Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:01

General

  • Target

    9109bc83547fdb313a8c1ee3aa9b6d41_JaffaCakes118.html

  • Size

    362KB

  • MD5

    9109bc83547fdb313a8c1ee3aa9b6d41

  • SHA1

    eff4369b31df99119a4a5ca07b56bcc3608109d7

  • SHA256

    9968b3f8fdf11968e38bb48dc65d062ce28bddedc6c61a7784871ba229bfc268

  • SHA512

    aa9d6b24883d257641c3dbe2836ad26823816a439c1fa59e7ecf84ab509e3b6f898b180d9c361f60b76e632063da9427c00ca6e5fdb422997ce9f0829c22efc5

  • SSDEEP

    6144:SgsMYod+X3oI+Y+h89OsMYod+X3oI+Y2sMYod+X3oI+YQ:b5d+X3ch8+5d+X3i5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9109bc83547fdb313a8c1ee3aa9b6d41_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de1c4f6c8fe40d899b30d1be5e845800

    SHA1

    912784bf65021c3e5474944f92cc606479fb1690

    SHA256

    c8a8fdd511e423fa3f67b4b0a463b22dec724510e2b690c9418f9bce2190da8e

    SHA512

    9034401c037827a4ce16283abb3d8542bdac14aa7993bee7e3d231116f2b7958785c4ebe2d3782527448d42ff9487374e27b84653e7d7ffecdda074599d9f388

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    644938ee5f0fb2cf44f585cd362a4bcd

    SHA1

    26fbaf0a6f6d90233a07038993c079d6bc1b0828

    SHA256

    9651cd05cfa928a359680a9bd699f9a18c352d883bd5d3ccbae44b2cbf694f6a

    SHA512

    f9401b0dd82fc4c52e23d01bd6b40dcdba9df26457c9a36871551d9477b09b18ba8501075d7450c04f92dc764ffc57ec2a46ac43ee80fc6c1e2630c33ff84fe1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c6cd1a4274b83ec1d77a9112a2a85ed

    SHA1

    bc24acc66cfbcdeb4c5045e4fead0a5e836e5696

    SHA256

    eb0f7a6751e8dbc92fbae813a5961efd0f391c9cdafd8dc436027a3ae82cc9dd

    SHA512

    3393d4e3cc87cd5fb25db61c4a3f8eaef9b24075c32ca034b18d1502dd54d57ba8624fdaa31414cf5788d502f9138c335973ef03152ec9607910c8ae91f98674

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0067a91c469a742a54e5a03593d9d7d3

    SHA1

    937ba1a10aebc7a8127cb293230e32b22b1daa94

    SHA256

    7555087f28e5c2a880d736d8752369991c98e55d5b44343c5504f50bb6ceeaa7

    SHA512

    a2acc92ee9d1059452b6172e0b826ed00fe854fba2bfa12ee806a5452ce9204ab8e08e56e455c8686d18cab97eaffeb2540a6f1e4f867ba1f28d10836d5547ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f5951e07899894048602641ef5facd4

    SHA1

    523e7f9cfbc01d7b45db92ab88e08503aeb00269

    SHA256

    1b5c42e95a8e33838f0ee80d5a838fcde64da4cba629b4c263e3358eae51fef6

    SHA512

    8efc6bf5cd2eee6638314c2a88c8ad2119e2d777a88191eee0eb308c8752b125ea8dab00c39a804f22c3f2e810c1e2ddc4ccc29de2819e1cc8551f022ba5efb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30c432671d33fabb8da8744bc18b0b84

    SHA1

    4ed9efab9ab49f80cb5b81882a8d2e2845c062be

    SHA256

    4d73bfd18aa85d811ec88a1775c00b75825267e77b4f82c059e33b7ab96d8dd8

    SHA512

    9990e536d70935910ac9e760b9207bdab8f79904a22c6c2821213fb202d3e2466a1a17dfd44738682fdd036de888317c5b643dded468bc17456c3fc0a5c9b8e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1da70d6d32976f042e265a651fc547b1

    SHA1

    a920f698217f8d78c1001b20946bb27a56dd71ff

    SHA256

    2f7a1c7fc1cd2de11ee98c97cefa3400f16c5656b7d7c4fb578b15f8ec15fdf2

    SHA512

    f8653a377a4e7a4634c09ebc881627f456e6922cde08e82045773c93b33afd81701dd8b32c387717a2af755820b646706b07899146b1b4c75be260ce894e5909

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cf51aafaa44ee4c63b1c3d0f529b4de

    SHA1

    a5cf6480201229334d234749c8e1ac72a72944db

    SHA256

    a3c2c83b5034ea1a695f8248929fd37379f257c10e2f95df461a1e0204cc8e00

    SHA512

    1e347c2910fda2fd38d3983038748f495de2068044c2bee4ea0e55101e7133449edc84d07983856bdf06d821c29f4225253150ad4cf8bbc3bae183365900dd25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e76ae9ec4664f92ba3a053f70f83837a

