Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:53

General

  • Target

    9130ec6a178deb0aae12ab6a1336de6a_JaffaCakes118.html

  • Size

    462KB

  • MD5

    9130ec6a178deb0aae12ab6a1336de6a

  • SHA1

    d1e7e341d6a32aa4022478734bfbd021c9596625

  • SHA256

    fa5f913963a74667b5faea44c6ca3e44f841f7eba107f893864d35cfdbc8a179

  • SHA512

    5ce27081b27c65b06fb8eb230a51c1ead3924fab098d097ca0cc45837cb3a15ecaebb51db44922890cead0f9fc699ba03b07330d1a3c81f4faca11ba8cebe85c

  • SSDEEP

    6144:SJsMYod+X3oI+YNHsMYod+X3oI+YWsMYod+X3oI+YLsMYod+X3oI+YQ:c5d+X335d+X3e5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9130ec6a178deb0aae12ab6a1336de6a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21ebf565a2fadd70ab0b8ac264cbf19e

    SHA1

    3f56f8052a716da11af25b3381d657192d92d73a

    SHA256

    658c4a706d4dc930f06b1ca64c6e930b3c36c4a982df4860411c7bf0d43dc18d

    SHA512

    1e15c8c0b44ae8ea8441114291b93045e483b661a7a51e3fa2d9c8e08c42d740a42522caca445144c086636460a2b16baca1514013f2954e4bd508270e3dd605

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b0054cceb4b176953f90cf4828afdcc

    SHA1

    080840964d2b228d0422de2cd627e1f02ed6692c

    SHA256

    871443073c2b0c60eede441ae0e7519c47d76cf715a26138d5650811c0e28c96

    SHA512

    1f5217775bd8b4807423a29a8637d100a1645e4dbd73eae33dd3d65e60ff9a80f3c0f32ba719684eae2fad1224b522477259d25a9920a9f5e14cccf13ecf9c60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a81e0337f2188c55930b722bea5580db

    SHA1

    aa60c9eb46ac184350e6f9ab3d4cf7378c3b02cc

    SHA256

    4e53856190395ddc28bbef9e35bbd6aa7f99c9a4847a815269177fb4bd8faba2

    SHA512

    81e8a0fb6a6e28a2b5c1b8eb07f17bb4d92ee230c2027a03115997e9a904b4e34db6d7d408d6c6a22dd4c322e11bbcb27d660246707136a6ba3914aa6d4ce39d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2a717c58c2994bc79ea707b8c77bd32

    SHA1

    5676c790420a85062fa446dfda5d2d0926bf9840

    SHA256

    7762a5818d7f8cf750e3523338e1d6f3448d37565fbd3a2b7c8ccead84f66775

    SHA512

    86390d85c69b1c2c6b68029a21e26dd29dde32b390d008e2495149841690655a33f70917d0b7b0056ffa5c49e3f8b490970e8de862eb0389f87277d6920999b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31c78aff2d42bdf106f4d99452ae2621

    SHA1

    202d600fe54efa8cb468a0752ee829c59372e7fc

    SHA256

    74c9c21bee5f20378dcfccbe4f47bcea1f241f2caee3ae1270ba4f7a70d45119

    SHA512

    2dbb8dfe0fd20f56d5f2f58cecc08346553504d33facdfc01af6f36a2f7b60fe51f52a0343a7606b78f905937c0496c10d0c83b07a98132941fdbcc0df42e3f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbd58dd6cbe5c7be6dfffb0051cfb049

    SHA1

    3160540902b7f8ad05c7a73a886c7978d7d5955e

    SHA256

    8b2a458fda4f022b7e3e535c113469129aa419e67b1fba8f069e0ffd15f308f5

    SHA512

    349a91aab50fd9b9f44299e1abaa45ffe3e15df68d0597a1484c27d1ff66876811bafa9e7171bb3f4a8688e2bcfefcb9bf6446339fde4e8c1367d85103af8626

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c84b13afbbd751dffb99a14a7a4d63bf

    SHA1

    f3324dcd7a13d944d19c3d5b9a04231396d3c989

    SHA256

    07b3eef606cc12d68dbaab966aa8bf132eba6f2f142366bd3f5ae06282605bf5

    SHA512

    64aa0c3d221bb7ee23ba67b78982247d1d6be150a21a167db7d5163e02cb3c559c3d15d47dd6cbb49afdc376d909332ccbe5356cd1031e53017241c6d1c84aae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc614d49ec9c540d65727f23f64b13e3

    SHA1

    13fce5c09d2e8f44b855ee5b9bd2c9f7a9060a94

    SHA256

    9c73b950f41491af6f409872d135019179fb826d4078ce4a06f085723bce03be

    SHA512

    b02798ea66fc5ff7f7be154d794891d9f4c341cb0724d6fafeeef6d219394c11de47b0a40904a5e19825f01041af4f7b00bc1f46b177a6e66fb55c5946482067

