Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2024 09:26

General

  • Target

    3ecd7d3a15dffe9c48834ebfcf9cb5a6_JaffaCakes118.html

  • Size

    21KB

  • MD5

    3ecd7d3a15dffe9c48834ebfcf9cb5a6

  • SHA1

    59147c932a58294e8ad038aab0fd35df42d5ea4b

  • SHA256

    3b8b10ba8fa8e961e2fca67c1a452592e5cd97167b1b6385cdd85525813cb344

  • SHA512

    32d9e22abc14f88b960f70ff1dc5ac7e84b91e7d29d30ba734cfaa9a66ebdce55586a51c8ba9c00fcbcffff629568e818c1ff54c46a03f820c3bc62ea6dc44db

  • SSDEEP

    384:HFdUVqvBK0EuA/BMU+QNng3Dslq4TCLV2Qazi/SrkqBrD:cUvBK0E//CKNweCCfkqBrD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3ecd7d3a15dffe9c48834ebfcf9cb5a6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1624 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e337ef941cadcfdd38b9af5c39f94fc

    SHA1

    dd2824093b959d45a0fd7f955294acbf5b9bc1b4

    SHA256

    936ed3144598e004ee28841c577b26fe2893f666841406ae9b71b0e4d05e987e

    SHA512

    e0b1c27779ccb6fdb87591f53ad50d9e56b1fa525c4d5c85956642c5bd16b3f4f89fbddb2cc4b369615de1b1ac33114f7eeb6bcb2df108fec886e7a37b132b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6700b58727c3b2f4d85d60519c1c5ecf

    SHA1

    8ed1f5a02c5511d9886095d37231a076fa4781c3

    SHA256

    33694bc2af05903c4a0c7b785a337b6339322b322a7820789bddc3e00aeb459a

    SHA512

    7d2856bce923aabc733683f53f143a2a8a1cf557a926881ec2e0ec4ad2fd9dfce9ea024da970bec872894e0c71873c93a532c022889e57b8c6780c28e58db735

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4bf33e95e13ccf00ffad2e4c0ad28af0

    SHA1

    e9754a817ed98dd6c070acceace5dac7b9fc3f42

    SHA256

    cdf1feb3e4e1623ed2cb597e5a85bbaca0c95fe211c33a15da15b832bfeafe3c

    SHA512

    cc9b8ec217068315054e1ad8c48a626e8888726f774451ba67ddb58c714cf326b1d0abbb320eb9cce8654889349018cfb2d8071e37421fbe4f9deeb646815c94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a3ca39fb9f6eb81fe746282e11cd99f

    SHA1

    71e96d51a2b625f73449599f8e3c795c21975f81

    SHA256

    86700046948f756ec945f6fc110fd7b3222a087e879cf177c554cb4a94ff9423

    SHA512

    1e06894fbf50eb7293ca3b4e2cd567a270bc8cb0004c7c4cef89ae3cd65c59e337ac20fa47710b410cfe0b415c89a0e2ae657f868f87d771535bb1612a9fd0ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a87ab94733f48a8802690ba3abe3b254

    SHA1

    41670e7835d175e3b68aee15fdd41c40460c8f54

    SHA256

    6e099fde5cf21cb40019f35b3de430f44be06b6d77def2b60b570e3523c7f0d4

    SHA512

    bd02ec80aa5dcc381951aacec3b5a0b15fe7a02beb08c8218baf27f8beb26632d66b7fc4c5f67cf62397f8ee0c098a83ea6a9a1baf6a34f8378a460b01347f1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f86946ec713a101180610c04ea9563c

    SHA1

    6fd111843e7fa6793951eda1dc7f7aae431c3dd1

    SHA256

    f59e85bb10f8d3a5c94f64929e42fc758148bb4b3075b8a04e5148d509b984da

    SHA512

    9105ec5dca56c72dbab0904e68e3aa03762182b073450f4e6538fb1678369130d7de18764be45d47522c43a70a686145a2dd207e71e4cab36b21d2bc4b201d1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b91967db8ce65f6ba79315bfe4981539

    SHA1

    42c005767637e17ca5c227161ed6f89ef49f3e8e

    SHA256

    de95cb1435e31fedb9dd4ac08919c6bd82ce3f36862bd38c5ecba1bc302ef92a

    SHA512

    abe209f6f285a440175b1766d48aff85b692cad0cf6f7c1cf7f5bb990b264ffaf797a624b568ce946d1fb9d9c2e9589bb62051ae65084240b865fa66136b9b5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    449e8fe8e2184bdd009da81caa00c098

    SHA1

    227d3989542e4bfd7ba07d225fae04baee1a9d86

    SHA256

    4904f9a0c1cfe6e3bf1cd1d49ff56d6268c03827ecee5b890edc161e018018a0

    SHA512

    264cbb7ec033a78445a1e7b2f788e6e17bccc91ecba9f7bff7372b5895ac765165a4ab76f97c6b62cced88e40a269474c0cd6506702f5cc9c9ef011770128888

