Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    8c67b8b399d5a9a68a91e6783b04e9cf_JaffaCakes118.html

  • Size

    21KB

  • MD5

    8c67b8b399d5a9a68a91e6783b04e9cf

  • SHA1

    705adcb3f78bf69b50b902e6e2f9e1a9481d189d

  • SHA256

    dedbb0138c3d4e242fbe4fff21ff3da83bc8888e4dc33fcf60f1280a80f04d6b

  • SHA512

    56fbe1c12de371158f82d09ca09cf393819b01433ac504bec1b1b9b714117c65d7ebac25bdc85107d3e5a4d98144cb0f8df5b6743e719c75c8b3fef0512cea24

  • SSDEEP

    384:zifKhgeftVBD8cY3RLnSVS53fImEfP4ycbp5pCzVczMDJZTO6ur:ziGftgcY3tnSVGvImGP4y8kZJZTO6q

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67b8b399d5a9a68a91e6783b04e9cf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dfff75da397e9a55e35a101e1176512e

          SHA1

          1176e2d3313209eaf5777b0f9c396963ee24e6a3

          SHA256

          2f03bbaef2144c988e578317014607fb4313c72247a8457ba1f9560fac4d2924

          SHA512

          76d98576b0a53996c60f1822f67a7649ffa4d1958edf0395b96f2322cb261880da3fba809f14205fbef5c6a062db393ecccdaaacdc67be4000207511a820da01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          539bd3bf768d2b1ee40627e66b43ad7c

          SHA1

          8c145f8136e5f872cfe595714ea6839f6d602e8f

          SHA256

          7095281f9c21cfd4183bc65818c4a5f276838dc5cadf92b8c81d8c66eb8d3c3f

          SHA512

          0e5d17ad7f27faf9507c153bacc4239ede17212885cf8e221db29983a3f71d91710db2d90a6125df48a30ab6b2cb635c9b6e92f4cfa8c875b00231a17f5e690c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c1403c8bc99104945afb8778e35c7e03

          SHA1

          db78d7a7f6512b596c888dbc61baa492f7f4f7fc

          SHA256

          0749eb1cd45ad0878a7760d31e55df4e72c64ba9113a2e527319116835193733

          SHA512

          d457136ca2297bfd162987a76213dc09c941401b4e72d3288b1e25b9b46dc1c7df1c4a27ed50af0debb102a2a0e6bccb826062c71609025d5c403d0f23dc282d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2604fad923195d7ee1fc0d3e3daabd10

          SHA1

          5902f35ded2fe046a88379f7491e50da3354a978

          SHA256

          0c5c4410396287fed8e1751eae76e2b589a1332c6847bbfbed122d637d80c222

          SHA512

          6eff4ad5914eea734e582ea8e96265f90d930e06e0feaa74e3d09ba31724ca9638133e748fd6b92dea6f0854bd11151a1db79f2804e3b0ffe2242d3eaa7d73f4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9b28cb635551ff50d5b5273f940db43e

          SHA1

          cb591efec7b6d577859c6a95885262b537bdb04a

          SHA256

          cb22d2859392f39d219352af9f98e056cfccd84f7b08892f14973265d48b3ea4

          SHA512

          39d5df2bf2aa38bddf1e0ee3650fb16b59af7e06b849466f3eb5ce679b8f8e0aabdad90f91dd36b367da0ef6aafc467215eef4faa5fc8f3da2ab873d5549037d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f44ee83f6dec6522ed73b682d5966d0f

          SHA1

          eca91ea18719ce4e041ae6fa5ad36a314de8730b

          SHA256

          64d849045eca0d08dc6747f5124f2f3c9b98b4850c1d59d4d1ffce2e5f3537b5

          SHA512

          9f1004c4b6da1c5ed06853aafea7288452f9b17a0d2a8147f0e4be1f46117759bb6e6d02ef9e9b9e50877af3da92fae539dd5881537c667c8af30752fb8fd189

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a871b2c5e7b4c3d24ba2fb64930993e6

          SHA1

          98139325b09c3fd1184d3abff65f1928201004f4

          SHA256

          c40ef3aabeb8643592f11ad6aac8719a18f227da2c81e10078731c4c8be99408

          SHA512

          78edb41239f2d24d54b35990c00c3d05badcc18ead672f8c88b77178c542be761a6ea50d9c97ccd3ee91cc7d340939831135690c703454757a7a96deec5b368e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cb6277304065c158add1be6163605722

          SHA1

          efcf4fcd8da27a321eb6bac2671e4d3576cbf1aa

          SHA256

          5ef45322be42711fcd10ef0bb945e874134c0a1fc64d01fbc0b2a03d992c9dc1

          SHA512

          240d7bbec1df7446cddc7ee58e1b83f19c105493c60aeda390f38ef35475b6b5fee914e5c2cf26d09229b852ef69b47923dadd47bd60ae46218fe9668b048e3a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c41c23f354eca3a6289bfffc1b4f7e41

