Analysis

  • max time kernel
    122s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:24

General

  • Target

    6946b8f0f3a003214146ab4e569b808d_JaffaCakes118.html

  • Size

    23KB

  • MD5

    6946b8f0f3a003214146ab4e569b808d

  • SHA1

    a91a9224bea4ae336c7814c7430a81c12251b901

  • SHA256

    4186b55e6f2b3981068bda4fb7e47b965d25ec263f047cf6cb661bd2b108c19b

  • SHA512

    622cab54e1dbf61bf8bbd31acdf44c3dfa31eb2dda3f5fcce259c00829bd6f42bf8a4cfa5fffc9b642f72734e47dd0f77338093f5758df71108eb588a5f638c2

  • SSDEEP

    384:PKC6ki5oplxYO/jIBEBMUVs5NlWs+MmrhiF+qlNJN5WY/c+OBN4:pqCplxYWjIKCHShGJNI+9OBN4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6946b8f0f3a003214146ab4e569b808d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    026f03db49fcc8b73cb2ff6d57ca37b9

    SHA1

    b559c48cae3c89197eb459454ba3046bf1f9d1a1

    SHA256

    a5c88513c38135b250c49116ebeec00d94e6be35e73f20efb49a4136e5d4b589

    SHA512

    6a4f89984d7d95e6735cdc51f91dd5787cac671f1cf8ba4a3a49a6d97c00dd11acc759d6be6f165af95ed8de5c976f31203cfea7fc1319e439728f47f087c2cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1f4394926d817a5015447d5d7a75c0b

    SHA1

    b31bb6a510ee02d965438d3fd3e52744f49f1c2c

    SHA256

    38983712c1eaa4bb35cfe55cc33afa77beca35d1c40af2eeb727b012bca2003e

    SHA512

    95a2efe27210f96a79ef04ec74d414335816f7137abef4ad6ce958bfd745cce47bb71cad92a9769453b0f21d824c877439f36736f1fb460ea7a027fc68a36cf5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d7249d1f18e5f5b521b477d2cf70d186

    SHA1

    b44c57d2cbe04a48283445c20ca813ffa7aa113a

    SHA256

    6ad71b1409210c1b54c53bdedfac4822e69e988b9905e2c3f635c1da798d2b0f

    SHA512

    9a2c81adf7dcd47e6f43fad06246ab9091f222428d4bd384b2551cb36c005453d6c6292d173a7ce0b5080ca3633994e4ebe8dadaf5bb921dc2109c8b1918c783

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    503d3ed6a3acebcc8e6ead741c07e533

    SHA1

    53a25a6b30e3b36e16d66961dd9024aa26d46d51

    SHA256

    53b498cb7f8c00027ae8e6b4925a4f1bb05122e0186631ee57cca233c348008e

    SHA512

    813f9f47cf8173e73773dea4e6a3a10469b218cd8f0fb183720f52da6a21f3d82ad1a90c2a2392ae12a3a63548f4ef55778d5bf5c32ca9b63f21f10fda5f34f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78e0ef4f40883a0164d32cb4f07b7f7e

    SHA1

    222a9b7e9c6ffe7621b1938df8d13027a4eb373c

    SHA256

    a55c07e81e9b07a8e12e0b223383bd98b440040ea80c83730192db55b782554a

    SHA512

    dad8df013a881ebd4c504e832793076071283218770cee6d895a3f8deff697ac50e28a7fdc4db90d50689fe8ce2fac87eaff6af0adc695773611df62cebde2ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4506e9361fb9756e59f4f59872798f8d

    SHA1

    c94189df2b9fefa73d2151683fe403903c874ca5

    SHA256

    99e7d85ff9c8b53604acc17d6823f46050f613bd45fdef228823a889cc4008a4

    SHA512

    10bce7bcbd8d05db8e4b90eb9894bf5996c643d525058abf61ec8f8272e87930aa004e1934b82b46af345fe6608d1caeeda5fab682e3cf701ddae207ec4355b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    61866c6c76057db51d2cec1b45c77c32

    SHA1

    f365332f834a66869baa293fcea8ff00023fbff5

    SHA256

    1b835fa7cad267f909e9ba63e931f8c450951266929466ca7d73530e8d299893

    SHA512

    86a1deadf2f1989dd0e8c8d6e8ba19c717193504cb5f497d27de43ea459930ffee5df0f71bf3cc3e65ddd1cec37998e1906d446f52dd86470bbc8b1623ca168d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9da3b37c5a0eedd1df29b05cf14f9c50

    SHA1

    3ec4697841c5d7229b8d16d08855befb855e5d0b

    SHA256

    fd9ef725760d3a5ebe7bf881f3b6d7dc002b040d49c87781ae2c5e576b9f4dd2

    SHA512

    40307ea947ee3f5108d82095c63d0d6cc2f9b845b1593420505a488555a695105455d5742528105a2820c653e50b9f230939623fbe261ab8a481dfefb1d27fa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1872f5b9f5c1489673d5c6932d864166

    SHA1

    983a2914b2d98f962fcd149e00222c752729d199

    SHA256

    6598d96edc65282d21e0b24043c2b0329bbef1be0ce7038e44eb3a25c3203a6a

    SHA512

    e9b97606eb70a22725a329675cae1a5452f0809e0646efcba3da173f71a7b2e65cf1f9efd2705a803003cf04850532d076b60f01ae47a6e496d565711765cbea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bbb7c5b6ffe84d7ce1d3b3c2002f150e