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b44a156e7604d958ff10e2d438ee29d9

    SHA1

    bb972589d915041154e2cf549933c6b0fc2ac1d2

    SHA256

    3714eaf4b8e7b72f15c1cb257b800378b647f57fb20b2e35df91509d32dec899

    SHA512

    9031ff6a136ea44c4ecd802efd3e13458943865162bb5c7720eae63e534a09ce14517cf83b25897da52493b15bbb75071cbc83032ea910f5b52cf635a33b9cad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4c98a427489514c1b95a325e3a297246

    SHA1

    9e944350ecd896fc029175cd7af46067ea100060

    SHA256

    08ca2d23183c4e988db0227ade788aac32291a291c12ea4feb9974aa744964f7

    SHA512

    eeeac6b507ef1291338263aadc4196c0c266212de23e9c646af0ac8c0cd27ddeb4c199e32349e8a3f51cd4f662bf19b5a1b3463b3fddfe08b1465033ce42216b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc845ef6f19e8f93c6993346943b4870

    SHA1

    d2caeba2dfeb8f1b9b75a50f300c09b33d3f9803

    SHA256

    b54af28242b32f90e80448826567427ed936bc05c576afe0a034a09d6a31ed45

    SHA512

    0246ad85413b775018c731c11e1d4aba3f4de28aecff62dc2802070254bc2a09c8aaf1ceb0c5f04acc462a54974b69e5a5c1c94e57b526fb11debf7952b1d691

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fc52d9683c6899508c017229192e56aa

    SHA1

    21fdf3883c5286b96de96bc24001bf052b9bcea3

    SHA256

    e36b52d42da9ddb84f67d2a5c9189eb77385aa955509ca84f370d213a676fb8b

    SHA512

    00f8e1db32073f526fb2c1ea6b296bf11fcfc7c4ec14f080990b86907e17f044bfc9b408495a0626b67e51358cc9ba6d25fdeb89879fabc2d221c336c02d6cc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34522ac26caf53af48b4999b8369d93a

    SHA1

    cd85f049a48a35dc1f2966855f066c2d00d4ee89

    SHA256

    24ec3c4dffa189f55d382e999618e375bc03919cc7dcfd4c6909942e3133511f

    SHA512

    abd79070ec87c0c85422e9e74be5bfff80e837a3ec9c4cf043febac40a7d2dc4fbe1180586c4ffe514ff153c7e78474b5f3c9eaac264308802bba1876b51617c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    590767dafb1244a7f2e6faaaef349bb5

    SHA1

    ef9b9a8c0dce681e45f3ba3ae379ce3002dae448

    SHA256

    3ffdaa0fd6ee4ae4243ffff33cfb10fbfd414b364d3b6baa1663afd435184a32

    SHA512

    449b4822e74c22f18d95c8e90715b05b15d6ff8bb071d906f6e942f9a7c78db293c0f5b149b5d83b9c65b69c079ab055044f9bbdf03cd52e622954af8561d539

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3fe91fef41985c185d3b4c62f956f2e5

    SHA1

    98d1ffa85ca7f1ec9dd71d554208426784217822

    SHA256

    d521297ba6578d87f3a35b5ee01c15139c5d151745383717ea10a94afb54a5b2

    SHA512

    094e6034ba9d27c43e0482ce03f3c64452a07a17bd8320ce961fbb26d089190d6c546b33ca76d5d0ef3555b4c7826a513a35180b954c7aadf2a63e80cb2b5313

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f75cd29946f2764ac6c137003c86505c

    SHA1

    26b46f0a5bebff2c529bce6f4566b520450980ce

    SHA256

    79bbf5b54bc5e1cfdd36fd77a8009ba4f0e755d468902793f1c271b105deff1f

    SHA512

    22d2cecdcda179a51897f78fb48ee3f85fbfc3ed0aa421368409e8d85314e8e53024ca254293692e64027f1915545377a383b52a96db558e8cc5cd333a0956b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dc8e0326dec80cf0ebd04932cdd8a16b

    SHA1

    e04cabd0f29b085c0cb1366705a606a082d88f08

    SHA256

    626649f2236948e6014867429a3a4b5332f7b8ec1a0539b3f2d0196063cfb64c

    SHA512

    ca14883804f17a5c07ef3cc483013fab8868bd657e8723a4a7243c641408c73a15f17c0967a073b2b3200793bebf7e0b52e230506447891930073f569a829325

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94705d6ae71fe7e4c31c0e9892a3bb0c

    SHA1

    d2d71213df364c5562389dabcd4838b8b021a32d

    SHA256

    70feaf158d9efbf16651407a63e10bd6e53dbdf8cdfdcb21812f4b03f8bd8e66

    SHA512

    b6b555aa03b67dc9f1bd23cd2203866668ec541711b7bc4153fd0e64f3deb990ca294ebd5a4dd07369a1da45cc3887342c78bd96671d2bd4f5192f407989a441

  • C:\Users\Admin\AppData\Local\Temp\Cab5045.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar51B3.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a