Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:49

General

  • Target

    912d6382eabcd6ad9db6524ad8e7a6a3_JaffaCakes118.html

  • Size

    43KB

  • MD5

    912d6382eabcd6ad9db6524ad8e7a6a3

  • SHA1

    bff8fd987efcc7a355d3f68ed8f933e18b9dfbdb

  • SHA256

    f275b243eff3964ee66a0c3e8735cf83ff6d205fb8e0ce0d77b833e03af72359

  • SHA512

    873f33b6af78a971df3286cad2b57d70bfacbdf4a9e49c768b179bc682bfc6bedc19265422c6817f6b0f31a058213386c919753a474e61919c85ec654e3a683c

  • SSDEEP

    768:SNyDxbbqkFO4N1COgNzSKGWsmhU0fScFd6I6vnq:SNYBbqO71Yr6I6vnq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912d6382eabcd6ad9db6524ad8e7a6a3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2256

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6253eb1754386bd591155d32b31bf3c1

    SHA1

    9b894b637caef8b5732e43959a9802feac41d4c3

    SHA256

    1e391ec8d6c316bb338e3923e5e0d626155d328984fbb4e03e28fbdef4bf3627

    SHA512

    08a2bfccef16174fcd90e4cb17a38906f387c713ab4dc5b587289c0856cd8b51ec4e89b570a0c9abcbaec585e657868e202337bfbbc26da92352b5cf22147342

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e7d95401a25e5a0790f120679cda9cd

    SHA1

    a1e535f1c00260d77e416fc163846c86d591d41c

    SHA256

    4666597a2c4978c2ed35b3e8c2d05f96940aff02ac16f3d5e165e0b8d30317de

    SHA512

    e6a27ea0ad62a175b68e7ac14e5055e666d8a7db13a357daffc1f9c0e6c06a1e2b70cc215e972919e6ce8437450d180f2afe0df047fef1d5a6ebbef7785a9021

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d27d08135b15ab4582debc4280de69b

    SHA1

    5643a2bd86d1b6edc37b97ee4025fd4d45d6d4f6

    SHA256

    8adec7327c6e47970765bf8ccacaca5b5dfc6e83de8e76192f718fa1cd3aafe7

    SHA512

    83499eaaa3c5f0b5c164cff1da29f32681b8ceb78ea6dab00856dd71b525ed2d5589a62c3bdff2cd851703a0c68665753cc9ebfe9ed4d6355075b4982941b464

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    496403d5671b4b97d3a1779d7de9c41c

    SHA1

    ed02ea14ac885fd5ddd1768e09871a7ecd7bb04e

    SHA256

    fe346bdfcc14024f87e903890e4fd463f8502e1d9fbd3b094e4cb57ee7151be1

    SHA512

    be504cad9d92b98f778fb54aa87ea26a5770a3b76e90d27fd3f3b734db5fe08448e414668b5c81c98e1ad7efd2070797735eeb872335bd13ee100e4f8c7fb799

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5c267d05f9f4c7b29cb67ff5157694c

    SHA1

    f625e691d48c68eeefbb8ede5b4f93096a6ea17c

    SHA256

    2bbf4af1d34e414b682c3d09997c2537324fa9be6441235262e0ff747794a719

    SHA512

    371d377e6a318183a50a395ee0d1f934576e7640934963cd9b45d77dee739fa3f209390aacef0134a2897d634db9eb035d983ea213a3d93363f252ee3a075354

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05150960b0e6d4c3a4e1f323f3a2da60

    SHA1

    0a26f901a8dbf28158f7c2f6b7dd68d644c889bd

    SHA256

    02f6fcd21e11e6cdbcd89ac9bef6460032435696a3bb19aa967765de34e3d701

    SHA512

    3270fdbe33dbf23e3f0c4c52c8b7d74f7e3443fa661dedf7c7ad81b905c214a463678ce7187e2ef70858ad3c2a5b0d82145b34632f623ee3bf1a923585cd17f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a181e36d101ac7fc609c1f416f74eb72

    SHA1

    222c224941991102351536f288bb70cae33913bc

    SHA256

    a4465cf58b17bc0ca077c193c83fce1f780e8bafb6a51dd40901a1f5fc9f4c70

    SHA512

    670f361eea67a4ca294d864379bd0bc34d085c5c446dac04d9bd063fa19f7722ed30a89ba3ded0a244db78bd90708eccde6ce029f690cfa8d197aed4d5124774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0c3d21d80b79e0c542866c7809b2506

    SHA1

    8866db3e38601d002bdb52b18117a2b052b7b08b

    SHA256

    85623fcd75727cfdf0657d8902ae5380a8f5eeb9897aa8cdb4dde63954e56e6f

    SHA512

    bcebd557f6d5ff6c48b20eda9f8cc524ecf55300d00e7dc7a32fbd965f41f379257ec14dcff3001fcfc51ff8684b2ad492c7919ef38ac0d7bd26e53f3874be61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98faa56546ab866f92492122d0f4d12d

