Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02-06-2024 13:35

General

  • Target

    8e3f9a34b348ff7e5a9f35e42c2e127e_JaffaCakes118.html

  • Size

    461KB

  • MD5

    8e3f9a34b348ff7e5a9f35e42c2e127e

  • SHA1

    67fe473e76b4e99a74a74e2b252f5d62f767da88

  • SHA256

    02aacb829334f025ea676cf64048e61a952827ffe0cdb118ef9b3e7809791c68

  • SHA512

    332f42ab31cc2b2f6e42d32620bfee7c92a4e8dfc4eff3243ac74d2c2faa8ffe3238da17ea8c6e6015bea00a9f0ad60b9523f47742d642729ef3f2798c2e3d8e

  • SSDEEP

    6144:SgsMYod+X3oI+Y5sMYod+X3oI+YdsMYod+X3oI+YLsMYod+X3oI+YQ:j5d+X3L5d+X3z5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8e3f9a34b348ff7e5a9f35e42c2e127e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cc2480b9f43b8a33fb51b91ef0d5cfd

    SHA1

    c489485677432049ef8d70ff6107609e0678dbbc

    SHA256

    d54ea3a430a340b2b4ca1efa1cbde8096a61d7a26de6d7782d1b01f703bc1d35

    SHA512

    afbb5e8e0ffaf27647acd0226cd17cf32f37c39f6d4edd3288be0498450d445062fb02496b97650ffb6bc2f9050783b11eae05e75a13a4fcf876ae41bb1b579a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdd8ba929fe924273d1eb2717bf1077a

    SHA1

    718140e496c27d5a4dce14cfc60ef514890b173c

    SHA256

    47388f350f5738a07fe0f07f0fa5cb41e5ba0df876b95d03f1b8e7dc724cf95b

    SHA512

    c278de38fffef1b7143713772f6914b80b201b39779f8181cc817a73c83399ed64566194921f36a943d0c78c9d870d130f1de0e8bab2c1353cc2c66e65bed56a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f0ce70aec8727d0a30481bc4e02a5e2

    SHA1

    15fa7e4c990eaf4c7d0f33b889f638dbc75893a7

    SHA256

    ae7e679006c40c28e772d3ed3222d163fc479b92653509cc58cc718e4154bb25

    SHA512

    67ba8641186fc6345657cccf27771918e9b938b8052155e2d41f36cb0471fc6922554134ad83b9c45ff19f2ae13e182609c3ff90c2df695a603f48728ed56ca4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0d6c310fb54802636c85cded4bd489c

    SHA1

    a4f2001736f4a708bb7355811b8b1403ee31fe8f

    SHA256

    508b6ab1cc13bd1a8988a8ffeebf313085d2fff212673a114bb6396c33fc2374

    SHA512

    7937458ec770a359919db9bd4cdb5141271fd64bf1c621530851f5852e2681d82b98e148fa8df7b5daeb16d1e048776e55bd91634ad1f849fa60fa14312d16e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0e62222d6b65c039979d7155c0f8254

    SHA1

    8502f236000b939358c1f0480a3ae45356cc2819

    SHA256

    6b31701d26687bb745e856f6ed6f2c8104f03958ea6ccdc6fbc302cae931ed26

    SHA512

    c35d1a8b559b1dc74ee5cf6ff805778d601d1c6452e79b4cbe6e78f8186daee95e928bdee34d51579b113b12d06c0c2af10276dc866cb3f8af3fa5866676306a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f05f608da80da5d61a6906fab12588e

    SHA1

    2ae23338a59824c06c35da7a60e81b39be07f65d

    SHA256

    c6420b77967c62399a1197959adadb674352fc53cdf23d6196ff125eb76645a9

    SHA512

    bbbc26567d0e340f57b1a3a30b80fa00055f52ca1412a736397a432c9f04d4d977ed5c2b369176e8acdacba88da659d69a3a412979754c00e70e66ef0187f09b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39670e1deee1236a69b3b82aa3b55878

