Overview

overview

1

Static

static

1

23153bfc0d...8.html

windows7-x64

1

23153bfc0d...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    126s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08-05-2024 03:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23153bfc0d06c89d1febe305eae981b8_JaffaCakes118.html

  • Size

    38KB

  • MD5

    23153bfc0d06c89d1febe305eae981b8

  • SHA1

    6c439d8bd46a27dd987f73a4477dfdd06c202968

  • SHA256

    d70fdeede659371a8340ecbf7a1c7a56e236d319d67fe9af056128d9701d90d8

  • SHA512

    947e742275238f3ef691a9560279613b821cb5ddec864d936f45dab4fe418e45b38a417edb73ddbb7ad8bebbbdc0999c67bd86526e03698659d8f9cb04520cc8

  • SSDEEP

    768:TFiSbE1bItCb2vbviDuX/u9bFupK3JCoGeX01Jt4JWYAX2VRw5wFsP:TF/C0tCS7iDuX8JupK3JCrdZZGOXP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\23153bfc0d06c89d1febe305eae981b8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    7bf2e747f737d7f98c93e5d09f0a2988

    SHA1

    c20c6320985de34107cc388865527736a8f7c127

    SHA256

    6dee24b4752f3e727b6294c1c6522aa41f9f98c48b06ee98fc8d806c3818815c

    SHA512

    cec02047b249d304171839a3b02416de571b2533d0df3bcdc3a398c2f3f327fbad24ce7dc4723e5b43c55e48e8d6b1351379d286699d9b83fdbcd6fef6c95842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03aa8c2e0d912d8a51abb086883da7f6

    SHA1

    252205e5bc22b4e9a799c84a8950eaa48ff8cd32

    SHA256

    f55f7d05ce8b9348261844c402701a402781500c9f2795c2b157baa4ae35bd19

    SHA512

    30c31f82d7d7389e53dff26d3544c5f238d535c923aab733852b34158db57c2d6f14e812557a29d514f74539e7ecb1eead1af21f7e27a6d7ad3c2c38099751b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18a70e22f4d2dc08c988ec42d5381e88

    SHA1

    859cb641af2b555a879fa77ba7ab46937a8f250f

    SHA256

    e6ba86541d21f1378bab031c60d70fd27487d3342f4a49589a5403aece34bac7

    SHA512

    cc437d50d42841e42d6c8dcad7bb05c8cf754dbdcdffc563dfd0204ab52a73b3cf3c8764ddd6637f7cde352eaa2d42df2419e3841bfabdd8c1e81ddb33ec6a43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91108fae3368a90aa67fd3e496fda537

    SHA1

    6bab069dcc99f42e26bf6ce7a58afa4dc8d75f0a

    SHA256

    74f41bcbba0e36d98c4bc8be9d9d9879875fed68c3f8a59ca49e7e1832928b08

    SHA512

    e314ac3e04218c014efe794cbf5aa3eab68875076ac2bf153003010ccbc57e4e125b6dc2e92517bb29dcd8714f8c5a0a23ccbc969dd4afe4cd8890bf1056f9a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51c4f705e37ae3c62b7370ca4901bd27

    SHA1

    df131afdde1b8f16c6594bf596ef6526f9b6e4b6

    SHA256

    5ba4abe3aecc1e6e68f224f67f1f9c43ff24e43b991e098966489e87d7d1b216

    SHA512

    a42da75574e46a6243d530c4ec82164cfb5e9961e49eaa303d24c431ef4f34be13e78f10bff01630dccc420aed59d3bc5c06d68cec57d021c97ff12d1519b4fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a0a14562ad52753738b42322eb1d2b2

    SHA1

    4d2e47bb6458b01fba121bdc813e79e287fb8cf5

    SHA256

    df7d7c009ca9c7c904b83db7acf8ab3d012be4650e5e8f7fecaab0ea902a9fe5

    SHA512

    facd93850f24f4c029cf503d858b58d41de03add08dc4aeec2c0c84b82f4b3ca7a075093f6a0e9943b929a10056b4d445fbe0d9f4b6de25087c016ce840d309a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5bf638eb5b9d63469d8ea9af8f7d4db7

