Analysis

  • max time kernel
    139s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:03

General

  • Target

    8c66b3074b8539940599165dc5e18d8b_JaffaCakes118.html

  • Size

    22KB

  • MD5

    8c66b3074b8539940599165dc5e18d8b

  • SHA1

    bef58e84b659d9e8f9513e82f1d426cde5817295

  • SHA256

    657cc9f4a7cd4e1ab629fcebb0cef4ee5b12bac4b1deff68bb9353893bf072ee

  • SHA512

    d4b458e245d3dfd5f2e712870e4de50f21398b7d996817d2b5edcbef1309a64fa0067189995ae626068e7d5f08f10c2282bf5c9c28b01f8eafc6876100a505fa

  • SSDEEP

    192:nSI2ptWuVV/O40OrVzZbU4Tnni8WP/ezst6bNZkcvK4b62L1k+SKdliseQqKzUjh:SI2nWubmp4THT/Ts1WHv9jo8HWkSwHWT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c66b3074b8539940599165dc5e18d8b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          2b32f2bf373d073b4aac44ac6e1ec80c

          SHA1

          dcd78de3080ab3355ee7768cbcd67a577b61b070

          SHA256

          6492df04415e009fd1f01fb44d14479494fcf1ae4741e0ddfabf94efe9a0ecdd

          SHA512

          2c24b694e8504d76b3cdd692914b6484d5da7b4a074b6155db0509e379babfe8f3ede2d22fb522a2110e114741aa9bee11011c1f47f62a5448a052ee19879e68

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e132607054fa03c0419a4d76d73b594f

          SHA1

          3bd43b3078f0c5a19992eb41cc5adcad81d167e4

          SHA256

          51a0957ae456bba04f36bd2254b6372a3cb947cbc06617c715a8e4290eed333e

          SHA512

          1eaa121e29acbc0c6cb27da651ec27f5921382e7e9390e7ac014ed59f6385c5db6ac80acfee4f4bce77574b9e4f2793a746b5b103ca0c51ad3e1dc29084b749d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          db1ee47b8ad8f46349f0ba2e0b5fc2e4

          SHA1

          b93c8f95d38bf8927ef5cbf97457147e9f246d44

          SHA256

          f3a6100c888399f66f43dfd1e79c48f21d4aedfc28961414c00c3830d2415497

          SHA512

          0c5d83f427e4a64a5873e6d11006b3e5065f4cf63f6aea7a58c5c0f6fac7ee7c5e6ed899dab9018ae8f13af96e13d2590ba09747d0951ab90539bca620e8f196

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          553650da5ed28a1f2c8413d33559c5c7

          SHA1

          62c339087873e1690829901c69af570c933f6ec4

          SHA256

          f70872124b2625eeead86d8dc041cf1d25c6fe0825858b9ae30e32e0546b9777

          SHA512

          19be8e11ce4aca7fb8a160b7a7f1b97a5b1fef70cc1bc25e6ef20d6dbb254582c469e8e619b7d7f9b944037fd5061b3e5410135b3d36ce4236989db6640cbc3a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          68b65b98a3fafa5e1d476fa20e0f72d9

          SHA1

          76588456b198aa8fde8ae03483e70a369ca0e54d

          SHA256

          1db9b21ec864ebf64bf5084e75770a36d4aea3e9bd10b73d434dd4d5f5657246

          SHA512

          e3f0263464cb7cdc9ac02620a7726b2e5de8093787f3f2c6305233ee04a55fb4e3f5bfc3a78195e34dda483dda57d9f7a4b3a30260d9bb4b74131aca53590ede

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          be888e5b49b6ed4a3311cd35a0840e78

          SHA1

          beee6dcec40bad11f87806c043253d63b0867b8c

          SHA256

          3d8b7d9bf77eb696b9056ca501f037c0a020ed2ac987346fee44725749ad83fd

          SHA512

          c3cf8067d216f39ea84002aebf58900bdd2ee7d3e2d420df131e4b40fbe493042d8ad43618072a0402a6c365381f5576e4201cccf026f5de4b1a295c3d989181

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9d676f3f523080ffef875aa5f91de175

          SHA1

          8eac89e72ca39795489df4d6b7c406474c507360

          SHA256

          c3db06fd4732fcdf04bcf9f82e12ae23121039fcaa7bd0cf8b0d894f00c9f7f2

          SHA512

          d4d4af915a7a1a378300c0be5534f917b69b6059ee862fad3b2b807a45c4081c56ee1fa145b34a43fa961bb62d7ada1243ddb232a74fd7ae55884b28d0f8533f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          04478fcf8a9246ddb3a12f4983b361dc

          SHA1

          012ddf16cbe0b5f9c088463ad05ec630762bac4b

          SHA256

          a6707fbfafdcd01fa87c1748243969e88c66064be9cb37e55ade275d973d0435

          SHA512

          f31e11b0ab2a603bedf5c64a34e2694863268d054145a230cbb7b17c377fff0853ce29bded9e4a310118296835d0a5968ef43cf0276d75828c4ba03ffc0a3260

