Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:57

General

  • Target

    9107944a268244fd542e2e8a328a757d_JaffaCakes118.html

  • Size

    61KB

  • MD5

    9107944a268244fd542e2e8a328a757d

  • SHA1

    d3e8e986b4892f01fb2eec1949b2a6daf36ef6fe

  • SHA256

    4b3c553f5bbdc195fb95232c03d9a58d119b1781d46b3fe10e163e7eb07aad69

  • SHA512

    dc88929ceebf5c75f80f4d427e2f3aa66592807e7e57068bf16b1bef217cb629e524082bf7a20213896342b943ca40f5893864fadf405bf3f4c9c5e53af5a913

  • SSDEEP

    768:JiSgcMYUcXGeCSXuhnu7HoTyZCZkoTnMdtbBnfBgN8/uQcc8QFVG8sP/Ijkk5nnt:Jk2RWTbec0tbrgamchNnWC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9107944a268244fd542e2e8a328a757d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6243ebb9d55e6825fb3c3f58aa1dcc5

    SHA1

    e37d94e59a7a625fdcb6a93f3a88c8c08e5ddc2e

    SHA256

    7ca335c9df1115697c4ed816eb515b439ace88521fe12dbbaafc7ff5bd242635

    SHA512

    396c74e572a3d511fb1096a3affc27a8788df5485238f95eb418dc83591d0cceeaac0d8535266b3799459bce264fc965404f4d2303722775e18ef755b6c923a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68b427baf1d19d4ec6cff04eef466ef2

    SHA1

    1105ad4f170801eaa8ace85c752decb5225c359b

    SHA256

    4cef1e3c3fdeb0634306b5feaada827009de46927b6e07d7e1cf30f8ffaad419

    SHA512

    e41e58e8680ada2e240d77f833bcaccf8649d4e6325ec1b80bad1df562b9f7925911775598dbc85d635eb75e91952e94eef205f7fe82c7d8698a609282549812

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c004158a6515aa6a40196435e098e21

    SHA1

    550606a4d62fa7ca5874ff20bdf6a5ae3a44ea2c

    SHA256

    421f7252c93be3433ef1b121560b2df6f7ef4139144a8b243595e07be05ee4ae

    SHA512

    81aaf5acde70a08b7d7de4c02fac26e05fd9a99bde3c5fc243b2d1b9e2a5ee0286f2742597b27d152d9e73c9e8204e2835eba8b64ad827e3100fed98ae287a26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff7b32eb94ea11d0e12ba4901588ba31

    SHA1

    03055f7315adf225c57dfde064873f46b24834e2

    SHA256

    2f2050b3f6af99308624e984913ed5fbb765d5ee3b2cdb42498361b6712514f1

    SHA512

    b1effc893135f2720c370c34b30376833be9091e9c1e8f94c5a366f59b5fab56834d461c330f1e18ca150e3b3ebf2a18b4258bd9709d4bdbd7a526495ce27a41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1edc12206dc5691c1a379205dc154b1a

    SHA1

    425f666bda77fe32357ece6b0ba93650d7fdc8af

    SHA256

    30aae96e37c21f56060b9ee5c10378dae6852a50efad630573eac63da07283df

    SHA512

    ac78caf6f90423162002207d3f6a6a6fefa752ab5a21a4a9c2a4fb424248f62d047294bbf1b0d491e827f800a55121b8b48157714c8f5763fd397eb1cf33cb30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0301998b954abf698b3bbcf93259565b

    SHA1

    5e7eb65bea6ea72b55ea62ec9674e1594f035001

    SHA256

    c8d52f7dffa20c6fde53e25b697595b18b081f4b555a14076dbb005bde2eae54

    SHA512

    212ec1ee565332cde233f5230aa18d2258ee86ebd685093ff9bad38eb3811b74660091837a1ccfca730c6f4077f626169f416a4ab3075df5a959548bdcd6780f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    beed80b84ba9dd35a37659272fe7adca

    SHA1

    e965097cc66ebf65c4314a46d8165e397c921b76

    SHA256

    6c326180f2fc06d5806141580283c157427fcb6e6e8073bf7a8839eeb1fea8d5

    SHA512

    f7d158167a8d3848c0ad2ae230302a7ce45ad7069da3db803a2ea164391c845b62ebca478c1c19263926972d6ff780ea930fc48cb9c5073d95c764369c9b3850

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d58e7745d90162cdc29d42d6d85aa12f

    SHA1

    df108b80797a518d3874644e1848b575ae5e1f4b

    SHA256

    f7d85fe8cc0fdc5fc8e9fab62ce7a81392b7d9b61ab51490a0dfb6ba01e05729

    SHA512

    ee4d9b98cf9ab78e24099377779f248445e274149042a7aaf8ad595a9da7f7484f7dd7d0f90974553eaef22b0cbe951fd977962b943e4ebefb1a1b4ea372cdd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d170b4baca9ebf8c31578ab23c6621dc

