aa

    SHA256

    03584728bf903a53a500e9de4c77132a85506735967dbe5b687227a2beac34ec

    SHA512

    9beaaeba39702633546680cd9caeec4c73f565376ae2845077ff2ad8eeef36bfe8d1cfe4926be26816b7d70f1feb00e118c3a611cf20b5592049afba66e49f24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    982cac22173336036cced2534986d436

    SHA1

    a60e54a25e00b16a804964b3a971f36954e28870

    SHA256

    ccbf1dd4478298668a31c4c692f4ba75199bda7ec1c22ffecf973dc04c871e3a

    SHA512

    0ec062f766c9cc5fd7f5b08c3598113946d29b77c0915d51dd7e474549a857a33d02daa6ccd4de7b843fcb9cc9249a1d6b932cecbca909bfb76ef3bd1e1f37da

  • C:\Users\Admin\AppData\Local\Temp\Cab3150.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3222.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a