Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:03

General

  • Target

    8b9c94616f7a89892c4461d293b7df7b_JaffaCakes118.html

  • Size

    461KB

  • MD5

    8b9c94616f7a89892c4461d293b7df7b

  • SHA1

    cad0f57b32876663a756ff7743f8b76313d93e38

  • SHA256

    5f1b688a71e00e2270005af7bb934df2740ed708dcae42306922643b6aae305e

  • SHA512

    50da17908f0c6ab69039cb78c2bd1ae1cf5747e5994d162e4f9e98e422cab9b5542bfd00b9b28fc4e9591277294910e80ae962abb1cc4d23575c5037a80c237e

  • SSDEEP

    6144:SosMYod+X3oI+YSQksMYod+X3oI+YPsMYod+X3oI+YLsMYod+X3oI+YQ:r5d+X3O5d+X3d5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b9c94616f7a89892c4461d293b7df7b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7df343234b1cd876fdff5c27e18a9a72

          SHA1

          b507a3849b33228549a3fa0a6def81f5207e8cab

          SHA256

          daed24687bda91a7baebef97248a7fc1f3454c6477875ab1d99ea13165c7898b

          SHA512

          fdd79d837a5cc11f2fe51b6fe01d56a984aa1050bc84a9225ad0b39e606a57fc43448cbfb14fe6fa557a92e64c084f0772d23cc3a9d2f59f9b2639d0d3eda5c5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          619fcf33b6aa5e4e8e2f0c8cacbd7553

          SHA1

          adc2e5e7138490bac3029a2add72ce19c6435667

          SHA256

          2b995e9e29b039ef75b47755a18fe4113a27c343d599d88a45e918e394a130ab

          SHA512

          a83d9c98c3396acbe710d77d683a2d524f4d284769f477e9571f22c85c74b1ee60c66f7c47f1481b2583eaaa543e1ab267c81ff16f93be9e7bca76007d7518e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a15533bd0369e7a9a33be5f3ef7ac8d7

          SHA1

          6a87fed75f99a11a9d1ac99e6338d0b4ac8c262a

          SHA256

          cd1d6acb46b3895aa137c16bfd8f05672e637c72031b3913bf0ef9824272cb79

          SHA512

          c6e3a1b0c3e96d0ee589feb53600e11c818ac0d45501323b88bec8f3d6f517f6d102a7f7a556f04f6a9e3756ab81315bd9f69605ade7f92b1f8fc5e305a7bbfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e7552ee020f845b065e0690401d9e086

          SHA1

          8663633efd89786500fb74af5c73c903a2860831

          SHA256

          11b56da6cbf348c873360d8a1665688fe116f23f35522a0ee6c3eadaa1db77aa

          SHA512

          a065d7ba8c1da5de7605bc6e3be7fe63fc993e4e8e0c58222d3599e645156cfb800ddf7ea99b978e2379d125f75d3126c6d7f5288e91e49664da5b9b861ca154

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          69a3fdcbbd41f2a694c188b1f0e50bf5

          SHA1

          7898ad1907f4697537e1ec5b29a790cbf290edd0

          SHA256

          b58400f731a3a101d65807b5f335e4c0df576eb6c0a7309e1b4054117203b63d

          SHA512

          85bc4f6a9a025e2dbff1e3add0fcb519ba8046c4d1c7bc2d7221322c4cb360c7d3c8519a7aa2c54c68354b8b12e802bc15b4c6c01835cdc3318e3d6e04c8ad1e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          48745702145b237270d5fc90f5a9fffd

          SHA1

          338f5d283f7d68917e03ffbba781f8805cb04860

          SHA256

          a7737e40fe93d096ffa7fc0c0ccaafe5235ebe3a07ec9b1b6cd218f8a2d93818

          SHA512

          60d88d7dd5b51faee7315d8eac77814dfcb23e91da000f4ebd093a0405d54b51132fbf7c8542b227b2f3f4a06d8df534ff18e9dd66f784377b9ccfc63f9eab79

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4efd5e6c2abd010bc31b1e2ddc06a509

          SHA1

          d9eadeef73323cfb7091308840907800f919d414

          SHA256

          07579fd7a4b8cb5200280268cde15990d33d75c799aa509042346e1063255dca

          SHA512

          23a1203eb6ddc39a4efd6810a5a6cfb1438bbf3d907ccacc23fecb352f6b21a0a5969e47bfcc886cabc95fb13bd59d6678e5ca2a4fc7982f3051971158461184

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7867892c29abb3fc7d73213632e29eb4

          SHA1

          aa6df0c999ed793cd0f6168b8118cb7de54546df

          SHA256

          b7a3e3175aee94b06b00ec5ed368faacb23d2df9ee87cea3aca4d81ad2334594

          SHA512

          9f16364f2b8f32cb5eedab689134c5c69f5eecce192c6478e913a10f34fa31c4b15b02c7d1c759b091eb77a6c027dcf8d948a69f2e90aaf0d253f55c5b34b7cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          87b99f56de02b9e2079fbde4b0b4b20a

          SHA1

          4a214997200bc66d000b37afd3fa2a154a6c503c

          SHA256

          67ae646bc2d4066344e7cf8137e8d2b0522d5134fc402f0e77a2af64ea4c095b

          SHA512

          ddb5e06e7ec67b532e61b4528d73df6fa1f3123204ff96eab59cfab2979983240828ce5539d3afd845b06262d80beb39ea623a76e4337b40490bd69f5f08de98