    SHA1

    7e806edcc2e0399f0a13a0e2479588d88ec6ac09

    SHA256

    9f7de60ec6d49b7116dd30b030b851cb45f6b16e3b226130760d8b3df9ff1653

    SHA512

    b9b1217fd0579f62a84f829e05991d1a783a1898c18a4ce2acfcd397472d4c76e38ab68a798a8bd0528adabdd73c3fd6bf15e22c7dbb6b3b037935582172180d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09ccffe491f151c4a40e2c5aaea8e5a8

    SHA1

    dd30fbfe7e0040d2df3ddefd3bac373aa066d783

    SHA256

    d2df2b396c725c51a9d6afad4309b87819fea2d6edd0ac1aa1fb5318ddd1ad1d

    SHA512

    89bb7bf73f4e2a53c88cf1e6dd4d998368970d4f2d192d44e2200d29b5f078f1bacccb919a62a78be263fe1cc86b7b03563aeb056ff7743be23b5da700846f6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b59432b4dac3658c4564ac3d40f4ba1

    SHA1

    872fa2beb1366a615eea389598f185f69e559045

    SHA256

    b3a77267d6f2cda7ea95bd5021fc2154b66583f98cbdead8270e5d9f0629bd4e

    SHA512

    c73cc2d7ac5281d28c2633371fef5a0de7a5c863065d871031b75a8af8c9c802aedc77543b664016e79b0708e8cc7186c7a52528e5c5ba2fa3693b13b1c8c5e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    427491891b21feacfa66360066a144e3

    SHA1

    9353ede26b7feb051b5aa1e608839c9d8d4b9f25

    SHA256

    2a75a81789f6bbb59e4ad543c8865101e0db5d420cde6094bdc9cc265a020772

    SHA512

    870b8bc7829695164adf35ce789eea34ab7ede438c4a9e037c3e46ea0bd70385650503d1bea121ac0bb8b206bf568f0fd5479b65cbe3ecea9fce6d85481d9c3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28f63c4a3e2744b57a900cd522714c52

    SHA1

    51d6c6ab57fc2276169316c839ad6eca89117bc9

    SHA256

    62f110893baebeed489360bcc429121f3fcc6855dd92e9a3c32261f76d8fd199

    SHA512

    58fc09f61f5238508aecb30ae5d3cee3fabf1522155c1c6e500b0b8f87d9fec3c736951c542d87dc1522ff1bd186191cf75f76d8230f391248f68fa626552727

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    313f3795710d3eddbc33eaa20e3ce208

    SHA1

    47faa83cf68acb8eb60b6ee60f48729ec23db5a6

    SHA256

    87c9e9001cb4940856752fc12eff2b51ac98cd4c743d528eac27041e73ac2ed5

    SHA512

    147d470b04e2ff22d7637af2749aa0623e4b65853e9e529d8abca27389187a3e86069a1c4c03bbf05f82c2a8fa7b48347a77c61aae686a7d7383bda578bb5e7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7fe05c7df679e0f6dc7f6e76b618495

    SHA1

    ea336309a0b285cfc49f518e91b7e4621e283ded

    SHA256

    9797e549b5b7ac64955662aaed87f4d288a16c70e033ecf27411b98f27ba5cd1

    SHA512

    de8386f99bffced7021e089d36cd55253802a21870b9d100c234cedd6a24aceeee1f00bc62fa10aa1572334a75b2ced2e0e7d85a6c10cd67a7c1178af675d7f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95a1114df1debf7cd954a53aa6dc8990

    SHA1

    eeaeb6038b1467ce42d861cf13676adc5d49e3e1

    SHA256

    b59c4dd7d5569eb9fb14c99762465047eae30a4201ebf7f0c61184f55ce070f5

    SHA512

    90d512dd4c0aa8e4912b92cbad22741b0a73ed10a94818f2851842d6c3d3c98d4ad7244675b764d235ba695d1bc16ce59c97f86eb3395205d187ecc06514db06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    176c52bedbf976519a37647405349c99

    SHA1

    91fc9560b23e238ba5035402be1ee4c654114177

    SHA256

    38f19e4462071ac66896258288f317b9dfb654619f405e82acde85a7b9d186d1

    SHA512

    3ca22a2dccca172a493497f8c35d510814d8ef2d39ad4711fca0c18384047e096e89b0bfdfe0d56a791b80bc68ffb0a9bf3c21634e0566e9eada2c444a6e57a9

  • C:\Users\Admin\AppData\Local\Temp\Cab1279.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar135B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b