Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:36

General

  • Target

    8c7b5b9c5e0ff8fc3e13629c8f35096a_JaffaCakes118.html

  • Size

    55KB

  • MD5

    8c7b5b9c5e0ff8fc3e13629c8f35096a

  • SHA1

    321cd59c07920acef22bfdbddff9a0c0e9fa4811

  • SHA256

    2d088aa05b54bec0564ee4d989aeb5b4f171017f554b14d3dd5db7bb752a1cf5

  • SHA512

    77f16a587f1e4e7bd5cad1db584270f2e80b09b37bba47cf12b0d4a03c9d118f722bc744fd9ba4ff01f514d46b9a65e1e388900bb5128d40cd590a89bf67a75c

  • SSDEEP

    1536:XXKqUaIrbQizDjf5wep15F29rDZaMkvww26rGrg:XXKXxzDdwe5FyD02EB

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c7b5b9c5e0ff8fc3e13629c8f35096a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          04334013c0ca088e1121aa8e0ccfe57c

          SHA1

          005fba120137361e9c45ea1a4a630b13bff5610f

          SHA256

          88ff1de72a0cc549c4dd2142f5038c4d6f88030416396c8f76db2040e2e5e222

          SHA512

          0fb201ac68f8585e9c908a9260b3953bbbf34cb77323f5fc4a56cb9fd6faa7401dc218607c81c2179ba35fc1c4dfb4983b1dc050cf0567e27cfea7f5764ee357

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2cee59fb7ed18a63a5c6ddf066857b41

          SHA1

          9b83b431a09aaec3bbac56f683c418a06f33ca42

          SHA256

          60ae3f50bc9b53e2ec49fb6deab8ff219815f4f5fc69c139f30823abaed5719d

          SHA512

          1fac757bad0e3ae492a937f0ee74a8fc5816b6ad3f70ae362b441599f20d0f49e12738ec8f919f2e1b6e9bd92fdde06b7e52b50f349cb0de85f4cbce1b75cc0d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94f076de0b4b5b9b8dbb2959a4b7eb1b

          SHA1

          234ac17b325082711dbfbafe53e908e0933a52bd

          SHA256

          6acf886f26cd135b1d0d0b24afa85e152d432b4c50e2c548682e278248fa3dd9

          SHA512

          dd72dae0058db48febf8e98988055393ce893877f968fa00aa2e26270dfed2d964cac5dff2b996093270fb3ff2dfd3d56fa948a8276edc2263d579f1211f5362

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          31a1fe83177fde3e5d7464592863dd36

          SHA1

          6da8d76d887622a54057f961222e7b1f5cb7ceb5

          SHA256

          94bfe24d064a1006c151ce6b0beb3c9ca6b6e5b63a38009f7a4ffd3aadfd6d12

          SHA512

          f730b57172dd3e3b50000afc404d13ef7e8f97cda7d8879e54e2e0692fd7fa41cb1e0a979efb34f7ba025fefe6a8a81e031bfb62e767b3ff8eb9a82496c06fea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          69a30be2bf399d346356acbd5a68a7b4

          SHA1

          60e39293a48eeedb38ab139e788bdb0084724492

          SHA256

          4b431381c879f89b490cf328e314da99ac72879e05b1c2bfa8342b3398392e32

          SHA512

          d2e08ec6808aef075d50d194295b6e6e9f18ebb7579c11badd27c5797093fa6cf76ddc89de1d342137229d3b0d19fc25eab48b6d6972882fe49032548f69dd29

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          23e9f5f5bdc4403e4f46edc3f92e87ad

          SHA1

          f841345e6c6ebf5d3f2e054d1a40a62332342f49

          SHA256

          422bb2a5e81e31296358bf20da24f8de4521672385dae286f0ffec05e464e675

          SHA512

          732cf34f14e8c9da381d2f179a7a07067d2593ce2173325ed3c6ba9770367f95b6ccdd648b43c1b7f8b4167182217114ff4cf50dd001ab924580a0c834f8b713

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6171c1aaa7e58b7d62774738895cde24

          SHA1

          6ca1323198ea74a003bc3a33a2a214e6a0cb5a5d

          SHA256

          f0f52ab3aa2df5f3fd2e818c6c4ae32a3c14daaa411e819050d4fe5ef79d0ea5

          SHA512

          19eec459fdc77c7cc949d9dade3179a14de917d835d382dba296ea31dcad2748dfc26af5cf874c8aaca646f1ad4901ea6ed28a99ed321c724a11b0bfd6f7f213