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ae75bb026a0b0891ea8bb45a98c71c0b

          SHA1

          c81962ff35b319364dbe42e1bbd1ca64958faf91

          SHA256

          977930ebcb00210e6c161603d69efdf33748916e942745ae12d74de0a6eab2c8

          SHA512

          23b2079d95b881430eb05b911ae32dbe294e10016c0df1a00ef1b056079971a816bba03cdeeddf50628e0c302ef6c14e0fd753d9fe774a88eead3d97d8d71c74

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7182d91407c94bac0e76647bb257a048

          SHA1

          41c69d20ceea67910d30bd63ba43ad5bbe099a30

          SHA256

          291cc422c2e7cabcae8abaf726784dcfd1450620491b302f2147312d338fcf44

          SHA512

          8d807b80effe853fb76b45d3a80b9fd447214d1abe2698f21f0a87026bf65015da2dec95f98b249a4644ae840b4d359bec880261291fd5621a7d9a6d1be8bee6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          19c843af4ac4c9685416f0d0329b92bf

          SHA1

          034f1ca8855d13e672428048b2364a6038b7899b

          SHA256

          a63cb286185e4213c10f2d8bde05a48156045427b2483bb8536bdbc9021ae116

          SHA512

          c34908468e5c6614a78962457a93964648e1e036f2649743a53a4c6c89d6336aa11cb798bfdf982447214966dc4f95f38bbea7eae2da19dd366c88af72f5844c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dd3bab6bbaf44bb330ecf0cae48e48de

          SHA1

          727763b300b972e287c8adb3fdfb09df7f9941cf

          SHA256

          5254239bbce560ead8a48631bc087c4e5c0c517429bd8dd3c3b884eaa946236a

          SHA512

          5ce5f4c7ce8da9f095ccb45221d813a0e0c1258dc1198e4615a93b6318af6dbf0f9b5a9432e65318bae92f281b2100cbd18faf78a3f1283a24be1edfd0dabc5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8af2282acd0c11f3f5d34a3037884765

          SHA1

          567079c9630ec75b3ae0930ba0cc03d62ccfccd0

          SHA256

          dfb812bfe194f3dcf31fc5e339a6ef1cd69d443a66bf2e4169251064ffdd91e8

          SHA512

          f065112fcd50ac8aecd2f80e580ea64e214adb76b786bb021cf0fddcb3a54fe8a72b82146246892072bb5143799ac47fe5e53bad6d1771da4e86d21d97ed3e5d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c4ba03a85a583eb85ed8f5fc9775a087

          SHA1

          8468ca52180ce7e4949182d4bcb4210907569655

          SHA256

          a26a96c8aba6499abd0ec63c32214fe805831108f342744757de0be125958d7e

          SHA512

          5b706b108a0c5f5970dc0353cdb864efd9fd665d64af056eeb911962ccb54521e691e56dbf79c519adf387916220a31cd8a534a6e22c42ef93e8e055e1f70cec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d513bbfd9d1b4617af009a19e585cc64

          SHA1

          8ed7b082405525dbf4a5e3d3c6d89ce3375ec70a

          SHA256

          719b71641bc26cd7c0f2514395687df98e1604e9b9f25037361da3a31ad552f3

          SHA512

          c97fff610d17939f3f1c4d5cb6e438fa18fc2d19af9e6d1f296ce373056bb921b9fd1d24c8e0d8c14a7455ac7373cb3411ccfb41714ddb135c06a26d3e39ecf9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc90d32ab4240b66d3ebbb3362bdea68

          SHA1

          005fa5c35e712f75f132b3e99633207331688763

          SHA256

          f2fbda047ba34f450a5aa2007bc7d68b87391653580cc35151db040ce97873fb

          SHA512

          50eac352fd1d8e5243b6579fb3f0ae18c044307fa3a1e9e7b072fd05ca98cb9dc0423f3b8df7d0bb4af761d2d3d23f10ac272809272edf6de08e7478cf300a2c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          1d2802ebd2e452c3dd897ba2ca63a00f

          SHA1

          28ab4749923d13460848efe955e3853dd4ea804b

          SHA256

          3e8e4ca4b2794eb8265e49c08c1a57c9e95f1b2ceb9741bc5c00a9ef0ae89b22

          SHA512

          07d67775069550ab0751f9f9538263dedb5a2e990b337644c5cb530fef804c435d21a136e6e9d8ead1deb8e28a574a2eadfa03b6011d64206924209b15370dca

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\coinhive.min[1].js

          Filesize

          1KB

          MD5

          2ec43720699ba70c89f5adf211fc3138

          SHA1

          798ef9a5855d7f56b51825856cd84ce0356cff0d

          SHA256

          39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88

          SHA512

          ef8f3d359eecc4e4234e18ae38a5c2e908bf352ccbe518d35cf956d8bf38b699724ef3d673c984625c2b725640e5d3bda45e363cfddcebaec2102aad7a34c0bd

        • C:\Users\Admin\AppData\Local\Temp\Cab3584.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar3586.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar3A6C.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b