Analysis

  • max time kernel
    139s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:04

General

  • Target

    8b9d0f02e8e0cf9f49ac79dce10673c9_JaffaCakes118.html

  • Size

    84KB

  • MD5

    8b9d0f02e8e0cf9f49ac79dce10673c9

  • SHA1

    60f1490c8e6a5d2556e37b407d34f1e54bc75e60

  • SHA256

    bd2eae27b807ad7addd5b521a33633dbc44ca37c1f426bb6866b59f451edd1c3

  • SHA512

    fdc63d12aab5b1380c3898924f63f4a957e2c39dae9e9b7155cf60097aef746e9ca4c56cb018d8a6ad2fd63aedd3b1a7472224ee0b71aa1efeffb1cc6050c984

  • SSDEEP

    1536:Z9BcYzpq8rXArR6IGM2pR0MvNuyefwM2xIT2vGOgSVv7XOfWd:WYz2rR+M2pRhuhwM2xIT2vGOgSVv7XO2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b9d0f02e8e0cf9f49ac79dce10673c9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          f2516a957717e6167d7222917ab42fc5

          SHA1

          f781155d7878f215185808830ae6bfae6079110a

          SHA256

          89bddcdd6864b2f54fc5d08bf9e632be6b9065240bffb1ec0619c11239d2f7a0

          SHA512

          cf493fba7c83d376ffce292e94eb1eaeb556ee923614659670d7c90a14f02ae3030bcda926e2ab6298a55d91c8937514d8d1284b3869a505870f0f60b2ee388b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6c019374eb5f2b2c539fe0e4f28bbfd8

          SHA1

          40aa92ffa8c5a7f542858d2c5645eb5ac7fb5252

          SHA256

          d44d60ae9e5d850be95f7559dd40f2906f6470a0d07746f1495fcd89eed30d3a

          SHA512

          4ec8c82e55fedc23e813d3de19790108625346822a5d154f4eb682cf51aaf81235885bf5eb6ff5c12ecadd80537622a47fa40a318d2bdace254869a58ab8faff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          03bc28a14c52ec46cc4863edc48079bd

          SHA1

          c815ecad2539c883e63004d1234e1a792ed5f445

          SHA256

          1827444ab3bfe818abdf3e348ce2358e8b46825547b52ed4243dff93eaceefbe

          SHA512

          1ade4ee7486e3bf353ca938decf02cb63b1fe0aab83b469cf30196a311ddc2e467b9249a14be311436ebad2fa5f9d170fabb6f720c736171a0bb6553309f4e85

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7c368966748ee751d835b38ab9ba2267

          SHA1

          994c54d895423d0ff9c3d4b268c387ea4f78bf17

          SHA256

          6ce855b8e812caf1f2a0f2274cd5af742098f150498499e119d04d7eb4612d25

          SHA512

          716dd3ab1606ce1be9f78ccd9755edba6c39e068aa3775dd4d5de8daa13b2d731f7ba521ca1a683a51d8fcd485ef3bdd89dc72dfd2b3ab0ced3870fb28126553

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          10d0876a565d2249d5746b47d621a2ab

          SHA1

          b07c5246d73e7ed94d61a854e83015edbafb7dd1

          SHA256

          eaf0247bbf7659f582375a2839b24da36936fb7c1a0736126233aa47a9818652

          SHA512

          81b142695ea8b04eddc951f4eb443755869dd25ad2bef8bb6501e58987b69bcb894ca82e2efd6f9ed74def3327abd3d4e77a9c79d82365c91abd8d9d2922acbf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d467fa1c6070f65057abec526003e916

          SHA1

          28a4b92282ac42c859d2a3e3dae0dbdcceaf3776

          SHA256

          a7951914869ae1f16bce6e594e579f6ac715c96547cd6745d5329859949a3f0d

          SHA512

          b2fa4e377331b8791f988b46fd32eb6aaeaba89cf67e8842c039cfbeadfa7fef88c6aee8fe87e46a6543041f7cb00fc03c129ddbb0dcc425a14dfab730d34e9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2c78e4ba568fd1c2f74f274671f5676d

          SHA1

          93fdff8b398c0601406deaa9608a2e021f21db50

          SHA256

          9c807a61027350f832ebdf1ed4b2824c21a8c3fabb57a59197772accd05f91ea

          SHA512

          a9a5439d914dfbc7135f5098316e02c46d625a830c253ae738eed567980f1bdb71f2308e5d192996810785340e45f4aa6cfa03e876296dabf6a043ba893b3b19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a2569a521723158287a4edf3aea8bdad

          SHA1

          fcb0002c57eb228f59df267ce0d9f133f7156c57

          SHA256

          c954cd3d5184d4df8f77258dc556bfecd39c9d378383e996fee99b3054f2596c

          SHA512

          a93f55dd9d18b54c5a08401e8aad6b373cad49fb5fcea3aaed20fe3430144cd0cd86880359799f5c79ba70f578f51f078a32270a5bdb39324a95090629a2c6b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1f68b417616e6457cf9ecf8878684704

