Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-05-2024 02:09

General

  • Target

    322f073851b3e968bd807f594e2daf1e_JaffaCakes118.html

  • Size

    31KB

  • MD5

    322f073851b3e968bd807f594e2daf1e

  • SHA1

    211b175628589a418612480dfddda3ccb90fb48a

  • SHA256

    239d714648e254c5a6912c9e3c3a86ee1d79263b4775e4a83ab5331ecacad5d2

  • SHA512

    fda85eaa8b9424f0831f3bb8dc5688fe84e494e0613b129a2b7392f0168a67fe8c4ad26746566aa89f4db0a7e9f20e9f4b584b9c17f0f76bc21ac809b7cb3dd9

  • SSDEEP

    192:VWCk3GDG7GSFGNGeWqGUpGtqhyrmb5nUWnQjxn5Q//nQieWNnhnQOkEntN5nQTbC:ACk3GDG7GaGNG9qG8GtxQ/6WSzSQ/j4R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\322f073851b3e968bd807f594e2daf1e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1784
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fff5b8cbceecd24aebca6f564785f39a

    SHA1

    1e09e8180caf24d63d8eda4b89b7671391958bee

    SHA256

    eb20f272b5146defe43d03b6a917303c72f49768419d11a06ed3b43e51553d33

    SHA512

    68563b7dbee7674dd55e0a1b5395f2a92f9c3918a5bef7c5042cc9c9919bd2438d02ddccff58e07c0466ed215af7830c6f6fe1a10b33d24b5fcb3f3972ea745e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5c497b9485b020527777cb26d62bea9

    SHA1

    10a00ac7336ab70a314c0a5024f1db3cf0cc13d5

    SHA256

    e1d18cf302adacad332e56e6ece1b31406cc2077dc161dd0c280372b77909cdf

    SHA512

    cf546e076334e3357c7fa65fdec439322c4b9afc3d41764640c46dd55ad35dfc76466854b53d8db4e4c16c8615f6fedc72900cc05385bebdd9b24ee09c0883f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51f54d09c7aa16686c215643a2c92a4c

    SHA1

    0bc668cb97a7b188e425eede659bbfbd10dc16ba

    SHA256

    1b2133eb22e4da3c7a20443f55748d865d5d8d2e1338d80bb89c7dc8690e513f

    SHA512

    47a3b615c2214aadd2d50b5f7387989d84f03a91babef48696fe62e30d223c0866e4d08066f8182ca70b9a1452c4806c79057039fa30fdfc2e12c4066009daec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e60cd3a37befeb3e688dc5288e3a4539

    SHA1

    a8405f07caae612fd6fe2443a99f47bf25c8826f

    SHA256

    6fe87c5be325ed946b0af6775dd600a1b4100633a554abf9b305921a1edfd5f4

    SHA512

    484dd1a472934a08f3d4109639841346b1309131cd491fd00224d9ee17899e4e20671818afcf7b92d0c095dd3ef7ab24427362160b2053a31633c3b005a692b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d924e22b40dc185fc165367ccc04881e

    SHA1

    f0be51b100b4f6945bb1f6cfa0d07d9e0ba8c33d

    SHA256

    f0aab1dedbbca8bda483c5c70b3fdf3ac26c40acf4da03ad5ec05cbf75b3416b

    SHA512

    117d4675bf73fdd161b2fd23459d050e1a41b7f59027b186e2525cf9fbcc9c3b3e9c32da7a79d31a311c714c942b300329e7dcf24c5438736cfaf82176c319f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5bd2df7edb07465d432bbc1236898df7

    SHA1

    781adc0bef02e47128703253a443937aa039ff74

    SHA256

    afb84db8b510a34c394170faf0b8946b6f26df2ae05977939c398536ea727086

    SHA512

    c520755feabdde5ae37dac5010ec106bee87571dcf9714505659dae63d3426293c6eeb137658fa93c817475cd89b9ed14b9ab7e36bcf6f0b230f6343b26e4855

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c8597ff497893622ab1b8f3f34dc630

    SHA1

    60d5a05c9e6fc5f862c3ea4bc976ed0ac92a61e3

    SHA256

    d8c8f957841dec292ba226c6c007ab3b0ccfb19c9c74a2596ed8c3b90215cfab

    SHA512

    6a29b9e097bc01069954814e931c1c6897fb9dbdc324ae79040e19d50a94fe85316e63c4ff61c4a9dd4674dbce314e692d6a9dada169d16f97bc26e33acd3b40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e752f9c663b3697d0052e03883774467

    SHA1

    7ff91a15dc38ba56fd4febcc3fa10817371f5ef7

    SHA256

    c79d48df89e28b51096d2f80ee4c1868218db3f8b0c6b1345291e8bf3e326841

    SHA512

    0171cc8c81117707a48725dd787d2997636d584286c4f388a9ad061b625005d482d0ce97adbbc5853a090e8b72e367466e89f26f71a2d79f809e91edaeb94f7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    249defd21d63743ec96825d7f56c82f9