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f1a371b72fce2244544983a9ecfe0783

          SHA1

          47693f8125daf7dbda1992d6c5bf91492bbb9b1c

          SHA256

          f8b1c4e42c444378654682765a213d3a7aca2a45c09fe0da990e60eedd2a00b3

          SHA512

          f70054b074731cea4db284ffe65da234be92c69167f2443fe9d3065a10f9e561fefba67899321461298d0ec8bb215155b48d8a64545752a0a9c29d1a7b0edf33

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4ed0ea1b905ebd20748b8534451ca6ac

          SHA1

          4a98ddf48a0c76f359947e4cf8473fd6acd39d9e

          SHA256

          a4e9175ffe8299337c248fd131adc297a364c6883b5b91ca26268a8f0c41d6c9

          SHA512

          298c7c5d5e5d6553342eb4c08ffd626bc3fcc2a9943d433eb7a1e69940daca49050c659a748d21812cb7e4124548c9ae8c120d71dfb03bf1822d396392fda390

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86e5d1bc985d0a5154916e1faa67aaba

          SHA1

          bf6cf5faf1e933375368910be2296fba13013f09

          SHA256

          558bc943535607176aa260efb63d71836e216ecaff11a1b0f74856cd13c0835b

          SHA512

          48834e7b5ed0de5026a739f217bb1029bf94e73da587d5e179bd83a0cc37014e0615c10f94a82eb316cdc0254e2a8ae05eeb5fa18561772bd784452e15d13a3d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9467715649b54faef8098969b181fff

          SHA1

          a187b7b291103d1290491249b8184b6216635fe1

          SHA256

          a1e5b9b6ef5d17299d3e035dae30ed48d4119357b006a6de975d7abc353bf401

          SHA512

          c5eda6ffcdeb5009c98235eea9168aad72287cfea570f05a42528a6af8f67eb51903adaee6e989b9009eb14b535fd2ac8019a93fdd4387c4b9be916b7d6cf1c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          70107fa29d7a4fcd3081cbeccfdc7018

          SHA1

          2c8e9532134ec8d16c2e394b4210629b749f9750

          SHA256

          6d660dfbe869a0e41b1d66eb98da5e144eb7c188f0f8982be9f4c3a1e68e3646

          SHA512

          c54685accc9178c9c7453dc87b8f0e0ec1ff9a4420ab77b773c14fbf72097a1c81443413c9e017900d8a5e98194d4123c3a20174a32564f2dea5705c860bac63

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35eeb480c7696f3ce052791b26bcb5f1

          SHA1

          eb75fbe8db0b53a6a29a09aa74f64a344e7e741b

          SHA256

          1d9740c4b4b9429292a5578e75602fbe612c108d4d77bf38022920ffa4b7a0a3

          SHA512

          b652af5c00275a70ef19f92ff31e86d90abbea0248f81c646b238632cf1e53e422ae8069a17f9f1c82a6661088370f0b4f9dd9a3e8fdeeee838ca94e620642b0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7511421356ca07c8b800e6b9e662720b

          SHA1

          d152032b637fa3b23bf0a93d79fe72f50f48127c

          SHA256

          b80c3da5ff4f288bc7d4dea8a8e4ea15de6b75cb7b93b549a86e0c26f3fbb51c

          SHA512

          530f64b7ed8ad741962caba2150d5944a26996c08905e3b8198f7734a794f30d5682c8a1140c6ef3762c455f344f3f0022511a37ad3192374f5f7d058342bbe5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ed6c7fe5dae4c3422ba6404771c95392

          SHA1

          60ccd90bd3e7ac40522368c4b826964176d87daf

          SHA256

          8d8434fa3c66d7f1d771dccff013cd525156356a1a87d36722703ff1d8915c7b

          SHA512

          a031cdf0eaa92e1904a4e111838894eddb2020c3357e23da0670279c5be32a8814fe827522117919c507f0f87413938bff936f2a1679411fc4800c99da77f033

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b86ebad6d12329ea47d64c3b5bb894b2