    SHA1

    39a97ebf79e9f119b46c2117f5b93535bfbe4759

    SHA256

    6f4beb12edf32ade04666d21ac2677168198a6ad7f35c5ee45ef7b4315adf778

    SHA512

    c11a541c0d7d5fafbb7adaf74b17c5a8aa02e2cd01f73b86cdc980dd3a6fac800a95c24161a149a28a033bd7aaee43842ea3f50155001887d2fe84546977d884

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08944d13a137e2ece325de3e99344745

    SHA1

    86c79f098687f7e5bf03db0ae0773069d077eb70

    SHA256

    f03d0e33b764977b20215d8c921efa7be44b7bcb5c0fcfb49b3865bf4da9e544

    SHA512

    9341f610fd2ef34d53d326fdfc75d8760c4dfd9f55d27e8bc04a8e43c04a4ee517640e920ec66346cb7f230b12aabd4ba3b327c329de98fcd78d66a89933b282

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    242553a75766903e38d3df02382890fa

    SHA1

    a8ba058e49987a2dbf7c94d9f86053aedeeadb87

    SHA256

    b6334e4167efc02360486416b78c4f144c1a46743d72b3c838c3bb21654cb2e5

    SHA512

    237c252e178c67f550e239ab090d7b83e104eae0021cd1ffc8ab60a85d51c560a8009102ff17667ff513a2ba8bbe7d6f5ccd8618b151f9460a40a8fb0d543448

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78db0dfb72aec66b9c0ce62a2114bc2e

    SHA1

    34a483768a82ee93202ccb71f8ca1f1db17bc187

    SHA256

    37e4a7b2ce470bed9cb7397c770d003d0433b24e467c3c66e6a58e65ae6d7915

    SHA512

    dc29ba79f4ab205e06ea990f714fe6fe13f732752f390f6fccecd975538140230f4273d58e31ef9817ec041357f0fb60a0a6b69bdad286ca8899c4c938819844

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    544d7a02450de8b29e7a7fa21544f48f

    SHA1

    53e47c766e72744e6e811597d5dfad2b586cedb2

    SHA256

    c902e36041395e01ad0a6accb7e341c8e8216865b839e40eb43e118f71188731

    SHA512

    b93a9f1c49d698c306fe009fd170e9155f92acb208550bb79e9b2d7c06fed4263b7e35bec9eea79ea228181065ae89411394c6207603f927160d6426da54cc04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    458adb45625b6389766b81ecc982a29d

    SHA1

    c003224950c4c5bbeb3ea4498dd04549fcd61999

    SHA256

    74738cfb787d2676565cfece34f3e96cf0cd45b1cc2ebb0a8ee5f6e10eb58dd2

    SHA512

    de9a01665eec6e6784b0a50ae4481078b3fbb3c32f4fb45bbdfd970af344ca130d609ab6a258ff0e0733b304537101b1519d899f03090705e6b0af29523d0ec7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abe928a8a73397f5ac7b252bfeffd393

    SHA1

    650ed69ea5b60a077d5abe0d8ea96f003668549e

    SHA256

    005634af977e405f74a71f839ab341a83a69fe1c57bc08b7e8746c2dd54544d6

    SHA512

    af1a16da9a58df305945510415cb8ad3432bee679678d910d08c3297dad32b9ac17f84ecc7a6f15340f1901075b9cd43ee51261b1ef4a1a1395018cfdafacb8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9435eb39c37de1ccc72c2cb0cc5c92a

    SHA1

    176f5fc7292ba53854de6f1c01f8e1496df84e1d

    SHA256

    e5c1e452a36f2599719127e99b4223327023d22d005c5849f453371bb9527f0a

    SHA512

    d7fc4b53274b62be936d9d4da338b8e99af9ba51698d74b99d02bdff0e2504f1334d6192a41a2f14979b06263c9b5e87415cf1fa33fde7bb6eb2da222183b7de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    baca507b0da5d311840982afd0cf353c

    SHA1

    4972bca02ab902f3603dc8b7db7808d8e002ae92

    SHA256

    b8bbf6f0eb6a81aa513c90238f836d48435c216903ee74854e852d734dee23ac

    SHA512

    f9ffdd5956f276809b555424664cb2286481afab4be16ff9d4ff3814b438bd3b696b7cd26e516b18e4629fcbadd6237f494daf49450e5fc76c60ecc35e21e380

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99e7a2083182937c9a9ec5a9cd20e7f2

    SHA1

    89a72a3ad0a3998794d449d2a6497f13cbb24bfe

    SHA256

    13ff460965e0d6d0a943d2cd005390ea1c07226ad20a150cda0dfb6b08b0c8f4

    SHA512

    07bf457f926439f9a09d794da3532b6659db16e100742a44701951dd80dd309aea89ea24f0da231043ca7b51bb6338e015fc25cc0fd33ce4107212c39b0f2f7a

  • C:\Users\Admin\AppData\Local\Temp\Cab3160.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar32FC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b