Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:53

General

  • Target

    913109da2c9b1e5e78ea316f91e9d31d_JaffaCakes118.html

  • Size

    220KB

  • MD5

    913109da2c9b1e5e78ea316f91e9d31d

  • SHA1

    50e79c81b67ee2d15d6656111360774c0321807f

  • SHA256

    3a2fe1375850e0e608f3991562a78f968c406f5c2b4ffb4659705482841a4077

  • SHA512

    f1939ef07b2bafe3188710188a6c72fc3657548d2bb105df5ec13be411f5d292a9a1b0402db6ba37783525d9981fde6245d4cf525da56a38e98d8f3985908e8b

  • SSDEEP

    3072:SA4wQWTJ+bwvgryfkMY+BES09JXAnyrZalI+YQ:SAVc8bsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\913109da2c9b1e5e78ea316f91e9d31d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    856f84c571c32f25e1db2981aa68193e

    SHA1

    4aaca6c77c71068bd360a467265dcf26a7426ab0

    SHA256

    1df5e522fa3d05d28214b82ab00a16ec01f56d08b4e93609efb69b63bc899b27

    SHA512

    9af1020d582b74eba3ada1be6f7cf71d8eb783fd45238619fdd31763e828d153445d61dc978353e792cad7e0ae45b9a3039c70aaa7503d9ecab3f80a6ebd4a25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56f1020075ea63fc537ac1827bfdc732

    SHA1

    178a50c45114637ec9ae6b4bb5916c585919b876

    SHA256

    24cda6f1ddb9889d04d12c245768fec4763a1d93e3ce9d32da43ea8bf9de5196

    SHA512

    1bed8ec788cd31412a4901ab5a48599a159e6891b702323124a37341002c5c5fcf31779aa839bc28e6e2a687c29b724d40270c91c7e8c3db518c398a7343ea77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25d712d072656ac6d710858189aa71a8

    SHA1

    a0810a6f528de78910c75149abe4041f039ca811

    SHA256

    2c5c5d10381803aba5ccfeda56747a17d022ba0f50ca728faa00c45d80612022

    SHA512

    60a44162c0b781170eea5140d7f62030b5e641f1451f61b576ae97f1badaa9694f0a645765c19a3f8260b761ca46d07e8344fed9203d4cacf437ea5c2b9e1356

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d03a637d2e8ff49732a306c4cb7e1082

    SHA1

    279011c405e09a6e7e60e71140c820861539f642

    SHA256

    a0b5f5211eec839955a2dbb8c69c036047824abdcb9a4a8f0a6c0e0d501eb54c

    SHA512

    2460f8196da17c0f0fadc877e493d55d08001309b5c0c599761f963c92241b4cf1649b7bc6f7e79417d3894f0095d05a35531f8a6ef01db88993863aa695e562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63af8c6e74afe420dbc26fdca3b0e166

    SHA1

    2c29eb353daf8e45172b4abacdcd62488a970019

    SHA256

    e5b973cf533630fda337be8be14b707504e1ce8d5a5d994cf26ff95a67c7cdc6

    SHA512

    fa39728159029f1473785c36fa8202438665c362f06b2fb9008a3d1d21575db3bb54fceeab02a34b02e2a06f3c27069a4b85c01f929fba72affd2b5038bb30fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9db99fb8757391abd881bd33db03b43

    SHA1

    805591fa7fcece808ceafbc50f2d69bf480f9c58

    SHA256

    466c8d80acf6e380e5828e8bfced3c59346bfad10355db4fcb5965fad7e05cbf

    SHA512

    a2c8f61bd8daab721423e12a91a674b12ce2771ff3b6c744cff93a2703891acd6b25f984d6b90252227c805b6626d9698ad8422cda535bb125acc3e48855f6e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc50754007a8b3c72fef040dd20131a9

    SHA1

    989b16b568dc27d1374c7190d94b6399a4d8e13b

    SHA256

    569bb01fe309b000d494cd6f56c9c5ebe25d50384935068daeb4921cd51c75c8

    SHA512

    091fd60509392f29829aca2175f585b6da4f963ebfd326ad7191f10e44da8fead2ca3d0b021a7f8e9707f7849f51f02eb73793583ebd2684a95eede513b7bfa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e1bf2be135ce1a9182a2e5c31e912c9

    SHA1

    85922aae8a45f20cf4801a304a3a4b02a11962c2

    SHA256

    6b7dd4e01d5cc3af0d5b106b37d48c5f4b8e9143caeb200ededb750fb6a9d2e5

    SHA512

    845fa36b954d80ddc4c88ce44b3face54af8850324ef95f57f608adfcab60707be16a49fb316747680fd9cab3393d3a357b7ed1c7194458f017c95269609696a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfade7d673260d392aa37ddff860ae5d

    SHA1

    127a0b6bc389bb14b33bee3764924ba9efe91be9

    SHA256

    721862b3dc6c97e1fe461d913c07dd0fd49f9eddbb9101fe63b823253677fc84

    SHA512

    8ba64bd0464fa0a9153ef7651275e6d4b5e9c29bfe822936f0a45ce0b58718af2ef361e28948d7a82e5fd88223f141805abe5cf24c6ad4fe4a4cb53a6fe467dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f554f208aae8bd93b5e611c29f10f41a