          SHA1

          ca2538a767df705500a14edbab6abe36f5c884f0

          SHA256

          516429879cdb5a6ab072d1d4736129d6f367dff5f71e6ebc2186b99d4bb9076f

          SHA512

          7c94e45bca18586af6fe3f20504045ec59f0fc11dcad8fdbae4e459eacdc6c5453117b4dee915d0a927fa796b2abd7f1f14fe0bc6898cb94c996933806bf19b7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7777e3ae568e8c44d6782f825246a9d5

          SHA1

          8db99c043f4f5fba5a3977be798393a37e5eb8b6

          SHA256

          06b91c68ea6817079b5b788c66316b4ade4de4442e73ecf38d5870ec8b7a9cc7

          SHA512

          cf1fd754fb9a1286925dc0e11efe81bd85731b31814413cf2abd443fd9c5c51b7c72a340027619b4abf6787ac874435395293c8ab61d400f42c6f6269d37c764

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5d3f4a15b61cceb22f8c022593c66460

          SHA1

          662afbc71f8d7a3db1414001ac2b12eb3c4707f6

          SHA256

          14bb5bf6c27e2ae822c59d03d9bdbf3f10d21df440efd37c342aaf34aa3bfebf

          SHA512

          0b16b2039ff7365014eb01d8478064fc2f56aa0a3778145ea8c50f76aaa7e83e686751af5224b8b60fcfeb404300fa8a68e455d69c6d787e8f63c1e13e377c3e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9132b9958acfa93a855e41e06f0b0c92

          SHA1

          28fa417c18367e157b340c4b46e90768d33738c0

          SHA256

          6c2c69675646245965b9d0fff27f896d9c25e530c4929b9a423e0dd0aecd62ca

          SHA512

          3ccd12c3cd7222bf3abe5fe53d99a042c397dd4c9259519e120a5fd89496537c588bebedb37608850788c749009c0398d4ca4e92642613d30569ebf79b69e2f1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c284f6b0616cb1e27e05bbef4029054d

          SHA1

          447ae73984940980d65d9786a8ea41814750aa90

          SHA256

          ef04d9b186786109a5e1b01d9be197d372e554c204ff458cf9ec1f8b5cbbaf42

          SHA512

          b74c3a1281afe9625bcbae6eb9b77ab638dd1ed9ad664a5e6b874668316015df12a9a917265605c9a7fd4070e3db2b6e17718f3466dc686e0a45befc0352b209

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6d2847eea0b391ddb8c61d23d44b800e

          SHA1

          1bc286770c741775b0039cc2efbb9812c89f10e2

          SHA256

          91ce5493cd37cdcc530472c0d10fe3788244226f73f8e0e8b984479db1e8d56d

          SHA512

          6283ec7384f6ec7da62eae7c280aef6ec6f0f5b97ec8a185ea70633f4fed4a0ee67c1a63bcfe1b451183fdf1f987bf97dcb4a148c429d8b4a7bdc691a2e2be73

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6dc27b42baa02bd683048d0ec4dec465

          SHA1

          dd74deac938514a3b14ae9a6417c40d75ed18b02

          SHA256

          d36c2b3e87257bc4fc1e3771a54f93d41864596f0a3c6aec6dbfc92cd7d9f40e

          SHA512

          0c6bc40b465a5d5e58f33fa966388af05cf99e80a838d072f22aa1230abd6f9daa576404a5abbb5a21159c09ee630884f4c1413e6effe5d7641379b17949afa8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          65e9e54987d111ec0af43f5ab5450cc1

          SHA1

          06d9661d6dfcc7d707acc4266cc0ce045db20e0a

          SHA256

          970ec0bf8b705a855938859a94ecb3fc3ca7af85373651552d584bbd2105015e

          SHA512

          05bef66ea0624251991f8185b4ab090acdffb3984f58b10e2b8ee4a7ed13b91ce6bfe7b6c8990938f365a2a01f6289386551b6d7d4cfc797967c96eeb05dbc14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          dd25e160c18c5ba064f200f20b36b278

          SHA1

          ae7e558cd0504c714cf8fe9f83b7a63c2ec4e43b

          SHA256

          12f7064fc8e8b751f56458b994e259a39755453a417299e3e2954189937d1c45

          SHA512

          19e4c100f3ae403f8179f67fcb878015498af93902b9da40ee73f27ba95d4cc74b4185133a77610a5469da63c8410087e5dccfcf3e684987857fb40a5fd768c9

        • C:\Users\Admin\AppData\Local\Temp\Cab33B1.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab34AC.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar33B2.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar34D0.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b