Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:36

General

  • Target

    8c7ab06140ec31f17bbc3b3b9c884d36_JaffaCakes118.html

  • Size

    60KB

  • MD5

    8c7ab06140ec31f17bbc3b3b9c884d36

  • SHA1

    963c372ac9568bf6f2a50b9e16fcb3fd8038dc68

  • SHA256

    f61c6503bc03249529d95cf4c365d60754b58dc98b5f5c4a343d621cbe0b4cbf

  • SHA512

    86ad06c763002a6aa4ef4dedf8e4c685069e152ff1aeff7517e96b7d4d48a3f53707fd13aed2af63bda6bc9ce40c35198fd72ee8a7efe14dee4c86542c37298c

  • SSDEEP

    1536:QiCLVm99kIVqsTLVB7I7e777B7V7c7P7K7m7ckZ:QiCgXkIVqQx7kZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c7ab06140ec31f17bbc3b3b9c884d36_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2412

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e401306fff69c6a7df9fc7e2abee60c6

          SHA1

          daf7cafcc0f3c840f824c8db51082c8730605865

          SHA256

          4a485ef75d7ee6b346ef9cc9a86fee148b923fd83e694fdcef39cf792b842884

          SHA512

          cc48cfa367fbc3bd5563017e1c84a15bf8fe42139d37eda5fa2eb437d2803b0a0652038f620a4ba8cf4775b7337b3a2e85bf979878d5c8004555313fe0757376

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          cf253fc2fbf18bf07d2cfd314a3f0604

          SHA1

          14e3e74ebc6d92a717881e81bc6f1520adf6e59b

          SHA256

          5eb0a88a30672f77b8cbcddd3ece3fd180d04ff23e4d04a363d5997191058b23

          SHA512

          55cb19dbc476c63aaa03fa518f19bc6e5fe3e4fd91e47de422b4ca1746bd4eec3ff1afb6882436190b1c802c6516a96d7eb06ca55d8ed67822a49d47a4ba6156

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          8c682b4fb57efb5db422fe68eb7d4f4b

          SHA1

          5de0330fb212fac196facfb61adef941efef84bf

          SHA256

          2af416d616a87df80d1f4d24f10d1bcf6d67ccffb79fd0da5773440dbc5bc36d

          SHA512

          133393f56058437f238d6daca99d6420484b1a10577f33c27d0aea1c64fb17b38c857990a31c6194504a153e21915d8756828d8fba5cace0899d649238d26871

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          042ee057486ab1e7b6e7cec9a9bea17c

          SHA1

          d8cdd6c29d67f7e90a3d924e15aa468b733b0a0b

          SHA256

          3b2425313a607b10803b4c0ac366b4bc9b9599012dacc16f5c4f7386ae418813

          SHA512

          b42f15d2fe7269045fcf4fe3dc77fd621cb50af010cf72e1776720786f9cfd3e163bb3bfc9f4de8d6c58b56afdeeec4c23255dc0a75120b262fe483e55528d24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6585e705409e20b4703203427bc3741e

          SHA1

          e2198d746976053acef04f11f1bc1c6fbcd4e85c

          SHA256

          c7e03153780463417315c82837b844e432b6e67a1277936d135abfb229ef4ea6

          SHA512

          24bdb5e6ad69aafb35f9604f62b0297c05f16699f63f2de3bca68554592c6388cd8215c9ba196229e79d31e9c24dff955f8292a154d52bdea5b5256c4d20b545

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d4c835c87238c6b127cf0250285a7cec

          SHA1

          42ba2896af63bc949dcaa737e25472df4b495325

          SHA256

          4d85f76ec9fadfa4a4842fe8020269c9179531ee348dbe702feffba30dd872c7

          SHA512

          cf399cb884e0ee3fff5a5abbd5a1d5804e48775b2d0963fc49c582a02a23f188a7aa6d008000a8368254d65ad53163754ef3c872d811264310440c38a44da117

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d4ab1d379c03a01ba8ae2a5d34c05a77

          SHA1

          b0d45ee089d2b03d699b90fe02f9b6f987b041a4

          SHA256

          c067e508e5d8852c39bd8e0fad15d186d66acbccc4487e03fdc347a59ccb755a

          SHA512

          2d2da1180cd91bf9c5d97b08694982bdf4ce62799c56d0c19cd2cbbd2738aaf5db2e4b47401d12927501ff7c0b92b3a4bf53f9bd451f0ace82967224d9df7a35

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          1aeba71d8f6c74b3c0e663273577e2ce

          SHA1

          c1722c9d515563b106dfae89432416be4f671240

          SHA256

          e8162b55a323ee1202a07cfef38871481b5bd9da6a1e80cc9bbc84fd1ddaa541

          SHA512

          a7d8890226cb15449326479abf2fda6c22419a36bff3ced816e598684e00c6847af6dc01b87dd03e3726a8a93a36db26e92aaabd5c5b6507c4593ab760b12261

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          41b836fab27645ff552f6ebeda711082

          SHA1

          1f2b4c6b90b90941e17681ec883be9ceb84f91c3

          SHA256

          ec924de04b65d274bdecd05557a5601173cb48f0090cab47cbc72ede5bbd5d7b

          SHA512

          73a34032d0f9c528e75d22096dcf37ba97fd2d772393ea9cb986b8e461ca633541e7a034f880ada264f5666eda473e6c354ac0be011dc2be6b1b44acfaaf639f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          640f642b743a8f15710bdb65b122e496

