Analysis

  • max time kernel
    144s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:58

General

  • Target

    910835d0033b597393892c1be8e286b5_JaffaCakes118.html

  • Size

    201KB

  • MD5

    910835d0033b597393892c1be8e286b5

  • SHA1

    b37e9742f56b995c1bfb89d16731cdc032376ada

  • SHA256

    a90c2b1150d49ef9161440ba20d1c28fdc1f0c433d644e712de58207b0548791

  • SHA512

    9068bb03e816dbc33c7d45243f914ce9719854d9173f80cb7d9ec9d92d41f2403a6b3c1cdd2896e3fa2c5eed18585a8046e4b2476871816e49126b4fbe25fe56

  • SSDEEP

    1536:kaKkJcriJ9P/5D+t56Hy4pIOEmr2EiElXONePQD6GvM:dKqFh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910835d0033b597393892c1be8e286b5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1708 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    05909a3ed4fca333f077d07ae5a99d25

    SHA1

    a43699a5755713c548d570562a94f462f316ae34

    SHA256

    33b84bba754ecdef456866980fbf56e6e1c20ad5171c5c17b7677b4ee599f291

    SHA512

    4193ed7a504cfd87374978812266f7d7834f6173fe89a570d65fa75a8e028fbd3ac3562efc449838674507ac1530343e73f2efbeacb87465c189b314458a245c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c212bfd8a9ba23be14a82e272fbcd22b

    SHA1

    4801f71ad962375facccc1be203105a7d4316ba3

    SHA256

    e67df11e453b6e2604aaa080c1561e6d6f31cd9c6226d29c2e188c17c4b720b0

    SHA512

    a0878601928c7b2b75dc86b0c3b93523f9b88e9f8ddcb25979638b40f9763c869af707356b6ecb2ff03f2f12acf1317751702a411a941e6ffb8e27dcf802e2a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c3494a0f326ed5f412ac12c540689540

    SHA1

    3ead7cea766831605fed004bcd23bd778c875bbe

    SHA256

    92d1c1cd2a64484f4de6390bdff6584178cb80a609109fc4e93bf85d6eab8954

    SHA512

    19e7bf39e172c39dd225fd23d0460656c38121cde71656872254255a0eb988a9a18152f2e9a818d951fb092002baeb3f9e4d0cd750ceb8c7ed8e0badf2a553b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ca53104069e73ce8c890836fd4a3f4cb

    SHA1

    e124c6c638e3a2473133b499ecb0ddf1d3e09726

    SHA256

    e0ae7609a90b501a34c89199dda33b365f8a2c16b84a25b1b654aec65966516d

    SHA512

    e03737c061734e61fd1ec092efabd43cb2d2eb0085cd931a786ef62e9668d0286abb28732ccc4dfe145d4bd0dcbf4834050eabef3ccbb965e8049619ec070c39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fd980e13950c6fa80062799926682b4f

    SHA1

    7ca5fc043c267a9eef853d66b960758384ac066c

    SHA256

    6330f0aa002f5c0308fd54b2922c9f0575e9b7ad93eb4929420b7a3eafc88a6a

    SHA512

    f21df7e07f6fc6c84696e5c934a81876bb7814a3a32bc3e972e3e1edab2f6f90350cb5869899761ae0d8ef18a15af9e025cef5146427952856ac3d9f49f127cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    74247fcdec07820abab618b645cc6611

    SHA1

    d84241f55595ad3975d60c4a341f90afe66005a8

    SHA256

    ba6b0f1447487449953d1b7868e9e279fce2ec706a7873f150d560369ea12d4e

    SHA512

    5b5fc3b0d8127b71b1a85b55d3d28a21dd046c6681188211d714c158d4566d6948c6fcd26d69877f9e67ae9f6ffb02e127aef1adc4cc19be41fb6b26ea9cda12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    eba136c011ab0493f5d162a2f02f9e35

    SHA1

    fa9d49f2ae60646e33a4189fa98bd6b7b333ddfa

    SHA256

    74a82d76c772e7bf8ef8ef9dcd7aaacc64dadc7240a4805912bf95b2b2d43ae0

    SHA512

    ab72cc8204bcede36210dcef62bd1d4891be3b8b85e7c1de9d041961006d0ed2535bc62a03dbd82ec55d4fdba8f149906a05688f70509d7e31bbfb4add0647ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    68b8816a8085d58d0e3ad87c6654db0d

    SHA1

    8b1867f868534186cda860c3ac46ffa6a4e30571

    SHA256

    c336b0899291902f25fa449dec4cc505b6d3cd8f601299c397b375647fae20e8

    SHA512

    bc8ae802ff0e3dca2857231643958a9076eea2eb557ae809ce53fce3f8088680e3c5f4b14236332d0b8d7e8d03ca820aa7a54e3fb89b479962a070cfb582d052

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    554f8d81b682bfa1d6426e8626b0e5c8

