Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:27

General

  • Target

    7a1539ffb0872fd9d760f2973db41868_JaffaCakes118.html

  • Size

    13KB

  • MD5

    7a1539ffb0872fd9d760f2973db41868

  • SHA1

    ffe7b67ec0653774be55da5fe0230657831a5979

  • SHA256

    acc36c050d30b54c8556548ad007c327e02b4cc3030e98e05761bc49839d2a3f

  • SHA512

    d3cba484173ccc2c60bef342883947d8708bb394b18ad600fc94b4df87259b75caa536c65077da1d80aa120571dd0000b643c4eb286d6317084626729b38a683

  • SSDEEP

    192:JUWvHpwQbM2f6jIBnDbxQ6ACtPNsF/GZJfrIVXecepdIfsdvdarv:RH6QbM2f6jIBnv5G/4jIqpefsJErv

Score
6/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7a1539ffb0872fd9d760f2973db41868_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2156 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3016
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3016 -s 2236
        3⤵
        • Program crash
        PID:1704

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

          Filesize

          1KB

          MD5

          ba3b2479f7e91c7270a2111eca225418

          SHA1

          8191ba152cdd00fe10329be899a3611f1c4b08b6

          SHA256

          f8d35c88406277445e3f57b3c9229325135e3fb07be9a37cf1eb4b83aa57b3a4

          SHA512

          67cca29daca2c44be5f4760150587176c8c8f8bc293c99c3589e894eef4958d223f6718ec564922f320ad885160417ca4a87963deac3118eb9e8c5826e3837ca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          92ea965da1aa148a9dd9d72bb4c4c1e8

          SHA1

          24fecaec22154fd414ea85116fdc1d21627ef7f4

          SHA256

          554df702c1931963976168aa476c0fff9e81abbf28cb89d4507091a07bd9e1e2

          SHA512

          6051ad53bff61984b2e9a1d0cf33b457fce4f413c032f36c0d9f51ebafc8ab1cbe68b8d6d1cc3b7f43fb67229a63ecf8d08ae35ee52b077e3b5b98e11a3da8dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

          Filesize

          408B

          MD5

          75a446cdc3d424585d0de8726884ca75

          SHA1

          d162f449ab33ec15202d063cbf1332c22f7839fc

          SHA256

          f3931a27780f1d223eca2f9915bdcbe129bd6363243a5f2189f378af6d9d0465

          SHA512

          84c186325581735304ab397e2783c12bdbd9bae6a52abfd4db12793e800ee22ce75d9b87ae1562739fac6ace3ebe14704bd0acd4130cb53b42dbeb43a9e13f83

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6c34edb3e4982baa74f51f387c82b4d1

          SHA1

          4b2513f799acb4208b49d0ad54df28ea63a5a553

          SHA256

          d8256c88aa2ecb7c8616dd90596b6f3c0997c285f3b4a3e3f6313f8a284ca0ea

          SHA512

          c42cd428ce98ddba3099ad7de5383bea778041589a60c658537633bea57fe1e5a4fb0c7ced54265a75eb96cfe7c0f6c98d4c27e269c77faa758449358aafc65b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          921fff240967e05362214869f9d7f149

          SHA1

          daad264635c6ad141a18f6840ef8c4d928216e08

          SHA256

          f59fcfbf893090bc2f6a6bbd10fd51b0a0ab94cf9dc0c176e917115714e538ea

          SHA512

          308f6bcb325c06b474b9311120896e8a53513b6cbe3a6a48d6df499dcef58f0eb42b6e0bf21bca7b55e788b317cea1125feadd28fe92f0825ad5254066e4137c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5e885514a0a842ec100a912214340615

          SHA1

          1b515a7df322a848cb9be0c22030178eab7d0ce9

          SHA256

          00729319d3d2696d8d70b159d5e9bdc206ca8b321d5950bc84cd9b3ea000cefb

          SHA512

          6ad046a90e6e7c6c04fa9433b708c3dacd15dd2d99707b8e9764f9fd993131125211e4bee394eac93c54c1f3f6f7a22126494198f7135bad1e86c610fcacbc64

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5551852560e0d50c5951c4fc07370779

          SHA1

          a58dfdbef7938f8b10a2bd6a88ebbf6829d40459

          SHA256

          da54eb3c07e95a728c1b5aac01bbd6236ff1117b15ec6960f58cdb0a2ed52ad2

          SHA512

          a188a73d98d8813e4ad1ed099cc275ee7acfea9f93cd395f439a6ed198495eb5d999b393b618e458e6bdca5e455fbf86dfec92d4bdb5194360150bfbb891c1d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f35726ffa339e776236613e5adcff590

          SHA1

          87d27bd75ed6ce3dafd3bfb24e45dcf575d88bd9

          SHA256

          002798bbacd84f8fa47f83a17323fca1509b229620cc0682121fd78938006dda

          SHA512

          a562b580742c1170f57cc68250b09a7f5222ff0fba8517f4d7b64aac28a932a11ca29500ba1caac33bc3cdf7424348a7e160b7e6a2121ef8073df89d9c4dbf78

