Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:04

General

  • Target

    910c7d19b50611be17e4c134a36e387c_JaffaCakes118.html

  • Size

    143KB

  • MD5

    910c7d19b50611be17e4c134a36e387c

  • SHA1

    dae246a40677a822fdb77b8e43d3970997d2f2ab

  • SHA256

    78bc8540b8ec41e76beca7097b4cb0fb862517c15f32dc45149c7f6fc7bb45ba

  • SHA512

    a9fc7d18822b9c7114c4b79a6e52255d82f502a51259e70558e7207b0a8fcc9664fea791fc65e2bfe6437f3b07529569bf9797680daa66d969027dd7ab115911

  • SSDEEP

    1536:ca6gVKWxkapWixynHf2xXBHD6tSZE7b+gG1nO0lnr/6nX+Nn4XHnlNlnlGrnzxvN:dxkapWixyn/2/E7bwmwwY

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910c7d19b50611be17e4c134a36e387c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2868 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    d1153679f54894a52118133d79bbae60

    SHA1

    8183e9042991bda6c76b2f4a6b301f2bcde693b3

    SHA256

    f9535a560bb1b9a83afd356e5e54cefca2739608909734fe941be8b1bafe037d

    SHA512

    73c8c11a614666aa5c5df7405fc8dee39feeebe0f6d37cd5733d0d5b69e814d29bed8ddb290010a2119d8326bf26493a3933e7e1b0090e8d14905946ba55b505

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e16cd4d4b791fa77bdfd9beb297e6f0d

    SHA1

    e2ade82859ede03aa026b31f6051b38d4e4237b2

    SHA256

    321dda22358dd9a715a86eacde06a7fccea22ccbf25a29afad7aad12f467946f

    SHA512

    6a6443921f25760204d429d1bffd95a403382615caccb83e81af041466e80e3c93a32a3df62ad95b835be77da94d4c201ee1c49e29c8442f424175e6c193eece

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d72fdce198c704ae9abea6868790000

    SHA1

    3d6c9517544f789eadecbe35b5d89ddb6a147dd1

    SHA256

    64a75f46fdbbee9439c097b16f70ab4afb36690a3e0eedc21a23429835ebcf08

    SHA512

    d79edb3bd75b0829ef03d47e92456f05035aaeced347ed68fe0343caaead4c674a305f28d13b4b314a4a7ad3a583a79815d37776d5dda8b5a34c4fb0131f4df4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cdafb9240c5ac598fab42ad9ee18e547

    SHA1

    41eedff412c50bc36ab5db37f3e680ab8fc30ce2

    SHA256

    b8b7d7b2bb5624909d6e96168a047c34649e5cce334b2ff7000f5c1c5149cba5

    SHA512

    5fefa8b0d6011371f87d7bea990fa7fa6a7a339061fa99ff91e61095f0cd476885dbc18dee124c416160c75bc1b6ba6fa7f6a74434b38ec4f280e5050f6673d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f948e1dd4c57185f93251cc0a2e9c5ef

    SHA1

    56f0fdca62af007c765249c816894de33eb70b79

    SHA256

    8a08d7ca5639ba82c82ce34d90fdcc95cd47568d60f066ffa99b25a3d792279f

    SHA512

    65083450047f4b64e053f6c60f44671ee46bf7b8c0fdebca555ad4bb9f0a181ed573e7274905a4ce650b0bdbec33e1ce5b1cc48bc8a175909367447c68604a7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94cf42234aa98ef87cec58fc9a449402

    SHA1

    2353420296607040bb16cacd72a7a2c85685d97c

    SHA256

    295cb009cb65c788dabbb67fd98477805dc2a5d9b43b1203f8d1541bfd1efea3

    SHA512

    5d7cb8b23f38170a15b87264b48338dba67c070a1834241c3e90356b0056321fc8e63ed60be26e01340dbfafe3de26142e98674c5cc0bc14265b845f482c4da9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28cf89104ca41e24a0b3c2d0773e722b

    SHA1

    7830d92575539854ae5dd4055e03725612f3a562

    SHA256

    b34f0dba87e6203fc609abc8f465d8e51f395598ba24ce8a23d4a0588b2154b4

    SHA512

    16ca9ba4ae0083806d4b0c1ef48e0b664414f2d7032e765504e0ace9da8505cfa1c61401fcb95e2f382487888ce651c54bcf8995b04e1a945a61ac3b8c20a9b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f914e523036625fcc89328d0e69cc6d5