          SHA1

          2938fedcd01c51919f385f9b787ae75392fa4d45

          SHA256

          2aec14b5625e53a3aac9b11e7e34a92828ec27f2ec54c4fa3d9cad40308c01cd

          SHA512

          5c835da7dea00df9e244dc3385e9fff3382f16e4a9add621908c6e83f9176ed58557feb193c499519f79f80021d43610d4f0b9dfc311b185a57e508432935ccc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          adb772dce51cb3d5e8d4b04b4613d4b1

          SHA1

          17c3385fd4edbcdcf1b961a374e9de26c6072382

          SHA256

          0dc6c51e2691c81e8dd7a809b97d69cbba5e2c6a59a2094a331b654bc67ae4e3

          SHA512

          daf798e904ffaf6789d58e1e1fd392bef143bb9b121cbaead101f2d7a556835c014c46ffd9c31cb32a6108da41ba379adb0df1b645885e45afc1f103032b7bb1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          dae9a22f30986469ac9da2c2e86e294a

          SHA1

          099f0f1b2f41fae9829b3f9a8fe198bb2d655a50

          SHA256

          b4f2210bd35219cbb038e4b448c5c16431edfa21cfa7c3b2a5e2bb2c1bc29312

          SHA512

          c459fbbf737e92ace408da82d32b392b861cbfc74b465c6477a5418c0d571dcde25bf6a70b7a83432078ce9cc7b63a97d63f2f45867df88c89612aac6784662f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          be009178a32643f9cd09cd128e3bb91e

          SHA1

          f9b094134b5bcef7a29b30e13aa402eaec132343

          SHA256

          d0c0c0f4d61498c89cdc111a84136d2718450979e479561ef1fb2eabd01dd9a8

          SHA512

          4389b6df09e3d5064a6393d40bfbe142c9dbecca4325f517766733189e40b2d069ca6ca31d674f86a41a9e413a07ce33c4e193bb5821235b890ae1860577346b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          74ee8f191969f1e11b11394381d5345e

          SHA1

          d0b433133d0456c8024139cd4c9297e643829230

          SHA256

          58a9fad1dd832a7ec53c69ec1df066db72c536ebeb60b80240bb7dc1a2f952d3

          SHA512

          0f7c2b75124d31f3fac761c0c5a58e55acb528f54ba68d9126ead2011c12bd1c3e46adc0c80d5ec4178372cac8ee043a6c889f0c0050c27980e880c435aa824a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          a04f3010b0aefec0567c8f3608d76b01

          SHA1

          95ed50129698912d0cd60c1d879337e776b68540

          SHA256

          2f888cbf8fcd39b92fccfd59b63620b5287d96f37999b787a044d12433504ab0

          SHA512

          2c12e5ced34891a21481e952a34b13b39ccaaab5db59c5ba5c1d0f62a09110ea26b225d6b0754e25fc74470e36a160edcafa6030384369733db4f84bfc5f01b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          7a6ee5f21c840d0e87430ebcd007ce44

          SHA1

          01d0526cdcee64976f252a85d11f7eef3f6b8694

          SHA256

          f94a8a9e2f266920849ded6fdb7002b78a0ea9f04568e8d9a66f530a1e48e170

          SHA512

          3b723a22991c0173b662ae6dfa16624ac9f8629561d614b473afd281b5c8a4d2f75c2fb4c9acb59a56209ede9b295537f0cb5df8c63080fd04fa2fe6ac4535b7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e9cb427dde86875e49253d94441874f5

          SHA1

          90ca5f639549eb7d5f83a922232bd9e09cc60120

          SHA256

          b299938b74e83830dcbe350cf9d90a97f9d95a1077adc76b2951a0b352c9a363

          SHA512

          90f8425d4d233d4ee8c61587d4d072986220050f90eb67d63cd2d17133f2c9bac8d4c3d24dc8107c469762a2f36fcb073acceacdabd3358e2f33a2e7298f32c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          77f337d4f20064e526d128dd50eece00

          SHA1

          7dcccd269332bbb74ba94cbf7ce30c59157c884e

          SHA256

          b7474af33887da6cb7c1fdaefa667d7dfc4f5f191fb25bf7de4bf31b26a5610e

          SHA512

          eabcebf72f4f5a7d424dbf5359887b7bfd9cab61561fe281aa46044b700282ec7715dc002c332869b9a2a955cd30f94339da805975229db34a90a9008b2fd44d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          4db4198de14bd6b5953ee3d458b1c131

          SHA1

          ef1faaa6e0eaa2eb6892100b027ed15b19cd6cd3

          SHA256

          6ea35f025bbd7d7ae4130a406179c639fb5cf30e7f14c2f4675789c1781bae0a

          SHA512

          02caa8d51e7eb6c499e1b294e84844cd59fd8b88ba91a11cd9dc1cb956b2e142f4b4c31a2d43058c17d7d5971ed6244479e9cd847bd349500e304f9ce6d32e9a

        • C:\Users\Admin\AppData\Local\Temp\Cab2897.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar2899.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

        • C:\Users\Admin\AppData\Local\Temp\Tar291D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b