    SHA1

    8cf55c5a5308c5fd0f8126620c6962368eb60d59

    SHA256

    bd7863ec48943643a9b8893b5cd69e042ba7bd3f041620771fa8cbe6f5785fc0

    SHA512

    908748a9a7c5bc7d469a2da6134e13f662fb037b9b66c7bd4e1b8cd2078b97ac7c847704ee0f2522208fd103b8904a4d88728cf63251820a79fb9df8bed689e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3bb242b19588ea31e6d7876521acfae1

    SHA1

    f18192e1c873e937f811bc838d8619665009786c

    SHA256

    7a0e5da5be80afd28da5646e51d2667f687c9f260e0ecc59fd2dcfb1152576ff

    SHA512

    272218da25d7fa4faceea9e20c3802248b6e6d96da1b9c25de4f1d529c79c06fa1c753fe457672bbb792a343099aee7245a9c6d05ec1157d86ab20760fb6537b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aa8bd0e61aff0d01dc1b32d51a1210bc

    SHA1

    779014ba1d4afa868e771effa737c7596f75a1be

    SHA256

    98efea246bcb5fe624bfa07113ef10512bf76d8eed457625488e893f0bebc068

    SHA512

    b7010fedde07ea45d0b07c1d8a351676e12393a659ea48301185d69a0412f13649883ba8459f522359111096233986464c90c16d8f851c756b0844b34d38828b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d7258387068a8afa9faf98bead9b6450

    SHA1

    ca5e3fb7d8e7d07d1e71aae286409a330075ab0e

    SHA256

    92d70c5fc6adee9c66abc15466f226088958fb58f0b15fec4b7f4b9af4acbe38

    SHA512

    5495f67fee0a60019b6dea6b590aa42610a6d7c41061e0d7d1545fdc5ca3d25ea39bb2955c5b171cf42bf235969741e3613d24ea7f9a6bbb07ff74512ba35a1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ad918a2b01456e64f93603fb63f4249

    SHA1

    6c30f8603fd4dc49209e349a8f30d1e8c3f1d411

    SHA256

    4b2590e82c69901bfcd6593a4938806583f6272a09fd87be623b0d630fb97c1c

    SHA512

    386a91e4ab58a10f22363f0117cfe77897e9f4674a751e3af3e96bee61b0b86db43619f81afd67a8cc2af45557f081f9bc6f49f479f6c86e0b0e262ca0917113

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7bc360c037a127f083288726f285afec

    SHA1

    37134f0d646bc8fa570d2b1c6a6d64eb4529503b

    SHA256

    5564463b94d68882943b84cd592f7daf72a7a31ec30b1e24ee5a6e432a316aec

    SHA512

    add2eff5bf0be6cdfc40cf3456462bb91b55c220dab15f254475fc1f582633fedc3d1cef5d6bafeac69660330dba8e8fcd40e0fa4e9876af0f75186727505732

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    31b465b3933fe8c97328a9c19de4fbeb

    SHA1

    f4d29dcb7f7ec9114754dfe4fe0a18d7cb017710

    SHA256

    96e65c56f0a6543f87f7774d6d45878b6bbcb07f963150b6ad65e5231b774535

    SHA512

    2c1a28a2659e4352df84a8dff5ff4c73974438597c63b1e805e0e9c137dc2eb6c676a5defefab23f7fc56abb39f3b8f67f703d4da1ffeab8501abcb54a3cb686

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    636932f431c1d616cf30f69509c430a0

    SHA1

    5eb2ea74f4e4b19193950a81daf0d6b767d0eb4f

    SHA256

    ae348286083393dff27d008c371a380ae49055ce05e5884a0a87f6756cbe5482

    SHA512

    2c9e7b0587dc320a6cbc442bb85c5c9518afde7326acd1cf550abab8ae25912bbb98d787914cf5f8fec6ccfb96dd7ed396607fd677682eb806f69dcfb1f9651f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    95a35067f1291da61906626cf6966a2d

    SHA1

    5ec39ebadac2fb38e4886466253461de58f8bbbb

    SHA256

    169450302805f497defe56c2662438fe5fe82e831b501f4cba22ee049c927f98

    SHA512

    035214c543d803ddf16c95c92cc820b5e4220123d9abbc5a34847bc9460e91610bfb38fc96cfa62a630a0fe18bb28dab5b833a156d5290496cfd92c9aa0dfd5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ec8de99dfcc465ce9df26a624edac10

    SHA1

    8fa2edb2704db5b841717255a48ab5a4714ade6c

    SHA256

    7a50ae10dd8b24a09705fe4656ac64e1583705d292063cc4a8fedfaf85e61b25

    SHA512

    2a7a53a0a171ada8343258409fa310c4a7bd333d7c2ffe5059d4558c1882d5749bd25cded706fea3568be39078ca6fbee2d36a3789aac6f608b1bddae5e6886e

  • C:\Users\Admin\AppData\Local\Temp\Cab907E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab913D.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar9161.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a