    SHA1

    bc87d063265544a298989df73102902d1c716819

    SHA256

    b734e37b6e17bd40410b73326c419f65f151f0538b5f79fe09824674c27c7066

    SHA512

    6444345fc3eea8fa8af1af9c1646134d333087dcf638ec53afe51c94a4660bf936c41100b92de882facacc7ade3e87b1d709b95980d4f349fcdb773d8a4fff6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae3fc3787ff3586b1d9224f5cc0bd3d5

    SHA1

    20a9cbe84b21b4d2a9352098ddd4aee460393243

    SHA256

    b55d642c49ba8c62f77002eb8eeeb96658306f32e146cbed54a603017c9337a6

    SHA512

    8bde40d37a5bbf555dce8c93a04716aff63f1d5aa582ab551879a1e44760d2ca7c64b4329ca4db0fa46d03f9e4c8cb758a9e95cc356484fab554cdd3b9c04e09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaf3429f155d2002344064133cce4c39

    SHA1

    875ad68b56dfc74312272cabf27945d3287eb0f6

    SHA256

    22410b8d029018974a7199917c1f28b3ffc7aa6619c2f803e9846d7d2fffb4cd

    SHA512

    202c5383a86154fb1d0a58e303234d3324ba17f77fad91e97716b0c8ca9b9a68925e8176035f74bffa7c0b9a799e534d606917ea88704a42cfdc9165adbfeff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    417d0aa97fda380d90fc961ffa251dc3

    SHA1

    09409659fd85036bdbdf36a31ca1ccad988e384e

    SHA256

    438c5bc37b0dd57da95aac94d768f9036dc18a4a29072df1cce4eeb47f7fab94

    SHA512

    04c331e61f63336d399865a98c4de07fd7b41d100629472918c045bf58be4822c6f0405e148f4253fa2ffea0492133e3acf0c4e3e296f835cb918c548c399afc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fe3150d8c90fca4e68febb735841d3c

    SHA1

    339e0cf7b5df0830bcd179e8ca19f709de67bd78

    SHA256

    786bb35d5c8877bcc2fdd439718bfde870cb62165247d360ecb1fa1ddec67244

    SHA512

    7b7056fe8b3d74e630f0d8fed827057be5e855970dcdf0c0c6ca9815a2e32db5218b6cdb42f466677ef93328d74b7111a9c376d60741f6c221e53d005d78f4d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f33271c6dd173d748d31c6aa9607963f

    SHA1

    ef16b4bc0399683ca012979a3c6fd586465bd65e

    SHA256

    4f26e0b052f2e7fd071c8ee4c82d81c202b754149bf9745b08a4077ab639bba7

    SHA512

    35cfb80f065f244b3d10f18be0b88dac021cf96b8222d45158889b0e1de3251302d61c1f6ed1e963acccb65315713946d4c207a8d32f9d2e641686d6b76526da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af52c57f0b7ea9fd393efe5d974dcd62

    SHA1

    c38ce29a63d055ac72782a5e4188c856d843dfc2

    SHA256

    13b84b3f4bb80e5e82d4734b0a58dd27327680e553f63c21d9e014fc30a70431

    SHA512

    a5ac239930bf9152a1928a5755e6f2bb3b5da043f599bf318e4f182179c7b3f43e2ebcaf0b9def4a9a3498acbddbfcc76eb20c52faf5cb7ce99d6f1593c3f238

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    a20e153e5b05b3837cb580c0ba0d63fd

    SHA1

    cab6e002dadb964b9f65ca43a1f8d72d7f527c51

    SHA256

    f0bd15c6755a5cb7e9048a2ee15052db13c00fc9880285a04b1f430da6535e7c

    SHA512

    14198179578ffc7a1d7e8fd9b7a71f9d738d6c73949d6182a2cc5791a5ab3b68464ee2a7eefbdb0491c6166546378f7088ec4d7d5c97db962c184c28efda3e76

  • C:\Users\Admin\AppData\Local\Temp\Cab2780.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2792.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar2892.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b