Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:40

General

  • Target

    917a4ac5524179cfc4aedcb379357a49_JaffaCakes118.html

  • Size

    51KB

  • MD5

    917a4ac5524179cfc4aedcb379357a49

  • SHA1

    2367e09802189641aec456ea6ecf5e95224e17e7

  • SHA256

    1c25bea1ce839f4e714b105e73b1f402479312fcca62dab13575f39039972563

  • SHA512

    ba16dcaa915065e4e31aefe0973280e355ad292f27276ec1a8610d2055dadafb1f2f0ff393f736bd903a43926f212fc0d806fecda8a883f95061eaccc1648609

  • SSDEEP

    768:SAYR49z3ZNh7YsxuaFvG/Es7nmu4eyTP9BzTJwLY6uwjg:SAl9bfisxu8kmu4eSPfiM6uwjg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\917a4ac5524179cfc4aedcb379357a49_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ec238ea280a0f7b98662eb317adfefb

    SHA1

    9b438e4a5bae0c17e651df288aa9efbd1d364831

    SHA256

    9b3669fae1a1cf0a0a680d97584501a6adb84b94088ef2ff23f3fa6ec5901e34

    SHA512

    5eb4a25f312ac706ed1b497f448f06ee2258111c9efc7fab30773d102efa14c37f6d3f7958618aaf196a1abf80908c16142ba5c0faf41f637f9d1c93073b5d6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99bdcd12e7ed7fb3a6347cf89261f444

    SHA1

    9c40fd4e5418fcd173f571197c17af9a05bd8614

    SHA256

    c80a7b1e5b321152b0ae1f5d9ca0d20006e745f52e239d509ee29d0498ab4ce2

    SHA512

    a8b1af9240c92ae29926b9af6142b601f563f576420a97a5deb92fb974fe62057d832da86913c580ebcd4e22d408a32ce5701f63f2f10db6756765df1a6dbded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01facb7cd3af1256d21fa292cd560352

    SHA1

    6356ce2805e39acc25cd310ec86d249c2080619c

    SHA256

    0758ef1da429cbe269d549f784de3ddb99472219dc73ad3fb5b6b2482a4fb779

    SHA512

    f349df63e7d60aef82843dcc190fd1e064675c3b296b0586e16d3d3d8fdd7d8902a43620297bacef851ccf083fb8d3731783aec5926df6c5eeef18ee2adc3311

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78c98b63a6b3375b82561f44c043594c

    SHA1

    9ab9d20974466c6d3341d95e8febc5bdd11830d0

    SHA256

    7c1a3b4f6b99174e854f084fd49250b258520f981e7267c3a20bbc69b3f77189

    SHA512

    afc63b07c7fbf12f48c35a6aef8b20f528991b70b7e97c34d5b14580be266dfe277196c8a609442e411312a6305490e5155b8258ded66083e71109c0ebc6cab1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfb5fc3efccd5ded564893f861154f50

    SHA1

    e57e5365051e81c3e7c426fe5947756ebc6c93e6

    SHA256

    0ea825bc3597113a465e6b7928da4b82dfc8dd8a7468bd664e8b63089a5c0422

    SHA512

    377bc883a00524d20ef8c2ca8227944daf1c3cd47333d38464ffef2b421e955157e9ca0e55a5988f3feb433fca42e520f722cf796d81f1f60f37d5e3e61f0da5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e00bbcd363f369dd976553fc20294053

    SHA1

    f9f7183d5f84e8c4ed931cf84bdaf75b013fbafb

    SHA256

    734d3bf97b970245aeb8ef75053eca27469eb9f52a5f70a2bb4b4e897e1c1bae

    SHA512

    93939f1689e11637b7cd7eab7dc850cdc55d004f17deaee837dc21fb7ae274d9d53889d76275d58a018b7db665a87c3c2cc54c6c606ca5ec5d24143f239b29b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0cba052dc8aafba844bb404942c6697

    SHA1

    a0db7800b1178ea3a97c2bdd77a366cf50d1cc0c

    SHA256

    dbc9a6ca7402ad9437e5c16fdd78813abd8e06e3bd9ecab24efd9fdd9861fe41

    SHA512

    eb181166c045f920477ac25a48e33ddbcfb9dc45b16afa8deb38fd2b8025175d4930757b9274c7faa8c674cb41b849632d4c7a9709c8c3408d7b935fc1962f0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ab028276b361e74024750a18135ae97

    SHA1

    704fcb8217afa75695ce7c689d419be518c7e34b

    SHA256

    04c6b461903fa163297ed8ae547033b276f88aa33fb6263e6bf26cb852ea2eb1

    SHA512

    02ab22be3f4e0b03815fa098e99304960a0e7c8116b8cbca7373729a169732927c33c9718c3775e25f9e843f823dbf4c2e1cd849b18802036ff7a6344bb466d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7eb6e24ada166aaffc53acde2419d98f

