Analysis

  • max time kernel
    137s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 18:25

General

  • Target

    8b5b093388773fc3c5f125a7536992fc_JaffaCakes118.html

  • Size

    38KB

  • MD5

    8b5b093388773fc3c5f125a7536992fc

  • SHA1

    ce4c2f3669d48e504cb24cf4bf80d0214bf25e70

  • SHA256

    f6e9c910a9aa0ea51e029388c339c59f776cade731243ac33e3b1d484c7190bf

  • SHA512

    1f99c338acdcfc3f48e8a37dd8c4b34d4f94f8b01847f0ae7733a1dc6cd0cfedf901458f83544ac31544f286513c28f813e716accbcc924a2e739283c738b8f0

  • SSDEEP

    384:UiSlxu5hfB9l077S+nqfAMpHj/iju1ANpU896/6ANAAnRT/kUi1girNapYY/CQnn:ULlxWxyfSbbj/Ww9tcUjEYK/Mt74ZBDo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b5b093388773fc3c5f125a7536992fc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    629dcfd66f9f75850035a8389906edf7

    SHA1

    401eabe7174bff73281627fb5f3355361d011375

    SHA256

    acb9e71bfc2d293b29a270a1b784231ae963f1646678b9db4716381ae3abc809

    SHA512

    f53b7c656f60fccaf185afb6bdbc8f0d1a1fea4417124c0dd3c37776b864c0c9c4afb3b4a382e0e66f77a5d884734dc50f5a05e92c316c52b8fbd7bfa767333f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bce4a3c250c88117fba50875e5d97c1f

    SHA1

    477777bce956520895d5c3b16f5dd920b7194072

    SHA256

    82fb0ca0f68505a4325d73eca777626f2c2e861a6d8404f71a0092549b58bf5c

    SHA512

    1dc6c2101b4c4e16ae1badf4e4a9dc46bfa33f20f0fe8a4b5619604e354b506544dd423b4cdaf0b02b795583570dbc246cacf0e574453464fa870062c6799f68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83638e1571c18d931b923d4c3be75ec2

    SHA1

    0958225a97543f72047e3448789b97b7cec73070

    SHA256

    ead53c5dd8fe341e620d5b9b234493cd551d7440503756acacb632fed6f10566

    SHA512

    1f8a860ad90771677d3e179578b8d54b5bd4697c5b58131c2c5e36b76e99c2ae9399088207b0de2b936460cd1623ff9cef399e917574ff8bd104102b5ab48625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07e8b0af7cf9ff3c1607255172ef73b4

    SHA1

    253d82302684d8ebf391cd66d0e6726f637178c5

    SHA256

    78e57307a00a00c1d0618703b605bfc55482ce6094a63e7f9da8f997924f6129

    SHA512

    7d13faef2f58552e7e245e9888ec51b9b511b68491cc23c1011c2d866299af2ee0ab625464e83c4488731422bbd6c3399faad2974eb22e7b552234ba7a0b734a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1171f620402f9be85a87bd71b4c4843

    SHA1

    27b36c6b73707b52e8f14a58a8bb415bafe4f382

    SHA256

    6c11f9389e15f860d8f7806bca1014912ad20c10d382345c0ee684c2d4f835cb

    SHA512

    ff0e7cc2ac7f511a04c7a37d953a9d29c6a36d136b6c52fba178c4c3b3ade08b52fb378d122cde942bf4862ce557da694cc2f7c00f16094ac77ecd0966d63b63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68f0ca608f5f8789de0301c55102380f

    SHA1

    343be18fd264df383b9f9776c05eaabef0e8eecd

    SHA256

    f9e708dc3431ea3b19537fae79cd7321ec1a7ab12fe19b172316f7e86b5afb23

    SHA512

    a654b953bf32cc46e0c272eedf74ad5c7cb5f6d1ee0772417460ea800fc5c0251b7893ca0a4a5ee6c980d568f944879bbcba4fede159adc054e1ba3190d48b8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6601ca86a5233645eea099613d1345a0

    SHA1

    36e48810b9777312487917c84eca28e7bdcfd7c4

    SHA256

    f8601b13d70a5d37591225764c40067724c7f04c6a23beb90ed41553d564768a

    SHA512

    78733708a4a2bad12f54c069454ec4a397b5f632334e11ded6f0ed12ba05ad7d655a6c21bae17b732b51c8dcdc963eabef268388200413458d76164480e37640

