Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:32

General

  • Target

    8faa77b620d2b813946869ab26970350_JaffaCakes118.html

  • Size

    72KB

  • MD5

    8faa77b620d2b813946869ab26970350

  • SHA1

    6c8fb0861e0b69557c78e078d96e66cb5851b84c

  • SHA256

    166c825389e5ceea1c1db3a72327e655f89cce0856f31da7c566eeaf999eff1b

  • SHA512

    cb178f673c307869c0e8750f6c055527ae0dc3cf12fad199e658e52900d5f317652b7f65a4020272ea18f0e1ccca86ec9e18c03fd57c6d8e3835c2fdb9beab52

  • SSDEEP

    768:JizgcMa0zZAx997Vr9gP9m9loT2UCZkoTnMdtbBnfBgN8/Yyq4gcRgQFVG8s//IV:JNA0zEOiiTgec0tbrgaWcVNn1fl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8faa77b620d2b813946869ab26970350_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8186b1be7089e173628abfbaffd18e9a

    SHA1

    1077ceb5e6e4b3f562e996d5082528637aa574fa

    SHA256

    9b53c71f201189af0ea3dd6e3ee02e63642221330d1ce099c1c5f19de9c01c0a

    SHA512

    f712988cade5afff47cf297612293bd9b8f4edb61bcd7d50e68128be3d18b26eb3ea07605850a21d00fad22f10250473bca30931c234bbba9c2e4a93dce7466c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4362c05c9e72beb4e524f6ec36b28470

    SHA1

    e3f0f32f9a275b1dce0995e385804b7e9bf5e567

    SHA256

    b6e773c80e5a1ea0e61c04d23c1ad80891318305e75a63e8f48704ccdc1f3133

    SHA512

    82f31cec65677b62ad5f047a6021e7682cca54fa2290ae07bf0a0a6bf868da3cff83aa99afca173bd831a989eefb64094e8a311d0500f7ce817e19664cb8d693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    989056bc91c1700875dabc999e6df399

    SHA1

    dea50fcbf8add09ed343262c5f0a883afef76b39

    SHA256

    69281f7b72e5ebbc8c98d10f128b1f72989c1daf42451e728b56573605a29d2a

    SHA512

    e9eeb392c8044a634c1f3ffc4a62347c2dded3ded231b2174fa3ee3d36a8e49a2f5d14b9e9f9255cffd93cf461becc32616fe80812bf1e350f91042e06fe103f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d17a01ce43fe0f351cda50fc95136f0

    SHA1

    3a48617cd6f39829ae716af524b5b3f0f59c51ab

    SHA256

    02e4efffa801bc056f6fb2546092d608a83d99b7042e042792496b2256ed96d4

    SHA512

    55b04cdd6c68ac0fabeaba991a9038e9db3048e3cb33ca8c0da0796f78c9a71d3d55083625fdcfc3176d823d2c86eb9a9325496f1f26ff062723132fac9fa795

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39ca80790ca5ca9013d517b9a5983590

    SHA1

    2a1104f68933f8ad6b6fe2c6f43575f77a0320dd

    SHA256

    5f85e80675f5f7c05654123b002becfb7359bc62e52c26ea2d9983c21151e1db

    SHA512

    11c8b7b86a70176fdd8ff51551bb06008232cc28e2844c191f9451f1060bd3762cd745ac86dbb14dd33d3380be6d80ad53c3075d3e0c58fd1c5e8ac0cabb058b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9bf34a2cf8d2ee7360c488d42e8da8a

    SHA1

    7cd807cb505d29c3530d10d2487caf3200977774

    SHA256

    409519bfbf26fef789992a4313ca08e9f7ed9c314866ae7e65c6c8c206767394

    SHA512

    83f217a51ff1bae748f42ddcbf3089b298e4f45eb4cefadf9a22f6cf7ea194788ad53ea8f1ffc33d0f43cb7937cd5d78fa81fc22817f3a9a8d6026cfc860a381

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cc8060e9063fbe89aff71bd3d21540e

    SHA1

    05d40454cd916444041a608f23ffa487618b805b

    SHA256

    1ca0de41e8cd047b2192fdc46ec0f7f180b163295a6291a7678d402883fedc13

    SHA512

    aeb2d41eebe7f42ad4c62eff82bf2aa32e1cdac069f55b130dddb39b88139eae0e1e2a2a08aed7a6c90104e1e1938b6376c48d8d78eae26dbe6cbe5aed5a22dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93aae8a613d5af2a0d4155a572e8bfca

    SHA1

    25e4f4168fb439d821d97f51ec62bfd04d7b4c1b

    SHA256

    0f4c8c44a894c3a9b2a76afd8f24f9481b1bd7920450c2c0abf4eb01ce12cfd7

    SHA512

    546dbd1b2307be283dc63aeddd38002a45fe3b90c5484e177dd4dd01887c0e6b63cea7c618b1d4da6ea23c3f1d5bd5fa3d03630c4da385b65bae693de948122d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d306829f82daefad7ba9f2da206cf2a

    SHA1

    16986a551bc6fb3fc89a442d7f9e68d8388b795d

    SHA256

    cba6adc87b94a27e8903a3d4bb1549bf1a0f8d7aa64c3ee2ec445cf1aa413232

    SHA512

    2cecb6c2a512f3ade8c88c8c70aeb26c9cd879eb5336b928d7a7200d408da0b6ae450c3155225e57f90e706c6c25808a113f5ef36784c6272ee5f64e45297ada

