Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    16-06-2024 10:16

General

  • Target

    b2fa9bc135c23c10be2ac726d132d3c7_JaffaCakes118.html

  • Size

    143KB

  • MD5

    b2fa9bc135c23c10be2ac726d132d3c7

  • SHA1

    286923cb4d5cfd013127908a020d4a9fa9a2896f

  • SHA256

    06bf352a3fa859da50d5bd692bc896a08e392b9a6d4bf13b8505796a2bad43ac

  • SHA512

    9212ff682dd5f29e49f622de86b969297c9ebcfdf7d1c5af195cc76884909417741769bf3299d92ad6d7014a466b52a81183966149e5d7b6751c3b62913ed17d

  • SSDEEP

    3072:Swiufww9U+x7dyfkMY+BES09JXAnyrZalI+YQ:SwiuoZ+x7osMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b2fa9bc135c23c10be2ac726d132d3c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd6032cf7c1368d8c5799a0ce2c67bc2

    SHA1

    3f489231cc88d268e33ae2cf92556f4e5ea9a456

    SHA256

    96aa0d72bd1150f1f6e2974ad4e20f65eefd18701962407b91a3bf9a8f310cc8

    SHA512

    4861d64f10f312a9f2a5f72752408cf28849971846fe30a575522b0ac67e0b46479e38771a89d3dc63cc51e26a32bfd74620446b7072070747bb21cd0f9bd472

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2c6325b902fceb18c8eb9b7d597ac17

    SHA1

    8fe3a02e90c24697c60d862fd1332d2cf43fd8cc

    SHA256

    96a2ce12aeef6f559199ccaa7b3a66438777b42c64cc3ed2b1e73c270db06272

    SHA512

    6d4a4e4f5224860f150db58ef382e1dfba0f2ddb1028c81a1568e830c5c5a2ff85b72843a463f6f7c1fd1a397b9ab35d0b957703527db1cd1eb96a4e2fe49faf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    deff117f32a03753f03de96e18d4d634

    SHA1

    26507615f5cca554a3bd48315700c7126535eb9e

    SHA256

    479666fbb9ba975cf69696149f36d941ab3880fe276bd775dff63bfde0557524

    SHA512

    62a2a4415b1d80ad725de1fd0ea78ce32cf80601a9db079720eb86a8d2f2ce85e517ad600a62592f7bf49c1413981cce33ee8b5f22e34133854c45e992825632

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06bf440276e2048d66b9f816ebe20280

    SHA1

    27417c1ad8a0b13c3b301879509d639b90583489

    SHA256

    668fbf184309a9a93f61859d8c62293b00ccf81b3c87015a6f1f579b4f8d3460

    SHA512

    44762a5fa86bc6596deef654b83eb3990b262ae322c013dc4fdd561112b9d0c97573ad63e5b3b31465333041e40af4132e3056c56c55870a172606ec5117ccc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a8061a0878ad20c50b0c6084270dc8a

    SHA1

    985ad2b585e6b195faefa51294f04c1a79261d20

    SHA256

    173f751755bd3fe93d69e552a94be220e498a717a189becc103437267b33bf3b

    SHA512

    9d14cd504d977798df4fe0f8753b44926a260cf765a6c512d2fdfae7d6f179fdd8503987a2f4c373ea89a6a4f1ec4497999a111d0918daee5a9666898bf3160a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb4f50f530bba6a11b5cd266c32991c4

    SHA1

    eee1d4da5603d3361e466a1f682198e7bd20b281

    SHA256

    cca2f67fbfd34ece76008d2cb574b8ff275a7aadb9c6bf906acd1b05a00dbaa9

    SHA512

    0ae2bae6f2dd6c57080d10b87c0b2a45217ede8f864238943120cb0b38c23de5ecf82f03eeae84c488ad2a1e5ceb7c824ac687912905bec60425849f8c1bdc2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34d22ef66a7752e00278f9cb8dc9af48

    SHA1

    755bf34d28bc244168d44c029e892036bed825fd

    SHA256

    436680da121cb74ada8ca5c3e428e98b50480619ed109b4b0ac92c561485e16f

    SHA512

    9b71cb312d966f333894d0fd40f506f510a8030027f42ee25f916b6cba6c284e6f280f36b6b3478a91b1a54cdc2c87830faa421707a0a648645112bdf22192c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acb72e6b1a0a17a2d7e18cb6bd5b5af1

    SHA1

    419cdef36761e2df1ff5219861a04484baba5750

    SHA256

    9d1bec59ea80e66805ee7f7a1c1f01db0daeec0cb13977c11196e0b082260b59

    SHA512

    3bcf1b0614a8310f9af227b880e8bf0fb268ff4ac1e6b232d6fdfeb6504f337df077dac9caf7c2da5fb359fa2dfeffe332255a0f24b027ccf43e37f15e8a50ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d76aa463217beb5a1823c2aeae90ce04

