Analysis

  • max time kernel
    135s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:12

General

  • Target

    8ba3687af445ce5ffb61e66f2c39e407_JaffaCakes118.html

  • Size

    25KB

  • MD5

    8ba3687af445ce5ffb61e66f2c39e407

  • SHA1

    82ca91c14e4e797b9b29b545696702bae8a81d38

  • SHA256

    43e8aad2344a30abe318b16ee592f32226ae98c4033d27cf9c9b3b2df7b642fe

  • SHA512

    272b9032fd6c32c0786c0f832c50ab0a1869ff5a1d103257702fcd5a09de40ded357e384ef77aaec0eede5d54957155eb50bcf9338620d6bb10dbaa1746da07a

  • SSDEEP

    384:SIO8kz6+4vDQl78hugAQ5cTDsP/XVYrzqh+sck1iMtoJ7jSdACefcu7E6Y8XH197:SFFmQl78hugAQ5cTDsXXMe9cqGE3OF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ba3687af445ce5ffb61e66f2c39e407_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6ad9c95b79094bd58b8993ac777bbd1d

          SHA1

          9da5aa3673782600b1f9927a0b57ef8a13471bf4

          SHA256

          f23482378fda29d23a3139c484a0075c25c23dc2c2a705aabb7a0af9f95c1a17

          SHA512

          8543c956805791f62d32f8143a2e267d7c60bfc12ff2d04d0f7068098d7d31dc98b4bb2e375427beaa40b74a19d827a916b792c1b2338ffa2fa59767cdab4496

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e699eae72170400d8dbb37b5ff653c41

          SHA1

          1e363aba63934337c00014a3ba306ac726ebf83b

          SHA256

          ff81370c43f0f56b0e303c35d0fcccb97cf7c4c3d26f9b8a6a763b6e01c35e88

          SHA512

          55ba40a831e1a23707b160cd9afa4e51410479650e0b24a7f5eb1a04317b1f4410a2efe9e22ef56c2bcb1b7431f24bdad62fbabdc184fb48de912b8a5df42dca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          b941ac42dad191b32c7723947e88f517

          SHA1

          30d33700f8961d5ee478a173ca029f58dcd263da

          SHA256

          9c2325da71ca9132cbd1541e471ea0652f39e898af4e4465ee47919937bd8542

          SHA512

          4a0bb4373ff0ab85f6db9170c783eeb603a19800d74090ae517dce6fa11083fb2f8e3e438d2cb45cbd683dccee0b1c3763c9977da2fe61ed9a828239bafb9876

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a025f468e66abdcac93ff4bc49928f4c

          SHA1

          3dcb6f36f004b6c9b02dc1f24c3c12c657d81f54

          SHA256

          5e72403aada0229a368ac94e5d036fa5e903b99053d5b67529ac037f2b565c33

          SHA512

          218647f4463d3dd5e9a1fdf7b267195286af2240a12797e854a44497a1105c891bec0640a7bdaeac1d36774cc8b5e92309ba01f11f178bcf5c856e37f381de71

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          dfd3a9be12fe9f67eac2e8813fed210f

          SHA1

          20e5186f890d836c83aafb2948deec4b95750c7e

          SHA256

          6e8dfdb1402e1183965fc34925e184cce86b86b02aeae2112b7d3b774a2cb439

          SHA512

          6c9db9e34a00349c45e410501f091e55041804d145964f7fe2c0e6c7d24f0417d4b4d2718622e226b47f9f096a15dd0c69fe7cdebb3648feb9ed9842e148f3c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          0f9b8ef66b3adce8c36971f4c48b0b6d

          SHA1

          572df3f3535d86b8be91612173f705ab900124e2

          SHA256

          4a4c6eabae1cb7a51453145f405db13d69ec760a5f06f0481db6fd3fe79ab849

          SHA512

          fe72671c9811082334980ac8270d467bca05017f3ba6ed5c8fa9a1abe1af9af3f77c129bfd387d898535bacabb73ff0af7faa12eae79c1dcee4c2b272ffb0648

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          aca5b67e36888b0c27d15ef2a58dbf10

          SHA1

          299b8a17faabf5e5e78418c87a6538431d796965

          SHA256

          b098e911035c5f2b9dddae9e45e4594932c21c69a307fa930271308da0eaa424

          SHA512

          4d8e20426f09ed2070f900ff8f8f89a0210941db60dbff1f339b6b304f284ab643ce019f8231b6f0ba6a3f0d8aedbb3c5f35903cc2f719351d498db97fba7b8a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a127359c16eaca440dabec70576bc361

          SHA1

          f1ed40c5c840e309955228e2b3b7cfd25a5d6a5a

          SHA256

          d3d3554225098fd03980741ae702266127addc68a8923218e5fd5400b7004c96

          SHA512

          fdaf3f453f2d526254e9741a2b597ad096d80db5c54813ba92e6ed2b24315cdcefec9b964d8a9369826f483f44cc7d81602ed1afaff471c679ee912d8e669730

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          03aac9b7682c5578312a7b7d06bf92c1

