Analysis

  • max time kernel
    136s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:03

General

  • Target

    910c0244be98af0d081993773c97009f_JaffaCakes118.html

  • Size

    158KB

  • MD5

    910c0244be98af0d081993773c97009f

  • SHA1

    c7f407ec4c93aa9ea024be7db882144793332869

  • SHA256

    fc8693460a13c7b60f47d526cd9439582a87ab3d62799eb56893c20902d1a065

  • SHA512

    3ba716791c7b8208106113f9778e7b2529b45fcb11cddd5c3ce574fa2a065dd669b98571a1b0a7046d8b4f35203df1b808b2a7794c8d3ed2326ea71430f1bef8

  • SSDEEP

    1536:S/0Q2oGtPl5i0+5uyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3om:S/KtB+5uyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910c0244be98af0d081993773c97009f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4ab8ca2d18176fc64505501137d6d88d

    SHA1

    63539309c60bd38efc902fa5cc2eccc2e5ffbe09

    SHA256

    e76961cd6a7b748566e0cbe91839a76ffbbabcba91fc8eb54e0c67fbf9932385

    SHA512

    cca376770f5ac8e08a58625569790504892973f9589b53e40b88914c90de909df6161e65cba8907ede3a1ab59b67ac904a4cabc040977bafdbcf5ed9b9bee247

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    03c3099b6b6804736d77ae59843fbac1

    SHA1

    98196fb654d7467e01e5afab02eec063b6dd4231

    SHA256

    192628092c3d361eaf90f1ad8f5353750df493ef1184b9d3e2cb91303fa751fc

    SHA512

    7ee4ae97534922b8834150f6f19dbc91f8d269e273f175e46bc16c8a8ff0dfef5faca72bb2a93d265c2d9d9aad9a8d04246e67274050afae9e4649410c752f5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    83cebcebd0499cfbf9f773f4409ef661

    SHA1

    67e6f0884e629ec5cc9ce31b5475062a1c79f694

    SHA256

    0ead2df063787b6b818669becdd9dfeda46c79235e3a9e0c233c717639861657

    SHA512

    9b2ec666aa4d7258b1add3417124e239326d8572379df4d7d459943a23112038d759f7019a376cbf03aae31866a3810138c5f957c6b65c7396f7e9c46df68d9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e0c7253eb5382fb04705cefa3ea97188

    SHA1

    31478e37adf333a83787056ed532ea39970f90ee

    SHA256

    6be38b59c88b1fbccec1252567bea975b7f5c654a97c0e3293fe5e5fa8a72de7

    SHA512

    d9c3f726ba82eb1c2ad56a836ebacadfed83f34ae3f5f41537333818bd9f23a568fb47469239962ea69d86f7b547c3d90ea55cdc68d230126344b775a45d6d14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    daf47b89be25dbe204caf3a42e444efb

    SHA1

    cc7dfc4d380abe071f4a60036ce0e26d55c38e25

    SHA256

    62deeb9c9c56c564090c1f126b386b0304bf71a8b444d5fca4494e5d080f4221

    SHA512

    253d9368dea6a94e3f2fe379d92cea0e3634c16c7c68b72f30fdba5e5e39f14946cb716d6678135eb6ee874b31282635972e7d8cee20201cea00c7bd88525bfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ac191c51b26a2066e216e2a228bbf69c

    SHA1

    59e022a0bdac14e1b04d021b5715fca978991bb1

    SHA256

    3e73bd5631156e789667c7dff9cda74e6d9f021faed90b575117118427764e1b

    SHA512

    f6310cd0ace1d7049bef7ee21fc302a4ce40eb2691da8f68180433ed559fa97473401ab059939cf0a2cdfff92136adbb7e8b92d9fc48b7ae4102dd6451b14f3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    66d03dd97c70a3efc18b0cc055cea64e

    SHA1

    115dd828d7a5fc96d169767377e3a560b9bcc2dd

    SHA256

    c03b1847a9ba496076faf86645acc0f2eb7e61e516c9e8677c4ad669cc26b370

    SHA512

    60546ae74b5b8ff393c90f8828a3fb74bce80c0e33e6b194f329ade2a7c5eb53169c718ea4fad67fca24ecf267d99e5801a764bae11824527892c50e7f1f053a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1f214457031ef5daaa929989caa85194

    SHA1

    2ec01fe2cbb3ea9233b5249cd099b02748151ece

    SHA256

    e7ccaf5cee45f3214f45f2c130b8902d0bb36eee282e69a343f2f3f3ae7bce6f

    SHA512

    1501acb7ec7dfbb8262955bb015b559665cf69fc6bcd12973c1b5645d51976a08487ac7bb7ac35f0183e498e590474185e3f75ae873ae840f2e3a37f32898348

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    267e1938ff547526e9e503aa44458079

    SHA1

    e484f1cc4835443b1e441cd20b63e07a2fced91c

    SHA256

    d8c6ab638bae844889c7148a7b9b837b9d9e03b5ac7486fd6368f501347a52e4

    SHA512

    80b897be14c8521068e0d49352e7080acdac8640cf9ffdf14c5f9659e794c1fc809c04fe8269c5ef00ba40009ad3d5d82ef24ca6ebf1132cce40f768bd87901b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    faef356b9cd9e905a8dd43533bfed4f7

