Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 23:43

General

  • Target

    8fd8c0376116350a1d6e915c85cf40d4_JaffaCakes118.html

  • Size

    606KB

  • MD5

    8fd8c0376116350a1d6e915c85cf40d4

  • SHA1

    b6b2bcfce4d707e31123a461d1b39d48e6ed476f

  • SHA256

    ed99b90a9cf142085b9a8f95658b85f32d10b05c1902eb32158f578d75dda3a8

  • SHA512

    b282333da7db7152e2e1494ba80ff3678e611b60b94579829614ac7249ef3110f3ab59cbe582df3634577a479d74e721afdf608f2ba4466309cb9c422fd737b7

  • SSDEEP

    12288:RaRmr/OfSppU9zSQHuPG8TT5UG6lw7bM4PlJ7NB6:emr/jjU4QHuPGM6G6O7bz7a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fd8c0376116350a1d6e915c85cf40d4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1736

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          3a06afe1dd04f4108c7ab0b7f4cd583d

          SHA1

          a48cb56833a1c6e20628db8e5bd4eb27d0648188

          SHA256

          0cb223b8d5e0f05541aff29c57f6e94db2238a2b678e4a79e4c21ea3e6565ecf

          SHA512

          126f7f2d17da59f13a47853a6e31a8bbd12ce2953a30475ba114e9ae081e9a2fa8f8c33ba6f57d148e4dacca51a942f74825b9890d1b95fd369b2b95d0c7115f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          8faac8aa98b7d97c74ce7e5a9d136e1f

          SHA1

          1fbcf5114df62a1dfdfadb718139ad34a9bbf1f3

          SHA256

          c9c4d5eaa84d75867be2a4911d65fcbfdd6ad75b0294bcc5267d4b61e911a6d3

          SHA512

          29e9339c3f2fd8bedb10903b55abb3b825b9861890168e8eec6f0ff36e9be7acaafc0f268343fdf3adb5cf97ba6f2a41020ec9cb22fa55a6cf774b4a9e21e8c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6295ca490a12d697d756015ddae7bb32

          SHA1

          8102ea0af0a631f42b6533c9bfdaff28d93299a2

          SHA256

          82ce06846782766a9f519bcc2748f8cf0ab93734f748a46b00a084f3a7f78568

          SHA512

          49386ed54f3106bed60ade2b62e9371d78a6dbebb590aad3f28472f65c418dfc3caff95651458533259bcfd02472092c3c58506a1a7bf2fa77fc99f422bb9e2c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a1588e6c70f761672741a0c32e07d44d

          SHA1

          d4ad9eae47ef3f93970997028af7d3cd98132f2d

          SHA256

          ef873cec254e66ceed1f46adeb5304797f186013b88d752415897dda9f1df0df

          SHA512

          b5043cb0384cdbdd97467b116179fd12234c38c926e229a955bbdf00b790d2f2a55f373829bb22ca85d497101b5903ee08dd635d7fed2e2cad0c3282943fd180

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a36980380fc289ffde33992b15f21380

          SHA1

          d91ec359203ff480cf192067dcccb9fcf2a0cc88

          SHA256

          1026aa172412adc7ae9aeddda3a28d85b45194045168334bf5af2c1dec2a1bdf

          SHA512

          6d07921b891bacc731716b62da456f51e36af8c4787f3c7f1a94c8af98f693adddcf847a0c284316234389fc4185aeb0a4ac51878d9840e112de6daf6593063c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e2707d7f80c3fb583171b2d6acaaf755

          SHA1

          c35b03cb1b7b86130573b870fa399899b5493083

          SHA256

          8125b00034cdcef60b3898aa90848b1727e05cfc6c381509b60b632ed197e571

          SHA512

          fecdad5c945aed529eec7779fe20c3ac2c079cc0261f81630769b5e7cb045aa0cfad8b4affe8a198b527c5ab363df5ffde720207ee99f8cf76c25aef06b9105f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a3f1a0d8b22f6e00ba45f95eb5454dd8

