Analysis

  • max time kernel
    149s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 15:50

General

  • Target

    8789e75833411f2d8f6e9628073ed6a9_JaffaCakes118.html

  • Size

    135KB

  • MD5

    8789e75833411f2d8f6e9628073ed6a9

  • SHA1

    22d7535a067f6418e79356a5fe74b97c3290b992

  • SHA256

    304f7501552d0a933254977577bcbd70f7fd0011093e2007e31ecf5e9d6047ca

  • SHA512

    555d6328d82a43d218984dc4f21846c020b0702cc8c8fbf51428cbe2a2f8eff34020a58c2fdbab477e8f1b9c1a20f42d00558d715df8331eefae67c7bc5ee6e7

  • SSDEEP

    3072:SmT1umEdIvpq+VrOyfkMY+BES09JXAnyrZalI+YQ:SMvpq+VrrsMYod+X3oI+YQ

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8789e75833411f2d8f6e9628073ed6a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
      2⤵
      • Enumerates connected drives
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9986c5d2afb0ce5c69f4665191a745d3

          SHA1

          21c3d128bda8aa7a8c30c5058ba413194b1cf04e

          SHA256

          ee384bc48df2dc42d76e830ee6439dd6d8a8e8aa025019e6b7c662d9cb4c52e5

          SHA512

          09b9002f91dc0a6929184083a5824a7aef06be74dd5e76ef8c6b0992e94cc742dfd1d0eae44f9a9236714fb6f30ae55809b418ca4fa96643b5f52e5f7334a949

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7de17870a6d46867bc0a0c8a6c1e4d32

          SHA1

          67d0522f75c1f2bc82d631f0dadf9644375613b6

          SHA256

          929ad2960716c366fb7d2fd7e7897b9353439962a8213d80070847be4e595ef8

          SHA512

          ddb197437507fa40e508bb00de44c13cce8ed66047588421a04076d8067f0425280facd44cf1b0af35b722a026db7e7e001b6553e4043870e041510dd47e0ec2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ed0aee5fddb3d20c373d3c75ddef2c5

          SHA1

          96e55eb82f932209243946ca933a9ac508a1d8a4

          SHA256

          188c4ce24028e78e2012d77f6d810ddf2bf3ec13ef6bf1770e85fcc230a8e14c

          SHA512

          ed13c02c907cc3d756a59ea1f1ce46d3dd1d62f97a1cd7131bb4db7c6e1631e05904b42e6ce0d8ad508dd4c2e7abe7bf1102837c5271542aa96d49df1368147b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          de0ecc9271fd58750598bf05ba55f5f5

          SHA1

          cdae56e63f7de7a2ae8aaabc5bf3224abb5dc6d5

          SHA256

          8fcf978d95caa4e38f0ab68e4bde3ad6c536447c28eccc2aef24770732318d9f

          SHA512

          eab72a28195f189290864f9e30042c0bd4362481792d1345fccea6a85da42279fcace148c0431a0f308f6a4dea8790d74508d5f62182a974476634e28cc6f220

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8999440cbf9ef8f151fb68556a5dbe88

          SHA1

          139b86b6e768c937e479a7cf94fc4a19c19bde84

          SHA256

          d3710a906624cf9799e50b567ba37791c600f8279463c3bfbae931788f809472

          SHA512

          95de2f8b8a5bf57a586fc8ea0d1ef33067ad6694f2c523158db92a5503c281e60a875d366423e5e8927cdc0182eb0b9665070a0115ad1385035afc4dcd7da6b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          39ceceee9d0b3e0ca6357ace94333bf7

          SHA1

          036deed467e7b078a27efdd1f60af63ef3b426ba

          SHA256

          51a7819b251247d6690e1335bd640a75f104126c7a50aa56645a4cdc3b5480c2

          SHA512

          74545c5bfc85e0d6e064ec345ec329f2a6a3aecd177abae59fd59998b0c9125a2e875844f00e1732af6b605039897a348baf8ace1896dc4bcaa138714fa59ecd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1b19f9085313529b5938d48ab3edde5e

          SHA1

          adebd3456483666cb09381b09e3ed04f7369ef43

          SHA256

          f046e503055a36c6c633f09ec1f6348cae2f6414831e6f2fb96f51f0efacf46a

          SHA512

          bf1ae46209d9890b646acd78cb8b3292ad21cc912b1f6621680d9172dc9b4c447fba31c99cfad38a731099cd05ac6541dcdc92eac103a26e1a2a39b73bd968e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c7ca3db19969e79df6f767c43e283f7c

          SHA1

          e84885d39f18c1c50f9d060a2f889e1dbff9b4db

          SHA256

          710b7eb7abdb57391fbeb47056298d90928d344cafc2595b475a9d9f740ebae3

          SHA512

          5259a2b03e06389b72f4513d7277dda9657c2ac72937727301600dc8579aa98c6d31ca45cb80393844a61a4d8c2c5ff848dff2c0ac1f0f553b29a265867ade4a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5f67aea0289152fc42cb43164774b3ef

          SHA1

          8c0fb36ef6a4130e39d3b74c48ab8820541f6a27

          SHA256

          5edf9929e34452e8c2864045230b68122f45da9c4674886ec2a152dbf4512189

          SHA512

          0f931fdddc0f51b54488e3a49af713e60ce5a521a32068e85c274e5cbd7f0540ee6201403dcd5900bf2644417ec36ee46071f051df6eaa86cba7d3c0aa32efa6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58f7ad2c9a2bbae11cb4971fc1c01d6f

