Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-05-2024 04:54

General

  • Target

    118b9a9929778f0be890ebbc86626e42_JaffaCakes118.html

  • Size

    25KB

  • MD5

    118b9a9929778f0be890ebbc86626e42

  • SHA1

    ef7cf0520977d513486b965ed97afec5a6d7aa91

  • SHA256

    7fd748e9e1f37c2c0c1c8bf71d16213f9bf0eb2a2e1732e0eac9065fcc59ab3d

  • SHA512

    db7ee533e2b5937ca4483b86e2c7fb493b04f2470af59e02cc75956db2f227bae07d237436bce76cb610946bd073da34142c785fefc8314b6f73e7a1230e2d9e

  • SSDEEP

    192:uWC9/ShM80HWglb5n7Ot3pxgCy809KWPXnQjxn5Q/Z5nQie9gNnlzanQOkEnt3ly:TQ/5Q0GOD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\118b9a9929778f0be890ebbc86626e42_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    893c25cd04c9081eaedddd40c9202598

    SHA1

    c8a275eaed49ae2a1f611e6807498121a1ed117a

    SHA256

    a9c382b565dcbc839c3c02df4916d52004698c30fa169ab132cb7a3d943d99a7

    SHA512

    22ebf8a1a7697f62828b1ab26d3f58af67aa290cec8d15b6b1c3ce1a6fcf2982a272dfe1a65d2eaecf93890a8d6b94f2ca691e9e06565a4ed24bb96829a22c25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f4b196095b5c347cc6090d45b249e39d

    SHA1

    84fad0ceb9fca5771737a91fec8d620f25392305

    SHA256

    6d1a2cbf61c626f9080caaff8f2a3a05aab85f202aef5da2960f6a1374bfb32a

    SHA512

    46f3c6b73e08f35d31f08d3620a6e8158a4bb6124c3be6e2a02e404bda994264715324f5e47db5c605a6e1c119a7653a2feaf509f891b422a892f26be8bdddd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02d894d3f8bf99c0ba7cb9c1039ac8dd

    SHA1

    02f2c82bd34f2465ad3ec65e2a9d4c2e0f7c19b3

    SHA256

    e542898899635daac1a690e7c7f1d790b0a407dc46f3e95de5a5cf9c7913ca0d

    SHA512

    26a7268e7551b081600c297a38edd1c4ff766060bf96ba9d75b1987ed00c6a77382bd536fc6ac65ebbe866921ac03de14912bddca2d683b10c67bb3cbf6691b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0195f991fb7c75de3fbb84f8c80e42a5

    SHA1

    d2fe9fdce8de570e3bdcee8c042a18f7a4f5f4d6

    SHA256

    bad884075b4083247a6e18f60ba2aebee8ab782be90539cbd3812f28fd81de96

    SHA512

    b1d9fac0880b1307d482f88b025138b9fb94e01b2cf510dd2b0c80bb449249159a0ad9348aaf1682a67fb2d33792a55eb5bc792c94c9ca6f9a69c5a6cd7da00a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9522af004c84cf35789939126e4efcd

    SHA1

    0debdb8be12e4b1b34dfbaf6c58739fd15c6ff05

    SHA256

    82e62fb4d9c72f75132b85d112aa772522f06632d88ebc26c9632a549e0e2df1

    SHA512

    4e444892360b77d51582e8e795944bf997af5af9050b88b8ee11667beb50f2e52fdf2f5f1af126803c1c0be424f82fb60fe34235c9d205ce8c99eab08397e37b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    14c3c4b41df480e01915ceafe853d7b0

    SHA1

    982baf4c437c4b286316228b572b97e0ffa444b3

    SHA256

    ed1d3cadf8479c572eec3a7294e417c89057f3dd78ce6db2c83b31a514472a3c

    SHA512

    3d810f82793682efd098bfe2ff0809658900b24a8be3643fc53f3c6a24dc4688f0e97476207d9a4ad1cf46a7260325a24fce7e2f045355d2884119e9e9d4f924

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c85bc61939243e9d60fc0b79ad239303

    SHA1

    4865051ac142c3657a7af723216445f2e582ff62

    SHA256

    28d57f382b91c8b320d04e892bee10e68da2d91ee8e591a0706d5f40fe7e1234

    SHA512

    a68c1b40b3f172ddd6cb436e0d1476d49a764953015ad32b13a8074a33e0f79ac4f6a347592fb54e81ddb724f04309b8ad83b8f24859ffbe986149bbd6b36473

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b09f671839fb3ef6587d8c5685da6106

    SHA1

    ff5985f8c7ddee3ae25febdb79d3a195408829d1

    SHA256

    be8276753148e7a5563451d0a0ce833871e2a2f5c78ddebefba93579c787a6f6

    SHA512

    92b5bbbcf65183da592c9eee65fb3209c503e2202ebc005745f372f294baa7dad0c542497c75a1df477cd01d778b8d5d09758edd96ff8fd082a7a88393a4a20a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    13dda671edf7f0aa7c7f76d198c39ba7

