Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:02

General

  • Target

    910af9415e1a9d6516a7f3e514246c43_JaffaCakes118.html

  • Size

    2KB

  • MD5

    910af9415e1a9d6516a7f3e514246c43

  • SHA1

    cd2ef0d1fb984510dc1e77b6e411a160694f48fe

  • SHA256

    3d0349206883bab7f790e2e4a998872ca327e5bc72018bba122c65b3a4b080b1

  • SHA512

    305b102c8ff0179074cff7a62330371bf69290cf846a83fc82048c5f7a575579183f198f58e42261e32e4e1d13a49c6a7eb801ccc456e1bce50e1387113fa893

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910af9415e1a9d6516a7f3e514246c43_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0371938ee244b74c4b0a9a33d7dce852

    SHA1

    6d20eb17b7c1781abee8da2fd2b626f591007e69

    SHA256

    7e25a9704b3273725f2402035494163326baca8e34242401adae90307797ebb4

    SHA512

    b1fd12a9eccdf4cfd9b8892c5005b8107ca679974bfcbabe786a3777d7410897c23e6a3d92b8571d613334c8269738321652c3322a5d37dc904df7849a1fb1c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3993d0863ffa408de42829be5bae90bc

    SHA1

    bb158d62d25b6d0f4182ddcc3197af393d97500e

    SHA256

    e9a5440c6643b8f24cdef0ec023e7ef1f0f17994c576e3c53fa339b2369a7a7c

    SHA512

    cc9371f940d24b85c4a4b35e2525809ce5c6ab08053fda8b5b29e3e023b7c4f296306cb393eecf795a36579afdc3fa8c429cae5a0939c2db1575b9267af6e2ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    388d32707c0d20f9bd32a4948ae0279a

    SHA1

    d33deea10e0a765a7c28d6658f3329d39ccdc911

    SHA256

    7ff250a751a0099e79c692c5216fac86f0c6fe7455c7e8a31930e07699cfdcd7

    SHA512

    f79a0a3ae67f945bcb69e656d64e5e79c302d5ebce909b5f6c8f22a6c13f2e916080a523b6646173cb879694d76d86ddecfa28ea2f677a6917f1a83ab455d2b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    96e1ca4d5840dfba6d7e1733cabf7e7e

    SHA1

    f24e7475617ff2565c8103763d206ba2a99ebbc5

    SHA256

    18c12445eb260e3b93fd116d23dcdc48edc1e890601463eae058b79e2b5b9e5c

    SHA512

    7780dd8e6d1afc32d73e7b8ec7b4efd72e0d261448a5fb2d85fe71a0bc13bcbc6d0662c1d2aeb0240d7082369545cc9e8cebeabcc0640cafc2f4c90ad48f5c69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0bebb24c8844bff2a1b141267597a547

    SHA1

    2dd789202d35431d1c13cfb5a712d82e516b294b

    SHA256

    0e87c0284ffda5d29e2e17daccd3e21fba374e9fa859efbc1f22bcf3b24e97ee

    SHA512

    fc79d6c8e0232a2596aa05f41cdc3168665f5f455dde65983a16b56bc49e4e08c332984f1cb5568a425c648a583b242c2dd9bfdd2a5928c37dacea373f8343d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    af5381de4063b28f21c8557bacdbb307

    SHA1

    0ddbec798819022e20fc6889eed1867476b4748d

    SHA256

    6cca59b3aa1e56c90dc0519e28d9796519b067507413c79166c9898dadd51b6e

    SHA512

    9a1d92f3192abbad81311048fd0bcb8a58b3f94763bc93eb2cbdfd423621ec040cf90a667bcc786c6e833142962d102439d3bc4d00779fb185353c39721c41ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    825aacd2b45b127e7298944ddc042f9b

    SHA1

    a84c77fa29a1e4c374d0cd9b00b24c074ec0e082

    SHA256

    f26c37cbcbe00a9325f3dd5ed23fa5a3f840d7b3e464fa4ab46bee3d196f2241

    SHA512

    7efa6712db01d5acf6bd5bc07241878666f4d9b436e4942ed1c4f77b291a2d88a10aa71fbd134f6b4d440bb91b6b9f332a4ff17803d3c8a2f6646ef0fb485752

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4fce08568d70c41f3087e6d21ac3ae9e

    SHA1

    256186a3d74f4c191c03c5da4a2e7af938635013

    SHA256

    f0df1e498e63973682165de3680b85bc6dd897df0501391eab0ee23eeb9d572d

    SHA512

    619d2ffc1f12a8d74e25566ad8e5d39d7ce5df5f234b3ffd91a117acb7f942cafda70b737455224d039ac7890d8356976d1215340374fc7fd4f113be8a7e2905

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d5e41b6508ad2501d42368e32c3b9add

    SHA1

    1bc7ccaceb16f7dbc1723f79165fbb5799283c8a

    SHA256

    9cfdf84331ba1cab1394ef31638ff5c477d39c57e7309ba65bf389b73919780b

    SHA512

    36d82ef0a07f4a1b83776222a3f91240c2ab0061b904249f856fc3ae8a2ea830d772c89102a68123e30a473ac84ee04c6295364a1cc6f36dd5a31728972e0b89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f4d747af76632c5ab5ac238a269b5d6f

