Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-05-2024 11:43

General

  • Target

    1783949d7e8126077b00477db726a0c8_JaffaCakes118.html

  • Size

    139KB

  • MD5

    1783949d7e8126077b00477db726a0c8

  • SHA1

    77ea9a053c36b1e8666010dbf230ef43d2b47196

  • SHA256

    347c42efe3f3759d655b9aa53ca965d38293f644a55731f512a9f805562c9d89

  • SHA512

    9c9d10c9aab5d19931492629ca8e0297f17ea6fcee6e787c86cf17cb003dceb82b68f15c99c4d480ed1d650eee9ac1e0fb4056cd540ee60d05cbdfc279559c64

  • SSDEEP

    1536:8xg13AjAvO8aPecyeniASyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wd:kCpyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1783949d7e8126077b00477db726a0c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e09cdc9f4d957ba3c2a3d537d2784346

    SHA1

    2e8b3aebdd2fc331bc557080c0e5668a0480549b

    SHA256

    5ef374f37af2a3724bc62378fc766788d93e825837f715a8d32ad7fd5dbdd5a5

    SHA512

    7d481ff3cff93392a3412075c4fdcc3e23f6464b42b02bc3a5c20c3a90673e431daad42ba12ca4bdf11c1b432cef2fa1799a119782ff7694afec101444f8dcab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d58c798e9b82bdabb2dbfe29b882f6b7

    SHA1

    29bbd60a223c13587d843e3b2cb2c2ddd9bfd4fd

    SHA256

    1890507d31348dd23360835b984b8a66ae9ea021a3f3f7a2d61ea2636c82f0c5

    SHA512

    74c87c6bd030fb9d97b5aa5145520fe7691c7081d4fe757cc4022beccb538003efd1c4068ed8339fe21dbc7792c81c8b28ea5c6662a2c680150d3e059824a8f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7da41abb0e525d7cb807459b3b2d1c34

    SHA1

    f4bd725204c814adcfbbc77c003f8ddaea163f4b

    SHA256

    fa8b4f9fb413632619781514cf209c941d38ce158fc255385d6108bf5b1e270b

    SHA512

    f8af0d22fabbabf8be465596cb433c4d7bb726631d2d4e4d31db14e3fdf6aca8de1b1f8cf3f6b77145df7fb244cf2af9d5f7b9ee508b33f2fea7bc6fce2d3b54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f6cf28463392c93d06a868a925089c7

    SHA1

    e51445c9b4e612bc913f9f489c28efbd2a1fe611

    SHA256

    2c90beb00157c05c6a2009ad60e69d7444bbc593bf598d9e8f3fb005e8b71caa

    SHA512

    28d1d7dea098925d9da6f69c927a68ea70139b987e1221ea5206ae0465107074d0548ce98a3de8704c56410a239e2773c6bf37fd96cf51925d5435c6bedb8b8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c7da321428025a536feb326291bdbb75

    SHA1

    3b295c6c29c3e57946e29d3d5500afd9d431d685

    SHA256

    81c255e664ec22690073bc2cd85c70c47365fe3a3916b69ac24f0c16e3397490

    SHA512

    43b9c3dc8f48a36e6f36e514b890d89fa5920733c06326049e68d691e9ffd26bf10860deccb45f45c9fe9c168d8bc2f0a0302b61769680ca6de82ebcc5401665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d74de8dda6516a37707fe4b1fc0de91

    SHA1

    784b0074ef6b5b838f0a86857c56a46831f716fc

    SHA256

    6406560faeaf0377630971d7d87345d472f1ab1f24c5edec46374ecce7b37592

    SHA512

    c482b8a2fc8c9dee99ea422c218b1f5e1b8d33208db9f217383954c4fed40c8d92d021afebafa006108f32895a03a7118fe7afb2d73024ec8fe4681bec6a4777

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee4b0d6d790f7563c04b85ff2540986a

    SHA1

    9358ba90b0d8f45bfcfffb1fecd03c83fbcfb0f2

    SHA256

    798c7c9000141252e1eb2bafffc847c79d129ac09f822efd598fe98c517b13af

    SHA512

    f9a752e9a2ca0f65ffd4b7c19b875400df24d2f0573edc33e978887351f8c798dfcda92ffaebdefd3d4e848b434a45ce0734d6641006ba565aa96a20cdb7bcb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    231fe409f93ef53b33e15b3c9874e164

    SHA1

    f81507ed1fee54709f41db475cdba01521d392a1

    SHA256

    8bd092daec450cf11bc80dbeeccb927efceca435a72ff090c1a46c1213c2765a

    SHA512

    1cf0a98d932507dedc41be8af67303c9c923b57ebca499d002e6343a7007ff0e5ac92920fe615ebf74467ce4c434b49749a6c1318a26adb4a230979ad408e29e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    18d8a90c408d6f341ccff6dcfd90c0a4