    SHA1

    a8790d1439de120945cd27876224da3d032bcc72

    SHA256

    be677dac33e5aabd0c093080a52add7f62264bff0b112944e5269ad0c1364cd7

    SHA512

    b93c03ebfd6ac1898b6a55be06f9432e2c208f7704bda5e36d0d7fd4753c234d4bb6cafd3e53e287e8b75858fb7d2faef70842eae24442cd5d4359971f5cbfe0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7d853774f7de75a2122a30363c55f069

    SHA1

    a435100c6ebe198a707a5c71170f0d94cb4bde42

    SHA256

    aa29a4311583bd53b14ea41819cf8bc145fcde63e1eab9a964ee197ddbb82193

    SHA512

    26d114bfbdcbe3e174790ef53d5444813f4f4dbd9babc2bff773eaa86b701a12621e6b543a149070a10e991b71831933af10aa42a99d8484868b8ccdd371679e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ad53fb18ebcf3cac884fa179fd74f5fd

    SHA1

    4578c6bcc231a38e36a9d64ebcb4ce527dfb05fb

    SHA256

    3ebeeb444407dcbd302612cd355261c6f66e172256c325f9fbb88ccd7ffab115

    SHA512

    997bc4635c4648b9ffc773d4aeef95b33d18267af9c67e4b5d358d9d5708392a42834ae7157c21f3f0200865d29fccf2833ebb48f4d99cfaa3ebc77cb5067a50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c2f20ccc9b2910431f3e2d9c3edff0ba

    SHA1

    15b591e3318461222c8f19a60c25b0ba090a7f3d

    SHA256

    aad18ce5b07e7b4d8ebbdf5f3a69cc0dbc1dafdfaaf358e37d8616b564b5c72e

    SHA512

    6d71e215a8659c62371e363b151fb693a0e2e488cb41ad64c6226602aeba9628557dfaf98be5b3fbbc7acdbce0c7ec75954628f9a00a85d6aed6243bbdc66562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    35f69d452dcaad316ad6fdf3036939f4

    SHA1

    283ff264e1b651c9a28eb3d0df5c2d86149c8706

    SHA256

    5515dd648f62d884a83b4d9437c4f5e98ee7a43f646ff7a8e452ce7c7d2a83e8

    SHA512

    5e4ec54d57fe715500432c44759acd602be5af07b4506d27d6708b6adb426f2d3b2930adbd22b5a6d136351ad1f44387b0dfd6382e76c48de8b7ec64d6245a1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d8a49b4dbbfc5e29b6a859c8655806ec

    SHA1

    4a66b02b1ad31a42ae5b7a386548c38407828852

    SHA256

    b48fc893c7275a97e84d4c96d79f44b04f20ee1125f764dd32e7828bc87301b5

    SHA512

    9e437f78fd13456b3a2735e0f68ffb3d25707ab58ed369b8082d82d4052b9a03d97921c9fdf6871d06d37cc1a48ac2fe14957ddfd3b5f7bb3782b1888295922e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    883b34a4dca4e9dba4cc328c718544a3

    SHA1

    2f7e70ffe0bf27a95e537d13acf83e06f6aeeafb

    SHA256

    b545a6968c8fda284db59170b0d3bc2c4c4a54bc6142eda96548805809085016

    SHA512

    0461157d56912f6f4a5b2a198c2d3404e0b9628b6198ae498e6c2e01ea42c0b0319173c224555784e17e5f22e24c9ee69e54c45fdb73c4a3615ff3448cdebcc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6c6d4804285c47d4fee3088c016ea30c

    SHA1

    f71540cf424a4e25c7542b8f8e0f487220ded2da

    SHA256

    2f6dd90ee7cbc17425d9d9080d29749380e2278ef15f872e6c9b68ebeded54b0

    SHA512

    5c276842050aadb2f8d92b91e60ab048050f066cef7ef40409afb1897f166a79648bdc029392994e1a256c4ffb486f0569ec618f999fe022509fa373017b7ff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    046fd5e515735c5d822d4f16d3ebd28c

    SHA1

    2abc89fadca6b7699b9a75a60bdc16ca5287b1bd

    SHA256

    a372c116434c7c4ff84768984a9b5651cea3e1c3fc068a4248097ff7146b9154

    SHA512

    80c626080b4698034d9c1d25b4ee35f42f4db7fea86d981be731ba389ee83c44a689f21875036cd2812ec85bb5cd1a4103cc8de0ba1288f75e0005d4acd70150

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6b77fb52a76640a19111bc7c780992f8

    SHA1

    c5baafe1cdb3bef563e883b97867acf1cb76d806

    SHA256

    1c1b54c4360505d8f2aa4bba63b6573232920bbb9ecb2c731372b22e881bd4a6

    SHA512

    375bd35fbf2ab1bb60767d36e259b5cd292c48ac3c17cede7056773e9bb6f5f24466fc54435c238b7e2266d0d7d128822c5c5d248badcf47893a04797aa6efba

  • C:\Users\Admin\AppData\Local\Temp\CabC90.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarD81.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b