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4bcacb5b2b0ba19eac00d7c4121ca1e

    SHA1

    683eef4191ad51b3181c7628bfa1c3e9063496a9

    SHA256

    112f9398fc6bf50aad93236570baad0ffd93f8f8b539b34c382cc5ced4e6c01a

    SHA512

    6d13b0c827c079d3bc9e11ca8123bff4e8e7c94b95ca8ef76ac4156646e4c3ce258f021d4bc99b6a62297adb162834d7f073e7881e33c8a7c46e657d70abecce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7e4af0ba051fdad4895fdb51e115f0f

    SHA1

    e7abb692e0d82b04e1710e538f7e8c68fed0ba82

    SHA256

    631c061dd1f09b0ba440f140f9ca5532d664ff33269103edbed876f0a267a897

    SHA512

    26a30256bcf90c43f31deeae6ac9557d6824b9d153e0c9b674746876f371c24c9f0e41e8796b4e6bc57839ded4118a6be38b3bc7d8b1699f77722142478e0b55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a47ba0e4355d598519ecd70e83506c2c

    SHA1

    be99700dc361773906dd913c70a1135e6e8f5a8f

    SHA256

    04800a3fbf8dad607fe1c4a5cd8afd1bcb5a57d527f3f56621b9b0c684b081c3

    SHA512

    db7d2371edcc8bec37e4c4349212c97d863aeb1b939fd1fa73c86126e1b9056f9fdd5d18916de5f07dc3ca752c5b401dab8b183e3f3fd73caa2ff2e7f73d554a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53b8b5db9ba0873fccda50482f5034f7

    SHA1

    00740b1ce0253c8f63e20605d5f6d0198cfa1d19

    SHA256

    a0e1f50f53cf7b359ec43305e8c409f25bf6e08905e26c72b197d2496b9a622c

    SHA512

    20eba8463f885dcd7d72b59d912357e7fef815710422ea6aa5e2b1dcd10bb026078a2d93ddfaac710ffb49b59dbd05c1adaf483bddccd292db29e255aef7d803

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22e7448effe8443a0ae1dfeb10aa05a6

    SHA1

    3d89f3a5f0bae1354567cc126944a2bf89b3f564

    SHA256

    589a87f78e11d2c010b9a973691cf5fa66bb6eb04edb67979710419006a3185b

    SHA512

    bf528412fee888bf4577341c4b01b23020a164eb1f37fb92622be7705f61eb50a9e7e08e6ef0f21f0b215d380a14d1f0b7bfe06ee5fca4814df9b2cf3e6ed0f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c48d7dcc148298535a9b6d6dfe33dc4a

    SHA1

    561a224236f362a80b5e9302ca51aeee73f871c6

    SHA256

    846260b927dc25ebcdcd85a4858f6c910fb648d1786de5e8c558448703d33bfd

    SHA512

    6f53dc799ef6784c5b182c851dd670c108e288fc13ec2f9618e79ecc49bd58a2e3e984ebe1e3903d81db545a3686c97a9a7c948d2d523d6b698a8de5cb47bbae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b5f35cc20a8b2f7ed1057c01ad990f8

    SHA1

    2d63c64a1b2d63aaa8c06af625c9cc0c62ea577f

    SHA256

    3ce4b74fbe1485b76f6f2b9c3b523221d688cb70e8efef5741d2616fd0940ca4

    SHA512

    22ef2e5b030170440bfa84c1246f56a893085321a4a9cbc8c54b0305f0045e73bf2e6fe4d4b3b9bd0b92e72a28cbbfc1ade255acbc88c11dbbd1d0ebd9a087a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d08a0f7999d51d84695ba08781742de5

    SHA1

    4c0d30a6aed430b5a64264eec8463068d04284dc

    SHA256

    1a158c3eca2d7ed4e453bc2daaa78f63d8fb456fa77d740ae4dd698c18313a49

    SHA512

    d892cd9d55524d5d77cc1b1728012963cfb83ccdc198f90591caba41c9fe977a8c10580bf34d62d930f743dcd40015a9fae72d7f17096f112d29d13c6fce4528

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42921a6755064a49912b0d93c1c11efc