          SHA1

          f397febe1dc0ae7ade6436947e5dcf5bbfd35b78

          SHA256

          9212941e6a524c0469a3ab922cafc42e60d3ecbccef9a5477be3ddaee0c39d71

          SHA512

          7675a1fd9587558648ac97b9098ccb3f1187f69a71b731f4e7b97dc68cfc943f312dcbd6c6241adc50c2cea409cbdd5aacd8e7f4513df2499f54f44624b6ca61

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          204502d85cedf6277970c223af2399bd

          SHA1

          71ad45f0ae803606aa5f225971aa4465b778c0a9

          SHA256

          393c70e4b035681bddaa8e0a0962a126dec7532cc0c23515763493a936abe748

          SHA512

          68380bebc7f925d694a3ace80f4c9c8e8757c5ccf5b4d5aec68da0605280947d842824e882d4dd7b1887e64cb9834f393b23aa57805f39109246cf46e6ad9eeb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          49ca6193eaf4b437592eab41f0064a2e

          SHA1

          8079761c012a82b02578d13ecdd9e6a344327c9f

          SHA256

          b533d4fa1a42aec4df3100ebe07221453792c02af441f9f016dfa09ffa891939

          SHA512

          a832f6262021e4d847b11dc879be69d1ab0f9644054a7165fb835b2ef6299440e36b19ffaa654dd7368e2debd35c09a3d5804f7b3bf8bc6c1f9e2e4bf45b763e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cdff93665f5c621ec6cb65f1108d36de

          SHA1

          4e28d79cee1439ab70c8193e2ecc221483b9eefd

          SHA256

          60c259773567ee749c9015da3972ed7491ccad6960a4295ac2acc8cda8c1a12e

          SHA512

          6d1a7783fb3b65b5492ea517f8e3034456aadacbeb891746adbdeca00dbc34fe5646b66c4b7d848be2fb3bc3f86af7d605dd7b9a229d4c94ab2779e162b67d33

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cab05657ad536f5912eea3aec461fdca

          SHA1

          bf378eb58be8b1397895fc280bfd870b3a8295ce

          SHA256

          490493e61c0c3f05a7eb8ac99d380f73ed6dd49affbfc6a9281ca781d2754acc

          SHA512

          028b5ca36ae6d3a1f53d18a1ebeb840cf55ace945ce9e18d4ca8ecfe7bbdcb43279ca14d69bf1c5b3a8443ac674f922781912447e7b7dbf055b6f8c3d76c8bda

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c3130f43a436ed4b018872bb18708bf4

          SHA1

          6f2315883899e38730609945dbebb7015d6d8c42

          SHA256

          6c521bab6cbca66a5cb718adc8b31a65ad032760903c051fd223a287be8fe018

          SHA512

          0075ffc9ea5e48e6582ebe0a5b2cfdb9b8ce243ea9290629727e1cb746750fcf13fc993d39944c87238feea5b651243a015871bad551df59b070d79c9c5b436e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9cefee92155158087e5634759ad54533

          SHA1

          b57e5f9465026ed296c7d7cb41512673a2348963

          SHA256

          c60b3d75a3b2708e74509695a96b8b4071fe9ce9e88a0caf1f9c1759a7207533

          SHA512

          0e2e60b36a7d84e5efd5186e4ddd27d9625e16239adae0395f21b568fa35da2df42cd26b918a8049bd1c1d90b93c8fd9a1198cf6dd7fdeed25b47965d96c6355

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f65b7072d17e31bcf005c885c5da9096

          SHA1

          447fc32179847d8136b29217b4805ea558b0ac9e

          SHA256

          404b333b29c169af4ca632936602e5acf97b78f6d7b16f454ae108d6e2896073

          SHA512

          34766459a187562764787040ad2bbec42ce3f635dbf7be501f0a284744b13beb4d086fe39a6001bd306c31c0e8adaa46c0a8558560fb4a3b084cf4e83ad0a8ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          41ee19506877c7944ea6f11d157cf65f

          SHA1

          767cf1f92b22150e4ff90f0ec5a18f95a3d5f1b3

          SHA256

          9b393ff0301b32c95eb46c433d77cd2701b6e5f21faf10b82b50de27704dd1b0

          SHA512

          a04acf491ec08613e8e8e927e69ef1120e71179554f01e8abd84d35ded854a204615f0589cc9c59e3da6eb52487406c27970a62a61d9cfb3e6cb7f76556f37a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f7eaf6ce8c5a1a64a33d5c001d3a6d40

          SHA1

          5cc8b281f4ee20be2617a243896cfead189ef3cf

          SHA256

          033a2aa7c91bfe071486177b85f7adfadbcfcfcfd1755362e635213261f2c8c5

          SHA512

          40641cb97cfb308c94ae00fe97144942b0fa8ed87dc1185e927b28dedc071f105270f7b6335ac54a97e9f6e51a8bd544439967838e811e5d4b045013aa294905

        • C:\Users\Admin\AppData\Local\Temp\Cab1B1F.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab1C0D.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar1C21.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b