    SHA1

    a4197a7f145deda905cc716aea0977880ac0c933

    SHA256

    fd702f6c29f76fc4df463a72eeb857197619e12760f735589880ecc0c25c3f69

    SHA512

    a31e1941392f09c636be38c5c13e0a9a33df00f1a22e7c5b2c926488a851928d86fcfb66f3350ab60bf447e0c494295aee7e659eaf28cd67074bee03d411acd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6d1e7383d45daf692281fa3bac7a7c0a

    SHA1

    d2ca0487a813e3375357e3b633b80ac9a90434fb

    SHA256

    c7781b3b1097a6a1353a0608183f480b448f0d2bc51f8c15e2386756cce4c33f

    SHA512

    ea980c129d47f86a376e8ddf57d94a41140099d4ca6e163c1c07d3ba06aaa432c07b542fdbd38ba73ab7ce0dc1562e1021a9a321897e85b9eaad1335294f0dcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    03132e9a63fcf842e80731f3eb2d036f

    SHA1

    333a0387f59e32d9c8d8f184db080803d18145a7

    SHA256

    4575749c1adf5951544dbf2c1ec1f861ee5ff35aee7fc24d3852700048010d59

    SHA512

    039f1f6b4a4ca33fa465b180e9a276a435b37e6f0ad1a29a4a436d0d6420b93ab7fb0295124e8d9c83f4d04cab5ca7574651b8e2b13b29a06ae1191c46807198

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e39c546e70ec9d0a139c069c3c3dea66

    SHA1

    3630c9b7b208906080270f0e700c06a8a843537f

    SHA256

    23d48fab41781e02e84a0dd21db2bedb2e9e840ed29aff9959846993a0ecd21d

    SHA512

    77c8211d3734e75def444bb30031caea35f6a394ad3eb3d94470610e4e3a5db6924c2ebc86edfc8672f398421723f8d32c40a7a44b6e7299b60d5c0a73230400

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a525a7c06ee297014c32a6f3220f7021

    SHA1

    4afb78850dec3d7c23834b6e1af52886e48d245f

    SHA256

    307125681a719169da7907dbea22a0a047516e3bb6ae5629b2e82fc484f6c4c9

    SHA512

    24f3843bd4ee316871ed3b97c4cc84953c6fc7adffae852bfb8faf691535943f6481196f80050cdde3e1ee998f9a8e34b838432667b301916e68fbd287867e22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    736993bfaaa8c5f83ab0c0b9725c5a09

    SHA1

    e30c4fccefda377f39dd4ea2047819ca723ccf6a

    SHA256

    9590d1043be17b1d07d9d1128b39ef9d859cb3e98c9914b73f01ba1aa29a8cc6

    SHA512

    3aec0a8a2bc7e15239e58b33136ea30c4ec82d8e79e4c1993e69427a8750ec919125669e400f2018e7f02acf6940484515689584f6dbb2755113dd28560d1a60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    847b28703f4b1a14646e9e42b5ad62ab

    SHA1

    116731d56896d53aa45e0a6f1b565b293eefcacf

    SHA256

    dc1f588682ae6846dcf771292a95d76d2349bde83b68ccafdf41f91ec9063a34

    SHA512

    fbef38ec4a61db1d383e54e251241d968815aa40125c57b5d98c824e303b5b028f4d2c30e695193120a8446644ea60a8ca228a3fcf91b443c1d301e1774a736e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4623e85003e6b7d0eb5f718dddc45999

    SHA1

    97273e0f691a660946d55c46da1ae951a3b4e687

    SHA256

    d91ad12a5dcd78a8c30cf046bdd6486c2ed431f4d303c566d3c401b44790ec14

    SHA512

    83928d2a6fc5b45af7570ebb376d71cca434aade57af95cb216d8561bddcfd91b042f8e5776bcbce3911d1329422db5e4186ebce741ebbb5133cce0329dce3e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    60c2d776b1196cacf1061c4b217d45cd

    SHA1

    a9cfa438a9c849d9147e249785e13c3da033f552

    SHA256

    ad613f90a88490bde8bc1ca564ff716970eb9b083f1d68b55c41b8b35ca96274

    SHA512

    c132236336750a2471e912aaab5903f688e160ac2d640799e083bb0b1b4a81eb53a58f86bcbc67029d8f66929fac5a62e89591f8bf1e9371a1c4c3eb0e3ea47f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7ecc08d26d2f37201ca1b8c01db65d87

    SHA1

    91d72160fd45d4dbb5e153e35175f6ccee6106e6

    SHA256

    616df7983fe0bf84f69c0d7230732049feef9d42f69e1da849e61c4df59229b0

    SHA512

    321ceabd476fe2ee326cd42e124ebffba6fbeea8638864e22354831e92c7774cbf4ba753766b28128bb72b680753302c28142010ea396b96beb968a74c706f07

  • C:\Users\Admin\AppData\Local\Temp\Cab3C86.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3D38.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b