    SHA1

    f753ccaa1110a64e98764e01a7c5ad84058dbe18

    SHA256

    17a223f2f74881645b6dd9bab14ba213b20d7f526d0215de6c59fc041d44139c

    SHA512

    b58381943232355b11ddefae343dc9b778685f13dab6ab737131b94b16d4d9f893866a91742fee1ebb7020f1ebf595f39eb380bfb3d9e65aa314f56ccbe55af3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    116b84799d9eb653b9eeb744b7b356b1

    SHA1

    706fa6188035d4c23ca7f1074ad0a97b7f004152

    SHA256

    f6519ba58e4676a333283441806fb3b5739d2a0673268ac85c6feea1a73f040b

    SHA512

    c0b9c25f564c3215effe5a7bbdf8b42b9f5644dc246efe2f0a50184588ed2dbf16258a61b97eba1fc6b6afdba1bb4570e4fc6742d94fe34a3fe99e8e293a8f67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    42d75ddd3cafd975b2562b931c78a5e2

    SHA1

    c2c98cd63f3e3a32f67d6c556cf3014e5c2d9812

    SHA256

    b922e398c6fd232048f427d6d5e1323789d680c845c51975c65a7224b7a11f2e

    SHA512

    772cdf630725177e1fbb9b777127adeed17294dd0de1d53a8b4e76f547406a780fb2f03c2c2d3918796b162f600fc4c6ceec6ea5689debfae0acf7f27b29cc1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7a06c8c79ff52fdaf4c1393a341cc4a

    SHA1

    1922cfe66fee443ccec35671e47aa5a1e69f9230

    SHA256

    2860df384fae1381d9d77c72f329f7549f1dc972dc5f47b5588a8d35c9b988a7

    SHA512

    3b53ed39ca27a13ab9e80580c25812493856c014a75c5dad95bcf160c6c4622d8c1f2706318a6a4250447979325ffc7840b5931280c245a234f75627c1123643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8369a3eb4578860f34e8234e813bc952

    SHA1

    8d0bdbeccb0d4e2bba09f6e81b8d84e57f5f9b3c

    SHA256

    ce3848c31bbd64df0c1c26b91fe1ce368f7c0f191e7bc7fc8eea5c933d200855

    SHA512

    04ce4ea6b70a94f4a7d5291bffba3d520f70f1a6282caef24e6354416506d4269ac5e9ca79b32edf09c3326dc08ac89dfc874417b204ea8e8296b38d4058c56a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11a78173c2cdc74b5251ed88d732c035

    SHA1

    1e01669f5441d7d6bf4190925673de5808f8db9c

    SHA256

    3c690d9bec883da1d9d86a85a7b2182b795ea4dd05f15447c2b7b22779644ebd

    SHA512

    95dbef9dc05279526822938e3e5672d15d55479b7b314c52fd037bae48f5c4e9a9879eae5496190063f3836698e688a3b5b2a557d03ad56cc510ef8784ef1b0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3d4e7801a4cadc1a091957cd10956b8

    SHA1

    82389e7ddba5bc15ea10292b96bc1ff11643c8ee

    SHA256

    c4ea1b48244b2622f00a17a082ddba9161c3dd85a9725e44d0137ca980f95af6

    SHA512

    47320077e5f4bab3af655846d11d3962a08970f409d9033f6307c976ac99d57fc0ae5af8d86042eda815e4733e16c059e766f4f69de7574788fc726aeb1fb577

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d80f4d1f1544ea144b5c56d52089cbc

    SHA1

    8cda04e9dc12ddf2d9668d247abcee9b8e2fd5eb

    SHA256

    676dc5f498d7fc9087b14a5c00439a1e754f9c08ebf4a6e8ea8ded37f39a8d7b

    SHA512

    f326ef8a29ec1edd4a97d5f2674d2d914c6ecdbf40fae1f4bada6636474554a5a398d66bc89daf43fc1092d29c2ffde8c4ae9fdb35d745d43370eb595069098f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    50a25a73ef931e9214f62e80dfcc5004

    SHA1

    19c54a0e1b5c4f26bcf250a10aa908f83c51db6f

    SHA256

    1209bccda6d06401769e2b0e5b363fa6896e558f67fb98fef7d8d95389272c95

    SHA512

    bb8f56d1dcea890cc70ab5839327488268a2d0b8c818a1217df679a6bf644464d449ca8b8f0112d24e169c350a6b7f4d3eed6765b3c94ca53c55dc2a03c00d5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    057f65b2986b3ad6557b6dbfeffc2ce1

    SHA1

    3b28a8146c3cc8d522c20d273159020065db7cd1

    SHA256

    ea5b34e3cf86038467776f1b95729e313f1579144d69a056595e955e6145a82b

    SHA512

    e09ac21c5e7aaa7f6166e95ed6d47fbec40e4f26b446b8f9dfd6c498ddae5f9a11004d91ba321fe0050ce20aecc1407f63850244ddd5e6b8bb99def5763d01b2

  • C:\Users\Admin\AppData\Local\Temp\Cab95CD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab96B9.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar973B.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a