Analysis

  • max time kernel
    136s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 15:45

General

  • Target

    8786dc639e1f6878158c04ca3263dc5d_JaffaCakes118.html

  • Size

    351KB

  • MD5

    8786dc639e1f6878158c04ca3263dc5d

  • SHA1

    8995e3bc69d8afcf2692843b4474781bcb6ef219

  • SHA256

    ac826472eeaa85444b6f573a739d0c13bc3d298400a61f3b5fbeb642e9021da6

  • SHA512

    a63308dbc5767de7aa73ef1e69dc57e66fe09dcbe6c5500bdc8c3503680f8259d0ee4d581d6afa704cd8b74ffd9911ffc118e3131215c70da622c249930247fb

  • SSDEEP

    6144:SWsMYod+X3oI+YEosMYod+X3oI+YAsMYod+X3oI+YQ:F5d+X375d+X3Y5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8786dc639e1f6878158c04ca3263dc5d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b2bb9718acc3f74f8bf56c3dbce79a92

          SHA1

          b10a20a605b670dae827bbb259834647207243d2

          SHA256

          a099c5b2c99bbb2408f4dbeeddea316ee3d1143f56db961984426f503d2d4da4

          SHA512

          555a7efc25ce6cffcbb2cef6784d7d267e466f50dd3b30068cca435be42e2a569e8cf1572ccf6ecb4590b357be9f308b7b8705ce73969ff9f1be2c937a818724

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8a7ede4164ffba6b149f6a8339437b10

          SHA1

          b391071f58e39e874e2bd95567a3e2461b841e1a

          SHA256

          56d92fcfc92983b8cefd8112b522d6c7b21553b9c054917f85116929f40ff8bd

          SHA512

          89e86845ddee473e99f3dfcd3d99fbfa68e86a6b05c962283c09d7b08d3b82625fb45cd67cdc0cb6d9388f0efbb414210785c02878a14f8d1461b8554dfecb12

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          963cc9391e55a232e1a3ff0bf630b5bf

          SHA1

          528fc5af4065efb41c356776f39d0589f6d5ed1b

          SHA256

          c3713c4dd7957fc0a3059743ddf8e4635ba50b64ed3a641268851111c57ce0be

          SHA512

          f18aed12a50cab8b987fe1f0a22ac0753c8157dc9b5e5d1180c78e000a4d13c2b30c101e11b504022e65e3d2824e29339fa3f38ca7b05ce366c71144a1ef7596

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          daf0ff3e989651ce9cb1f6d701add09d

          SHA1

          ba01002145c6e2e23d5737cfe5f0afc111817236

          SHA256

          8464d36bd15e4146b14430b77a7764d8da3cf371b2275114088d625905024d28

          SHA512

          a0982f2811c7061bd9825fb0a2a03b60f6bbf66bc499d75fffa5f42800a1f2dad6327c7c2821175a55454af6c61c385e4621f0c3ef9efe603e2120ba653fa4d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eaaa00ac20702b77a6cfc2db4a7f26ac

          SHA1

          d5a41b364975f86d755c94a8ea59c18e1d3557e8

          SHA256

          78997bf8189a56c39f99c2a7fb97ff7c43dcf98ecd41c02eaedb962d9c52686c

          SHA512

          69e803f012ebd08044b10f6e64745b4ca6c20bffcc19892130dfb23e2b3a741fdf1845137b7c02a9a6689661cbb79d3b02d1fabe4996ee8f8da96ad701b99bf5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          accc1bce7b103e0057d669d030cc3527

          SHA1

          bc0041ef03d6a756f660924a5e9edaab609a3fb6

          SHA256

          310ec43bf5a53fef81d9f1477b9b52f78387fa3ab514211cafc2a7cb9adcbaea

          SHA512

          f6bcb5da1225c23a275bafb24fcd0f4907308bb46bde1630b4b74c0f1072bf3f56fc510df4d8da0ca3e8fc83b4dbb7b8be0bd22ef550af38207d37fd61f458c3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8668d6655dea9347cc809cf815bd4674

          SHA1

          c0d2ee88a77f997939b685d72861cbb4b12b34fa

          SHA256

          f05df8fb35bfbb365f367867ade6e12f7f81db47fea5212eea4654adf35dda0c

          SHA512

          e8f09f942a1174f586e11f4d2eeee8fa2daff03418924e94c1952f55ab9f361c7cfd5f0b6ed9bfdde29d756abedcd6eef74f42056ca52caeadbfb75d9966019d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6ae68430ac8a020b67acb0ec0a65179f

          SHA1

          240e25c1555164a6b1b1bd9155d09a5fc7ff3286

          SHA256

          e78cf3c41004b8d0ed44fb4a843b27616ab6a871c4190fbfbf13bd981fa88aa4

          SHA512

          91dd31d2251dec37de46ebfe862cb14dd16d9d7a6a4de495b7e9360b784a1bd676bf474ae549804e1bccc05b5e37518149677ae5e9012247ffcb96834f9f350d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c38f7833da41e3866c49b744c46547d4

