Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:01

General

  • Target

    9109dc310d7344e22fa9b9f9955321f9_JaffaCakes118.html

  • Size

    2KB

  • MD5

    9109dc310d7344e22fa9b9f9955321f9

  • SHA1

    338c70f0a5dddeb8d024ebd093e3e6f93e642f16

  • SHA256

    615502c5c1b510bf1b5c67fcc2bb2089fa1daa999816fbf1247150cc320b832d

  • SHA512

    d26b2a765d59753483c0fe6cc71552181621588a3bb1feaf33a4e458948ec2734936d6e68908e559534f8f5c43b26b6cc430b0ad7c2baa9e320f40910144bda6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9109dc310d7344e22fa9b9f9955321f9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1376 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    999d931d2089a2e49108ecb2e732c6af

    SHA1

    9519afd28b7c745e4f1360fb3707b7ffaf2cc29e

    SHA256

    a3792e3d264f6c894925a8f54943254bc0e9af243743c03fcaa169f1a0b501e1

    SHA512

    ec07c61c6f97c8ee7c519dca37cde446b8fa2bd1de674d186a6d73c09fcf3ee65535c1827c4c06c5b566fe420098e9b03284a71d179154b9679ce84e782f5868

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66eeffb3e6fb56ef969161a0ce8127b5

    SHA1

    d9582f24f876dbe5bbebe08e99d7afdc69f62228

    SHA256

    70ed93c74672090729c96270424636688b2021698d4d794f90727cdbea46d5c5

    SHA512

    ad436f8e6967bac253d10e4dfa96a25344b2d4e1db846245bb15f964f2843ddcba4881925077ff71fced4399089345d4f02e5accd8e9dd058fc0ca6c529e5257

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97da35c1ac78f8264c39f5de1ec53140

    SHA1

    afbce044786b518e8a57c9d4610c7cd5f4ef60f5

    SHA256

    56dd0f4ba155212d653d330382a9413dba0390224130f653e9095bb52a4869eb

    SHA512

    4a658f98bbbe723719128cfab4df254186ce8a11f7bb3a6fa1e3fd8be57ed4f8fe04cb18e43d4dbfc25fa4d017c18755615312fd9af127b985a69bef7515409b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c8f611f47973a5839bdd74f77fcc7c7

    SHA1

    22dae557a2a29aef1182e7226ae1b4e60937c3a8

    SHA256

    369d964918dcfe675918e014d4774ef1ca8c9f0530037993449e73f0648279fc

    SHA512

    07c4d95392c923d446db629af7ea1e829760bfe3e04a0f781d2f8119e6f39ca85b2c523a8f06cf9af1001dc458285a3d90f4d27f92a090b438942a5d08df6bbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    372c5db33d88d8048c9cdb03ac8e0122

    SHA1

    f9ab43a4b42ccd94dfb9f976e64dd17fe99cbdb9

    SHA256

    4725dc76a72cc7ed905f3bb39b61fd0f59ed0ed1f9e33261bf6aa92f581bd3f7

    SHA512

    7d8d09541c50a90ba482fac8c0cb09a1ba43e35b5754cea26c03c9dcbbb79a6eb39773f3d98c08b464ded50bac3cd9b4116e21dc23559d6c1110e248c36031f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18a3e1897a86ab40a62646170fe9c9da

    SHA1

    a3776f33b2dcd818b3f146df83b0e1183cb43cb5

    SHA256

    6ddbf388c7aa6b8b9b9495dd7226e8f6b684898e66e8c7f31131f856f9e32d21

    SHA512

    81368594db28c2ecd9986a81794e3c17582522fdbb9b8d973223e95c49a8a532c3db28dcc8749160fd7131c689a2158592b12bffb61fa5c0637f26e7c957fb3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2070dcecf65e7bb0633ef345b74cdc4a

    SHA1

    b00953a38236faee5b86298530fcc0af0aa74b13

    SHA256

    50bba91c0f14258113b0e7d89204dd018072234334024782af5b6f1adc4cfc16

    SHA512

    a3f675470977d0173e1a533ff9bd7b7da178902f97f9b1d8f2bfd17b27cf5b1be63ed71fa3877b04d8c1e7f9cb01e7f450ca58aa29e53821516cf6fccb1297bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6aa903d82f41446e4fcb5f9584dd9be0

    SHA1

    0380872e8ccdd07e2d217a34ba75ede39dd4b7f2

    SHA256

    fe9d968c978a56f1476ebc76d0b38781eea8b136ea03f5aba0f0b8e25ea2cda6

    SHA512

    d9fc5f78d8d0c029529eb8c7a0ce301e9450d2b9c13d915bcef0653c44404278b6ec636d1254c70e90fb7635c5bf4e00afd2128238a274455065812f7bbe1a59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c62c3901489c67f5450875aa7a702a6

    SHA1

    1d764b64c87211528f505093b35efa7959cc3abd

    SHA256

    938eba8f4bc8f673e205ed7bdc2c3351df3a55cc70389ad6eb44c1cbd85ba718

    SHA512

    69edd6249a98ed07e2082647a1b8a8eb7fe6a883b945960b9e0f23060df2f0f7ed6b5823f142cb45102405632caf718022916e95054c5741b5433baf459736da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1662b8dd5a79d1fcc992091ef1c17a4

