Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 18:26

General

  • Target

    8b5ba79de889c1869f198320d3efaf7a_JaffaCakes118.html

  • Size

    461KB

  • MD5

    8b5ba79de889c1869f198320d3efaf7a

  • SHA1

    5decf462d4b2faf5ac0af6af3206848fb6d3c2c9

  • SHA256

    76d35873bc60f4b49df04aeff44d559b424692c7ea759b242384c3c5eed06dc5

  • SHA512

    9d5b6771f13ecaabc2af6d933a7fafb11b780c3ea2f34d1200b514f5a482b972fccbfb5fe847edf4dfe18ee4d36d80732802900b1ceb1cc2d265ef4f5e911c2b

  • SSDEEP

    6144:SfsMYod+X3oI+YzXQbsMYod+X3oI+YoKsMYod+X3oI+YLsMYod+X3oI+YQ:M5d+X3R05d+X3F5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b5ba79de889c1869f198320d3efaf7a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12bf09375246013f7592ce19e1d11e7a

    SHA1

    a5fe40c47d552f8a329f734a9269bcee794275be

    SHA256

    e9c9760723e8d43c5ceccf36a56defe3b94545870270c50345bddd7cfe739203

    SHA512

    8d3f2e1a1328d9db2599662ea3eac33b2ac99eb9a46c7da024b3278e5b26560a54421414592441adf62a774d78350726d1ac782edd547cd3dc64db2255a2cfab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50c15b153cd8c4e50f8466d2a8b2e137

    SHA1

    a9bbe7e7aab084dc679cabdd0e1efc8014dff046

    SHA256

    91a7bfb949748576ea402f6e8bc36a5b4dc3c4f33be5886b806a45fca0aac227

    SHA512

    62cd79eadc173b0008f45f18b483a33a6c156c88a9e6065e5ad52750faf96c8f8830a22e8c2b20fa4c3907bcfa4a9aef589e025152cf4cf02f0abe82a15db058

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34f8ac2970729a542ed309b59da30baf

    SHA1

    78c0e4fb1cf0d4f9ea79b4bd8b1aa2b6e25ff4d1

    SHA256

    f0ad309ddbfa0237149622cb9906b0c2bd17b0f969e3dec805a04bed6732a458

    SHA512

    1af3d144ca1da3a0f0d7964ae21b7d185bd0049cacb6539ccb0f5bcd98da49ebbcade86a8b2b616755a977ced0dbca7bd4320dcb63357ac5ea54199f62991a01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ecdc83e7eed39e3cf421a77a851ff39

    SHA1

    65c16d98543e8d7cda8a4ebed9deb58445ac7683

    SHA256

    bf098d13038df76584c9699675da5dc2ce6fb03d5b993aaf2e3d8f74ee7bd68f

    SHA512

    1b616782a5ade2ffd76cb9da01b7a4abd5fd2dcea27c37b0a80aa817ffe020c0e8dc2628d9082be78db2499ed8876aff3a054aca9ae374b4cd9ef4d08d512435

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92afe312923e0794a024370fd87dfefb

    SHA1

    eea54b26f0c5d51b037141c53952210cb12561bc

    SHA256

    d7a2d290c079e5296833ddcfa92c516f9e70f5faf263712bd100b3b1ca18fc29

    SHA512

    7ea1e4b529f90d02b2b1da43666f1e5037105e6895a0afcd8c75175e2c48994c9db37fe1ac2529183110ea5ca1900b55846dcf9ec20d56ead380f44fab21ab79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    176d8745895722d346c9c77e59fba4d5

    SHA1

    2f2d4abb785accfc1389035aed8bdd84e660b26f

    SHA256

    950eca9cdaa3fd24c6ed1a3b5f83692563d8d3982a483b5e4704d2c4da20973e

    SHA512

    8b856ec80d67f4099ad9173fc47dabc5ae895ba27bf4398a6d9a3b966c765c57154bbdf6ffb9caf33a09389607cbb829705a2275f55790891966cd1f20d0c1d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96e7b7c74ab3079d612830f1eff29977

    SHA1

    ff1fe8120c9910b17a2e063bed1003dcea9620bf

    SHA256

    f15f5ccf5790d8310bbb394456cfbc5efa8436fc8dc3a7df9fded15a80ed6033

    SHA512

    7662c18e66949e611e730ee9e2a7f8d66e575475c77b3332c7e0ae3115988820de96f82699134a1bd330bd9ad37cbb8721804eec27a80c2580b8ca0ac8c3b005

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1ed830aef7c6e08d83b40db424a1f70

