Analysis

  • max time kernel
    136s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:35

General

  • Target

    8fac5b16b502573cffce51815d78babf_JaffaCakes118.html

  • Size

    354KB

  • MD5

    8fac5b16b502573cffce51815d78babf

  • SHA1

    ddd9db54274c74355ffff8fa1d03ad50c8111a01

  • SHA256

    0a44ee0c39461bfe84fbb094c0d195ffcc9903d98aa207f645ddbc27c337bf85

  • SHA512

    d7eeb1251c06e3e847ba92805d65acc275db7d71bd2d2a5f94277a1b9c22ccd90efa118b62d7f5bc393d42d3ef51a70ff033d40c1054a0a6b8266a960c58cd51

  • SSDEEP

    3072:M3SOxooaqFsadqxlXF3WSXFKmcK/hRdNi:M3SOxojFpFi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fac5b16b502573cffce51815d78babf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    0fe896c1fe25eb524a8b49a572503f14

    SHA1

    244f5ac2e4e56bd4a924814ce4ac3ae4f900f94c

    SHA256

    057d3ab57e61cf3b84e64d0ed324b5ab2a29b4ad2e81a107a17bb24222474e1f

    SHA512

    718286f53e834eaf6ba5f844980aa1695f8477262d49dee7279241c466dc118328f1e5979ffc09e76fb52a81a0d5cf1f8a96020f6ecf861c057ef0d487f366f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    051ed5e76aff127d2fecf1d2cdaf2c93

    SHA1

    bef8132741369f78a79a04030dfebf87700f632d

    SHA256

    765a70855b1f50b7a6b48f3e000a6259f81ea6b58618849f6cf2468cf4042de5

    SHA512

    b03ce595ed7ee307264688c84ef14f3acad19f92456042118c71e7a28822afc6d60a62bbcadb79bc4a2606e2c13e8dda820c6e565b206404e3b68272d8fba37c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    495f540ea3856d859d8ea00983f73270

    SHA1

    2f6aed2148900043375206d210e85a97a58dc628

    SHA256

    f61859df2d0900408c485a651b1c0451a205e7ad827722fe428e24b42ccdc145

    SHA512

    d01ac956898cc8c89da60a7bf2c2cae080a5519ae52e0156da69910889c053176869b537bad6463aa6bba9e35808a995add27703af69c903cc8c4b33db9a1a99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bb333ea3d5d5eef349062723d5a4daf

    SHA1

    36dacfda52a4580e5b34b0a37cbdd45cc5e161b5

    SHA256

    9f7f54ec607958357d8cd7331ae4cf3d7a2ca4307ca99ad59ee4edddcebcffcb

    SHA512

    9b60cfd92bc601abaf552c71ec5289b02db92e44d733a4edfc36ab1ff760ddcc20d119a0625044e39d6ba6b5aa417929d26e35911ab5fdc1fe270287b088b52e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3bc9f0f0860d983d42a4cc9c5507b96

    SHA1

    ce58216669b3f47bebc9155b36905bdaf6cb9d1b

    SHA256

    ae1c0896d24c4ab40310ae00d5977ba33a7ca40c0c20e3baa8fef25cc0ced9d0

    SHA512

    332b7872dee69405a638691d33dc95727244fc8e227f24c3ceafd2991c48c5dc47f8328ab80c5c188ca84b66e165826b11e7f09b97240a5a4fc9b68879f86e5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08311c21fd84b65d6740b17d7d3569ad

    SHA1

    c9335bbbf3b8dfe56de9b3f45e7e2edf5d69c634

    SHA256

    9a3d80d8a5aa4c32958435e2126ae57b38196a06c284bd27ed89bf629cd074b6

    SHA512

    aa6d2a77e1c862f3264c1bc76be48494722601a4c95fa91c8ed5350835d1773ee664fe23ea87abae909fd621e152a512fcf12e0a0784e002d610a62de62b8e9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f36be0cf28e3a281d390ce329bd24226

    SHA1

    14db3c9855bed7af4154f6346ea6f8ba934ace6d

    SHA256

    a7e8a3a4dc4a8948f58fbc78016fc8d0ba2349d24744f71f78288864f0d6d53b

    SHA512

    e002ea54d7a46254aa93815cfb5499b3b2435e51eabd250ec6fa2f4a5fbace685b3beca33659010c99885743dc87920248d72b283ba9b4d50e0992c01cb7b0c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0f06bb6ea8400561522c285e1e648da