          SHA1

          fe0b6db5767ff638a47d4d6fb2edf72b846ca385

          SHA256

          241cc553e0c8867aba33a7378a66a93e51451c1904b44aa3d706cd5954279ae0

          SHA512

          50174013f928e81b226cf89741e4ae8dcaebe150af9bbe5a26900e2eb27c540261a8c2bdcaddc6357a04da31f14a889ad34b0e6a1108fcf5fbace96c82126a75

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5e5e0d30134e4993f92b1144a67323fb

          SHA1

          bd9bf813102988beb129e085c1429117ba48bd12

          SHA256

          6fb1cc90bd4284dff40b1797c3e9f3469fe2d808aed590e3867708b69e4d1506

          SHA512

          627b2af41f20d39bfed128bf90b08d8da8f70bc5c5b6636ce721d64d31cccc558ac17e77c8d48323b24a559529c9f9abb1841c772704db7bf92f77dc5784cfa4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6fe6a3038275f34e30e2a5e59d487b98

          SHA1

          82c12935e76091970fe1d719e485900610a23a2d

          SHA256

          c2dce655a8920e107594feb807a900262620d26eeb4a38b1b88816d35d5862f6

          SHA512

          2bfd177bee0747d358f0750150fd79802f54f7cb54c2ce7b784193dd3b6198627fb50d49e6dfdf13d01e25ae45ee253b1c65a0563fb5df4c9cb03dd26b02a2be

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b74b8ef31e91bc256434deca6d009863

          SHA1

          75a2b1c9e01c0f53ee814a32ae165f8146af8556

          SHA256

          89a71f8cfdf77c97d2809adf78d35b0811b104f76450e614c70212b2576ce004

          SHA512

          687b79e7e863b0013ee2658538a28a5e05ced451cf8b7ff0dd13626b6ff0acdb90a9be9e4b0673475bb3f522a726cb2ebbcd3032f7bee0ad563e7dacd9f73d77

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          76eb232322d5df0eb2a0ae7df5db7f4b

          SHA1

          09e9ae58d5c2795bff7854fbf3b9271ee45a2356

          SHA256

          dc59b345c23e9a509c4998cf4ab9cc6e94fc4c9e2e759a15314ddce1e35f3924

          SHA512

          665c93828bde6c4415c73c4f006e85e351daf0d92b9d2fa9d88f07b7f247399c186aadf9268adb30986f71b4c78650464592768bd571ab19846e593d15dea934

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          01279a5ff763704e73825fef4527eb1a

          SHA1

          671979b28003a4f9f9fcbe537c634a947c92d282

          SHA256

          8092876fe688ab2cde21a684677a13c8cdfb4294fdb35a144c389cfe64564fe2

          SHA512

          388a4f3165a86d4eec2d2175667fbb585c13e958434c2032c2bb07c1169abe73870420df548d9695ef52a7d29a33528042e550b1c1b1ab6758ac554c0faf9ae4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc355a8845840974112a662cf5e34c60

          SHA1

          b57a79395cbdf577bfaa513d59be92199bd5f602

          SHA256

          ff37ccbdc1f5d7cb3af8b2745c871cda3cd2b306337eb07d03d465624b6d3d7b

          SHA512

          33688c276375897a2e8950d763f16b54fe1b56ae106ecc5593bcd40b31ea64e06ba479d732500434ef73a3806f9eddb5cff4518ecd24e6663461fbbbc565bb6a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          574216d212ebc392d18b4ba0234dca9a

          SHA1

          21d68889081ea39cfc1ccba9537ddafa73d3c92b

          SHA256

          4cc7f72358dea2a1f0ade8840cb087d4e9bb522633767ac02767f7e5e8c21a22

          SHA512

          1a0446f4f2e5d59ca373d87c1d1464dc53435b87163174f59c9f4f31e9651fea6136de922d1dd9494755c5e32ee29e162c6b544210ff26ed0809dec6151ed862

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          ae52fdd9eb4fe983a3822b1fb3a83f63

          SHA1

          1e74cdb6d7b2fee9cfedd95c6cb311aaaee3367f

          SHA256

          35f1d1605c0b649d9976bec0423acb6afe65f39c139dbcba7c2ab5186700cf8e

          SHA512

          958d30940cf0aaea336947b467e59935c0c24a7402a81b85707e56f6d43af6b28eae5459e39a9e1214ae63e57e0412204cdbf7b1bcd9bec2cc4face5eeb7310d

        • C:\Users\Admin\AppData\Local\Temp\Cab9530.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar96AD.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b