Analysis

  • max time kernel
    137s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:04

General

  • Target

    910d08a86e9ba0d8be83fbb6e7cdb903_JaffaCakes118.html

  • Size

    159KB

  • MD5

    910d08a86e9ba0d8be83fbb6e7cdb903

  • SHA1

    1a02ef9d079820edb86a3787e12bab3f24742bd7

  • SHA256

    c3998d95d3812453a2165e7bcc42c3476662730b72a741ed19dc4fdcb9b80beb

  • SHA512

    fba478a3f2becd9a5f106c7665b77b268ea77ef03430b4f40a7537c7931e55f33721a48892c9035a5ae08e7d87561d09802518a0f61f622aecca855b7dd5f855

  • SSDEEP

    3072:SJS7awEMES5yfkMY+BES09JXAnyrZalI+YQ:SJSOTHsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910d08a86e9ba0d8be83fbb6e7cdb903_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b1793134e428dd06641772efc3e055d

    SHA1

    7fe10c57abb2e638bd603124ab8a8bf671cf593a

    SHA256

    3d9c198f0066095e7e8506840ccee4c95cc4e95245a8e75e50ed2ce3c18398ab

    SHA512

    7c13e569ad256e127c6b1fa93ee43de9092b59180653baf67a8f2ea793667a2b95d2551e0ac380c739204cca2ed2a52d67dd5540997772736b6df2f7f36bf39b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ecde8024c2f56be2b6adb73e0348f1c

    SHA1

    63cc0005e104811ff4c4ccae0a220cb963a0a81c

    SHA256

    8fdb0de4052148de1ea3682e12c2155efa389c7ff91d77eed52b4464427bc5c1

    SHA512

    5dc2505aa5e5073db407c34ff21c45c643492096f11c019128e69c1a89fd499b5dc3bea795c08a9bb682f1c2c3d5c27082bd5bcfd16c7800123a2b6d50718abe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41cb2b79aee2318a72d93aff46c0b5d9

    SHA1

    40afe16bde5e47177b1b69cdae452aa4013eff5a

    SHA256

    0f69db5de12d1f5f9bc4db89fd2fdb5b1bf7fe3e845b1aa90d88d9c57fd885b5

    SHA512

    b2d7f3839f95961020b6ad399164fa94be6c5fabcdc8ed6d188da74c348b61dda67dfd492721ac09fcd0bb4516057732a79fdf6d405c43edccc32f6b51c86ac5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3c5348e451c344aa92da8e4efb0285a

    SHA1

    e2b43dac33dadcddf7f9954d7d44f2a654f96b1f

    SHA256

    57b71da69bc7c6a91c23515ec32694d89fe2a373f922bedbe4560b1edbea31a8

    SHA512

    2ff7eb606457e2e18dd1b15b63407ccb9f7b646ed33931fa04a35d9272c4ac710b5c9eda8383b0aeb13597b7ed8686b0367d3647418d1da07b0290876fe18062

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ba5a5a088486c81f04d5eac56aa5cfd

    SHA1

    f8e8431077595532268152be7b81a319fba91453

    SHA256

    9e95a147ef688c72ff3f64b8d08608e4b66d9998aae4c74652737184bfe73bfd

    SHA512

    b3ee69cadeea857514d621dd4836e337e0f07ab9fbbe284c1eb7b5a8798498cc7650cd6c186f11912fcde51c11acb8bf7f5d793d9d254b753d211d639b69dd47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0de7c0d98d8e81a79a350278ff4e4f60

    SHA1

    94f3d07fcb10c86e1986394752cb6836b125a403

    SHA256

    782c309158407899391aa8ea3a531af2ee659c55afd921055387a25142d2a08f

    SHA512

    cc1f2e4178ec3c1e7f64e6f2434a35aa6ae3a38d0d63fc76775eb7fb020b2f02afc439fbe9c02a4ce23a452ac1cd80db68251ef20b1db2185a69f4d519ef719b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91daaf3673a913066ece6a49a275f472

    SHA1

    b2986b851054624090fbd7e57d468c243ff4e05a

    SHA256

    a5014c418d53a70b9943f446cb023dda88d483f93afbf29742d3a938e329da37

    SHA512

    0af5ef9c35b6ed2757246e73769eeb01490a9372a1d08631f16ecc197e74523d2bbb030ee53136fa036591de44166e67e2ded357064a1682827896e64d48070a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44205861eca4d8961c535cb5ae089d44

    SHA1

    1c91c2dc67f930abd265ff7d2c876b348f2d797a

    SHA256

    42fb2611ca7d732e292a7f583942b54e1f5d4848bbdb771119d05065a9b9cdd1

    SHA512

    f8647bac8410561d547b806ab55445024024e1500d7f9f595287f33bb61bfb10b3561c47a079e0cf8db98e62ad628e8e7455d0cde3c7ed02e629a18042163b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73067c9e5409768049225991df9ea47e

