Analysis

  • max time kernel
    142s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:56

General

  • Target

    9106d68c0972c01a177a0dc7f1ec1457_JaffaCakes118.html

  • Size

    39KB

  • MD5

    9106d68c0972c01a177a0dc7f1ec1457

  • SHA1

    6d2d6fb350d5d71e0946aa756a993883a4929cda

  • SHA256

    9b9e1a06bb8c70f8cc98502589c2f94b8fb0db23cbddb2554d38758d3f8c990d

  • SHA512

    547481848c76159e68c357b5095736b493e03f670c6e279c0708296d64f351ac847af0142b5536d3ba4ae50a654ea62cbbc31b300240a48a229a19435846e6e1

  • SSDEEP

    768:aESLsJUZ2Hs42TXGs3MAQnIe5/93euPUw+WmZfK:fJUifoXGs3MNnIe5hgQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9106d68c0972c01a177a0dc7f1ec1457_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8cc2ef4e6e7e44c30e6dbf622607a51b

    SHA1

    50e3f991133e812eb0a7fbc7024fc5aae7804265

    SHA256

    b247870d5ef5ad2550005e8070aa5caca76bd139f583f2cf8eaae34202ddbc8d

    SHA512

    4cfdba653dffe201741bb68bea96b370056ba59892e37af95f2bcfe8e98f806dafcb1522bc3c934f318da0ab9a8353073b9ab65fc4af03bb38c93d438523a303

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e938ce24664aa4fd74f805f9a537b088

    SHA1

    924711a0b898eabee574a894fb0da8dc38c2f5ff

    SHA256

    3a2e6b646ddd952ec305ac0518cd4b757472321abd6776a0bed11b2ca5bc9111

    SHA512

    213f2460c713747c4f91f09a1b89995e3d8ab46b6af67cedd99ac6b79e8613555c3a147e1f6dc90d5c13c7bd8e4a672781ad4796d36fb43c1817512bb3b0c894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f6cfcdcfbc39db249da42ea18790962

    SHA1

    3b04ad6a613a4d54153c060c09dbb138137e834c

    SHA256

    80f7609ffd17074e0d9ce778e188bd84d03da644126272d0c4664b57d1344d62

    SHA512

    0a8ef30c6b6e12b126daca559ad9fd3daf4df4ae37662c9f7d8929a06d3d73825717d15535c21a56fc3dad2f6b5e49644f07104a1e01efe74abf6dae8935159a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ce5976b7a74a2bb669a0443f1cdd8a6

    SHA1

    18c2539fd4fa844c1d83c522fd67c47dbac69603

    SHA256

    758a3bcc989c81978832013bcb4ffc6cd65c80c11c32d94a107e6002ae2ebc38

    SHA512

    bf595742d46a83bb0a21eb335dc8d178ca11b514daa0e6e726426792f8381935ce84d8638722b476a062a7111ee3c7d0cc0640538c39b6c6fc2a6bc0979df067

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8820a9c7dc5b35869d4406439a515fa

    SHA1

    b8ff898e3c4b4a53a5d5de1642c32c56cecd3d8e

    SHA256

    509f074c7d61278f51b558e84157cab95cf3d74cbaf0c010d7fcc70f003fd509

    SHA512

    665cf0616f27384f0183f6709447e469dcc3d9ac42d70ac654d7d9864fa83fc61d8a11215fe25bc82e202a766c28523fffa09e6bb3c027023dd5c16686c95d3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    736cd4acaf4e98a105c0046e7b8a2773

    SHA1

    35899d94dca79eeffeb6872a64a051f3854acb8a

    SHA256

    1b89309af0c75cce618b286a413928d24ed2b7e9e2369b4d9b47b9cb51eb528f

    SHA512

    887ab60013d0c94cdb01e0f8f43199e312f8692270abbe5e99f7edf5af231e8877eba636d60c67f56d8201032bdc3138b62e29c3f87472bf768549665fe76f1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29f2eed8c783cd0d34a1dff877572458