    SHA1

    1e9e760b88dd343c553c89dbeb4220f72e3e77df

    SHA256

    5b4f2d26765aea940f3eac8e0098975e0539a0ffb73d6d2946090de363c2beb1

    SHA512

    53687df00b975d0bfa9cbe3cbbede15a1457ade49ac92ff5a9596050860456bcead8d520fd94859e65a7c6b058fa199ae989f0ba0311d91b23aeca0bb0358849

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e6caa47589d945279e1870f2f5ff614

    SHA1

    b71cbbc03ea88a8d4f87dcceb8f54e68bf89a980

    SHA256

    dee82234e9784c3b4d0cbfc18e313902989ad4893192a6392e7237fe2d1cde69

    SHA512

    6cf56882f3c51f7ddf2c1e04da062b304c3053d82c1e35e34dbc7da9d9b24f48f0075826daf90461397aa8ee7f7cc92b4c969abfecbeb21958044bea83c78736

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a51392239e8a538984d516701dc9bb47

    SHA1

    49ac3c48e92795618c8ab556b33ef1f7fa098283

    SHA256

    cc95538ef33228f753b1ceee3641c5299ae0e78647347d7b5bdb3034f77cbc24

    SHA512

    b34bc0255cc0dd2b130338d7cadb16d72dda0f4d6e60455f9211c1d9bcf3863e912e93087c0e4d19d9acfe47f1595620f3224ca786e9f860eb841fa545769f65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d0d6eba2114b5116f2b0690e9c24395

    SHA1

    23479ece370dcdc9307dd9ea35ac615ed8f18e86

    SHA256

    86e683c560833dd50b00f7b63911231b0aae8e2f5bd877d8806f5decb00a0bf4

    SHA512

    752c97d36b13ac3c4216e309fca843b3cc483ef8079aea553ff8e8762111ef81f41befffa770aa1042f66c2424029b65ee1a23744e1dd207d06f2ea198fd027c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebaf13562f07be67fd0e6a7f6641cbe5

    SHA1

    3e03353d6e7eaf46217fc38e4292cddcb03074df

    SHA256

    3d2d3fe615e088877e2657b3124f8ddd8ad17c6a9fc839cea7c97d0decc4e922

    SHA512

    5ee233ce0be72a8ed6ace83309cdf6da09045f951a361e2581635917fced19ba6462fa84eadad7a105e9045be19eb97134bdcf1c9a016193c4cf75b819f45d10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    106797e0dc9ed2ef9a5e3775c4fe192a

    SHA1

    6f3de42fe016f7bc1d01684462082eab5d3bf163

    SHA256

    d321ce34e11a64f638f2cc7385dab19bcd82633a3121ce9d9dc872291a8c1d3e

    SHA512

    efd5605c8475d9984139601d70213e6a247f5bf4f336bea1e3fe982a172c38bfe19d4cb9a8171ecd912cd0d90a264047d27b429cb3267647c2e2f6e2359d4549

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    3318c3b3bfb481a64a5af4db4a42bb7a

    SHA1

    d1a472d40809fc480ec386e7765f77c73ffda600

    SHA256

    9901b2707ab4bdd90b30c685c10707669c91e254057ebf8968b134b30688bf56

    SHA512

    7f670fa047a43161b472d43456d0a978ac9c172c468262cda57d13f7d15289ba81e9a856a9abcdfc234a6a35a0edfee8daff6505a91d3034ecac19a64218a89c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52G8PVLC\cb=gapi[1].js

    Filesize

    134KB

    MD5

    f9255a0dec7524a9a3e867a9f878a68b

    SHA1

    813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

    SHA256

    d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

    SHA512

    d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52G8PVLC\platform_gapi.iframes.style.common[1].js

    Filesize

    54KB

    MD5

    682c26af19b240f98d2cb951721fa54d

    SHA1

    18e58b652c7f82a55ab4b1910693686049e25d62

    SHA256

    96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

    SHA512

    078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

  • C:\Users\Admin\AppData\Local\Temp\Cab2FE7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2FEA.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar308C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b