    SHA1

    5a494ad0f1eedea57f3fac7cb012602c7b79875d

    SHA256

    4748c9343f46758ae99185d7c2bbef7baface93abc4d3243605761151ca89910

    SHA512

    5aec6799e1c130f349f7fc6ef127911462b798a7b2cf98ecc53300d0dcebd2f3a37f8f47e5507633b1dc810231a821ec82f7a938d7b42301710b41dfd8ff2893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c8bbd4fb1bf47d3e977b1abf36959010

    SHA1

    1b648151259e43a389970918198b63fa3d1eff65

    SHA256

    48cf45da9221bc77be7eb3633615b83d5a413110df6df37bf11ee1ce91249ffb

    SHA512

    cdf885f10068da516e9eb77cae68e4c23cb5232eb6e93a1968b23b213b048a15ac369f43b23c104cfc47d4eaf77be73a17f0ac4484bed8838b0d3edb90e92ef8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b90a33581fe2f225278b9f0682a33b4f

    SHA1

    173d60511ea89c6e5a13acfe54808d624f532ffa

    SHA256

    3d47d2609bf0fcc6d1437285943f6d01ad515b6c13d39e111892eed4d07d157b

    SHA512

    629780eb202d6df6ca6475a713ea7cc6ba5497b29f1f613a2ed0d541ab6b2b76bd9773dcc07e8d6de8f603807ac4f6eb2c95874594907e18cfe34e1b0e8ee4d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b8f34be2d2afb48b01a9de767831f252

    SHA1

    4c0ae95fb39750560d8034a4966eaf46f8a7e3a6

    SHA256

    c0f68c259e019f30b581ba7694b08c894ea70ffec0244e8dbdeec9071ffc31e0

    SHA512

    2fdcdc44cb3a6cb8d57a0e0ce15c981fa479854b699f02fffc54b1e524638d105b6283d18cacee537e067c942249031f625da2d1b75ff5086a1fb4c909dc8310

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    694ad8ceee65fd7928d3d119d11eda29

    SHA1

    eeb9ec860ec7a1bcca7a6e6720fe5afe1d292345

    SHA256

    11682f72f6a498e669f18baac9581b0ea19ada43e1014b974322d7fd850beff5

    SHA512

    283d9c879430075fc86fc92f55452cb1cdb6083e435fdb696254f5cef94819dec587a596a49f985efb57b015583af669c79903816c3adce24a2f7e3ffd87ae28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9554090d25f0617a4645a9d808272551

    SHA1

    12c04e61d1ed6ee6c98ed2baa0d3c24d3a6664a3

    SHA256

    27186c49cc49814cecd3a7c4458892abbba0b0e51317635820be32251c3205be

    SHA512

    7ce89efedb36f351fb137facfbb7b58c72fb72f3c6c1cab5a8a0b337a2f6c7532c2b675d3d5b737587b81f04120a73a6b12fc8851518572dab3b2326f4634659

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    430ab10c8a735344add022f071b73396

    SHA1

    a8704ce621e03e964af36937f136cb212f10dafd

    SHA256

    c7fb9c2b71009995a9571fb7d77f5f80346d7a97975b6e69482b0342208e1a45

    SHA512

    01e4fada94474d958fea08854ef6af59647c257008dfe51edd64c51990758e4725774bc9281ea0538223e014c86d134cda5ff938b62c66c69a46ddee19455055

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    237c3afb36985ecc784537266eb1979d

    SHA1

    d53c27e88772a9e6ca6a9ec5dd5d36d68b95747a

    SHA256

    12662d3f37fc192034c02a3d797f6a95e781aae3819c1ce50c6711842237f2aa

    SHA512

    5c5817eca9318124562a80ea3751491e3b6e608a8341fad5e8b489d879a0c908eabac6927d2d809f85b5d5e1b6dbdafc19bc8a86eab1867e84bd54914bc862ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ce2181b87779726a0a0aa4cf4f7df8a

    SHA1

    c9ee6d9009e3583bb5589c75252ecc46338c544a

    SHA256

    103a40cb2a5a45c63f7c7cee40eab6728f2b5b3475a4e79c87b64a64505b3fca

    SHA512

    8fb6efc98a4192ae6349ae8a5293350322d77f9e4f2e545623bb171c506878a7e5197b4b31210b28e16faf59856fc8091d395950962931f8f1c8098f475ee1d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d5192606282cd5073cc912d3f8cb1f77

    SHA1

    0bfdf0b30bf5c62bf8c08719effee2b84bd14758

    SHA256

    356defb539971bc18eb32e25660e0a1b309b5dd8f085c6e93df71ba9aab274c8

    SHA512

    8d28bdbd3d926c03b7c14c9f0eb89dc029971ded762ebfad9fc952355e6db8e6ac9144fb145e91f488a3968bd4c8effe68bf3d70ebd55927c5415b30aada2f2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2f59d87111c99e2fa493912575a4b0e2

    SHA1

    71ec63b6bc388ace3aa10584e87bf83dc10b1038

    SHA256

    d7d2717616728386f3210d43e6aacecdc806ed1ef4cc14efc5df619e823a14a1

    SHA512

    9733e9eedd56d554343323681e7d5e416aa5aaa218c5a081d8d1c5686e1cfc6d483daeda3b071e4da9301ed14bd52b310a836e349c3fedff156311b800b83317

  • C:\Users\Admin\AppData\Local\Temp\Cab3CC3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3CC6.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar3DB6.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a