    SHA1

    3912e7069ae9e82475c8f3665b3cdc92edc72605

    SHA256

    b1fa397bdf42b1ed51ecdf80e0b7b0ef3981c46b15cc23f7b7c98e6166005f30

    SHA512

    eb27becaaa30b8ab91aecb6b6d7918a714c1a5ca4bfa3a9baed4140a8245f3cd6a74d87f28e064786dc82e4c8ddb03fce90e394fc63162d91702343b332626ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1880f865c13f4669e706149a41ee8b23

    SHA1

    5cf28285fc1c95d6ef1f4bf646076ae60ca6b13b

    SHA256

    09578b483630b5535a07af5f72473edc14fb4619f99e1260b7577fd27c01526a

    SHA512

    c7ead6b6222fab1b3e2ec90bc570c5e81d9eab0eee4573df493fa3e7d7e88dc947419b91b01085cbf470e480e1818d4f93d58ef0f73a6fa3f9074c3097baa902

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    701e51ec3bac8ddea375be4a5640ff91

    SHA1

    f5b3ec7e2e3bbc413228f86227a32b049d1f304d

    SHA256

    a36fadb77b7105655e7c2fbc8ca693123c942ead3b0c5c40a4fd5da1ea0aa739

    SHA512

    d8241c3a325a3db1cce5ab13da666129b25b80a2295e6c6fe75284225d9d208f880839d174c6fd2c867bfafd4b05afc70fc26c6bc6398ffe4660e930e19ee01a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a683e94ae456b922e632a5f1dc57811

    SHA1

    7f62be61559525ebc049f01e205b4de414afe6f1

    SHA256

    aa9e2e1f39628db766d5bf6e8f5ff78f73d8e033f7255f16b13305786bbcd700

    SHA512

    24515b9384e85c981cbe4c5305b97560f01ad05780abde5af310d5aab31dc7a809bd25cb1bd76b4b6afb875649f72cbfef113ba4bdddd32ecb8c4887ff219883

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fd7655934abf04ddc999d3245c7fd52

    SHA1

    757f8262f531acf7ad739b687f3893f2908726bf

    SHA256

    cb809a613241d08f2b3029f4f0dbd69ea4402f05ae4bf8cc92ff89f6ea167e40

    SHA512

    c7db80024b95ff261154e2b5d3405c96db1def5c9e62fac56556d99fb01ed67aca0d0027c19890c267876b652e34d5c1f939142a561390d827f6e584edf94312

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6617b74fbbd9056d6eabd685f5d81f7

    SHA1

    b8ed57bcbc57a3f47a382b0a8d15c7dc94f560bb

    SHA256

    a6a232b1a466d2bcf8bbaee40d3d40a4af638b32c8db69cb6b7acabf4bf69ce1

    SHA512

    6910cd8027eaac4edea6571530efd4d41ef878f5497d8e174d75a9da2680e8bf936462077139a226ad8fd08ef74a7ea056338c5f646a2120db77badfeaa1596d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d4a8ade69cf912fe8352617be84cf39

    SHA1

    769c52379b1601d79e4fdcfd44b6921765b01315

    SHA256

    8b75e1ef8c97d306122542735084108a867f749aa3529154c8a6ce9f4610f991

    SHA512

    9742e3e46f59284a890f3825e07b51bf1220880f3ce1d2d63132e4e1728fa9dec4a5b7ee701e82e3e450d1e29552bb8bf00fa5347c89ee45425affed5a716fd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b00129d7fd61e63800eb362a49e68f7d

    SHA1

    e721c055444eea754ca874469bef08fa4af2c1a3

    SHA256

    ace764657ddbfda65d1750bedd98a75b75e62ecebaea1d15d6dee6eb8fdbc071

    SHA512

    e8450ea335af6db3016a75851d56356e29f887640d826d0d0c4c207bff2442de4418c53572262eafdfd068974a4b936db69ed5471e97bb8c3dcabc5030d456f2

  • C:\Users\Admin\AppData\Local\Temp\Cab3FFE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4100.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b