          SHA1

          5e21bd7adec61e27946732fce393690af9aa6649

          SHA256

          c7ba949ce3be44a43d3dc3436bc511b7031afb904cca40d1a43085dd8685fd79

          SHA512

          71de1415d4b86a4fbd4f10657fe051e49c250d4bbffcb1dcb26578cff55a1365ae8b787c8e8658310339d35292c45508b1702b73d8250b749746f06d110e6129

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a64bfeed172a7d21db75525259979498

          SHA1

          34f413610bb0ca00f1065868abd4a4a79bb6070e

          SHA256

          db7c425eb2279210ff124d69023024094e4acfad78f5d818b4f4344ce1add856

          SHA512

          f817dc29a6cbdb14a7416a6a539023c4ad4a0231a450f61ef3224b28891d1224592b992905b231f05152a5310ecddd03d402780ce0f0395186952763e27670c9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          91b5b454037ad9cb541a6a85f7086ffd

          SHA1

          b54727e32d34a532b53c45640f2e34eea6e43118

          SHA256

          d9a3b123206eefd55c00c948826a914c31ee4ee1682446a8145d81fad657eaaf

          SHA512

          045202d3f91f3678a7d7dc1dae3a40e71734432b127d221273c5105e0b8f18d2469617cd7e506d710d4e6551292e7fd5da4c93ec7b79827ab7c8e3ae2b745fbc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a06d3d0a1123056f3c136298422f917e

          SHA1

          c61fd8f141eb03095f3921717e082c34994ed35c

          SHA256

          c98a28d92bb6677e54fb512d45b498185d10f89f368484e272d78d1e2b90ec3d

          SHA512

          29919b97dc3bd3c0aa7f73976fb6def9dd68496203eafd3d461ece24838c749b74530ed45c3f4c73b416c33749a7d544e327dd94d7187f8c8099a086748978db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          41f65eb91dcdb4f7c34a1934b29a3b14

          SHA1

          2ea0ca5de27b899d991212bc452fd10dcf7e42be

          SHA256

          53b51c0e7689b2da0d53913b8402acb99b1ceb8403813fc98ef3a9c6f865ff8a

          SHA512

          ea7cef2ecacb3bd6ebeeef0c885ed0bc3decfe0dfa378fcaeb4ff4c3c1b22a2303d7dad6e21ec493650a0c70cfed4834bc8db50c163887d8ec848a14bb8966ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fca9602382e731ff63bdc3994a35bff0

          SHA1

          1bd77a8741c6bdea95cfc0c962c2bf01503211f4

          SHA256

          64173841966f407eafa3a35e7c2077ced84edc337fb5e121a70b7069085d470f

          SHA512

          005a0ab3bb38cdc4ca89816939309c0218298205a034657347d7ddafb9a2b773ef1ffdf751bbdef1ec48f110672327f6eb7feb6113b4c0f3de581471b207a416

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4b8a7f0650ffab02cdf0baca186ef30f

          SHA1

          3cf2b19b9823ecc51341a7d5d199113e0ca7a64b

          SHA256

          e8acfeb79cac0882c21ac3b0b00fe192e929b14d02f6520387d84b29177d5f99

          SHA512

          0c81d0dc36bc9bce8da061a556a9e1b82af48cb05090db082f155153c7f748ea4e43b6854f8bb43270420a322d91f4faf254e10142cff3ed7d03ca911343b68f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66188da02f2fd70a8f189b0e258eca9a

          SHA1

          f958d8b2b5a7b80d999e432e526ac12ce3e00260

          SHA256

          44c8374d555bcc10371e0dd36c7a2b64150281750a76bc5c9bd97bbd6025c2a4

          SHA512

          36adcbc0d84648bebe28f347f1a2335a8bd75a9c2c3ec3041b6e02644e2650f9ec33eb52451207e0c97f75a2460e2604ab2dd1eea05df1c4d2249981bdb11737

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c3de96a9bfb5fa5eb46458bf1fa868bd

          SHA1

          6a6caf5196acd0b077f3b3c1954582635cc368b3

          SHA256

          f1406771ae44a863368cb3a10651b99523184b2a15aed4ed5baec29bcf4c5372

          SHA512

          a12e5a943a3f6fd4101f45f54284c2786dee59c7af0abbcc91dea6801ffdf5c7d247e6a413529b55ece8c4a406c17bce41afebd8a5d643cec55e416e43c3ec7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          880fef66bac6e64f51cdc4913b443351

          SHA1

          994c6c19a2e2df3a671058dba3d19fee3545cc22

          SHA256

          7ee3242c9a003b4438215429c84343f4e08fe9c3306da7082149418b20681652

          SHA512

          a4e81f1e97273a473439d0df11dea2820f752fc59c676e8cabb823181810365810695e561e81cb2e7a2f29a12dfa23aaa45cc80e2abeef502512eb50aa68d1ee

        • C:\Users\Admin\AppData\Local\Temp\Cab6309.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar6449.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b