Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 04:46

General

  • Target

    8ced18c4ce5f2e759972b5d5e0f36ab4_JaffaCakes118.html

  • Size

    27KB

  • MD5

    8ced18c4ce5f2e759972b5d5e0f36ab4

  • SHA1

    721d59efc2da78208afd7a2ff8e15a3515b8e2c2

  • SHA256

    daaec3127e1683e8aed2f261e3386c552e7e2bf56a04aa97e6fd0f2d73b09b9b

  • SHA512

    cd833f88c70c8b55693529de29084da827278ef23bc669559dba3fb8a2037c8acc60cd7eb44af89f7d4fdfff97a333444b91165889b4a6938723ab7ce416511f

  • SSDEEP

    192:CyiGh9vKjB6H6tdEVSNpETT6AxLSFMw2KkEZsha41wXyQ6r46ki46Pb46QTP462S:CyinE2CphnEZshaQwXyFjk1P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ced18c4ce5f2e759972b5d5e0f36ab4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          896dd5c989255f9e4803a90280a3ce15

          SHA1

          d85c06e8a66fcb19b59b6c70174a71471c2a632f

          SHA256

          e1d1ab93784e64dbfa0af96eb6a2c281899a46761e954f084c8ec2210dbb4de1

          SHA512

          a82da73beae0c45d316ce6bd21f79d2662e3d0fc252ca974c1da4e70f8021e799f3ce6895a125efdaef82ec8a661e15791a552fe3c9519aa8c83e6e518c73d80

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0302665c8ec19b9506359c91886d3e61

          SHA1

          5f597f546bc1af13ac3f724a83d2beb27de3fd32

          SHA256

          01945350d02e81097a27eea5af8cd2b146d190d430f27c1e5f43fa206da8b29f

          SHA512

          2d486a3d776796ca4be00102b47850e4eaa1c22e0798bc21966106859a22f137f92df1d2ce5e8203dfd1a57f79dd2a174f7b36ad894da27c17f787af0c963e33

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e1df21bd37c3fa922b2c524524df9a38

          SHA1

          2e29964b25b37e59df93edd0f3da1f713d8f9214

          SHA256

          54f4449dd6f4378d16862ebad43c9350cadbf3242baf88ab0d6f2fe5c31f1ed7

          SHA512

          54148f6cc698059ae7e0a767c230d20a669e8ad43e8a052c658adea6a7c6d98afc0e3089b024200155815663ab68892808efcc76056102dab9e508d94ec0b842

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6930304939af02cf8b00a9473468f76b

          SHA1

          893b10cc9d4a2ef0dcb840745843a469fdac95eb

          SHA256

          d59fe252ad48f7415e10d80b24dc8cf149f2273ce300f5436aa57e04db9ceef5

          SHA512

          d06ac339a2f93b9c5451773a596bd40fa4f07f8832b5637fa1124de2c74ccd95593057a89809f66d8af77b240bea2a1946e199b2dc05bafc9aa02e76ea864629

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          02e7d1291cfd4444a656ede4671d0b71

          SHA1

          3ad01e0e5b49a0a09dfb03c598d38f1b4ef068f6

          SHA256

          8e157c249e944fc7091a627b3fa39b8aaef2ef721e9ae6ae444bb4ec98ab39a7

          SHA512

          2894e93e55b9aafe181d43a9b1786c42966bb8a1bf89fbefcc88bc5686231bd6b1997e1f9221a66eee85846806910c413bc76b4df44efdebcf82fda2623df1b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58866c6bad23f7ff7827a531e6fbe0c9

          SHA1

          5a939f73530074212bdaf4650ca18e5d0ba4fc5a

          SHA256

          299821f92cf7d01c5b39ac6795dd409cff6183a0b57401321a39c40481121ba1

          SHA512

          700f41e641b6a961b26016b8da8cca2f5eccb000de0217443ca36fd68d3c8a29b5598edda0c3e3ea4d00bea535a0b5b020afd1b79c72fd2b18212f719945dc7d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e45c0a02f12393cf46cb7b8c3cab4390

          SHA1

          72cad71ae9bee885efdffffb1822b5e2e4146b2d

          SHA256

          deb4713a307df9140aae97e73da798915421e1ddb09114e81f4b19baa4076a19

          SHA512

          5eac1b5ddb99763ec6490adf080ed82fabe917330594d606c0e058ed58b029495797b4db1f8a16b006a9ca1dbd4b64b0af06fbb3a26b67a07e87bd98f0323994

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca4b280d28e2b9fe6cd70860a919459d

          SHA1

          124eab6309066e19d3f858d832ee8c205d9dba34

          SHA256

          52866692656b9b9b6f710f3f959a3315886693b51c26fb4e5d02b1f022ce8c65

          SHA512

          22735eaff94d97990f2a9cec7e83f231df5e013cc57270cd226c65c0c2c0b1d2c61612e3432e84cf9d74d652bfc4eaebfbc5861d14a72c0cf772f246dc4ebfca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ac0cde2af0aac265e047c08aa5af87f9

          SHA1

          ab3880f3b60c2fd86bb178c19542e7028e2a72ab

          SHA256

          51890cedc5937fbc338f5c6dbc576ff14bb7840334213c35f5e11da2b3320fed

          SHA512

          f2039f32b19a27c2f6510621d57f6f0f57e5d869a401d4e02c8023f874faeca19c66b627a7886a0c8e98930481b64daf6002bf4a026219221d556ccdbd878b36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ba31f14c20b92e671a61769105f55544