    SHA1

    7c6ee559fe63c8c30b44a91b26ed11aa86dc792a

    SHA256

    135c3af7226245b1ad59b07b58d57a0741ba751078f6ad305fe0afef680bb429

    SHA512

    54a79ffacc295b0814528682dc9c993ece6db64d355c34ffafa6cc68bcfe231c8de5e1f84e9b7c05feab821e8d2f954fa24a25c9b0be7dfccc98d79b54c9861e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    035b9d3bdeb4699eb9aa1598271f95f7

    SHA1

    8fe8edbab7902a6551c82450222b12e59c4ba811

    SHA256

    7a5982cbbd186c9e19c0bd372da27e829854607b7dd657ba1fd6a3dfe058f4e4

    SHA512

    0007c14f6ffc1d073d3097ea1ae9b768cc5656fd0a8f2e37b8e15591438529cd61540966f2d19ee8ed16883144a0204882d719e8127b5b32f4b18e4b248bb21d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d19eb86a184d53ab08ce33d421ec8ac

    SHA1

    36cc675a472a89ed7b26e7a52aba06186c7ef454

    SHA256

    144fe0a152cf513640f78fcdcd2fb125d2e115e70a0d410b2f4d736f6ac3e170

    SHA512

    dd67484d480d34ed15182d74dc0693cbaf1b211cd7315116dcfc49be0285f9bb00faf941d7561623920ae6ca13c6c3154af7fd9cb2bd1b522636a00cbfcc67e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4530829b5ea5a7c560f54d58b11fc57

    SHA1

    815f64bd149ca6e789814b592e6d25dd76b73688

    SHA256

    94728e0df4e2e5c5f26fda1fca59ba0fa275c6f106d185720a27ce5cf69df8ff

    SHA512

    06cfa1b4e09bd1adec1394216d2d326bd75d5a19a3f89357813fc3803dc2451d18a2d3adea19abd009c6d8a60546a4c2eab33cb3df8f6f9a0e48858d9d68f25d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e2f3d71d651b8c8338ca3250ef5d2c5

    SHA1

    df5856fb317bb2c55ef17f57d8b5db000681b071

    SHA256

    59237106517e9712ee20fe004f6a383867932e1f42c5c103673cecd8fa6a7e90

    SHA512

    992eba95444aa4a839376f7fdd0179af277fb187651440df262ebb98b5e21fe0d991dedc8ab62e718d6c781725c8e056e3a1096ef4314ebc660a127e296bad6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    502146411422984360ce0f32caca8f19

    SHA1

    dab3fa62896f76582d313c57d82c5611a5d991df

    SHA256

    0f3398010d52f9eed819747be509d8e984fb0e06bd0c87694d40d3e93e50f4da

    SHA512

    bb5badb5f945c7732ccecfff8ac99b11c914b296e6e131b28b88a781f005ad51a25671e2f6d4684e76b9d5b1283fbb54110482cdabd971100c4e65fb2d3c5e36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c5949b2468554f981723da31a84f568

    SHA1

    d37a58bc95db323052cb1e216f4e1c662edd4dc7

    SHA256

    38a71c64b8b1ce243f50143b9d150dd11d2fef6feac14387a57c0444d461a5d8

    SHA512

    b843b1b0ddb4ea987efdabcff68e1498d8486855321fa6b05db4a60498522d4d3762d8798648fbcb8abfe27f5e5c74361861c45b9add536178d28ed08628d826

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f142a59360a44b116138f0737915def5

    SHA1

    b8486ecd2dcfd8fb5473a28f088d270cf32834d0

    SHA256

    386aa2be7296b0c458946631aede1038de755dd2015f524b0b6ed0219c9b7c8c

    SHA512

    fa4143e6397a42119501f8e9feaef61a8cd842177553aa7a0d5a02a2e33952cef7c29c0e742afbd5f10860946cb89500487d148ba70754f4c5897f499becb62e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    457f533100e50237adb54822abb75a86

    SHA1

    d095972a3f278e168de91331afb2db69973d0f64

    SHA256

    bf813357047cf28bbab40234591184e224c68d2d5948266ae6192e2bda101ec7

    SHA512

    28031a5d717d180bb08e84f99f211a3565cc76116590f6176a6b75fdc2af80f03e268ab6f6c7a54dca23c664d0d4f8c0f766932bb572cf49a78e30b83634383c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e7a290f9a480a315e0306f06106ebdb

    SHA1

    f16c489ea8129c723199f5c65abf927d7f38383b

    SHA256

    50ed2b47fb92af2a3b94ec9dba4257e5ed6227861000c869926a59eef0ae5229

    SHA512

    de43337681c5dbf6c892766090884684cf949b236605905b8548c9c6186831dd230d78ee66800bfacb50581c5073198bc4c5485d78374dfbb185230eaa35ef2b

  • C:\Users\Admin\AppData\Local\Temp\Cab9A4.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\CabA90.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarAA4.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b