Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:35

General

  • Target

    8fac8ebdc294c4cff326b57b7c95aba4_JaffaCakes118.html

  • Size

    4KB

  • MD5

    8fac8ebdc294c4cff326b57b7c95aba4

  • SHA1

    ebf415341c24158de4b0f27b506a73682614221a

  • SHA256

    b66ca5bc486ebcdef5c01a4ba91f03e8830b6d677e9a230e1b121bfacc4bc608

  • SHA512

    9a0c6323a9c01e2dd18d740ca75e1dd608208a569436e773fec9e03270e717c97e511ea2e9334ce967965fb81918804cde195f1a8fe0b795a499f5e8e91fe621

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8ox0GS4d:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fac8ebdc294c4cff326b57b7c95aba4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8dd7216ad3e7c111ef0a878418d415f0

    SHA1

    7d7d79cdfb395228aaac1ac4bfc818290fa16e51

    SHA256

    947ce2cacc7cf6786d92fbd9df0cd2c39ded9b039801e91b6551c2445a537e74

    SHA512

    ce956203e06a40bdb2beff8f56954c74043694a0a1e4dbac15a57570c595388d17101097a99a934430e98e16ab33b799ef3d51d79a2063ab8c8b03c8f8ce2dd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7bd057ba1b5edbd941cec5bb7589aed

    SHA1

    b86d2c279ab34a94723c269988caad376be4cde6

    SHA256

    728ccd2cdf536806a942c4cd9ac03d43d5ff0ca1c43ad4fbc3d4f55dabd5e029

    SHA512

    5b5e4c02bec44e34473e3c6d2b5003b8552fb2b98df861d989a107aefb1f25d0b43bfd5d175f983898e84caf272b80f6bb2b71c0fa44680abe37c0df1308e3ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    035ac78337d25daf137c5a67c44c4a3e

    SHA1

    f45aa22bd4808fb18ab9a56d6218b7e4bcb31547

    SHA256

    5edac3cae045b801b77f20070bfa5a659824db23bbdbab49dfef925bbd4169fc

    SHA512

    17273862673175dcc9c7477e5f4dc7bc7774e55f6a7d4917a84680c3bd82d5389aa9f32da1850a42984830f92e5fddf0973bfc93796a1503103f88f25ccd11f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e048077c6037bd2a737d148c84ab6b28

    SHA1

    6a3ba5aeb2bd953c1d46f760483b1e9f14decc9b

    SHA256

    8b1bf55c7fe1cdbb6c0d6bb4678b94a25946af551f096f46c8dc831f17616e42

    SHA512

    4e69d9f7dfeecbb44a64f6ec1010b5273749cacc686bd28e68652bd84cfb2bdb18706e8641b20b30c60084540a45474f1e15dd45a744a7459681026d3879064a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7bdae7a2d6176a1e3c5ecc7ebc85696

    SHA1

    aad6ebeb25de227f0b4e00680d392a31cf42c912

    SHA256

    3afaac4df6258ebb41d8565cd6f717c677d9d5b94044399246781560329def70

    SHA512

    d1e89bb5b137ca6185d20fd652e15197d196d01da38c82cd823d91ca9ab176aeebc964491f62fe5974516a6064ef756615212336a2003d881e0c5aa9ea2885c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    504c45493bf2151034d2adf9ff2c74aa

    SHA1

    98a70eb5c442f55e2afb4f7ed0a0c475e522abbe

    SHA256

    43c5f2f76c092785dae46fedcbf29e3973b963c111545575d0406f46641c8c8e

    SHA512

    ad4dd80f4813b09af6db1bf94bfea23a1575a16022b1886d94c3a9625c6082fb110be9df353b35979e59eaf3ceade60d00610b1c469877ce66a9018e4beceb1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    307fb5646753d6882db77341ea73fceb

    SHA1

    7e5bb8ac00a04d989c83ba973268e0aec8080a04

    SHA256

    cc70a7937b4c2eabc8233237fe628126fc641c074e7b4c1e83ebc1dd6c1d5da1

    SHA512

    98a24da374f6ba3f2d72ddb969b334b6ab5ab3dbe795e8d45892301b30e86856216ef921668fff02b4424489212420e307d80836e7a262fbe673eb0ad89f1af9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdd2cca6f0f7853e3ab78bb5f0d4e489

    SHA1

    73ad3e765952afaa9970973fe54e286d1ef3ce16

    SHA256

    60aec2e56930fda61c59d16fa7492b731190b50ede5ecfb59f5674789e4d69cf

    SHA512

    a5c279fe4e923b8bbf75fa9672b2d152a8eb265c6efb1af69015d56b5a54e1c899c30fc074874c8fa897f7b6ede00337819d3cd8c2f7956f20543ee78348bcf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2425bc00b7cc6babf31ef6e063a1fdc1