    SHA1

    952c10b5a51d58c1947428e5b364e7ac31697c36

    SHA256

    f3ef5351ff365cede7a7b655ffa2671f283afdea19c9333e5e0c16e6af419d48

    SHA512

    7d86ff868bcc7934719634a019de56262e7db8d3b707d78ed2415fe0588b5ee52798d6859f259566ac60621105385e50152afe1915c59a992721fb85c35eb85c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    352662ad40f6dd64e48023050bf07822

    SHA1

    78eca35fe5e05e433ad76eae55f8869aaf80c7c8

    SHA256

    eee07466b23d18a1172a3c41ea49f1629803f98881055ccb5d5718ecad9ada1a

    SHA512

    c4cc1678bcd12f82851e17e85aacf63e2fb1c9b391f0170f393408ca1cd56fab83b4f87452f43bf05778b9756e9eed05821c643c1c5292f0be3f72a9cdadd2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c26bccd3010f80d7c36ea17a6bfac0ca

    SHA1

    3b984419e06fdae8f5cadf73145fdeb871acda7f

    SHA256

    64613cfbb96800b6492031533d87b3fa055b8454a70107c1e701f0a2fa33b8cc

    SHA512

    148fa1c739d66a0e24b5c100fba9c9d60661d55cbc5a22ed923172713e0bc9c218be8e107db68897cc7eb0e84b0122dda5fcaacae7e16f858b65afc9053f4fd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d8887f453a318139213318073c2a10c

    SHA1

    1605855b42c96423c928698ff95dbad36f6f5f58

    SHA256

    afa078db1b30868faf9eafe44eb8395ca77e44729eaa6773d9b2a1d68702437e

    SHA512

    d9e8e6bd9653e77ffe86952e0b8d042a886974bdf0ab4883100cb038796266a4aaad4450d93f40742fc0c9ccfaa2ef709152423a073298ef83d675161a6db174

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2de4072c2f826049ff1d04372197d70b

    SHA1

    d1d0d2645251b3ac5c9b911c4d047ccd54521687

    SHA256

    bb2156778f41ee09337c8dc16d1efc912f376d2d29afa1c6679655e010679199

    SHA512

    1a8d0832180629d09faa022375908af27cf930aba57cdfb94bda73445241a887b2ee0714d47632cf7573e202579333c1ab62813b5f291ad0377354bb98105afd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    1b0bd8b7a3a07e4f8f31faf687806602

    SHA1

    66a09d13fc688b83e82057ccc1fdd21ec94b8f2f

    SHA256

    58f2d62316024f67c5fb5940f42ab9955183a49f97226180d8d990e29257818b

    SHA512

    bd430604bd8c5c12285e2272e97fb0607c97bd3992061ffbf0160c5404fb7e40d190bf94ba77067e40c3d60d48bdb59ffc4aa8b8d7215739ec1af7abbc670c32

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\3604799710-postmessagerelay[1].js
    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\cb=gapi[2].js
    Filesize

    64KB

    MD5

    63e5a0b45632b3dde3694ffcaf0e3f7a

    SHA1

    923736d0cdc308331d5cfaa0ea159bfedc83d53f

    SHA256

    889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db

    SHA512

    5b886c4b5122d61f0209ede748aa84445c9388cf38813316c41b3dbd2308216e88394d9a45cfc27113c0cf3bc93b9c37d808f6d3c67888244c176ee095d42259

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    23a7ab8d8ba33d255e61be9fc36b1d16

    SHA1

    042d8431d552c81f4e504644ac88adce7bf2b76f

    SHA256

    127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5

    SHA512

    e7c5314731e0b8a54ab1459d7199b36fc25cd0367bc146f5287d3850bd9fe67ba60017d79c97ea8d9a91cd639f2bc2253096ce826277e7088f8abfe6f0534b63

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4951.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4A80.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit