Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:09

General

  • Target

    8c692a5b33c5c11d3d4dd1bb5d8474b6_JaffaCakes118.html

  • Size

    261KB

  • MD5

    8c692a5b33c5c11d3d4dd1bb5d8474b6

  • SHA1

    3e7673399db8cd0ec922f5cc5af3aec7bccb37d4

  • SHA256

    85e1012e061914c8ba7986e1c96ef8fe3bbc7e2661dfc0371153940ccae6e524

  • SHA512

    c6ca7f7503664bc4c20d2d1dc1237ae383444c3400451a109e4a0165760d514962803b33825733d2006d6d5f238d601fdae89505303892ca077fd793493cd427

  • SSDEEP

    3072:S6UyfkMY+BES09JXAnyrZalI+Y0J4zjPafQI9HdmHB847iy/3:S2sMYod+X3oI+YGQLafQg+BLig

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c692a5b33c5c11d3d4dd1bb5d8474b6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          7cbc7843934e55cd1d064691a9f4f5c7

          SHA1

          607989320bcad827cb4c41247dc68eac70aa36ab

          SHA256

          e51f161a12f1fadcca4d5a2c1a6e3fba3f1f801049e555a3f0c4ac6f587b34a5

          SHA512

          841e9462c659bfbdd5af968936bcb6bc768dc357e67755ba4590756d3ca630df7adf9476525a18c5d4267a0a31fa4fb6a6a3b3cd4c53347432406f535379384b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d79dac0787297cb280184310d508fd87

          SHA1

          a03d8ce0387ff46108c3c3401b6b1bbdba75a39d

          SHA256

          b60c6cd46bf8ae6e3a7e97a98bb090eda386a9b4bd370238dc4cf7bab7d81b8f

          SHA512

          3504a669d3b0edc21a8b6b587d79e7df0e79cfc841e8a3d573f97c225c747482969295d19e659ec3d42bcc21fef9ae9bd547566982289f56a3fa95cb3b270ba6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5699a52d76218cfe885345321293f711

          SHA1

          2a62b8e85cad084d774a44c5b1fc9c78d09d4a14

          SHA256

          fcd7d11b5c713a7ee40c23b129092c84ceb464480593fad40ecf00a8104a831a

          SHA512

          0be7efa5af3ac1af3834718c45e9a02f18b8463720c456272a7fd8127386db411e9b84a3df2f670187c4128a5c06007a253921f10ce8dcbd36a9a93497cf85ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0df24673ba5d310ab194b9a67888e6dd

          SHA1

          17054da9037bdff41dbb39a49cde279a7a2088cd

          SHA256

          42cd8071dcbeb006bf6f354bd5839e550852d793d1644bf36ef12c98d73b125a

          SHA512

          5ad6f435e1895c7bf1a772163c52b152dcb84302c02e343e49a2b70e845595958980149cc8870f5ddb97251b7ee548c3ef3b9d76142e4a3f4074abbe71a6f3bd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3b2f108beaef6dd8b4d4755b4ba9bf73

          SHA1

          646b5a7a5f6b6607f600f2fdd4d8b92f1320d28f

          SHA256

          919b782519a33b82b9f59a3632df418991180d03fb76c557b5ee23862aa8f478

          SHA512

          a6e19de5b2bc515e36004d451026d5e3b8242adb172f44775395d2bcad30c24756946007cbf6d9a4cff9ab7820af46ad29dc432d94029a8f42136248d5ce2a55

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7f453de6aa232773ea3e8ba41520e80a

          SHA1

          abfe5732325ef936604a560897f1931d93f13aad

          SHA256

          64c03052b9bae38c3379be5363c0d85e76a06113a6caeaee6469c1fc2411996a

          SHA512

          e878e1dd84805d865705d7530902221d70f9fc533ace5eb556740c243266538503fd4a584e9f39a15a0024ab6c2cc9106f7288f45200c3f57a59470961182e52

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          081b8200839bb996af1426fc73e50c80