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5dece19683a96e03c8bef69a5467933c

          SHA1

          dead96924b594bd396dea9599346ff974a19092a

          SHA256

          243a9b0c203a0c9e4127a26a906de66d229d42e2d5c06d96e19b22be5f22c390

          SHA512

          7f62df5eead2326f55c9a3245032ed4c3958c33114fc2fefbf253f63a8d77823e24b410a65be51b3a6056c6e7e40cbfaae02712f11bdc45c7f53a50c2e3ad1bb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9997597f66838e74d96b6269de62f48e

          SHA1

          01b15e89eaf139b13a083440fb5cdb224bce4e9d

          SHA256

          315a91ad0e5399db83053f463990d08aa2b4be0a4dd5dfb6460adf84f80256b3

          SHA512

          c3200a2acc0104d08143ee31e72af32de90def0c36b18e351f6372839ced5c6aa562c2724da4346d88c04674dbfe6b4095598ced0364c33b1a7218957419db83

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          913b6feb036b065b8d6370cb71f8097c

          SHA1

          b6b8f768c78581796f0b89aa032d999c64414cc9

          SHA256

          d2a7f304ef9ed6e81e8969f4b1dd560855cddf15a17b423f22aae252292e7a49

          SHA512

          0d68d662a61e311f2bbc3a8d6e37ec27776d6b3b7fa6590a71dabf26be7e6f9e5e009b3c12b7dfb038537add6aa9e220b524d748258b99d82c4098329c191c08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          82453adaa4911a2d555466809f2ba94f

          SHA1

          09e0faa25705c11add58a23d273f9f157c7ee5cf

          SHA256

          50be1cfc4b57a6147fe7469cd5f9b5433546cf22c1e822447912521704aabcb9

          SHA512

          42b156c1ea1a68fbf6ae8bfdb595c516737002364dc54bbfb4e73036c158e5264e8020bb639e97e18ff3fad6e48d6f3bac39741e0d5530ac3e6d249d3a9532ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5edd8d41b1d56b7e9a24fa1f0ce941c4

          SHA1

          e2bd3e61437ad104989dd54ecaee8783e0803f60

          SHA256

          2e58fca2202360a60dc8b7c881948eaa59c1ffdb9e6d32ad1765a59be0d0f8da

          SHA512

          e5fd7971f6052ef08d101aa4075b73756b0e035f95635e952b96bfb0b12d97e740056b92c574cc139b71fcb36bfe807ce8544b78c2cb242e37bf665a71e1aea1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0ed77f3525a35dbf2f148edae27e278f

          SHA1

          ec66ccc357e066f033870451ed230833b69a7932

          SHA256

          b738f0fb15b9c1ab1e57622d3362671ee3624c8343998dd50101be609ce4c077

          SHA512

          26f34ec716c2161526e982a15270428d415c0d242a914f5908069949864e935f5e26a97fbf8c172e358524ae263b8ea85083ab279c0bd4573ac8f2ef1e98c927

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b246fcf5847243c05ae40fe552a87ea

          SHA1

          e591e64cfa21a1cdeb11577e0cd872af15fc5f9a

          SHA256

          a727d71c8060f5ef97327d9ecfb7f6810699db39eeec075fcbadce0f780e4712

          SHA512

          b6cfd5b2cbcfbc94cffaa9bc6c9bb0b5a2f417019c80be06fbc47b675d62f3b058f29279f2aa5c36952e00ee02f1412a9b388a55eec91164391a8ba8bb15a9c9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a6b7024c5e097183b2083e8dd37df73f

          SHA1

          36a99f9c26b871c13fbb63ff09de57f5a6b6b7d0

          SHA256

          efaf67fd4300faf67d9b910b784f6a8bb129b8b92480e09aa7a2cf79bedf672c

          SHA512

          036bac7856b7234c76b26e1d5c374e666092f2953140a450cb83afac54adfcfaa729ef31c0c56aff457b25f6fb1ea0b04e9e8b52d57a75ba750539b59fbc67c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c3c92c7fac76c0c1ee2c17f80d38f354

          SHA1

          044441800c82d2f074402f11022596de28a1b2ed

          SHA256

          09c82888c1581f86be0e239d0e37dbab16bc5d5fc261f433fa0dc98eb81fa0bc

          SHA512

          aeecbe7e1d1923935991c38fda31b96a404f67d35076ea1a0b6a8a3295040445eb92830cd764e09212f9ee6ae7f1ac2d1c66522d48db276835cad2ed4e467185

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d46fab36902e204be583b9f265b402ee

          SHA1

          e2836819bbae518e3f94af80091054f7081085ff

          SHA256

          a61d380508bd2d3415631b5b45bcadbc2133baed086a26fe75ec06b27d1856b7

          SHA512

          8d3ff32e7dc9b33c68af9bbe0182e26f92da5477726962dd4cbbe23a7df33f19d790e9b2110f24dfcc3d7ce470dcdc80a417370363941c472d132346c1324108

        • C:\Users\Admin\AppData\Local\Temp\Cab5313.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar53E4.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b