    SHA1

    fd999fc5f65513802cd9973f9615583145cf4689

    SHA256

    c61cb9abd909a30e9c8d8e487e863c301a1563e15d683d8716b31dca737c142e

    SHA512

    cce6bbcff5d3ad19aac03b662cc1490499c8816cdbf193b64523ba1e56bfbef68ad3cb527efe4239e5f4fafffd099ff0072d9f4860b02d4a81c4eba581d8f1d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46ac8040e4474f88bde47b17f626da28

    SHA1

    5c3af3d3c6735de67a491c48863632ec135b98da

    SHA256

    eb2b7a37474e96e26a2f3199e73c04ff02e3172cbdd55d767403eadcb8560f98

    SHA512

    15aa2c668bc6dadaa9af0dc21e58ef6f7afcc204c44c1717f8384e8fb6dbee4bb2f48212659fb08cafecd60209a419c56de98ef9090a86b71af71c208908cb3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14c2c2a27a1bcc33258122c8b25faee0

    SHA1

    a44b4465eefdc93351d6506d34615c640843725f

    SHA256

    d787388b147dcf583a4aa5dd799d0274cf881519085ca9973c021a3ce7f2db72

    SHA512

    e9e807b530391601c582f2e20af4e8a3fe997aa92d42aef5676ce97119be52a926e42abd888d71661934aecad010803c0ba77290b6948e4ce5ab585aa8c8c046

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e46f3fb8fc54ad7f1fff8633614a865f

    SHA1

    d905a1012fa8aca5d3f45272d824079fcbf96212

    SHA256

    454115c86e7880fbcd9d960233096243e0b9440072f942341f400a87a7d6df8c

    SHA512

    0166b1a341f144d50a9fbef7caaf106fa31e66620c8fefa18f074dee430a650395b670c51918fdbe91f8bc56dd5d5067647ad3ef51f1782354c61a51d2bd74cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a562566f82f0bf0ed799941e4e977c1

    SHA1

    62d839c36deeccae925b3af4e8713565a46a57bc

    SHA256

    c38c664dbca312975aeaff419671fc33d6d904dba0dc5ff65c6e9ef9f1e445c6

    SHA512

    396d2fa84e915d4b2fabc1f9bdcae45aa90c1f24ff0278d49ed721b15ebd95d9e793448059dcb355c294bf8a627817d79b2cecd701bdf90b30b2aaf03ff8e20f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b14befe6fda64952f777a3a8e9695857

    SHA1

    d3c8bb20632c8bd263ba2e09e0e9964f24875c50

    SHA256

    91d585cfbddabb2968b8dc42e822b81db80ccc46447ce71a46f7388886cbbe25

    SHA512

    077f686c791a9ce93ff28bb39992b2b7120a1ac717b57638920c78cb51897d63c4c9d61b5e4291a25745502305cd8fe56f90d43555c6fdfc2876b861feddaec3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80769e18e4c83186d00840ff3f20ba1a

    SHA1

    85b6ff80b6e779e740b2e6eda50382d10e2a57c4

    SHA256

    03f044ada67a0e846a10cbe7ecf006c4ef22a29ba781ca758ee065ed069144ba

    SHA512

    a29f9351c7cb67db2dd5686fef356f216358b0ac41f4da46133b04a3b3f55f8dacf17ad6b10972ff94aa24536225e4da136d88e1d41ded21472afb5a76df7463

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b920b4352ec591cf99d28a7c13eba1f

    SHA1

    b5851510f238a74eef229296fd65ca1f59f1e5b8

    SHA256

    7d92ac87bf92049a1f9ec138753c558a2b325c575541acf0c32f1133e5aef3dc

    SHA512

    19ed4c00ff10f9fea31c858bf1127cf77b7eedc1bb8d589756f97c22498e9e1de337c613b92c149806d505560edd4128a35477c6d05207042b56c401e8224611

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    440655cba7bc87027c05551d01da3b5c

