Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:50

General

  • Target

    912e5343e174d718d2c19dc5865747a5_JaffaCakes118.html

  • Size

    20KB

  • MD5

    912e5343e174d718d2c19dc5865747a5

  • SHA1

    ddd8b606f5fed4325a11cc26104972dedeb6e395

  • SHA256

    2b05e0f2621448074f2174609d0594b9f569a56779b93a8bfb5f9bdf1b59452d

  • SHA512

    597ecc21c554ad5e97e8f00c48c823d1ab100dc63e300a3642893a7533b6af842db03f5e85d4d4666cd4acc7d41826e5f7fbac9ed5026a4c0d4b4fd798cce7a3

  • SSDEEP

    384:ziwKcRAa5r9DIilVBD8cyQ3R31I+/6IEmd5WScfIk9xhevYzVc9V:zi/a5r9DvgcV3J1ISsmNOIk9evmqV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912e5343e174d718d2c19dc5865747a5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    25124f3e38dae8b68e0649d3ec7ee481

    SHA1

    f18f07492170d8344f0978895f0645fc35450e70

    SHA256

    564bafa7f3ec7a6a6cfb64d6ab33c72d3bd09ad33c1dfe4699811e90dcd61311

    SHA512

    6fe33d65fc4158e9127a74ca72c30f61b40273c6502c22e13fdcf51cc987d991d22648d0e7d217bff2c0f2fb50fdce62e4d5ca471de4da814bccd6e15eac7c3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    bae441ff8776708c032c2e1e706445f8

    SHA1

    e56c99f434415018e14ff6443a8709d85cb62592

    SHA256

    161d65ed7bd4e89d332cd2e8647bb4625cec7cb09920c7b8c4592eafa130c518

    SHA512

    b30d097bd47fec0edb1f4fc398a16061032c6de0150774fc7138e7252f671c92672c2eb21fa38cc37af247cd2ed09285c0c358b350e8e5c14e3949e2ee3ada70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52c23fc264ff15566eebf319150e479b

    SHA1

    aaa1a81f6c31a1a38a73c94cdec807c3f06eaffa

    SHA256

    ea700f540619c6cbf3ca448a5de7ac6b33c1692b3494583e36b485edf9a8fa14

    SHA512

    5997b4589224b56c3fdcd7d7dc017c2049f2c394a2cd01781a347e6628cc777269883b87af5cda715ec1fdf7e08cdd6569e849941c102531c43b037672c0a9ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c45236d422269f8c70c2dce117d9dd0

    SHA1

    6001c5c91d48b9c9dc55d899371feb4e0f5ffa40

    SHA256

    82d141d14e507c7448019618db583bca2bd990e6a3f7a20ab7e54e88e828d431

    SHA512

    0774ef56b98f0540c72fe36e983b13377417c20e3ced6db05f481be7223c08a58d71c07a3dafa2eb6b5d439dedd7a8b7ce0336977c1e53359d29f3b0c1a3daf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b064622d1f7252de806216692dc6ee31

    SHA1

    8b07ba47f628122761d35268c1db680fd6eeebca

    SHA256

    73208af895af4f7b88bb2a747d16873ea71a1e71d34586681cca1a8399b2023c

    SHA512

    08519433780d5b0ab2339ad3b32280c1f633304a4e3c9d5ef03d76697dd49676f2f3bc0c9cfd1ab231afd72658afe12fb7b6c7886304cc9b2b3c94caeb586ab1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ebd90c26e56b970413c616a660af0d6

    SHA1

    c34a171bcd6f0c0b7c9682391c4fd1611b788fb7

    SHA256

    4f849a2666d39257de6308e30d574203945c190232607423d5f923a75e8aeb54

    SHA512

    88f87645029bdfb0366aa13258f6ec2aabfcba25d9d51729dcd6c564247761224e5a98cffe30a09a1d92cbde260fef4ba75e19e069a32e3b20ed7f985d52aa8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dff02837af05a19eef052bd3618708ec

    SHA1

    1a85299d28ba4335401a3a77be177b30b1fe8579

    SHA256

    14e167b71b24b55054cb2eb3617d7ae2458d986b57bccf10c9317aec70fd5909

    SHA512

    51c58ef139d99bf14183414df25cf20c8751ee5d8d10981f1c18a8676d5afca1045a52502f632a307a31d4f843fe6e402aadaf9342998738f3bca0d73d06bb2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b560b916f697f0cc69645f8857b22c7d

    SHA1

    70549f16da488aec9c2cbc7413eef3653c0b644b

    SHA256

    2bea1fcc758f793a1ea5c817c5d8f40082c44d2b936788fa6e53e6522cf1951d

    SHA512

    8f4382b3c061f714a61163a76983a8157179a3ca862c648f3761693d6aa3ebd968bb8ae4441d8f86b793f3c335fed9948fb67eaeec16d1ecc54ac347be9c4047

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fda9a8fa1c18f3212108e4aef08fb168

    SHA1

    f6e6de8d76cd74e7538c0955423530f0465b128f

    SHA256

    c99c4bb261b6d8d3f9df6f21b353efc86542e019e2a56f7e6c8f52194b26523d

    SHA512

    4fc195f903fb705ee3c8183035402ccbafe6595889af76833003c0b72c289e27eec79a76d675ff7f7e586cfb0c8d5b2564f668d240a96ff69e5aa672b2562b61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e6600f88b640e95f596baf59b8a8128

    SHA1

    80ac7cdc2355946eb297975e1c73fb69693f3369

    SHA256

    50c6320b2abf108422c9136ea4b43b73806e564c1a4b4fce93c66f784fdb3f6f

    SHA512

    a289b66224fdba3b910cfb30a03d93057f5103029393e626518d2802546f7ebb5ec853492dd53c0bb74625602c20c41803633765958c44171406a635481319af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cad1b613992dd61c563a1e0c299000f

    SHA1

    dcde581298d85337a27fc554669c82a00a1ce3ea

    SHA256

    684d3547010bbf6a49a231ef5c339a9e2b7ba16649fe9a2c0fcf3fbbf42a214d

    SHA512

    99482b35a8e412e13564a7614f60c429ce1fd502ba8ba429777ee73aa4655981972f5c3204f389e161aa11d857f8be1ddc302e3b3c3cee172b3b2a025fe3709f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bea341f55a7cda29865751a68894a33c

    SHA1

    438a832e5bd66109abbf5fea42bfd30e64b0684b

    SHA256

    d7bf313a3c245e2ac61bd7bc11ce549d5b0c717e7d7bbeb77a72e530b50802d9

    SHA512

    92407266fb08af215918024b4c781842b996b01262cc1492c2c80b36d5b0046a68e5b513ece92862445c195184e016ab21414953437ab45fd91bc7d79a100562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    8b0eeb58b07ea0c2add75bae4218f971

    SHA1

    3fa1faa5ff4a3f6b932f30cc89663277dcd8b314

    SHA256

    b51bdacb189dcff6dcb8c05537b8fba5315a6d6238c4a8e1d8f0e096c3a467af

    SHA512

    64dfa91ad69eed90990e6c379a8033ae5e0f178cff6a3bc833c63e3f89813a46b13419f40a0d163d13ea2b503e99c44ff1a05fa111368d003f9c8c48a049f083

  • C:\Users\Admin\AppData\Local\Temp\Cab2B84.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2B87.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar2C96.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b