          SHA1

          f3057ee93bccc697ddcaadf8b3cbc51f062df9c6

          SHA256

          a80e164d56c2c546db15eb6f5f5d3fe0e09882a6d99a7c06b33a7ef5d5bf7bb6

          SHA512

          2985e729a5483bb020243e0dc63f2268a5a810884f1a28e10e42ca20df59f4b18dff6ae39030b5868f18507a89b6b2eff0baf2d49c5d4aa9ad1570ca504b1b06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f46a110cc5a2c1e43e35127dde0ab86e

          SHA1

          0acaf61c91c20b6f27e8c140ee85a0ab5f53ac66

          SHA256

          5e99b51ed96b349c78d23a8a3f1d86d7bda4d5b3002715125a5ffdaa28345649

          SHA512

          cd1c3480dc41df2ab9afd224170f2badc19b3380dda8babb207abdf0217695846b4a1a72e9f4eac07c36272019e378a16048fb6d93b5b3cd03e2892249ad22fc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2656873dc8201d0b4d86d075749a28cd

          SHA1

          b59017f246e3a0d8fb1f9bf1c48f520ed4cbc20a

          SHA256

          67c4477df3dd25215a6d762b3bcb09c56a3e29bb96262cc6917cec0e0ed3c2b2

          SHA512

          7832082503402748b4d731f1fcca1a957202df827157d3b1c826d21d965edfb715967c5df2f1f3174399eaba50de8247e6837e3a525eeebc71175ca198106740

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f2dc74416ba78455b82841be7244190d

          SHA1

          cf8d69df5c95708a1c06010659b707424e88843f

          SHA256

          d735a1b8887b3158d2a59e11dd11bb37f3d1b859f651e1940e33678bdf806324

          SHA512

          eb326d06d22d752c39ae64c22d5000dc9a81f63c8e726d4ead0e633b67f618130513d1dd1a26443dbf8c076bd2ec1ac909deca34ec2e6b6555bf6ccc5079ceae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7fa7bd6c8ffe32fe0df2084a7970beac

          SHA1

          851d0f1a26b274b653e094345add556281945b6d

          SHA256

          53fb2fcaeb7eb78aa52e49a27a14112c7ef5180dce7ba86fc4f062e4020603f5

          SHA512

          48acfef735f5f90f1cc0ed60dbbc7098a2203db7a615aa12e015b2430071255da04fc861f5f913043bd1d3204eb58ff4cf5af3194417d7368824f87b035f9d1a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45eaedf7a0507c446c1c042e1d30edd4

          SHA1

          94be3ef4dbfa02482fa7f0c091ad5a3411684e1a

          SHA256

          c5bdf6e2493711ebd6911ac13edb74d1b3aa0f71fc682e726d23ba4e879385ff

          SHA512

          919dd60879c4914c86533741241f70eeb60056a3c438b7da01ce1e86191adf2b793a1bbeb054bfb58b246a15749707147c52a4189d49bc4ee5ea62b6350c3aea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b21c33a57627fdd47c23a8193e81621e

          SHA1

          a2a44fab9c3a6451b5f88f37eba0f60dd0bc5c68

          SHA256

          7a0debbbd98b821473d45183bf04c03a4418996219a9b604f32590be2cde7031

          SHA512

          6baf12ecfd1e35cc30cb9576795cecd35afe4e29634401988ef8c6525e918e93b8ed8716c943435436506535a256ac7872d62e21e18685f342d4040095346bee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f8ee020e818f1a7097e91354ceca0e4f

          SHA1

          9d492c178284f916346f77fe4a7bd94f21264844

          SHA256

          6f8de8e0e943f300cc6035019fc44aa6111178a821cafafd303b1f3b07de6949

          SHA512

          a76bd586bd9e2107a4eb4cd412e0cf94bf1ec664dd3f7686cf7bddc031a2c5e795c9b0571222848bb591c8a35da1ea26ff7527d3cee239e48ff20b66baa1c527

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4244e59c870000948ebeffc74dd6ce9d

          SHA1

          ccd10c33cb1ba89385bca54183479b2af1ff91a8

          SHA256

          dff12abb5f97fcaa4e200b4ba931698bdfe16f44a88571a0d2a13ad6fd52eeea

          SHA512

          d7583b577d4ada36005bdef5c61c9ec396570038ad56c2fd257bbe54ab88694f42b13054def8266eb0998d1fd3aa9cf8d650a12cf824c753f0094ef7cbd2a719

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf0469091a3a7279a94185b3ed912b6b

          SHA1

          24b9001f54692a75459200d93c38b75314ece18f

          SHA256

          a62651b2219c4ac1939db70ca4a210ce4ab8aa3685ce6bebf36f9250a17fc813

          SHA512

          b669ccaeb7ab267126fefa98192d8c97ac778258bb37d245907297eb00328781e9da1ca61b845018dc40be5c57d89ba909db6b2ecfd97d950835e277c80e12cc

        • C:\Users\Admin\AppData\Local\Temp\Cab11FB.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar12FD.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b