          SHA1

          75e161919e23977a41e87d79fe307c3f8bf6a525

          SHA256

          494ea4a069f9f58907574af044429620b1ceae3f31739de57b9f934708b1d20b

          SHA512

          37846cf0964c8e81aa97450ce8729fddad79eb75e0ca2a13689659c1bacd3b991b5a4463859a420c4dd9dca865b0480e74eb78f32e2feca35e73c9853bd58cf7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          06770c23b4320bfeafd107f5cd341e14

          SHA1

          69b3d1731e27f36d79819b9cd5e348b71e743bd3

          SHA256

          c15baf7ede7895ee281931172babad163b215f7401b73bbdb3b57e1f2d8fb546

          SHA512

          8d9b98b9617458c6924c6c4833bed67f150e7484a216654af6d51d0802c768035907c48eb97bc0e8dcb22a3a4ad7239b8b0793e72ae0f4a8948db3f71ebf51b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4546ceba7c077157246b81c5d4518a2

          SHA1

          8831ef202611228acdec84a64b524d41afba3ca7

          SHA256

          694a79da2c9394dea5063875fa099320fdf3f7a4eda7f134a44cb24cb6b017d6

          SHA512

          03ba405c79c7a0b1f608df69b47abadc7685e4223cc1f71cf4bfa9193a18684422fe625d27ff0e594a7108f613e9c43d38d97810e068f5a6deb1e532f9052211

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e47b02c8069d456e6fe6474708b4aeb

          SHA1

          33d96dc40302a3108401eda61a2f5e6d478e6c63

          SHA256

          f26b3d7cc4004dca25abd0667ed4ae190a9d169c1e9c00d87ec37a89257d715b

          SHA512

          2b8032ac15e57403987fbac4c63b452a9376aa2e3036905e2afedcc974af2dbc0831cebe1a56e9ed68f0e10fbd4590bfb442f5e3a37fea588e4d1ee0441894aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c208450e00b07d0547cc410a1c2719c4

          SHA1

          c650235a169f0b02225f95a4c682593c9cbf7ff7

          SHA256

          e9d95698420df6da67a227be7a677dda40409c1e122e3b2bb69732cbc474b4c5

          SHA512

          ce7f604d38dff4380ff661f71154e5086518fbb322104a66667d9d97bb2b51036e86433ac1b0a030cf64a78dc48b311255a57a8e91cdf7f4dec7cdb2b39a40aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          78d180865a9738e6fd7243b562ce40c5

          SHA1

          fbb5ea9270c747b75551c5b652849957bdb9767b

          SHA256

          d3ddaecbee1c145f395d3ba833200a38a638d4d89f1011dbbe5b6272831f3f47

          SHA512

          48390bce743cc13ea5c55f63fe16beb8ff2b769d7aeaac69df3a3283f3be638bd93d4011fc52e607e96db0591bc9845820fa194eea3b859cb11a3fc060163764

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e235561ad68ac64ff9cf684e690eee2e

          SHA1

          8cf51ecda2b6c08599bd56f516f55bf03f05ffa7

          SHA256

          226506b36d3f6ab15eb34a7eef0728b5acf2479f255d3428c97811d5971e49b2

          SHA512

          d83d77b2f3161e1b4cf9e298f50f60f5c48c67a2050314d99604e58764b860bbf0c0246eef6920620c5da22ccea7d0b4d536f8251dddd021bda568e2c1b9cf8b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          05bb77fb63ea0704447d0f31eec1db3c

          SHA1

          6398ad932d200f563f3406b99683c465702a5f16

          SHA256

          284c481322106e84514a6510e1c36fbaf4adfecae24500e01d32d763edc1761a

          SHA512

          3341a5b855bbee2122274f729221120e4d60b5362e6918f35f4de29ad98bb613234ed52086d9bd2e7df72ef6de27f8abb2fd7a2c7a40e4c9150b96c64955694e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          300277d4e17aa53aac59e4ff6aebd11e

          SHA1

          96b1857e31b2f3ae8795dab75264d03b2d8ebb72

          SHA256

          5e7e6a7f04a1bac5b9f97de8379d9bc6e50ab4cd7712882b5129fa95e3793be1

          SHA512

          8a5926531fbb5e9734def861f88c1771da4eb27b0008ffaf95efe156f296a9e6b090657405e14ba0f14c46c4b93b0256fa0dd343e39ad982c2f1237358aff763

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTL9DZJ3\px[2].js

          Filesize

          32KB

          MD5

          f48baec69cc4dc0852d118259eff2d56

          SHA1

          e64c6e4423421da5b35700154810cb67160bc32b

          SHA256

          463d99ca5448f815a05b2d946ddae9eed3e21c335c0f4cfe7a16944e3512f76c

          SHA512

          06fdccb5d9536ab7c68355dbf49ac02ebccad5a4ea01cb62200fd67728a6d05c276403e588a5bdceacf5e671913fc65b63e8b92456ca5493dae5b5a70e4a8b37

        • C:\Users\Admin\AppData\Local\Temp\Cab35E0.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar3666.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b