    SHA1

    c2b03556a7a1e822a47f206a5154ba5cc0ec7f05

    SHA256

    6c9e01bc426e0924d9ab4da993b4c5b2eefc457abdc477def1fe2b1809e44261

    SHA512

    9ada016a974b03fa23f16d43c5fe6a89ee0d136292104e70b15c60b2d86727a5388c35af256dace5b3e13f2f33ce4701613b7a678a7a9503ef069cd0cd124b67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bf9c022cb1971749338121994c71baf

    SHA1

    0f9c31ee791393b70a7d7aa08c95a64896f59ab0

    SHA256

    0f07f8c730acf5836dc23513f7cf0eb376a3735aab21bb894da96e03fe10083f

    SHA512

    6d086030b224581380efacbb5e9bcc0a0dc749d9a4c6f6fcff9e18c632b9fc6a3103175d82341e98c61c8d4a2c5cb7707f20c43e5e0bf3a01f4156d6cb28b965

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9366f8392f4dd2da558dd2087ff76652

    SHA1

    10d67562bcf80758755ece08488fe443fe6fd972

    SHA256

    75b98dcd70ed8daec6729c574eb706310996e0b1b56a09bc6667f9a0ce4044a1

    SHA512

    54d34a1e487a924a9ee9971de1bce311c11648becc1c25d77f84d5213afad0c824d64fbf25e4b3effe519f242b7201254b229ab4f87720d253204a747ae4d84d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a77beb7ce3a3dc57eb1339ac2868a097

    SHA1

    e73459d0ada425f1aebea2b95bdc15ed6a59188d

    SHA256

    fe8d87bd29a705898f2d80d941fefb96b9861711c0d6a6bb654045e18c9cfd1a

    SHA512

    b742a4459a5935625f39d74988259fda95569cfe06670a088c18a97b25001ff2456bbbb732b517012f39c35a9921c68ab5599e3c33f9ea62c10ef2b67e9bff14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe8da4eba1405c9d8200f5a1a8acba8f

    SHA1

    b0a242ba90c45dfd52ecf2474bcddfe6c92a7ef9

    SHA256

    b46a8bb485bcd0b60f60698b77903492f8b651eca714d33272ca2017ec136ad8

    SHA512

    34ac1b5add3264152f6503b295ebc3df088ad3a5ef27a2d56db5aeeaa360864152be1c9a23ffd3605cc55ba034e44ab06a65693341491b39acf12ba91aa3dce8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    816f73b7ad90613692c81e48cab0376f

    SHA1

    6abdf52465cd72712efeb2589473ce2fb7f383f8

    SHA256

    8f67516ec85417f771fef43dfc598b172c8ab62044f6eae6edede8061a62b9a6

    SHA512

    858a2aab8d4547d82304ed9a9542bf139624d41c57df1ff5ca937f9fc8f34925f48695a749df02b2ec01590aff2bcf9233b82b3aa886ab7294a82fd7a5a88628

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08073a1e7b9d5844e470216d469cbab2

    SHA1

    e5b793c9d59e280824647c7c8f5e13c401aad94f

    SHA256

    1ff2c4adb59c6b7b115b187c64ffc5a11be3f3a9db947cc515ad9cc08dce333a

    SHA512

    e009e507061edfbab670f841cb519b2236e4b8dee0fbef2d478e47e2c0daa6d76631937029fbb3132dc4f62c3f1dc753d3f426214c9bebd259adba317d2409c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0189b93c1b1040a73517fd182273db1f

    SHA1

    1763124c54523a03daa660deafa6ee8679a13121

    SHA256

    daef6d8fa8376abb67b4aa8d9b0c9dd5321af8e949a9466b5d25be2b59ab80a7

    SHA512

    45fe10cb6226c880d28dbcc0567151cb9ba885abf0f56a29ee9c83e90006a9439f6e0d971568771cd7c18efb3cfa4a5e1ddb32b6ccaf97709d26401b73651cf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66e028f2c40a4e13fef855c867f8d69e

    SHA1

    db54085f3d871368fc2e7468f1c1914a53af4f9d

    SHA256

    595e66e02d60564730c72c40d7ab263a2c6873ba2858c180969eed982cd22384

    SHA512

    3e397546fb74d80ccf733ae6994e315a96ae093dee50ba5f4b80cae0dd3632fa871b5bb348e61356f7a7a6d6730d5e315abbc0c8a558a9ddbeee992552c8ffdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41efd0eb5ad5ecd637fa372cfbbe6d70

    SHA1

    9756b682c05220d30d3906e658b9b14cce375165

    SHA256

    535b9e0947a39ef156573bc6343b6fcfb0c5800365be14493b4116e32ef9c9b1

    SHA512

    b36a25ce82a3429e651436f4b7d107ed4fa8d8413f5cd5b3a086230bd79f3b237c8884d44e307d93330dce1eebd72254747421933d6f0ca7f3392ccb14fa19c6

  • C:\Users\Admin\AppData\Local\Temp\Cab3D02.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3D87.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b