    SHA1

    4207c86d618003891a67b3198e05365e176ead9f

    SHA256

    889a521c89f665712469f5b7291596fab33792568e84402dedad2d5249579859

    SHA512

    e80afbfb6285bb60f40aa172b1c2867250267d446b572d099dcc4790da26cbff4055b6d20a072cb6cab23ee59e67e1377f034274c589cf6e37fa4b32b243d242

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bc452fa325caecd3bd0cbb4e368e387

    SHA1

    3ea4ce4e0de1f7c99f04e8e7754922343b86a294

    SHA256

    781786641414b0316fa6db364a9d46db203ed760c6ffcf100719e689bcb1804c

    SHA512

    4b741fc99d9f44749af1c5b8ac2dea5163c12ee7836dbc87d604c660d7ff0e8df1e96f246491400bd899d324b29f1466572f2b5a87b697f27f50e67808967c12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    966bd1c861f59e99df5084241d52f89c

    SHA1

    9ce8eb7d5ef4872d8ecb2246164b3e6e97b11d0e

    SHA256

    37b99bf14747de9fc3f18ef409f111e6561e86de69504f33ec29fc4ba8e9d4f1

    SHA512

    a072180a085572227590e4e6f86264549835a4a010b7e1baef2f2f07fe0714bd21414948613920752b871228dbc7b5c19530a3b128bb88607a587266b08b5c5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    241bf792cc35b8db52f42856d645493e

    SHA1

    5d49316b15d891ba8e9f74feb55aec8d36d4b944

    SHA256

    781816e1ae99e55f406f4c692e84daa72ba1dfce8dab9ab59d862e21862f2cc5

    SHA512

    e4fe2a5a704999ff6f5303eaa8d7d16ad3eb50e360d378bed8a0b0b6b94834896bc1e7f95cd3c3e39713f8dbf4c58f0e435913a2185438d8d836f3fb2b5e4138

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    710011dd78f3fdd4b0a96205f961d27c

    SHA1

    9152f3fe1776cb409b7938d29e5b32c9dc6dc364

    SHA256

    b0d76273130c43ab10b7b4d2b5a6b0dc5f4f4ebd0f5d594d567a318ae9398281

    SHA512

    7bd3397c717894f4b5c1fee8b06d3c85cb6d9d64f6c13ebef16375937d4a956bc6343878f6167236ca8ad5ab1b7ca7b54a557235aeb4c094eca97373cfdbea3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a8b0eeb9d99825914b76da4e1ba0f16

    SHA1

    83fb57dfeaa420d03752b088b4e0f85da427c93f

    SHA256

    073747c75a498e031c81a5dff54a5309283f39b0332184901a4e622d8c7b2ccd

    SHA512

    254e0fccf7695f7fc01248ce05b3405c2cd68988127365f5cdda444c0814693495845ae7bca7e462d0d24e41ff839d7a541b8e611cf1a306a687ed183e8269bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    521acfb80d1a35069a925ba16b78c613

    SHA1

    0b33f64a0a2fe5cdf70ee7810d99ce4c8e4b7beb

    SHA256

    7420d5a53fccb1518486eb251136aa7d0223230d0cc372ad0dbbfcc36983801c

    SHA512

    89fe56e7ffe131e5b276e6f1226d29c648b85aa4465f41945f76ce7503a6ee51744e1b68b52d1b63c24f08477d7d9809215b48cda1ccbdd29282e2034ec30b4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    866ad29f3acea65248377e26e394cf6a

    SHA1

    acd4cdf58d8f554b1f144ce56f087bff88c0af07

    SHA256

    7bf641a49a22c79be025d67c2dc6cb5e3cff00670d37e7568f5d3fe94c03f00a

    SHA512

    f2c743fc96613aa5400a4a6d998d1a6c538d4b74bab7913a2383f56d5d8dcda7db6ef0857ca83f806b6fb1fc78bd63e4484100b77c593879b3fc4a5c1947848d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f06bbae98cdc4369f41757de2ab02024

    SHA1

    bf1bff8831b8cfe7d6fdac9def92dfa5dc59dbe2

    SHA256

    bc479659d7b07e0d7f03b884367e299554fa17ee0ffef8e633ad37c658868540

    SHA512

    cfeee734f9966f24e0e08646035d8d86e59c9ef0101c62f3c3c321d646ef41b2d5908a180fb855d09ebdf2cbb31ce04c0fe8d79f9e53162ab8363daa6c924c80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c9bd9991b7a85cac9f48a011eb9ac24

    SHA1

    b7dbcafdaf6f41df0ccf3a3b44b1aa9081449757

    SHA256

    734134e411715d5074f1e1b4b25d78e2c4f23734aa1e1296f2186faa5010cfc9

    SHA512

    91c47e68ae9e854795820883a7693927e00f038ee460c34108e8bb4d8d53026ed84816ad35ad45316d703a4f9540904d378c8047a716008142eed23da9bf8011

  • C:\Users\Admin\AppData\Local\Temp\Cab2188.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar221B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b