    SHA1

    84cc7d09d7fcb4aa3522af3321679b08c50b42b3

    SHA256

    b84ae6e039003b313666a75325f839022d0526d019be0b7276eb5ecc7cdd9094

    SHA512

    44bd0a100d5bebac1c9131dd939e5dfd9cf9fcd692ecf00afb421a167c3aa1c6aca81ab71e4b21187028010035b37d864c3ef64b2c59937ded8495aa22b228cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    32f9d31e8762946ee838e7a84737c98d

    SHA1

    4206b5b59c421687bf8fe65096c608ad07e2beab

    SHA256

    b9c7fce870c8e929d6b966970d79154e80d57404e47f15793831e8dda9a57f39

    SHA512

    15a83b2c1b533f683e8701c3acf755288e27089464982b84ee3ee1837c5cd8fff37f31ff39a464dd418a8783723fcdb1da4ada5580afbe7efd2fa80109b57d6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    faf64ed1bb295c4abbc0478711eb770e

    SHA1

    42cf35274ac491cd0a4c2bd26592c0325412d2d7

    SHA256

    e0564ba3e028207d01129a294e65c4ff40cca5c30d63b3249c31ad498efb477f

    SHA512

    2f2c10922e5e92b3fb08b90f120191632fd4209ad8885178a4ed8a11fca7441b7fc3eba76545556df928923c2c63e3e995fe6f682f7365b70ec23ba378354cdb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8ea6bd3d4135ff7846ee2802122e2c7b

    SHA1

    20bf40a345ca2c14ac93273083f5b4caaa94a701

    SHA256

    a1178e37185a27f4073fc5f228a81ffef3f57b6c8c64cb1be75c0c6f7057088b

    SHA512

    e309bc79e7dcdb6f75540b5f25b761b9df3e31142ac3ffcc6ade120b6761ff6fae3d21fe3788d55a4491686962d817c6b8491228b21c2d317ccaf35daeb25ce0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b7e1c67b694e9292685e3e8494ddf177

    SHA1

    cbf3a8e38fc0a0d1454cbd398f1b59e63565cb87

    SHA256

    fabde1404af083fb9e7eedff7211d8e5341f5217652c3b53ee8570b9dd202a0f

    SHA512

    4874ba21a6faf8a25f1abb1826d478c11521009d9bb6517420ccb4c28293f063dc3392b96710f5e5527e254d5062c868a45ddf940f6dd987a8138aa1e347d174

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3721c45b077b97fef16a60fdf2b60f8d

    SHA1

    200007604dc8716e7ce93e3c7115677361584aed

    SHA256

    601588e0b16c6a8f58558e0b10dc56c6522915231f59c5cb7a698355eb968169

    SHA512

    7b3a3cc115751edc36731a84d89e45ed03ab1be0181fdfbcb4231fda4b22a6ce25af06f77dff9ed1a0dcf836c0378ad42fe6c79581d4d5d6ee9eb38a3f99dc94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fadeeb2369e3b93f9d3353823a9cf2de

    SHA1

    c1811f6825c31300b66d165229c19a9b19af630e

    SHA256

    ea8ef1a1abff4f0f85c3a236a9f79e2c3666f96889400471db89c610d8b24256

    SHA512

    c24305e0b17eb45cd523de1f0366ae0724e56254e9b565f2fd79e99033f0d1dbc8d76254caeb212d50857f32330296ec542368126666d98c3ccb5112c26aa491

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e60fd5828af5ebb4b2441630e5668297

    SHA1

    32f068a7b04e9fde8bac3c0313027a64fc049971

    SHA256

    3e631ae5b3c6625c4404b259043b3bc806f2760c54cfcd897de25a3d05668f2a

    SHA512

    1df557a2f88145d738653b80070c2ac38a5f81f076c39a2f1195f4a5829b72342b6b75455614fdbf9742db8cc8bc2f33bd8ccf43d2e79dce46cced2aa8c0fc84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    567b852fbe5cd7527e55c8fdacdf30c7

    SHA1

    60f9cbb89caaf1747993bca4469769b5dea7551e

    SHA256

    0f96581bb9cc2610c6b27dd13232f81199aa5982098327ea64b56bc69db30bf5

    SHA512

    e6f4fa8dd957bc433aedd488b97516a06e9b0f781dc128252232a9792451c45cac2e8b7c780b221e349dd163ec3c7a68e246defd7b0e7c3db2d3618c5ea3e9e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    aa096c95d00a65e21f81102bb4a33f9b

    SHA1

    2f8fbe32ac08b3c74d92b14a0619d88e002ee951

    SHA256

    4b8326910abf759522413a4d9229c0158562a6fd2c3778fe17bf812e676be18f

    SHA512

    c35778b5da720f9643c3430a448e79c53817e9a92ecb663c2fa55ef3bc35ffc3fb861df1d16abfb53cc3cf679d4a0f394b1fdc5dfd4b368617c158bbefa68466

  • C:\Users\Admin\AppData\Local\Temp\Cab22DE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab23AC.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar23C0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b