    SHA1

    76f80ccd213ade41b1369757155d5cc2cb1dc8d1

    SHA256

    a3d1d62761a67363f35165101a3039e4a4921ba81f0449efed6c195c6ed2fb85

    SHA512

    eeb380b9900de714bc74a0fabee23cb80d417e441fdf047c0d5829347943bdbe53c9be6c347eb8dc848d53eb8881592d7d2b845dbd2ad39e372b306041aec1d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77a9dd6d65d5a6a3bbdddc9b76512531

    SHA1

    618be3b8609ba6e5e4058d774ebd4fd96627ff48

    SHA256

    eeba085c962afdcab958a1890a13849b836c20c6006fa16dd2ca6d32000b45f8

    SHA512

    2129038f3cbf60196185570f627c0ad066ed6f09a1cd0cc2af3897d2c1bbc990badd6fa2d2249bb37b428d0189ab54ba96885439b3067fc20fc0572e87a917d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    028dc9817ea3994be35f476c66c2fdff

    SHA1

    4b26470926299aa90125406c5cfe43f900f5cced

    SHA256

    80daa27ba2ff19fbef19219aee7abf2cff5a3d0d44bf153f5e54e6c3fc31558d

    SHA512

    eb54b12333cadb0401110bffc445286fe2232372a5fabef621c650c33678cfe02202feb9db0f87f4f57cac6a986214781b371802564396ad6d5b62224240f7e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    212fa94e93d472e99e630b9a1c540ba6

    SHA1

    2d7e71c0d7c760c4b8a170355c6e76e5d534ea06

    SHA256

    56107526b074216bd9a558a4bea3955805937d59cc79acdd97e963bd6d214aea

    SHA512

    03f172a4225e463e59db9b040af0d4b2ebffac94943d1943dc490f937be10bd15565ac11d6ee212930359dc9d884e68c0c840c13708baed41b387f7bd6d2e564

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3475a2a0b20510a5091e7d9e1c095ff0

    SHA1

    193d6bc2b7ae2971219b7137019270c449981928

    SHA256

    e77a72b87329fb4fefdcbf59b5ae9095fcb5dee2c35fc9c8c965c28f32ab02c5

    SHA512

    5cea30e813928db728e217aed93f79c2e117617c4f13c31ea7c6b5e8e3d20a958fc70a0b041f83c71b6f0d5c555ae1e417c131b0b58c064a7726bb264fae4366

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a95b707a9b3fd34df6d8984a277d93d

    SHA1

    d3f7e2e144ea8fc1f1cb099476a3f9d1ec418918

    SHA256

    717981830752feb2a61f332f889a69ee7226408a88c6f0c465fbd461e5a0e6f0

    SHA512

    0e92f938bc7e0287ffb6795d8d9433b3a3d67e4aad5cd89b82bcbacccad5c71aa654e92405b85ea7186e21f0a596960c77e48d9c001b62716bdd15d8a392261d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea2397bb6cbe4909aa2e762d996cc426

    SHA1

    89c7eb10c292d287b7c62afb8864ed440237ef98

    SHA256

    cf855776c7aa5c720c4c49b236df47eea9ff3de6cebf7bc85b58b8867ebfd836

    SHA512

    f3ef2f6491db421d817fc57d396e284715bf2cff27588aa7ce85a0cd3a644abda6ce944abbd1055ba2fd512bcbd1b1344ea68cfb4250a338eb35726cc050615f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89135e67193877bde30e029822b1b489

    SHA1

    1766bd591b5965eca46ebc807cfa5436d1a9cf34

    SHA256

    dc8fd97277abe3ccc6a3139910af5e8bd10763cc51ff6070a558420234641975

    SHA512

    110da23470833800e8acfd5e26f6fa1edd987a6c8773d03eb57dbea4c1fbf92bfbb5a46a0033c151381aeeac359a62e026069238c0ece9cb8ec1c3d72d7aee36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19c1c8e56f61cf08bd0ca16da60818ab

    SHA1

    884c595d546f469f0346602a6bf02a0d2fb8c901

    SHA256

    01e460d83b8749727dd7a771e0ceaa38249351bb6c774f581d393edb5ac589a3

    SHA512

    f82f5a5e7184e29a5f86d189ef012c5d0342c5fd25a173957578199f6cb33a3c111f5e6c9d245121a5b79c44d829839f2021bb97d553106209b0747e8a71351b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    445673f745b0b67212ddea01ba10f1b6

    SHA1

    53910efceaa930823495f2fc539f7e4229d13f0a

    SHA256

    655583d605f47bc1d5382a4bf87538350f6f0f691408012f13de584c2093e26e

    SHA512

    659aa8afbec25091a5291f94907b8997ab7ac6dd916ac84fe478bdafc5596ddb251011f8a73438415087c257354694bbed6bbf1eda74bdf8f9f3c531ef843433

  • C:\Users\Admin\AppData\Local\Temp\Cab539F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5471.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b