          SHA1

          68540236956078e581561721859e03421d86a3e4

          SHA256

          5f41ead0d07471f73c8e66b10cf2da400ddef81564946db8f0e1aab9c5cc01ea

          SHA512

          c3b6d5f7f200c24279a33a27c8f3123a6a8b46c2531c28709b4b9cc0a1a1c3cf1e5316e7e25756ae5b6e25831345182ff109d4ed9ea3598fc5fdf249941af922

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c6f8d3aa32f15d6436ba8a3bfce458ba

          SHA1

          1f334b7a509fcd13160111e7380887c86438d0d9

          SHA256

          b1ebc9cf2dcc67fe10937b36806a4efb95e353f4d4347396e7d0840e1c518215

          SHA512

          1cd0648ede1901884d8ea1a9a16730d4c5eb24a4d3060b4cbae9cef96d8ae51e6b5ad5542120aaa3d0df7e413b9341c2052841df55452170bc16f6d1a4218fc3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          0b0befd49a33396c1b096a805cdb518b

          SHA1

          f8f53fc215fc5846a4d57f913dcc98c30d8c53e7

          SHA256

          752f585505ce58c4a679da8ec9f7dca591a2a005d29b7e18da0dccd25b648721

          SHA512

          11fb233abed4a354a3f4f13a0eb0d15ed2003a10d3a13c6ea62709f389da53aaa9ace2de7e81b4abd9a7ff513511a7168d94de47ca02c083128953e8dde869aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          415bfe7390fa20f6c4716f91ceebc6af

          SHA1

          7e5d96694df62d8f2c27501010b36b8fb7bcdca0

          SHA256

          5115c4cfe7ffb10160eedf4205db9140e2159e5ce4d2fea39107b1f340956ce1

          SHA512

          caf0f1ad2168cee83443d261b7886b61b9a666117850a1ec5f706477c4af8aa1a520ba1951e5e46430ce3fa82bd97666af2c84b966936ae6a6ae244bebc7f66a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a9a248c3280538f3d743af5682554c62

          SHA1

          68630e281530585513d79caecc78cad4d6df6651

          SHA256

          02dcd54f44a581a85242eaf020d62669a75e8c15690bee48671785f7ce4c3a90

          SHA512

          3d7eb3eb11b4119580da602d127d37a672c8a0fbec6c5ffd55720acd5f78cb18de3bee696f3214ac2503feba50a5b3e48355436a070fb6c046317e4e7840b167

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          b3b7e133993ca3d9ebcb0d848fc0d2c5

          SHA1

          b1e90456f690c1891904cf37bf819465c11bdce3

          SHA256

          4a6a33084d218e4f66291e28d8446193fe933548e92d42a00b7e7de40d1fd390

          SHA512

          95715032794bfbc16d3a7112745630e1f03b81378fb6829d3ac552aa8cef700923a95c6d090c633b576f13e2d7300ea024a3b21d8195d2e331a28a53eee7f5b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e75601f109a4898a2247bd895ae263f1

          SHA1

          1d99ced8f9b3976982a99b39f9dd757b4511c81d

          SHA256

          d2905b73610d86f9d9d455447e50a56cc67424754324ec1ce424e93f82dc6efa

          SHA512

          ee6f03cfc12b976cb08e3f8e4150fae032527e9bc51c53e2143cab3023b7cb067d1f301accfa98927019969e0221cffc2978d6f39a5cd6752540e4afafa4a1a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          034d0102899580b3518a9df52ae56ed8

          SHA1

          788551b5f9ccf97dfd41843d9da6447d430ab84f

          SHA256

          77a9789cc612f51c4d0e9cacf13f10378899ee8800fbbb5e742d70609ac62b1c

          SHA512

          3683daabb5e0dd11aea2bae586c5eaa3605b920451f70a689077bf7b312dbdd0fd7f0fc99c462769a4161c0cbc66751a911a638aacc990121ed3ccdeb8c2178f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          bff5b7169ffa35cc9d1d6b4cc7155557