          SHA1

          1f4e0acfe2e6f861f721b941313806eb214754b9

          SHA256

          bc4215ad2aea0c87a8a1d179c6159e8a0aa436e1efd4c591b2063a02c92bdcc5

          SHA512

          32b3d7a54ccaf0656064f5f57f25eced2243a489931a98b9c7111535219d28eedb55cdb47bf6ac590a67b5c7f73a7874ab53e033b2921c29eee808007ebf5dc4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          304795992ba2c2ca4798ff9c9ac1070a

          SHA1

          edc28ad8e47755ae898c30b885f92dd06c99d0fd

          SHA256

          d188495300b788b365459d222fbea37d63eacd7718f95a028104bbace50c9232

          SHA512

          36251ee2b96abbab978ebb70ca03a09dd0766fdb4c25818a31f4941f52f7e54ae2fb86b3d4edab353c784fbaa3ea41a8af41711d5dcf3d3e1ddeed8c7d141014

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d4dda70abd90957b919e8a78b14c1c3c

          SHA1

          f7a059df6f12619168db2e110c58f1fe600217de

          SHA256

          6b6f3059501a7cbbd28444bfa65d922a7f650b0caf3aa7146fa91ee621d85777

          SHA512

          50776445e1755fd98e396ff2e75f1fc016afd84a6cfcbab933a5ba6a3706614dc49066f507451861d1e23e49ae37a9e3cc9a60e1ce18be2460c7d538338d920a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          700554e32411211927e90d2263847428

          SHA1

          8b5f78496d302da2ac58bcf8c0223ca278518e66

          SHA256

          632b889c90365cf904ebac6a38b3914408cd947331e3d38fa4712b4ad1103906

          SHA512

          332e8867ce7ab454869c9a234247560acbc46038c76b9fa5821cb77fec779ca4e8598d0de39719ecc750d4416233c307dab320f0bcf4f9b5275375409434f51f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6266ec30927c8208a24cc45e03d50acd

          SHA1

          eaef752f5b8592bb3566acbe4ac22f913512c5a4

          SHA256

          c91be89502bb777fd0c633b49c299168501bb2b57c010e0ad8276860d04399d3

          SHA512

          9c503ef3742a55b6d08634a5d8f3a867ec9e15676503ac9676e3d3f6446eead661c59c18b8e8b8ff92b16210fa70716af304991209b8f930a41f9d2a11e51f27

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          40258164ba19606510f59490520c9253

          SHA1

          fc99354e913ac6f90c11d35a3c2447c9430f43d4

          SHA256

          5659355eb41b69cd2ed1d438bd9aebf68436cd59f566b28d3a4e98ddd8bd4c7a

          SHA512

          ec729517b7e72e1a300cd48b5f999896876cf80b144a7b6a0480ba891b5a35674fe87cbb63cc4e9eaa7cdcaa21317190497e8ac8562c34dcc0ee3f182040c98b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a7d695a5eb99feaea49e4d17d4da6034

          SHA1

          2f39faefd168d80e32ead954f5931af8b71cab29

          SHA256

          f1624715ea56d98f6c073b0bbf4c168a5038fdd7361a10b82fc11c58f843e1b3

          SHA512

          87210cef7119e51217cae3a36d7c6c69ab43522a83ce79de97b0e43532dfa3a2221d65da56b5d68a7c25159e10087d7e3731ddd82523adf04415ff629cd201cf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          0fff1fb07ebc5d5668e055991e3f0749

          SHA1

          0374692c92867f49ed8e3f3317d9452ab274f754

          SHA256

          9e2a97d6ee1c81f4a437590ec4f23df18849a511453659b5ae5d1fbe5ad4dc0d

          SHA512

          f67af1f735be3647dba83f58447dc424d9e891f2c88dfe7faca2a98994e45514f6919a7d27324843728a22c193d65c30415efb095f69c1e1811d844567a87325

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          fc5470b0c82784dd8df37db686bb0c52

          SHA1

          1dd298b90145721ac68a72575b55dc50022e9f9a

          SHA256

          e5079eee65061826810332d8023a91724b1566caf0576d10de5692a5724d49df

          SHA512

          617e69f77a8db84b87597a8fc63ca182004f72d243276947160ecf8227ff05b7a17d122be85d931c70b27a464a04c8347bcec2d26d3f7333eecf81ea7f6e67dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5118e21c91b96ba68f0c3496227d1123

          SHA1

          ca413d40545c3b8b205ec3303e71154e56a6c6a4

          SHA256

          32fa67985392a89c61a1e5e0e792181d6e56175b6492db694c05f11242bf4b16

          SHA512

          ae353c6f1e855e8834e0bfc652b8726b3d9caacdfca7fe1ad1e54c91b9c588771fc6afb3b2bdef4ae585a9225cbf43dcccfb46ae3a4dfb82c75fae49770fe395

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          47eec8b755a71d691bebd119780f5884

          SHA1

          4c9fc699462ffe51a83e3e8e6f82737d06cec92b

          SHA256

          d32e6a5a917274a4f601b7a3fda87795624e9a38a88889b69e4357bb6b241b80

          SHA512

          a08bd44a0c56ded5f5c75a8b6d70a873fb5f59dbb1479a6c6fb618a2574d870758991664089f5f9a8d1420c05c32b5689758975c54ae38a7dabc7f193a1c0c87

        • C:\Users\Admin\AppData\Local\Temp\Cab19E8.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Cab1A77.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar1A8C.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b