Analysis

  • max time kernel
    77s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05-06-2024 14:57

General

  • Target

    9873d6c29783f4e6b56b702a25a26cdc_JaffaCakes118.html

  • Size

    15KB

  • MD5

    9873d6c29783f4e6b56b702a25a26cdc

  • SHA1

    5944882494b66c5ada31e58c69f2e0d92e5a54c3

  • SHA256

    6b34eaffc5884cf5fcd6cede7ced881757329b4a6480af061bff3351db76bc24

  • SHA512

    3a5baee04beeff5ef4b0ff9e814a539857f12b984f1a44370c1f798d15b5d87d4b6abe39da19f343c07d2a4fb55d63a69638d75afd9fc27655ec8d839f9eef1d

  • SSDEEP

    384:9+X6Bl2ihokt9Szold/jIBwDRWPBMU3dwV2/pf5yGavns/oWRB5:2uz6kt9SElVjI3CO//pfNoWRB5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9873d6c29783f4e6b56b702a25a26cdc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2156 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32628aa8c4c0c3c6432fa521cf95932b

    SHA1

    87c7bef52afd1c026fbf9074ebd92b7b1e0a70af

    SHA256

    c80b672f7f0fc310b8d97f137474f93783a99e5b962d045b05e1c8f6c85851ac

    SHA512

    199633a1d35bbfa30cf61aeac9a7af09495656214c86ec7b1cef99d6088027d20c88201d8f191df55249c74b6b2e3b982bdb2c4d6b3a11708baf32850c1fb75c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c22d7af5fae7b7e1f1614dc012893315

    SHA1

    675ebdd8bfb2f3de9f7f912f5e8c17668a02b0ae

    SHA256

    0434f960641d054215466559c4ab9d190189a4cc25af51298669974889841c9a

    SHA512

    41b790b191aabc240f916dffbacda07e2010b38ed21ae979ee35a79084da6f5209efe4a2ff4e65dd9898b8fa62907e4825bc624d46a434da9851205331bc12e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    801217c95eae4137c68d7da61f9e6f19

    SHA1

    74cc54393356d3a9ea6806adbad1f0b8af536401

    SHA256

    2a93d707ba04ae17c68ea6c1b569b0102c8b5c1dd5bca138d2bcfa5c7673347c

    SHA512

    0c0318b3e5db015cca2b610378c39c426db3b44e93d3b6c05b73bda08d3f2bb71bed619ee0a385e34d88cbd719be258a8d64e9c9b8b081d47f1ffefaa4aa0356

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d963a5b6c8d0c4a4a3f14c4b53fe3683

    SHA1

    5a3b1666aa726628e67b19c9ecb47b0a9367228e

    SHA256

    001ea57707fdf81c07c46bd5bd24151868d6e001449d6fc2771d6ef07695e4df

    SHA512

    bb0e2311692fda57ae14d179d924d8f888a0a9fe73f8b2b1a9743cb1bddd5bcc3b1a7d5e0a142c1f00a3f96630426ae3413b3eec0b75545f9be5b876ad31bfbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e7c847ff9dadfcb6618c89d99538371

    SHA1

    ae2a16cccbba1678073061f9b4e8d4f0a440c3bf

    SHA256

    80ec2a2a49acd2820d5cf2eedf17adde66ac7a9c98d0eb2fdbc0d83e4e709005

    SHA512

    fb0ffd00ccbc8d020fc3ef5b0a1f55928fb9b63161308a8a96a5ad9345771fb3a7c76affb6ed0e528e9e3e704f3c3818de26659a49e63c2f40a1d158eb1ff53d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89bfe4cffa8cc1eebb619e6502b65af1

    SHA1

    404b373b1224f5b9c5d26aa2d6e6c4da86a6b790

    SHA256

    f85c5ffd3ecb9aac81a272e6be52153c0d44ff0060501ef0f681e1512cbda356

    SHA512

    c9a59a940f86400b3ab6f4ac7ad07fd3662f7ca310c5845922d603922e662e593a0b3ead6146dcc035949aa991f408f3ddedbcf33c71ff20fb331fbc06dd476d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f2fca74e96b9e93ef5455dd686aa89e

    SHA1

    b0e6e35407acdcce599f2e956e3702e70aeafc94

    SHA256

    a15ee156525a4154da032be4ba187ae99a28545665e4b9aa5f1e5a0cbf452060

    SHA512

    4d9f29326f796c9dd07fdc9adff1019e807a8abbd8694973945777a68dad94befdfcace0dbfe19ebe90b94694cdd65fff12defa6beaaa1f7a51c9091f838e868