          SHA1

          b8874b621ada3a5cbccbe1a63322a324153c952d

          SHA256

          ca124700d44679f81725127a7f676b7e6e3cb964d49166f1f4374d31ae2372b1

          SHA512

          de405c2ca4fb11493eb2a8fd1d8308d09b354f6bf4037abbac3eb5eb33fb3c540d06f1b6c375ce7a176579ca1daef69dd90070f1aebaece5e66681285a696f61

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e4a871ba5dda531c2500143c48802d2b

          SHA1

          777234e498a5f83ac3ce6832bdc26e385ce4edbe

          SHA256

          1da5da3fa2ed224e0b0d7b7492bc3457b45217ce00033ddee10bf12523a21cbc

          SHA512

          9332b7b4625a18d6e2946aa1dbb05eafd9e7a11c2a45f6483c4a1571f8ac7f8acb46a9377bb82a502287299627c6879a350f41a997c22973d32231e1aea5f523

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c40604da4856555a70a1a9cb504d8e8a

          SHA1

          df7514fecba7a0d07103f9ebcbf0021c7bc29e14

          SHA256

          8316959a7e78622a16eddfb3f1589db1da4911237539a3355572990d457cab6c

          SHA512

          aca1e0855710e7e859bb9d73dce560df13e348bc504e5f4aba8eab7f07992fec471effe815cd32bd19f506bc648cf7c0b5a2d0ee1cf6dce9b6ae6b804234db8b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          34e4e758f6a8ca172620af174bf85aea

          SHA1

          490197466be8f193dbc34991c50330df5a2bb3b2

          SHA256

          f037335c4414d6653e22874a591ecf81c3323a8263d8c48e14e1872b3efe42c5

          SHA512

          22ee97f06647ad59cdd7ce63cdac4326fc8795154b9a136a6535919c210280858d12d8382151d3f10e41a47ef497289845e8bc421d74e0008b4ee2bcb6540303

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          50dba1888a7305c806315f61c1b880af

          SHA1

          2eb19489168303732acc9c4b30f60c1d69fdcc0f

          SHA256

          2f4626d09ba0667d31c36384d3e57ebc9ab99a440a3cb20fe17453c3850e3f55

          SHA512

          3065e5ab1b0d354cb27636b2df55e3d49f6e767be8207e4f4926b45f5ea5e7a1f829af63fc5544b7cb5a0e2ed9cd0fe1a054d4d4cff226d67ae94c25f910bc95

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9cad4e5d7c93ce762fc011b2cba6da6e

          SHA1

          1619373e084fa56a39a0be55878324c03e0e751d

          SHA256

          0f44b3d329803d316302b72b0c3b4900c1f0cc66729a223f3da348271e96eb3a

          SHA512

          42429b3208b9435f0ba8e11b1c747e80d1d1934552906529eefde05b46255317bd445177daab5d83b5a1de327e33e353574ae44105ae4eca8b23655b3098d33a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          1820d7a805a54c1870dc4aaa892ef1c4

          SHA1

          06b360b047b6f793ecca6fb2b243308c445cb76c

          SHA256

          2b02bc089396174057fa90ce4515552b322f995f2a65f1dba1d605cbaf4dae86

          SHA512

          99889e1b7cfa7aef13c9bec5b6dcda5ae0de8d3df4e59ba49844fdd961b775480a764648f2466f2a04477df3fcc109aa519f85a9cc8383dfd539e922ccb6864b

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\domain_profile[1].htm

          Filesize

          6KB

          MD5

          2498e8e8fe847488763295340f53cff9

          SHA1

          1600da5d9d24180a8347e4606830ea26e81d1d39

          SHA256

          6d25971a212e9f9535b56e534225e44e1e2dc73ffaf69dc164ae2f15148c407f

          SHA512

          a8c98bcae839a47572487648561d38f0c0cebd0ed70477f799ed5b123b02e33fc9ed82c2e66b57879da5b1e3e88c4e876b75a2ef05c1dd4dd178be9a76dae1ed

        • C:\Users\Admin\AppData\Local\Temp\CabEFEB.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarF1D6.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b