    SHA1

    d3b401d64b7d125ee61ecf26f59c2dcf58506927

    SHA256

    df49198dd00121187de1a137016938fe23bcd02f10adc09676fbde74a18ad996

    SHA512

    430ec82e8f5515fdd1afef0a6167c607a7f83ee1b28563d01b9d1f7401a5645207831400b1e6a0aec7b32d73b38dc631057aca54ee2067939a2b461eb911bca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4e02e2936d219e2b96ca4b2307f9ad3

    SHA1

    a75bdea553fe76b75baf49acbf4d0435e788f567

    SHA256

    ac553190d7bde9aaac322e2db32bea1bd5eaf9c30dfbf3e4ddb655dc958b1e74

    SHA512

    490b2d897d9e5fc7186f50b92bdbbaf4b87f68c48c5147dc5bd1a21c56e553a64538704c769d58b2bb8364bafe446b7ea602e7e395460b18a8fbb2b927151292

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f75c2ca87381b4c113af9da3dbab9c2

    SHA1

    e47be38acd807283758b494908c6c664321cc8db

    SHA256

    605d6af56f5d5f8d8df78231a5cdae9f10abffbb85dc39b25b2f1a901006985b

    SHA512

    436becad96f577b879688284535bef24b22ad908abc49c03e056c989182a1a857337e8d3d0bc1ec552fbfc68bd6be1e500ad52847c737f7bcbc7d102de91078a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87b441aee7698107952ff1f41e38623d

    SHA1

    7297b82f5496a9a57e7cd61adf92b2b7ebdf1fec

    SHA256

    675022dd8f14001c5c71c4a0fd4823ff391f4cdad4ba2389096f173fe8984f9c

    SHA512

    31f4f8619227b5c575ff83d98bf81384abffa3a8d5b26c11c7a04bb697db4363bda7b2796d730a694eb4835adee012a61676e5b5a90998b04fb3bce7ff081509

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55b97a79f562dad11af6d8d49b36ed29

    SHA1

    34eb9f084c97df8624b51a98ec7a25d6cbf3ff7f

    SHA256

    823cfd234a4c67c79879d82e841ded21371d41ae72b256ba02bf42f7683dab7d

    SHA512

    ab877ebf9a77ab06cce0b6f2a7df9d2e205c37672d9cb570d65efda4113e08e29557221473387e1f271eb4cf3fff496f175c16af3329537159287b63caee6a3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63d4e14d30fcc888488e7551225a33a4

    SHA1

    b25e2a917a652d998f1743325bb34bd042a422a6

    SHA256

    d1befbb500298ab2b0916dd962a11d12998ef1c09cc048fae2dd04611584f75d

    SHA512

    e785b67152deff323107dd0129ae0f9848df09589c9d480d58dd387d630518082eb5fda83a53e05a3bdd283a96362f4b82ef4099bba1fdce4d864249acef0584

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2486c02041f361e417cac70288f56aba

    SHA1

    04c01dfcb577d6b740682ebf7396e33711829a01

    SHA256

    7d843c375e2e71a67bf540371217a77bcf0d5ff35aaa9af6717e8ede28fde270

    SHA512

    cd4be8477c843463a6d04b32406e6e050b34d2e62e9977c80f6c3206ef28f1d842267014abb09e3f91ad3113ceb5e9fd60d36d19ed0db865b149e2a9716fd56f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a07c7f7694b173ae3622068966525ed8

    SHA1

    16f3f0d3d5dab12c3b3f3c5e631cd4aae31d3e72

    SHA256

    010dd6b0399045e7c918f5b6ed7215b251a178bef4e0d29a3f7f952c5e5ae6fa

    SHA512

    69ab29cce7d7e0663a28b1e7bac272529451bdd763c21513bc9629a56565cc8e53114eb870420f78509c704611b5ffb8b9d1a8c85bab1a42c040eff1a4172bd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

    Filesize

    480B

    MD5

    94937be40f13def5e6a97053964d8756

    SHA1

    4cae6ee8f63b2d6d7d2304a98564960c226c1086

    SHA256

    3f3eedfb10ffde1202dbdf8eaac7029a533d121f0c4d53968c0f6bda19f94713

    SHA512

    915b674e7c9f79f83c0ed03dae549da47daa40da94f6d114f622ac752e8e14b88a3c9456d4e32a524ec011a10213d46c6af69906505eb75ea6084605ec01f923

  • C:\Users\Admin\AppData\Local\Temp\Cab229E.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab2361.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar22A3.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar2375.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b