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          55987c2e875773edc8b57fc35d1fded9

          SHA1

          22d1df4db14396f32fda8c99f712b2b08adb28da

          SHA256

          708ef18352fd815d79dbad03132b911775df613861fc85ae7661985dc75dae41

          SHA512

          cba64291f0e2bbd9f9902f473f1adc99227245e85543029423170c1a3543c29e596519db8d418804be5577cb01d10fc6089b404ae0467dfe20ca37b6f3f2d792

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          02694511698e5ca11fec5357695d6a72

          SHA1

          d6a6566164500e4ac25e59c87d6d2e8f374d486a

          SHA256

          191a99980a7a1ad1927421151956c8a19d3408972c1bf6addca473ab64e7cc09

          SHA512

          bb0ed3a5150be5841b2e0d5241b3c29a1513fdeda314717a26ffb86d6ede6f3d6cc9eab1a226e72b62fac4470d9bbf9f225d06cefabb5fb6b007f099a2e54d4e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e7987b71c760f614b23afc95146a841e

          SHA1

          ce2db8d7a5a9c6ab8dd8eebb1f5ea2752a9db39b

          SHA256

          b08b2a47e3b75ea9c2929de87e898cb66f834980b9dd8a67bec08eec6c11d8e6

          SHA512

          525f249143c95756ac59dfd2c0232d10876c2e85fbbc5bb45c84d7509eadc5effbf2dc34dc19ed1ae37f6731c011b470a97a42b804a875687665e4740b797199

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          643a171f1fc6db1432a8f1bc58f0cc57

          SHA1

          5d4c38766239a4f4037cd8e42c702b40d3eb40a3

          SHA256

          9c5f6b7eea7a808be063b20bef2bcfae48fc5dde93d2cbead4aa21d42cf41fde

          SHA512

          20e1b6255a68a406acf734cda2d691360b77e9367fe17e85ab248aa8dc690a6957891f7ea302795c110fc3d44506dbf80ed1d98dc9777639a0a7765203975734

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2d1f5d364f3e896ff76c57c008b07466

          SHA1

          50ef3fad508620bbc8759e704c3ec8c49694282f

          SHA256

          e9520540c93b54ac4cef38e119482fd9618b5e8d8bc9537e6fef18e5bd0beee4

          SHA512

          9bf8b87c9d98f7d66f231e8ad8d15ac2213a95fb9497a334c76e744823b9f484e3f1cb12e8e88738221af571d1b49796bf4f75b7b42a3f2c53866fa9342aa658

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9699e96cb12f75c43fa8c4f82421beb5

          SHA1

          9f40f3b6777a136290428d4ab04914efcbba3dd9

          SHA256

          d95373072d528387401a52a5fdb598b38b53571e9cc06786e8f09d55330dabbf

          SHA512

          b217c4a4d035d64397bdce2030fe0967f14dda209e0b7b4662409f03f3dc82c924f3165776841d8741c19de48a3e6ebc285295243457b13f0c2f56ee8ba6355d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ba22425b20cafd809921449bb560feb9

          SHA1

          608960e4c0d208f4e438091fd5474a5a0da48f09

          SHA256

          f6b5792809947ef0fa1c1dfe23bfa0da4983e5a49dc877a6d5cfaa7f67357229

          SHA512

          72c34e9eea84101a78c7839b93b826ec1054e670559324e75490d9be39cb13829e0898917f86f3c040bc968693dd3531dd2284599e421f7205e03d62963cfa05

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0f8061f584329d8b595b75559287af34

          SHA1

          d8b17ff3447c4285215a7d27f8c06f7f4e3033e9

          SHA256

          b0cc0894b40554f134cb081aaa2b7801e6cad978f34f6d4d226948006650e2c0

          SHA512

          8c860cac424c22c4ce33078bb921a106486124e7523ddc748ecb2eba50d98e10658fcb93044997e5ce16742d41974ff92093e6cb5adf1740f0316cbb6489816a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          829452846ceee9ab868467940c31bf7d

          SHA1

          9e3cbca0bc4c159e0195a6d715496877f7d09fb0

          SHA256

          0778796fc77fd15fb5b099577eea8d5393f15eea592a0ffdc17d73698e6356eb

          SHA512

          8fcf77849ab3a9c02401c1de7cd0d0d7e4bc184ad331d01ec71518e6d06f794460f2c49da8e0daed808fd16466d8e0e1e554d9d17a9cff195632aa29c9f506e5

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\font-awesome.min[1].css

          Filesize

          30KB

          MD5

          269550530cc127b6aa5a35925a7de6ce

          SHA1

          512c7d79033e3028a9be61b540cf1a6870c896f8

          SHA256

          799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

          SHA512

          49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b

        • C:\Users\Admin\AppData\Local\Temp\Cab11ED.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar11F0.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar12E2.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a