Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 02:01

General

  • Target

    9ca985d5b7ee04a14c974b6e07c4daa9_JaffaCakes118.html

  • Size

    460KB

  • MD5

    9ca985d5b7ee04a14c974b6e07c4daa9

  • SHA1

    671ebe8d0c517c2241c96dbf8e35133972a3021a

  • SHA256

    9d38e36c69c0badc90b1f7dc1947b806ddeaeb82aab3f33256c8f3706f496eb1

  • SHA512

    010fbc0f63bcbe7f4e9678985d23b79d2f20bfd36b153212a88506c31e4d8e6cd24eed600b764f4e8e3c649ef74dd448c4bc259ca68a20701848363cee043730

  • SSDEEP

    6144:S0sMYod+X3oI+YKsMYod+X3oI+YsVsMYod+X3oI+YLsMYod+X3oI+YQ:55d+X3e5d+X305d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9ca985d5b7ee04a14c974b6e07c4daa9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fe4097f8a26bb3d4d8992aab72fcdd22

          SHA1

          cbed017bc1fa89b3d00c3ea0b644386120c3059d

          SHA256

          68efb64324ea1a96d20bdc7ca6eca0824b6fe54485a4ccf20d74094284141183

          SHA512

          4523ae41e84f34e739365c9bbab64d94f4d3f7ee49d94063f94148a6e4055fbcf308d533e6147ece5881b380a50da77ba0100a3017294550f4e280f0614ecd28

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          03b5486abcf15338283cb342d5a7a840

          SHA1

          eaa60f5539123164a328014ee19c55a511fe840b

          SHA256

          435d945fbeacf344f16992eb6b707f68579ae86864c24e790edac6e5f889f175

          SHA512

          ddb47cfd8e893757fbf2d1dafda12fbc3e5d21382e6449ded831d7a505e5686f0be3c8ac2bc5929fd9176e6b001d43a2ac8ac1ca4fcd8b4b812ffaa5810ed8d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6baec0b394f495e02047075d3ad8dd34

          SHA1

          8b0a5c6b1c4e02c3d54c32ae5db889a756318159

          SHA256

          6244f60037b44e29d0634f7b2fbe56edfc2aa6907cdc2f387f113787a4f5cee0

          SHA512

          6d22c8c20b1fd8a433d8ebb07121787da4100063d5cd12dec2e5895c781781d5f3c1495611ce67192203b4cbd66e66690d1213053ccdc010c050b987b70b25bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6e9b276e440440a91738037c00fb4bd7

          SHA1

          c556d978de729f3baa20c50813300967e643d6c5

          SHA256

          5849198b49de074729f543c7be395ae0a9dac0deee2c5f0784ddbb45df2af0e6

          SHA512

          abfd6d9707921e8fed286850d208fa2d9c01b8c70f062acd5be16f41b55efc1570328f4088ea67762d61a67c986067d9329bcd4717216e7de64770908ab1a44d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a407e575b7f546180e543282c8788041

          SHA1

          f31ebd547de737917d5db696cc1b5926163d577b

          SHA256

          e55668b879f537936cd4cb119268611b6858a3cf348794a4401ce56c4897a25e

          SHA512

          bbf215567cd964d41eea3ab205901668ef77cd29a15006a11cfe8b44eeae9b7614d1179d55052e9cbcc60642d9b7ebafb2736e358d10fe862bbbab3e23a52562

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fb7eb9a67fdbd1848ae08ccc40e38b68

          SHA1

          d582ac8517ce39689e3f566ccf8557833dbb27f9

          SHA256

          20114d9f3f2e342b73011c8256293e1e6af724f8a701d2ca47d8eea5c36026ef

          SHA512

          208440a6ab18f6ec162e95231131b42901568c889ed9e05a12fe677c9a05423ab6b9066c91e8b3ee0c6f74d54ff90391043c542928535478e93cd6f8798e904c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6345df0c1a881a7172c984d3bee4c926

          SHA1

          61dabfb625a2fd72af8e676ee0a9c570ee1b152a

          SHA256

          996369f8cc0ceaa37b1db986faa4c07821329401cde498ec0f5d464d6f1b45c8

          SHA512

          68df0a8f36db89a5d2cb125b91e83aa302fa61e01f00bfeca26b8fb906d6502d7758b534b9d76dbeab99c5dd5b1f19c3a1e26b37304f01bdf08368f7967bbdf9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          44f32ff76232a31e821fdf945e9f6be5

          SHA1

          ed10b757cbe727fe8083191ec158fe8a66c2a8a2

          SHA256

          7767c25626c9ec1c0aab9fb3a3f91ea1ebe4f990c839d6c045f86f28fdb0cb92

          SHA512

          ce8478c069dd334a41bb02e2e1492f7d20178be80307cb2604edf2774cbfb7582973ef3088055819a28621569be5214f6c6b2b053dad5d8bf82657efd233b29f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f032a5a5685b89d4b5715c836b116c96

          SHA1

          16e31f019bc0574b72f0c529a39c5ab6d224d0c7

          SHA256

          b831ff1edc7bac9b011d27c5d6779e327aca8ac2e4512d8ff8c9323ee5853c3f

          SHA512

          58a870e6fe54b95a51804766e43c2bba9438aa4c394d9b21d6bb94ac2c5871214ae6d4c781fb05d983625299fc130868f1769cc8ae7cc1749eea43300cc08d32

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3ec8a411309249ede3c640fc44a7923b

          SHA1

          f65743a0c0080d4b186e58c276f9a20e74ed5c03

          SHA256

          dfd927f0b3e53f5a618a766e2b52ce2fa6bf852192be3d5436056c0781b7e89b

          SHA512

          fe81bded6de3687f2df22a2a0b5e8c7bfc6dfa8407b271aac9e114af1a8449330cde35a21b208e4f96df4ce929cfc383e5e71523d938a3e4aa679f0ff527d5c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0a95c35f738abb4e8ed57377232990eb

          SHA1

          ec1e53993e2c717fbdf4031d384c2dd559c37650

          SHA256

          4d4d72b72d4d6d4ce46a9db88b77097d997e6fca6740d632e71e2bf5f558d7b5

          SHA512

          aec207f5ba6d2ed580269a9edac3e1ced4e29597de95ace2ff5b970d32c8445c1f956bed181e9f95e11dd65840a6ac63bf2f1205468a41157a78abe83cf5f5d2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b69d543daddb48aa7fa203939aa7785a

          SHA1

          47a11c4f8af969889301b9a6b4b0018decf12aa6

          SHA256

          cb9a626ce18cd23a9acbf6ca4bb9235f6d832222c66b0e29799a0910930d6feb

          SHA512

          2523b0dafb99610514cb140c1fb88d3e05c9cae60861d0789c1f21bf4abc297b7c2b54e7d9382a1340f8238096ad44f6a28bbcdbcf85aef98a9cca3c2e05b1c7

        • C:\Users\Admin\AppData\Local\Temp\Cab5BF6.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar5D95.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b