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce7576bf60fb778d75fac7e0e72f911d

    SHA1

    10b2ec8a6ec587dd2b0df4775ad7007c53243f6a

    SHA256

    42be69167f218d7ee8689330995555c4e170cc8f49ab63d418f1b1f0c5b09de4

    SHA512

    20cdc9b857dcf48f5e60da91c06f8228cbeebd102e9091ef4965ea233ffd028271a042ea80c4ba3b398a2001753033334cffb8f2502b9444733a39219365048f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86a705a2ebbf0ffa64fb6b2f2aeeb1f8

    SHA1

    9fd96406ab8ddeed489314d6d132a8060a3f2925

    SHA256

    314838a0e053a0201792222bd4288e5743d8dbcea9a8fa2ca24450bd6b0cb917

    SHA512

    5f3efc26b3a9e2975f063cd8811d4a39defba140e6e80a22b87adb8d028cb38a78993497fe2afd98e0689e8dddd18b97f97ea8b3d42f26425affc66e0f6eb24f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8103cc98caa327d571de2c8981ac89a4

    SHA1

    87869748b9375361ddef7f1c8a51190e56f54746

    SHA256

    ffb51396023d7981835a3df592c2ad3c2c47cb635442f2b40e9186b530c0364c

    SHA512

    356ee05786ef977c22016c993b408642dbaa73f76cfb5046f37b35f0e303549b3287705f7fee2412594fd3692195319f554012d3596af5223fdfe01b9f9a80c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e6114dcfaccff73c2baa4d1f7414895

    SHA1

    a6be79b97aeed773623519619d37280c552d66f4

    SHA256

    551f3d336800adea095057a9bc8c65193c68bad978d503b7e75889908df23e9a

    SHA512

    e881b66a500c36c43063032be995d1c47bb22edd4c3ee559e0d53c9c2bb13016f8af7ade3dfea207b99d637528dcd6750008a1680c15469dea41354f7ca78b9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51cfaf58f8c4ecfabe84cb6f88c16ad1

    SHA1

    d418ff9514214d970c3b1f5d5f3f888246cb372a

    SHA256

    d8d009636950c4640a06a8c943a67998d926e5166ee891389b0781c7b39f8395

    SHA512

    27772a038c63822a107c816d6a4ad0088232bb32ddb96fba04aceee9074b8de0845b132721e72712d3795fc4d7f52e28a28ca45f01ac8b3d8989fa45e435d6c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf6d742ac65be6859cfae550c4dde654

    SHA1

    32c7b9531909c8b46083ec2a5649cac87e573786

    SHA256

    d33c6183bab52cbdf811ad7687525e40ca4295f3d22b456a9fea010e9a3c5735

    SHA512

    1c3e1fc75486c1ce0a986668865b7c22252824bbc982eff9b8a41296c0caa2fc78ad6ed04b28324dccc30d964680ba862b8bf1f2b4947554138f30cb5846a06e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2dc65118a2d3a17a11d5893b9e94c934

    SHA1

    a0bc34bdf948b13f678091a7a890582f41fe9e4d

    SHA256

    4c53bcc97dab9c859e2d35ac632e1159111437d12a11c3bf912fd3aea9c525df

    SHA512

    d2320746ff91a6eecf40704b64a11a81c2d44acaa3de8ab97f9e60e0a3d2a44e7c437b07b3e2ad3a3f062c351487ff9e936cd2c542641530d13fa2e8853fa49c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3b5dad7d5abe70b489fcf31bc079ffd

    SHA1

    1a5fa692db3a48021cfca6548cbcbc90b49e1af8

    SHA256

    ad2c47dcf2061506d0b069560dae6fc7b94a83d464cb6e648eba3fa293f17328

    SHA512

    164bb8fb76981dc77a1d7f434176b900329d06b30326f33fc2dd5797060f8f92220fc46e7b1c59449ef50d875160eab84ebadd19486ce106fb62f5ad6c253aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df22bd8af184fbaab4781365f6f447d1

    SHA1

    5fd168fd0f6a6d11fbdbf17fd75b9fae73f44e62

    SHA256

    5f810736013457a9eba31050d5d50fff96a0fffb17e185149de1979b72887d6d

    SHA512

    4cfa56fd3a6ae8dc69ce7426d9944cee7c2776d53c02a94245910ce0fdb0f1456579363a401069ec8876529e2f4dbb3e35efc8ac122efaff7861cadfe4cf3547

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9557dc8f8e6ac61546264f215bd9e257

    SHA1

    45b4c3432ba41fffd047e1c0a7f0bdcf215ed6cd

    SHA256

    f1f207b43a5c8abc327991d6c0ce269df14360dcf021750c55f6853bca55130f

    SHA512

    a14982c997d6ea6c964723bce527ff394df699fcc655c48a5dea6d7f43259fc676fd3a0dafe146b369e55aa0c8126d5502b9e92b702a45e80c1362c7165770be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e3ad4b243c0cf7dfa5540bd3dd88f4f

    SHA1

    56802973524153175d564364a8f8d8476ff890c2

    SHA256

    5ca54414d22665422e241fe3d628de9df6e46e2312e260a6194650ecaf9150f0

    SHA512

    34825ac24892d3af04fd3bb157af2a8f092384c689b8f02e1c9e50fbf2cde093281b672c51d9edc3a42f583cd5a30e082df05fa4a1580e36707258cdbe8ff2bb

  • C:\Users\Admin\AppData\Local\Temp\Cab4186.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4185.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar4229.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b