    SHA1

    a2f2fc236a58b6b912ada54c7ded18a07366d98a

    SHA256

    5325c0b3ef8ca8a660084dfa89883024983869cb1be912fc6744e4e21f7e7c44

    SHA512

    4521dc925635b5e1bf7dc8326237bb8f03997245f9bd576d02b65bd7a9e35f90fb278ab48496f13dcbbd74b8a75da996aedca6e776672f1243b330eabd053f41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ec216e57195a107abb7a4b1df6438d4

    SHA1

    70591e446125723f4242111a6b382291e9857317

    SHA256

    f237b9cb1228c6e2a76c53656819401d004cae074a5d5043592a5d57cb174120

    SHA512

    89bdcfdc4b7a35035046c9af58542bd52be5d6303f3b8118efa89cf6a8e75e92b19853f08c0436adff83f2b65a1807dbb1522ef4323f90d1b5feb77772ccae64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b50265d9ab3ac63eb45508483cca2238

    SHA1

    5478c0d53c01e4e14011e05dae2654ff63ac4834

    SHA256

    d71d8a1e5496209f7061fdded11b85c2dbf4823b4c4d2ba98afe443946549be2

    SHA512

    d54bec4cafdd3cd60d9559cf806518ef8fbf082962678f2c04f12df3091f1903d615f974b3f930cc960344edffe7b88e381202f5931170bcf520aecb10d0c1d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e6ff726e4347d77ec4376c95ed2fc8c

    SHA1

    0ab0d37ae9c5dc7c1b96f3c7875cd0e107838a7e

    SHA256

    1b21a3cb64b11c8df18df42f845813a37e122b32850307a4c02af91794273c3d

    SHA512

    acd81c3a71bf9d944f0a59baa0ddaaf32bc43ca6cd76f0be5e761913662f1b03b0432f98787196408bd5015c6f067295bbe0f944d1f4d8e04668626b80951709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    580c873e4ea47e9fc6863a1ac591fd47

    SHA1

    042d93af0513901c64347999311e250a47aa517e

    SHA256

    93b96af7a76f92e24ec6e33bd17b5b82cd0008a03b790d48f736bc42e9391848

    SHA512

    d7f10eb791505e59b20acc63877838e03350168ce30955a1c04d179d1699b469356ef686fba22dda1bf843b317603ea42e254f5677843fb00211e8d9e2377105

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    188d35ee259062e18d3761f24b5b6a6c

    SHA1

    dc90d4ef27c7539f3d3b1fd2e8476318da069c48

    SHA256

    15d9f4333d2817ccb12e131beb5b0356aca33faa0d19d0fd35bf3a2740cf7515

    SHA512

    d443d42303d024f5e4ced55873c432123651d52fcd81612250de0f01f7ea51e7b221966e9e2d03612c55d9e07f6fa2f0a445cd46cd7c6734db75469ff246ac0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe7929c0102a622cf7fcc40dff4a9250

    SHA1

    9a3e044b597cc8006f5685e3b8c1129e7f64ff67

    SHA256

    8870e9cc0514822e68dbc7ae9b1d7d789b2b8fa91fb4267d7c265211cfe04bcb

    SHA512

    4a76d9cceeb4261f8a2737b7823ecb6325a88b1907e2441ebe9756759e68025765d45db00d097450bc1bc432261d2a7f9e9f58dc79b5affd698fef84b69d5f4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6042b3462029e8edf6944fff05fbdbf1

    SHA1

    df580f98512a8d4ce031ace43298dd400e943365

    SHA256

    d1f9b7c3dd3a89393580abdbbe0aeae44abc2b5876c62f3d64e2862d7a78d361

    SHA512

    30a86a3e65e6b34defb0ec28cf6f638ccbf525756d5a7bb5eef7f591acbfae0aecbbf2119b78a848917cf82b68b8467c63017e042ffbf5ffb1a904b76e7937ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70d08e902f6704078eb7561f28842f05

    SHA1

    903f731192a4d210a6499ac67e88a7dbcbb65a48

    SHA256

    7c7408a35212ff7572eb29208b12cd142d1e1e74d2b8323b1d105fcc1d364174

    SHA512

    38c6de998313ab6b7a9567fc7ffc0e6d6a59db6622dbb325ebf7c5ff7faed711bf5ddd5c65e9a6f7adb47b1013f332f19e52e2c257b7baa0dcb7579530f05328

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02e41613700c3622037baecf4c3c47e3

    SHA1

    036f586d1b095e81b77764cd418c15c605a9362b

    SHA256

    c02be20f4e506dc1a6e57f056a99edc1c8775eb1b279e985c6588e2a82e990df

    SHA512

    1f16c79e826aa31e354f1d131e3d29ce4e80234c7f492e919bbae6c7d1285b38338fd254050e2279d2d364ae8afd7bac279a9226fdc928d0609363cc047de372

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8535ce9e58428b01072578a4425d8d8

    SHA1

    4af69d8c6c981935ac9042888364782562e966cb

    SHA256

    b1edbccca20a66857462f8056d53f4ace6f4856a865ac93051cbe8e396a5fef9

    SHA512

    80e8b92f4f669c186e58310a3ed37de4ef46ccd899989fcdeab62ecb1f4aeca1107ef6478122fda59c958910e3e946d70dc87ade4e55a24cd8b67387eb7a26da

  • C:\Users\Admin\AppData\Local\Temp\Cab3F23.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3F25.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar3FC8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b