    SHA1

    b3d20ce54d0c73b09bd2b09b41330ede2750cedb

    SHA256

    a75b6eb5b82d00a9e859b39bcf6aa296319610af87d7a55ef19a8aebfe0da5f5

    SHA512

    1a4f6b71751271391996bb3cc3026e567942858b5ca5b00cbc0978e40aaceb1cc1789f6eda8831c752d8003755a59f04d10df450ca45f2bca18a358c72365a2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b22df5227259c153e8e2d1067faf9630

    SHA1

    a61f0aa485849e3dad24c56f3d4e196a40dc84a2

    SHA256

    7b6339af6a35eb108218213850779f6948693596e522c387566aaf2ca7f93c6a

    SHA512

    1b76f7e7a2171cbbf2900d74b93e465902df8f67db4b770cb9959da5fb6e18f15c83c1ad91715a095ee2b2551c18d0206f4c91f85b1e662ab18d0bf9716d9df8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eff859a764ddadfc2a553f5be2a8fa66

    SHA1

    332c5a9c3457520c42aa0554c2292351df9cf7d3

    SHA256

    89008cf4f2efcdebf5a38c2ee4e22dc49c60bd35b99fefefd1ed75c817c06203

    SHA512

    b5002fa48c6535dac0344e64980512c83288cd8b56c94423fcdecd1109a8f632a0f6377f755d88a451bc30037762d9d469731b8fb231b1c475a17c861b893aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e159cbff231a6b93819970f5c414874e

    SHA1

    8214f3b8a7fe85338cb36b9ba3d14432f204c2a1

    SHA256

    53df52def54f6c12d0e54dc4eac5739bcf47f1dd6ca55e9f2be16284859b0d24

    SHA512

    890a8eb21d99d2f025b4c51ae3c480e49dc7b8805efac3e425f2912f617352e97897d8269a51a1d9d6be442cdd77fa0ae96ed11e19d9f422a5d0a6a6dbc681bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d674504e6a82dcf61e4031f1486fd4ff

    SHA1

    7d87b06774937f9f436062698f4f98e97d1710d5

    SHA256

    d578ab2ef60e919dafdde0d4fdac2e05224fe4e0ff6bac03e8936962ef138fe4

    SHA512

    2746cbcc1b2740bcc24c858f4b0a513d2f50080717cfe23300c423a053783a97d5c4dda7f4083ad6e33faf68adc9b696c8d3424da6ede7cf3d9f06a81a8dc6ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d43a629f286fb5f11113e799f95ec35

    SHA1

    8d93c7daa997003c19d0e2724796a7c96c556faa

    SHA256

    b82ec9a26addb008796713b98c25f76590da378014e3ac1c4fe175e20fcb3bd9

    SHA512

    3c3759041683c0bf9d9b08cc7a960450d433ee587c09a66b3dc3266ec12bc916f9619de6dae5c3b2ddede6f523ca749bf5dcb408eb6997b3ae7d807833c50edd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    673e34188e595cdec8c3b5972a16688d

    SHA1

    3f6a8084f0224165135467990f8ac53fcb1cd1d1

    SHA256

    358e0273c14c72e2399b4a9b2e46ee2a792c82ac82f07f3dd4f32f9626273642

    SHA512

    80ba49ef6af190ec104118e2e0ed1991fcd4c4faca26ba8015d008b37e21baba31eb59ac07bfc83f7a6be6142934178186185cf0a7306a8b805277f977d5381b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVBQZB4R\e[1].js

    Filesize

    2KB

    MD5

    20c4317df06918eb01577871257848eb

    SHA1

    4bab2a2fe08919be4bb1f231f56f3a9158792b24

    SHA256

    a9578b7b9a921eb03bdca64107746a4c4511797f86c3fa5a06f5c765fda9aee5

    SHA512

    1e761b9881f225ac067b0087a49a82b8245825c513cd18463e62bc964e5f53b51c4d7ebe210d83ea8ef7dc19722dc76d0154fed3f6df255d5b5408be1ccca5bb

  • C:\Users\Admin\AppData\Local\Temp\TarF05.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b