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d083acd8f7d26084763da7a2f192b010

    SHA1

    0ce13bf8f387b2cff1857c160fa71551224bf786

    SHA256

    3a96b6e65f4cb07986fb36f88bd20fde3ee287f303fd4316c600ba9eec8984df

    SHA512

    5e79f64b7c1c49b51f8096f566c415c80907622998d355c8dcde2c8a698c07cfd3f634a06b689816b64cee6ce3d6b6c1c29a68573868ec219f1b2c3642608958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b32afab5ae7f1fd911ecba78c2d92d1f

    SHA1

    b0e8aa3e61ad0a409882a8d908cd93a022a39bfe

    SHA256

    7fd66c57c66943f9dcbed5a8d9856f79a9c4264b22dd5274a7f087c557b98302

    SHA512

    12ce63cac1995a8afe02a028e669eae0828ab61014e38862b273025e39a2c28a2653629f3bb41f0b0a35756e9a413675691d4dc096ab5c7f60526bfc1f1a9144

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90a840c1dd27bb43cf778d2692dc5305

    SHA1

    42ccce2f8dbf39e4cf21332aeab7e042df48037c

    SHA256

    5586d4c5897032c16bb47a1d8ef991e23d7a6de9541da554c93dbcfa6b28f748

    SHA512

    cd7e1b92cd67d6e8eac86f5144ea259f611c48b61bed32adb96fc5e3d3608e3e5eb40410e2a487b746d86c9c6d5970ac4883bfdc187d09ba386b487ca44e1632

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14867585904b3fb4517c0b6e4408a398

    SHA1

    8e89fc4f29535fbe09d2926e980c9f1bb1c022fc

    SHA256

    e70598e6030f20ebbf047f26d26217e6f242f286aae30340cd2060a4a94a525a

    SHA512

    0b1006d76a15b24a3a0a74d5edd6bb9dffe91a927a95ab12569704552147711f218f58c9a818223c63c60980de208178f96907936c582f1ba8e223bd4ecd5cd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23ca405e35a56b836938fd458fe72ce9

    SHA1

    53e43e612a4a36491af71401e45ba9bad367f79a

    SHA256

    028916ef11b1d05d9a324ac69c60945a7a76148a8f47613053718dba163313e7

    SHA512

    284f2c971ca70c3d4d292698dfd2017d2ec4a7d24826c29e8132bc15ab375077671b22b60bc19d0cc0412374591142db35c74e5a7d01ed154fcbe91832efa20d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a25086de8015916254a9731919521da7

    SHA1

    d5aa761fa19fa3d83981f31fddff7e0c9deba652

    SHA256

    b2c71025b659e63081ea83e1a2594b281f267eb907952dbd431b9b385808115f

    SHA512

    7668842e9523ebe32368307425bf2f46145fc6db8b6d228cc7c3a79b2239d8c393ac76d351af2566d3bda941dd15ab530681adc75ca7d7d61aae6b70b81d1ce9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cb8d76fc08d6063bdb6693349d18550

    SHA1

    17cd15eddf23e61c76805d855985fb891d48261f

    SHA256

    536269b2cef05cedd05975b7bac92cc1a7c1a42a8ddb808c4a7c570835e82b26

    SHA512

    16fda97dbf8efe14d52ab56ec5de18ab02f579dc9a83307d83749eeaf8a4a165fb5a8bd536fed70dc124166120abfac0067a4ab2cc733c8605fa5ff7696ad050

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af9c457aec3a8c0a9c3fb803e9d014a4

    SHA1

    b668296a761b9029e8c6587c60af4e160ba29ca5

    SHA256

    ba9e3d3dc7377d33cb4487cf7370d75378512cb4bca6fa82faa3fb160b0f36a9

    SHA512

    47555a063b1a0de402dc3ff363a4fb475dbe9faaae10237c1d58d30fed903781a942ef413d0f6e98ba4eb39a4f21e259b62e4971561dda6a8e620b12e29aa18d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6e2850b44ff7c710aa11d65d97d9887

    SHA1

    5fce248c58e7cb136feade00581cfa6e0d0f7974

    SHA256

    a5ba2dcaabb88fadd8fe95e784498a7f78405e4b687ed045dd03530ae34cc629

    SHA512

    31dc910e6d6436f0890304971dff50a44f45e31ab4cde84fefb55a1508c080827ebbac3f876c1a339c98c072b01f284a2d7914a3b2e963c253d8f05cf4f983c1

  • C:\Users\Admin\AppData\Local\Temp\CabAFC1.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB0D3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b