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1feb936c4662fd581a04d9a84bf208d4

    SHA1

    686cd4be7ec2b03dd4941261829523eb6db165a5

    SHA256

    71f548fa41ac50804d9fa488f54c5f859d61b6f8971a23028f970972adb23a47

    SHA512

    4dc40b206470a4342dcf6a2d6c13ddfc7bc8d66f1aa98aa89702921c1e38e752875b6ca397cbdd6b80d9beea2fd8a0705fad7765147027d48931c58d09127228

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30b2505f604df5ae77ee7932b7fcea7d

    SHA1

    7139fcddaff8ec4bc5ea296d77b3924a79a02514

    SHA256

    7b2d0c3c4aac6d66976471271801c2450e2fac4b60478a110300129b39c8aa67

    SHA512

    f6f5277f0232642f6af9601d89dbcd6178a2074ff4e9d577ecdf4eb2e73615b697542c6228a7a0c428575442213c83995c694abe5ecc6bff279c3835b6c1e79c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e8f71c0db7be20d21ed167154b2dda5

    SHA1

    4d995853acc2686ee09a3f21edce5a7faa9270f0

    SHA256

    3da92822cc585333282f076114e26821ba4660142d5a725aec81e3f5dcbc38a6

    SHA512

    479d60e1a98abb1dceddfbb170c595088de9f8908ce3c633d14d59795e8605b81ee09faa0b8a6e28c8fa8f2ef84b68e1dce2836767bb2a946cf082ab5675e155

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b55c28f94379b4389b13fa645626b039

    SHA1

    c9cf41b4daabfa95e80c3795093a417edf6661cc

    SHA256

    fe2026fc8ad5ec91b68ab2e75211686f2c57e408b3f308cbe2230db8c1e1c5ad

    SHA512

    c21d721f6cbf15c9043e4dacd316d8f0fdf02c493618795ed3ae3e553481fff857cab620efc370f9aa2b18365158ff43bc8d4e5c18903759001e0f14005e7985

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c125c25676a009170e924ab1910822e1

    SHA1

    09dbbf8f8fcd5144088e20bbd8553fb82eb5094f

    SHA256

    1d044c51ca751bedc35b42715ca08271f564802c942b0e968bb8676ddd68437e

    SHA512

    911bef9ae8f0b82e4ff3b8a273d3f33e2430c83511e80a2589ed27f60a0f77e58d8be14fcdc0993c809ceaca8cf6966b78d2eb1f488e496e352eb886f3af52ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ed1449e30d39ab2ddc73046e773f18d

    SHA1

    5abcc8944f38e15bdd7273999d8ed6fa3338ba30

    SHA256

    c1b8707bddd31057bbbc10e8d2ff54f32e7c92a3e0a9d8c8b2f121853cfbdb1f

    SHA512

    9c80837426f44a7f76f6a2c07bd62f867bfa7c0f7cc82dfa79733000ffcd9b7b2e83a4c809d2485deb4b334e8fc18459e43e83761f9c2b855195cb7c9b583e2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0892884bd9ada7beba25159d28e9657

    SHA1

    ceba1a32f6f1d80c6d456d22dc771a7c4a9ec8a1

    SHA256

    942de227aa24265a29c741978bb05d4f8db35fd2b58174c61cbdbf8214dc04f3

    SHA512

    f4e6f69f511e21f7ab65abc12cbb124c43b5d6fe48af22c7c54a76b2368ba6918221bac0d59c4d6013858a95f1abfff81f4ad9ce56ace9c9220ea024af3d9c9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a201a94c49f9554b31213cd37286dbb

    SHA1

    535f9c979f1eedd426cf0c75703fe4f5e2c2201d

    SHA256

    fa40629810c72c317dc8376271cabe34003949246f93c5a37b1d5e6da7ec218d

    SHA512

    2aa69625c3f39d86311134e9ee1ea433e146581751ad3bcfdb0ff0a18540c01d816de8c7146a983665a5c5d7a7db8612bb17838db29ca676dc5190725be162ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70cf3fbac5b482b32db0925852568cd5

    SHA1

    56c492864d07e7aee6e2ccb90a1b5e5a03a1dbc5

    SHA256

    20ad96dd471a28a0ae11614258ab58679886e4e1a7bbd35943515e4f7a9a4122

    SHA512

    01b38816a7fa406da9719ea8a7a8ab1d94b7325d9b5aa92a1feefab041f70abd7d336b27024c8b7aaed2b55987cdc1274a165b5a0d6613f7d94fe629a9d59713

  • C:\Users\Admin\AppData\Local\Temp\CabAAD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarBCE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b