Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:45

General

  • Target

    90fe09b1874bcfa7346d13861451c480_JaffaCakes118.html

  • Size

    16KB

  • MD5

    90fe09b1874bcfa7346d13861451c480

  • SHA1

    bc76e680afd5f4dac4447893cb5c77528671a987

  • SHA256

    7b390459f44dfb62839c0abd4805cb7815cdad9987b3b1c3c0536ea70618cc66

  • SHA512

    cf37ab3108dde01014af717397d9118ec979abd8bd5be3f963c5c18a0331353e28c4f0b80754be166297dbd17c4eed423fe5b8a8fe055014cb920fef0746ba8b

  • SSDEEP

    192:hMtCWmljavCneE7lYes6yneAqENnQ+vcBnj/nxnQ+v4aE8Qw6EnwM:hEC9CM7lrUOCw6EwM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\90fe09b1874bcfa7346d13861451c480_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    900de8aa19bad57634b82229b0337d5f

    SHA1

    8c0a534668418b0d86e95db06c67eaf0fc62719f

    SHA256

    b5348ed0597208ba177a94340aa5a19d2587701df88a7486f253d5437325ef2b

    SHA512

    8c634880e9a1aa9fe0b6d19c314d0beb9eb44b20d4ecff8653d3b7745311b93c07d0fc168abd207826f1b32b15387e2906a6768e38fab99f59b7f3c3e42438aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d002118e2b6091c06f139fc3f84e0a9d

    SHA1

    d3937d962aebbdc4ecc83bed1636e2456b0189b7

    SHA256

    d689c81113aa311eb6ba44aa11e18aa408f567e2e75086eb7af18f78ea04ac1f

    SHA512

    f789a0375eed8d47cbaf2c01babb2ba103b71de2c99fbba25e679498f1fcec06e0ae7e400e704bb1e1e03282ad8e30485eae2b28a248a85ac0b71004584c3714

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f88a6f0c0b53aea97b65cc8ecbbb41cf

    SHA1

    cd0393abd1b2037ce813d19579c01387173f996e

    SHA256

    244be68dc1f2bfc1a8f1d3ad8686263f9c457ee8d27d228d899680d827560dd8

    SHA512

    e94024f7270229d64b1dca4332362b07b7d4585e0853c0a1f3fa6ee951e3779401d4ab4fc5f4af0d624d94caa9daa3e61061f8c108aa70112e09f8137c25f8ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12b01ca1e851d4d4b24f9737e8e13bf1

    SHA1

    d554cff809ccb5933a3e02bc61a1270f63e9cf34

    SHA256

    cdd9ee0a52596f08b597cd494fbf6bc1714101e60345d7df80791f6160ee6afa

    SHA512

    b5298a38f49243066e55425425a56ae653dd83effc92320d09439c3dfd9b828cee79780227ce26ecc46f43730bdd7e9f5459afa8d4ac71500bdc7bce81ba179f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1ca358777bb8707e7f6562de98ce125

    SHA1

    d5f02909ab50580f866cf4dbceb7353d171ade36

    SHA256

    055cc8a8908a198ab3c82b9f2100578abfd5ad6c551d5a37859c8f95f347e7ac

    SHA512

    8dc4fc8744cdb9f93b92e751aa0d1e23d31abf69c1b482d1b6cff5ffeba2a9931bf2e716f3f60fdb5a01556379dc8e72ad940ca506ac509b01d7483438136e52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59b8f4a661098acdfad9cdaad44d10e0

    SHA1

    3efb53f138532ec5e7a862641515eb9ca6a9d898

    SHA256

    58790383d541e12cfc41a5cd7d469b486965d5084b6a9214b95be7c6c50bb47e

    SHA512

    244d3d6a3f98bca5bfe48b66a70f731daa9163028649e7f4ce3dd09eb1994d79f4f3c389a5da59e038105df9a0351a367c6214feed7a6dcace5ba3a88d46cda8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01a66c32e661f0311b39c3b60a971a51

    SHA1

    16ad37350977b1ea4bf27c06326b84e63e9b23a3

    SHA256

    4c5bce214b2af091a0837398c6b2061f8aa140991d01b316472506e74225473c

    SHA512

    15c07c4b8ed9c36b3ad2baf31823ce4e03030ed3838b2ae89d56ab50e4f02c91fc66bead5e87a6d5181ccfef1a6fa1020018079ad9c924265d996b724a5b8c4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d851b0d6f9c89c795eb7b2e50bc29479