    SHA1

    6534e0f09bc6016559c4b9c3661fb30d24c88fce

    SHA256

    40bb9ee4cddd117924b05404d83d140d41d5fed2478359153e14cf0faaf88901

    SHA512

    aa68987ec607164e6e7287d150188962c935f1d5fda77fa2fa6916e3a2cb02594cb4a2f8bc4830166747d9ddcda0ac2fbaf8bf57fa3366dd53e9d427e593ba51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edd0e2c69ad3ce7897b58616233eb2a8

    SHA1

    46aa5a07912e247e1106d5e104e037a47dcd4aaf

    SHA256

    d7f91eb79812d6bfc08d40f6e8a5c51418d6d6cd14af61213e98d41b91580717

    SHA512

    d007a3fe3d8d7494f6826dc76b3fd56729057afd1d7d9343584308a4f73b7399b2002c4bef8602badce9bcb7791d7035441d292a99045b10a0ff242751948755

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76da0bc801534993bc2ecd4d8bf3f47c

    SHA1

    516524c15d5feb2426a2d2b52aead4e8d30da82d

    SHA256

    3234f37e020b306e8e3de0bf39f80a62db88ff65f829fb974897af0762410fd3

    SHA512

    2b9e36bc7f79a281e2f0be65f9b0314e936617e40edff1415880d79de86ff7c7894fc886afa156127d5b5f103064c0ba7579dcf666c0daba49e4756aae048ac5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    566a30603bed9119e63288b56552b9cc

    SHA1

    2be0bff77730a19168eae394b6c2a80db9b5b8a9

    SHA256

    9dff9bba2a23efc707bba4356b4e83adbe14aaf5578d268cb08de27533f37394

    SHA512

    e93d88b7ea674d9bb06d7d73bb8959870c2604e9e781d5a05c79e38e132ab449722706aede42d809710625641743f098867fb346c55767c98793f07405cf039f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4d7945907046225abaa39d57cc3c895

    SHA1

    9f912ba7d1e1be21d53f354994ab30db83b569b6

    SHA256

    b1d4ed2ce92d4da3d601b5720589ff04435a6ccc3a21cbe58b710b624f2f822e

    SHA512

    bece726e8f54dcbec61a8f38d304c385bc2439eb7d863314b5e848b9e06cc24856d87f2749ba327fca0bb5526e709e8937fe3e213e50af8743badea50f7fc2d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f02e0570d9aace1bbac7a6212516bc74

    SHA1

    f5cf6cefa9e8ca1ebddd0b3af5260ae51218e072

    SHA256

    37be39fb45037e89b74d6d1402e6fe63b3a469ee59367e102865637369c81c5e

    SHA512

    8787223a9f67e27fd7fcea2346446bdcf350c56c8c836c3eedc4e31da52a2e94df67bfdfbf319b84730d66c4ad421369ff084c6b0bf6116739c514bfef325e15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90c62f7bf58a1e3af5660dc4c01632dc

    SHA1

    9bfe3e374e8b5aa6f255e4e5012ec7f42b7061b8

    SHA256

    7768a9fb5e5be4338ebd5d03f417377d14043ea8086ab55f3d93c1836d81c910

    SHA512

    01c54d73bc6f0430e04d13da796e424a6712d881d7a34dfe07c56b07d075122657f1c1bf06bd6890333eff1efe2252c1ade7cffa19af2d22da2cf225c0a98f2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    992d261bc0eba741f7dc2b7e14bcc55a

    SHA1

    708abccad54e0324509fc2f9db960e58a3f6ae23

    SHA256

    f03cf77b509cdb71b00b4bd62bb79fe1b13513af742a5b789631f021a9be9577

    SHA512

    b479f6e57cf45369e1e3ee8f18ffd6c04f12117942d44ea99a9c5079156afc834f9fc613ea39cbf1b860fb9cd462bf7904881883317271e5434dc16aecd40aaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e1971330599ad5553b26a299c34f27b

    SHA1

    a28e6b65a0e7c69bddd383131cc70c1637892a4f

    SHA256

    58828cb8bc0ddc58064aa34fb81c51f373eea660ba5d1eb82cd821548cc90ec5

    SHA512

    0629acd7772b5af1b83879b57cf02375e8943af642c896f84d6d592ebba7bf53893aa19d0eaf2db24b0d30b0e2afb0cafe5de6b75bf537a06382f3c0a488064a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    668fa81c6408166ef0d16b4cedf9c89a

    SHA1

    9484618f54b855e999ea16547fb095bf939621c3

    SHA256

    8617d1aacf9ede4a54a02b4f7600b1278407b188db5b60ae6ec05e88b9120a7a

    SHA512

    f8707fa0f4601ea3be99558ff36a81fa578cad5eef490cb14730f81d16c094065b70604840dc9ad167c5374e8c8d925c1edf75878c926733da2f2c1018f1f903

  • C:\Users\Admin\AppData\Local\Temp\Cab592A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5A1C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b