    SHA1

    7ac3408d55b0b79d925dbfc2d2ed56a7d968c50b

    SHA256

    533075f989ebb8a35d15f292e2e2770e20b8b8690630be7ef1881af093d2c360

    SHA512

    26bf3edaf560febd2c6e581e36b2265de1d1656c3b38deb2c84bb4e7fe7d1544cc43aeb8a9a10ff7932575ebb94d0dafa2ea32ef0359ed448b211ff8a4af3ed3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    658f4b8651ff781bba2b8e47f40acd23

    SHA1

    07ba5e12eb768917e393ae22aeaf90058d3c19fb

    SHA256

    6a4c24d495636e5db008994ae15aebadf54cab8adc07a7c243390531e98eb35b

    SHA512

    57745c97f4c4a42b13dbe50751a5ccdea0493dce24b954db8eee7f348af75280ed372f2172665a08864051370c652af956ced3cfad344a2aefff1690588e4820

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0de9debdbe425b7977f97b2723e6b65e

    SHA1

    e507a61fa53fa93c1cb508a488c59130a007eb43

    SHA256

    0a9249ccf6f6edd4a9424f59e1e037eedc7550d372e7dceb96da6bd73b3f018c

    SHA512

    6d25fb45f38c1946175071a1f0a1922c1b06bc021f4d710905c7cc8e6a0d10dfe18f9b4a0665623ec066bd5a524dc4c14697240aedbfa4df6a8f5487219a4bc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46a3dfbb4c7db298e83b1b5e6274d308

    SHA1

    96e9fb73a169712d39604e2c529dac15a825696a

    SHA256

    fa21783914b2c4e68208b60ea7598f8574bbc477d53eb0773b2cdd9147e48254

    SHA512

    20331e2424b8bf183c55bcf3434c32c7de3d6b4f16a1227e51372f79dc7219027afd14c886d7f58e735bf04f5e66b3f50e46446b65c7f9a6334a73cb4d45d48b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7bba7d2bf6f5bd74cd9453236503ff1

    SHA1

    8d3b0bb9e4cfaf132f923436855aee8ae14dc09e

    SHA256

    0a7dfd2305b5020aab045833b1a90841b0265907518caf6bd4e2a19a824be660

    SHA512

    c6982bd4d5132ace4970501ae4e1acf218d824f9204f3b2a4f43aa6a793eee55a65df2a524eb94902119198781f53f457f1500d21928e2c0b3d6a2a43e7eb9d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    612084b9b22e3937f2b1cfddf6f679cd

    SHA1

    1ab44a4c2be94982f78be64f8c4e50c1e2a8bfef

    SHA256

    9dfd240ea92d4bbe99676ef6c3dab8b97c4cbc232fe615be9fada5552f18dc81

    SHA512

    65ee23bcde4a741db849707ef4a53bbecce56103b1d418e9d87b12d5ca49db03085656a3f122337055d81d0ab7615f7fae20f164bb2d647be1fe7f66cc9e15b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8240b7977726042ad60544a520727599

    SHA1

    3f65b50d634d52532b014488cb02f4714a3c4829

    SHA256

    6fc9663daf9e6be2fe5fecf9e5726b44687502e675f08e550cd6484334297f97

    SHA512

    8592d81816f5c909cf6019edc8bfc2707f52ad1c6fcf12ef73a0db5d81e7ca2acbcbfcfa9bb1a9e1253ab62b0e3dae5acb74267f4c455264c9b1de37dbc58c53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    586bc9c1eb88d6c7629cb0edb5b3c518

    SHA1

    93d9a2f15423d25bc77dcab8922c635e5a4dcd35

    SHA256

    bf5702580b4e5038b625962084e32d0cdac8d98914eacb3a90c172666c3c24cc

    SHA512

    93f5633f7e2149b02237e12d7f56862e5b0481744438fc0279300210dd7cb86b6cd9b9cec5cd956fa9f3969d2addc6c55db578391eeecfcc92d623d165088cc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e34d1f4789890f5bce7c1d1d0eced93e

    SHA1

    0c8114a9a71a62d0984d132f0eaec8093dff7fba

    SHA256

    df6f84096574faceda4126dff37e93041c14916ebae63072930ce01a5f337329

    SHA512

    bf7e22688b25119d2f56c1c85383b6d445c05633c2c9f03ba9584f5a5c3fbaabd1ad0ba63ca7ad2345bf7942b5affa9c73b82878d19a62fbd7bf280782edca26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e4cbc452b3264bfd00ab089b9e9583f

    SHA1

    6d02255d9ef4506d3dcab9ba44fdf3d59f0ef089

    SHA256

    d93ec29fe9e3342f8f7b42ce5a77f2384b3309978b1a6a140ef61eba823fc8f4

    SHA512

    94ac6bea406700fe9cd62ea545049461765512c0cfdfe779e405c693748d2931599bbb7bbf0d179b2f037557f67c2de99e0a823d1e27ee34a99f300fc88112b4

  • C:\Users\Admin\AppData\Local\Temp\Cab20CA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar215F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b