    SHA1

    7b731832856dc78f2a1410c2871921a2f987ea8f

    SHA256

    16f346df1eefaf9cca14facd67aa50913d7a6365e6761f20a61c402f0848e2b5

    SHA512

    bf01325331acb141f52f0ac7239dd265c39945b9e7965a85ee6d200b5d1a586a03225f46587943a38f78618d14ecf897acdc69d71783f2c3d796e6eb45845f8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce46c953157e3e773f0535f85eb73426

    SHA1

    b4626ec50a3a6a044a2dac39dbe862ada9add3d6

    SHA256

    7c923fc5104cad14c2f2f212f621056c2423053f38bf52c49d8eb99f529b247a

    SHA512

    b59277afd2f3d4ddfbee93f0189f18165db9489fc9682aafa6185077b37d4e31c8e7a421ba0dcebaee542e340f5ff98192dcc127599b6313e0405b15e83a9815

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b241ab8d9707b8dfb3453152b266722a

    SHA1

    4be52293f1a65254b6cc006943db472c60946393

    SHA256

    a386b1380c6c62c7fef5a493627a3e59d9999868875bff7a0cceb5ce78b4c3dd

    SHA512

    f97c935a8a2694080c2bd3fb67fbb03139beb9287621f898a0e72a65261db06d212a6f7c2e1b32bd738f182a030ec1422ae89afa44844dc213fd6130ccb82479

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fb0e750f988b8b6bc5b3b298c94db24

    SHA1

    f58047db29ac516d6462c2e5f95faf838c3621b8

    SHA256

    f3b7c56ba533c31ca806ef6b0d394faf8e6d79d736ec4ebf981ba6ff738c2ccc

    SHA512

    a2252a65b77195f6c692d938eb5a244b77f5f79131a424aae72427a7ca3ee5a1eb7f9ac2ef31c0a781be31bffe7f69aee4ae64c9d48b8d1d293eff0e5ddd4d4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e6b4f9b4639036ce513dbf1149bb867

    SHA1

    4097805eb43c22151c2bfd979e9c9fd417da5af7

    SHA256

    8baf9b2043663560b877b8b6038901e3efcbd839d10680cbd61689d046dc1793

    SHA512

    da4c9172410bd81e12378e99213690b39272ccfac21c72f935560a688567153c1fa8701c12cd853dd6ed98b9f74417446e348644a7f1ff9476aef7a7411ae8de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abf45fb394a3edc1f8858d28e0bdfe08

    SHA1

    9cc7f18ae2c79553cec88d7a462b557b71d92d09

    SHA256

    5b5ffeb106d46ba7fc24c903862b248186ef32e4c0a0e98b6fd13a437c9cc4e4

    SHA512

    833f093fe525e319d2a56f32a2724849de7d366c334526168676bdee57268523e29409099f8a559a8ad4cbfb7d2489f4760a6a671d923b066b2cd7078a1425a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5568a0c20135af1d70b692fd7bc93fab

    SHA1

    1e2cce44a464d1aa1130e69a6123e5ec85a2b695

    SHA256

    ac34950cc9f7e1730d5c6678ccb6124ef0858ce09da9a1b03c70635fad21d464

    SHA512

    2a10c447bd22fea49618313bc3b4fae18b531ec0df4d15735d8582dc8ded5eb778806c7fd67e584b7801737897668821016b6c5c754fbec72b303ef5bbb3db65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba589269302f63825fbff931fa538610

    SHA1

    04a0fd75022130d345d89d38a8c64aa17489a8bd

    SHA256

    3ef4812c9eaf59df686b95786ebf93414ac2e63ead08ffbd3d35794359f995d9

    SHA512

    c0395ff88f4e55fc7a7263ad0c7da8fddc9a4e5ea73655f6afe4d522b9a154d6f2f39514f6cc10b09d0603a0c22df8cf24029f7948a1c20babf939d1ff23e24f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d259f089343bb41bc120585ae7090bd6

    SHA1

    c77ec9c32a2d7fc9dd14954bf253299c707ead3a

    SHA256

    f6bf40233358185fbb46ceb508fdcbe5095611972e8f222027b214f73d38999b

    SHA512

    fcd7d73d2a3adcc5bbcec5a95e37c9fe0bcbc4f66f838c812c0ae3e5ae128f097bd5d8ab9677f8367c31567539a8c11fc86b1fe3a16762b54455fcec10389824

  • C:\Users\Admin\AppData\Local\Temp\CabC8DC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarCA0D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b