Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:57

General

  • Target

    9107ba5abbe6f6d53b726d5cd20888a6_JaffaCakes118.html

  • Size

    72KB

  • MD5

    9107ba5abbe6f6d53b726d5cd20888a6

  • SHA1

    d2f91f2a6a4ff33828731ee4cbcd3e1a3552c217

  • SHA256

    e4a998a87bb93f11b0152fd03c598374b352d4927d2d597e8a2533afdcf38572

  • SHA512

    61627218db73f1955e225aa763a2974b63a103c6d6f1cfb849a708ea0c17ef85a9800c5068820e22fcb0811b38e6df1d4fdcd2ea869b7e5404a89f10ec23adbc

  • SSDEEP

    768:Ji7gcMiR3sI2PDDnX0g6s6Y6+xy3uUeloTyS1wCZkoTyMdtbBnfBgN8/lboi2hcc:J3GE/iTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9107ba5abbe6f6d53b726d5cd20888a6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b92fa54fd2636c7a6ea0bb3de150671

    SHA1

    5aba05cdb8de8512948f688b3bf3599590d7f342

    SHA256

    847b928c4e424af1e3a1ae38e8af9ea4c19c5b6b6fff076bbda170582b437809

    SHA512

    b0e489fc4c3cc3095ccf1aceb865421243dd5330fa8ce5f3d4686a8e160d88414d87eab6fcb2d992fdb0422e02cccebc5e77b355bca9a2a2af58e36cee687a79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14eabd43d51f6579742b7c1b79420cfe

    SHA1

    8c613502313f4e83bd3a30ccab7902791768e32e

    SHA256

    85e9b22db14741b0db42e9f630eb1dbd7ddc61210bbbe4f05d12c70465fdf4c5

    SHA512

    7de126160963cd12fce376c3ac2f31bb39a9329136ef3723f42b11986157930e0d8103a8cb7da769b4c9a2f49917347ff026ea822a768c31b798005d9214da37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82798c45bc1b257c6da268ecd1014a04

    SHA1

    4ebd94e2f449377b26f7358611185f5a16c3f4cf

    SHA256

    605ab9cd16c6fc915d5fecd6fc8d12ca2fdbb63e30ace13e81f46106d315a576

    SHA512

    394d576bd3b09d159b68f09fc49dd309ca55a3a566c432945c6e45fb91a9b6a2974e5d2046c060ce8d2f14b9d111fc51db100b072f422ee8d9471e2193ace3f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9873ccd51db6d24a1643db118364466

    SHA1

    efb2b23257c08e743338c96b8c969b05cea1b6c1

    SHA256

    06210e4ba7e4b9a6ec2c67ca99bf4505279dc5fbb8983a82da14ebfd285b327d

    SHA512

    f747622216cc3d5575777cf41bc06ea0170b6acf18bba62ca4d5c8b75ca4eebec63f4089697a1e23c322a8f3bc9aae78246ba5f6462543c99f66dd26fb9f8b7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd094dd76fc449f5246dd6623fe6c2a3

    SHA1

    f2591ff34cc78ed3a4f80972d162a8778006700e

    SHA256

    b18be1d7b7e0910c38296a9fc9d2f920beac41a44f8a35c7d8cb1391dea43a57

    SHA512

    2089e11de37abc9e6c6ab7ed376a20efbd097e1767552818e849131483dc7f5da247806d66cfc38964c5689023566a95bbe72a5424439fa0b4b43393af6e2f4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b876680ba388b5eaba0a325c5ebec90

    SHA1

    a835de7145e996cf21e9e2506762949cf320ec99

    SHA256

    163b5872c2ee2b2d9a963b136885cc3dbb7579b70c7967f970290c639dfbe26a

    SHA512

    6c4b602d33c4a45375d5e0b62371f84128f02ace1848fd6429a08ec5d1c42b2e49fb23f5cd6230c8b5e26103f482fd6f16b6c28cab0508a7ffc5e8ad7c0f0847

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ef04bbbfab0eda1fef1b109aa7bbdce

    SHA1

    62b5939bfb9ae392bab7418590a68a2961520a43

    SHA256

    18b6744dea59fc561afb8bdc6cd52a7d9c06c074310a1ccc15ee746e0ce49b70

    SHA512

    f663b2cfca95393b6512a96e8ce33002793090b2c2826deadfd97df128d8becfb1ee4f9f3c52fa6bf20470a6fa448b0671b56b736a1d2c5875c1d496015b4f7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebf60aaf942c5e59d659fc91ba095ee4

    SHA1

    c1174fa22efe3e2c264412d77752cb3b0f7b6553

    SHA256

    6d39922e192701e32486c4cb4fb382c03ac8c38a02b5d8e3d82cd7c819bf29dd

    SHA512

    108e855e97039d14a1d15b14d23fed096eefcb4b1fb679c692630853e40136819eb2679e8a02e38ef3a600818f1dd9adfab4c13d46f778d837cebca8e098f2e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db73ba9f9a2641caa6802c48f8b99047