          SHA1

          7bf0e45517043d2e17a603f786e1241109d78e10

          SHA256

          3557f363004c39b436ebc0c5755882c6f66f1d7a11cb81a40e5ceb2cedbacad3

          SHA512

          535d44941df53c06544e692b9fbc83e7b120dce5d93c449c00fecf654ca76b8de34fc58d9dcf340a9ff818bb664029367a1651b779fbaa6aa45aa7034853c552

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          54624e2f543a1063c24dc5323e2a8b2f

          SHA1

          c70288595a24299e9f81285a6ce85b720b62db99

          SHA256

          25c55c8b8ae5332398412ce2471ff832a377d72be8861e6fe197e7e811b8d5a4

          SHA512

          af9dee544aa6842e599c782733bf5da0a5287b9930b932e4cdbb2e61fee7b86333b1e423cb19abf0153c109d06a6b88c2a64555fa387d322f28de53fe1e56beb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6c17dedd347f00b97e2cb2ea8b6b2bfa

          SHA1

          219584fe52e11c052344b4b41f5856afc700ed10

          SHA256

          3d911be49cbcee223a1757e1466099c446bae020713ed78caa7a01e637547e0e

          SHA512

          46e94d9dc5ff063b257dad1a324552e6fbb3b34c4c0fe639e2b6cf1f9daba6999134111c267f1167bb5bf373b967a0070c19d1bb5c14420c71a87ae369125325

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          4cb90a0b18fe31deecca96c8f996ca9a

          SHA1

          3faf0f10f3dc5f42a88a1c8613c4b95586a6ba25

          SHA256

          bbb31f4b6f8223474006553e43421fbf232c0b56cb99fbbe364b9d5dd4dd6d92

          SHA512

          7809ca2abc0bd1a9e5ab2f6c5c0b7e01c1b06d6dce1c5deef457df3b93517071fca785db2d795014b02effe586333940f69c4107e07af3c61cea75f3f839e089

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6e587196307619213a50b20d31bc1481

          SHA1

          7e14510506beb3c1572abe02fd1b719dd7e3f8b9

          SHA256

          a52fb5970c2388e0e31f2d5a36eed5730d20d92d99fb227a5e5633b2c081e771

          SHA512

          c587abd90914f4bc71f7a62b7651821d27b0bd6652c6974448ef935e5af856672f3222c1ffdb86fdc4999fd8c5d8315c33158a3a893554e70a01a1619044ee4b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5bcf3debeebfa20d1e9bf31476f46af2

          SHA1

          b6776066afa83cee6799eaeea1a7020a52136c8c

          SHA256

          e41f7e21d6cc23870d778213bc8da4bdaae40af017b488a32776717415c9faa9

          SHA512

          0c5c2fad9f8c862a9cdec84399d30d5663fd3fd6f9fe2e5bb7dc99fd96bcbb75d48c90fb16b20ebd1b696dc60dbf75d603b1177295b068ce72d8baf974a2f2ac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          69176fd13020d40bede7d06f64c38b90

          SHA1

          f0e20ab3d791525400b8f2ac76ea751764075b80

          SHA256

          47522fa25bc03333881f2557ef6fd62ef3a27d9c2fa3bd9fbbd199695082820a

          SHA512

          b02611a330454a2b583797519e9389e17a04227861faf2a7c8c926cbf68126a2ffb53425b525b4a2a143a3ba4b2ec973bb17e5aab5d63666ccb1349dd7ec271d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          5d8dbaf7d6ceab5c7ea1c035700113f5

          SHA1

          fef831676adb0c928442f01b05362096cacf12f8

          SHA256

          b1a793a4a6a30b286009499ac6bc3b719868bc8d7ef13d96036c6908e68e0114

          SHA512

          bac2bddc02573b294f761f775654928dc39777e450df76be7622284cffe94b1dbc11566cd4d277c67905849f76c7e07bfa26bb1b2f72bd9a9334bfa7550d6cbd

        • C:\Users\Admin\AppData\Local\Temp\Cab17F5.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab2DE9.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar2D1C.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar2DEE.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b