    SHA1

    7dc376a111e6964b7bb9763ce08e11d0e0b4852a

    SHA256

    291b246f39b201664cfcd425fe10d2ddf69f7b8fd3962a40864476f1a59839ba

    SHA512

    e06df627bc612d78b8b3590d049784db05499f5d7f7565386a088b032ab913db1160713f0e36e8e4d019054e2c02823084356523135da872f150c6add32cf9dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a194c20501d52787411db3463576bcc

    SHA1

    8c8df1862729c3f3365f41c7efbbfb981dde59a1

    SHA256

    65f3ff2995e2a322fb3b5980d5f352a0283b000e67affeb000647aa97fc06ad3

    SHA512

    76c1e96b5af55bd40455ddedc0062b0a8d5789ba7e237b0e7bd60d6fb994c438afd83735b15d1feff1104daaebecb62e15aaccf9759d93597ef062e258bc218f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    770567b0722f3e53f85d39ab90d6b719

    SHA1

    81eb5dd3f1702c33f4c42f59278fd960acc9a404

    SHA256

    0e8989af6db73667ae57cbacf62a166ed1571f47cbede4d80a07d348e852db21

    SHA512

    3e976577de54c730912d5f0da7fe2c72b1792010ff2c6d84f816239a7e9f15645a24660a1a531f3479c5072e2d7a5bf695a463d37f688c1e3764c03b5a144801

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f74bd7b99ecee7865d66b51d903c5a84

    SHA1

    a2ede7fb8d66176d1f420fbd08c2c8deaa26a826

    SHA256

    5d3b9fdf582f1852eb398c5eaf24c246f6e8b066d7177bc74650c0bb391a4268

    SHA512

    b1d5dce6e5ac69aa8660e4169a7256d5f78c4c2cf5ee0eed29c2518daae1a3ed6c856eb451f740b9aefde01bcf400e9bb6ed7e2168f68b5d41a43eb56a848af5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea0f92e257e3b6e8a705223c421ca487

    SHA1

    c6aa3031b9e1c40b16e9ecda889688e6b1eb799e

    SHA256

    9714cd4463913928affdec28a0f768048715ea6811762067a13378c1a8a59515

    SHA512

    ae0cbe19cc53a001ce8f9c0f13a7826c123f2cc79ab919d4ff649f33e4248543f744819bac2045ffef7651e3315d430ccd5dcfd5f315b528c96549f4db95068b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9de24aac60badbc74ef5fc3fbe075160

    SHA1

    76459a244f56dbdd4086a86f8d4b74355ea23eb2

    SHA256

    bfed2cba6fc55bacf73fc817d7a9e751bc38014dce46ead8aa1dbdef27c10374

    SHA512

    9680b3ec3d373707c784b56e546783ed9e650ff443a476f74bf5b5dfaf5e02061e9b31f80beb4a1b6051748adc69bdf952954bb49f9c8acbba37562eff393559

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fdf275f0d6b5ac4df22d6387c139df8a

    SHA1

    03f13eb8d3895fa521e54e1bac27c02359ee3a48

    SHA256

    c6ff8f6fdce67a98f97083f01bfc9a45803cbfb3d326be3300e72616abdbc7a8

    SHA512

    ed9a3a155f874a9f46197e53467f3294fd32326b07704c2a038ef4a4d3e404430f918b8983d20f51aa3d1bd7aafcc1dca4dafea970000dc433bdf06596464524

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4078861988e30c539346837debc5ebdd

    SHA1

    ea9e4b99e802ed09da786cd9626226598d2fca56

    SHA256

    5089ab152001c5ef4f15f8dc4c0a4b3120b98a3183f63d069cccc4b00c07f633

    SHA512

    d3647546f412481ae5bdfa01e2391696b1bf5e127f72d410a4bf6b273d894f0fa53638d6f58d838b2049b67543818548cb0f9674c019afc7eace815b924b4a5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32189700bfcb4cdf4e2c41d27ca4c353

    SHA1

    bf7247edc2014c9a609e43184ae5b47326cc1136

    SHA256

    34d987687a8061bb4aeeba2dff746484609d23f1dd32940362cf62f8d241860d

    SHA512

    a74bc6879f255c2aae2267bab857cc9c722c3bb28969a4f6a021e6385bcc99f43d24121210f2250660487889a1fcc8ff960dd6176b1be946b2ef69a5917957b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a37afaea80591321d408c0f0b1a36de1

    SHA1

    4d1494815794215619807b00617f6bbd4e808ca6

    SHA256

    45be003acddbec93965104356e1e45d8ae6623f3a3c979bcd9abdd7926506e18

    SHA512

    f99ddd37b35a56503499575ee9127182cee5f8dcae165c7b991197886f81b457ddb5002444feeb57f7395cad44a6a0c89410d8679feaed15d32f1b16ecc1f5ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5f5f05f0060c14c1ee6a9eb42106554d

    SHA1

    7eaeae75ca4d0cfde485db970ba00f8e63651112

    SHA256

    be75cfadabd9390f652c575ebe732543929f5cf07a7c5df29d03dd535780e01e

    SHA512

    071f00ea84315263ff85eaf8b0f58e587923628a2aa13988d1a8dba9103336a90f86b1340b7a9d09fa188502ad1f4c6e03f5342e38c633508fc357246e646903

  • C:\Users\Admin\AppData\Local\Temp\Cab2FAB.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab3068.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar307D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a