    SHA1

    ea1772bba3722418a7a4b33415d1e9338e87d885

    SHA256

    2f07e690384adac11ee1659965cf0772b1aca172876873a9e60a3ef94345106a

    SHA512

    2bff7bbe1084b0d9f6e088af862167e7d1e464185434f52eb7c5aac2f2737fb63a0898b0050aca6f8826f49790b77343e72150051a8bc184b0829efb3bcded39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    040bab1328eee54deda785e95648e2c4

    SHA1

    250864e0cdd7b9ef89b33056944c131a70035b42

    SHA256

    2a52ab9ddbcbafffa5649177cb212f7b6c2299d6c656b0a7682f950d17f3df96

    SHA512

    e2d3fd35183bfe0fa3583179b8cfe1779bb5ffa1436bfbe2b7675918030e6365fceb9bfc337907887fe564b8436b85a15beaf87c7970964f361c110cda2bd393

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e62078005e4e91293545eb60845c787c

    SHA1

    0a2a7cf55ccd56178f0742987770e47dfb11dbdc

    SHA256

    34eebf70b2c3a2432fa5862d29959d7e15578ad755c902181821d77d06d4a9b5

    SHA512

    336c5e7ebdf9e1ea60ec60a9736e18beae76e7df0713cea581c889eb81eb5aa4f6f1ce54d2d0159b2942834eafd54f6b2bfc60bfcaad591e1f2e324414c32816

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8762c32c1861e4652c5492f4f1350023

    SHA1

    2b9743981db5f976f1ff0e51feb8782ad868bfa9

    SHA256

    fb903c127691557d03db57ee8c5c098b95e6e124fc6cc7ec4556788c2f484a32

    SHA512

    5e2fce0d9c9d393b33fdd5d14e96a6045505c074c9f97c6c409a90f430c9f220fddb5a8dd5a9b1ead5fffa0a677f2991903203f0023f9ae61634c43f128aad22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a42d49d8e5f097b5eccd00212d2a267a

    SHA1

    c7e8b0078df2ed758e6c054770025b9005279662

    SHA256

    c7ef5e2cd22e4cbf2c1581fe86486ddc00cf3e5ee56b1c4c65bf619f5673d02b

    SHA512

    933210e150ef00ddc52a4dd2f530d55cbaa349e46fa012326e41599bddbc04cf987d47f4a2fbf1af8b506523a55bfcbf69db7a86f7917d36fc8154c5d408da9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9a9770bc77e79b5158970f6442cd4d3

    SHA1

    bb302e96b0ef440dee232b369a12bbbdbf159cae

    SHA256

    701bd09da11107f2d817c6c52c4127e439bf7f57a04518f2ceccd106125c9bba

    SHA512

    7487ab7c03a2dcbae2504bb0ed4d8a4e120f1ec7acc34f9cd9fd390297730eb721c5092f11342d48b3fa5d17642aae133f1e314f15a704de4806c369d4882830

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76c7de581d63db4b1d667373b232f953

    SHA1

    9e50010696330303098b9b437a34b5b27e152020

    SHA256

    f65e3b23f068ef382d1ea79d7ebf57cdb0df5d83da8c7af4376dc91495dc9d45

    SHA512

    1c343a4fe502d96ecb2bf8c4bdd2eb98aab4ed8cb4f71b28df4891284a06bf4376ca68898c0ba7e51ef48034a32b273fd0212dee3feb8838d6fb89aa349d4744

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c3c5ce882fec06d784f832e6a146b05

    SHA1

    b193ef36d21aaa55c08a657d4b0e064336219249

    SHA256

    84d4d46a2e4b77abd5660a938ba0e307237feffec9dd427c07173505ade83622

    SHA512

    135070af5b4cee545bf9f3bc5c767a675e4f789e565344957bad2ef6bf996ead1d3a18c3e0d7b7bb861aef6a2879091a9f2cc04a38f9794d67f0edc7dad9b445

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b27aca766f971a5bb209f2284e9f1a0

    SHA1

    54902e6f118ee95e2b8b1b38772f54d96df4ab97

    SHA256

    28e11c9bf06ff406509cdc1e594ef9aecf057004ec470076c97486ed92957de2

    SHA512

    fc273fdb2a636d449ca7442d956b27fea9b31fcfb6ee06fb56db65e358541a479dd06c3e8628ad9455afeadf06e340e37fef1f6c0c7c095bf504abb729bcd536

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f2c253a43176bb59e83c1208263229d

    SHA1

    0ee62a96b60a69a6248578e7770374ff3c4bb5a0

    SHA256

    32f6aac03dce36ef83f2272e06318efec9213d8ab4f17385cdf2b1382bffff29

    SHA512

    a7b44ea946c198f2215e1e0c26374e688156ee5d78835a104408ef6277a7b9110b0b9d24c8f637fbccf58324600fca3c18399bebdbdc8c6ff1e5b4a8d78e827a

  • C:\Users\Admin\AppData\Local\Temp\Cab3796.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3888.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b