    SHA1

    ccdb618d6d5fa48c8ff1cb0c1a7646f9fe8b3981

    SHA256

    c2d5a9f01dd3aee4b4bbcf158a63972c8d7dc3236d3f78510b1eaf1834ba973d

    SHA512

    adc3f76ebcfe4362ce5bdf06ae138ac1dcd25db07e58ead37a77dc17c84829c091e67255d04da24ec421ff0d22779ff1f98ee7b7ccdacf74a6624b2b16def92f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db0932cd0b74b39e76df81e6f8477c56

    SHA1

    151e6714aa5a82dcbffd22345ea352708f7f357d

    SHA256

    88c436598283f779bcbfc67594a016fceedcaadd9a038509ae76dc109b6585a3

    SHA512

    b5c7c89c02a8a9c0f2cd22abf421bcf113f08b6d697b70b683e3fb5b7553b4f8c6022a81c5153d05632ad4ad2cd442571286f449e4a2d7810872247cb37ffb7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    639f7b58399e4e5d710d3bd4a64e26f2

    SHA1

    b5dd9e1f2b1c234c96ee9960a36f9e4f943e794e

    SHA256

    b549c222ee1286b0373cba210ec6fca1480822c96fc7b1a75493de80e2da30f0

    SHA512

    39b90f509f696835f2a29a40f8163f90f8a76818aa2bdc1d3e5366f098d3ba2a0d80497b1d568ae1c5ddc0a934288fd63bd7f8366ff198fe9205983182c42384

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe6e0aef03a70fce39efc3cff17a0c77

    SHA1

    b215ffdffbd1d6b69f1e5360d04346fa8cf9597b

    SHA256

    1c665ac5549adb38493d84314e919179b824f051b0c6d891dc3a10672ef159be

    SHA512

    f2e3358b4f505b0075dc8d756ad56a595ddaa46fbb0a26e5dc5eeb61811d14672f9f1a64eda60d469c5cca274849dcd4fa1b9a17db81f4d6fd2c4ccc8659f012

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36067837c8b6e40f079d95a0b5fb48ad

    SHA1

    3da4e599f4780f73c3a03db2640519948f3d9047

    SHA256

    06ca6b9a9e4c4c29bdfa36168b3f94f3a710417455425fec8379d46cf18a9d2a

    SHA512

    f7f633e9cf1776891078efe455740dbcd2e00b3448102251fc13b9e26f7242bfac706f800ffbd1485f5d8fc1c34be8f204b7f0b8c24674c92b9639dcfdbb7a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a820196497d69c0c379524fe30bc857d

    SHA1

    6f075ba341fda2b5ca536d4abeacca396589602c

    SHA256

    c934b8bad3aa7cc62400337d5c81d86e79870883b464adcda7cdcd1561ab6c99

    SHA512

    da8ea7efa016e1d8ca47fddab92f42133ec1d7db8e74e2674b05df7eff3f9ec8b3b88af9d7c7f3a9623435646d42f064df6dda797a08eef12b227729f1ae14c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e08722141508b400093f06955c1d51e

    SHA1

    c45150fe36e6f4deadda769f6314c780b388acec

    SHA256

    14db9aec8c9ae280d21cda60a0a9af8d1a6eb3f81692679e56c20b55dcef99d5

    SHA512

    a4846add9700cd20d9716859afc25e457228a1db8ab3194fb30a2993249b19d5e7df1334b607952ea3b38563b81e29887902c01fa31f9f9a67ce090816169aa5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18c765628d0e2715b0354c908451ad69

    SHA1

    0b28e4eac95142ed725f20c27a54672a45458103

    SHA256

    16825e3b526da789d527d2bc9cb09407d3ec2838af15a1785b654fbf1f1c719f

    SHA512

    6989d7efd0bf7a07a19280ead41ff32a9be3ef6f89a3986f39c2ef4ef59cc43ddbf098ed9f8d676e7950f76ff4ae3afcc5637292a26aae2420a52a7a14f69b30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75d443c4b478afd01ed8e954b472e9b5

    SHA1

    e16db72a1208be7adc53a2e870119d11bc1efebb

    SHA256

    357b20968171ad0e6db1402f488e055cdf83e0e8b95e755b0eaa89092bcfcb83

    SHA512

    ff2a0147c14fe8339bf29db0894206ff9d8f28b44f19316cd34b7d917e3132225a54879e4f0010d4756a466fc3d03a4cd0f2c066d7d48fbf5aa32b0b3f4075a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13bf3311bcfa734bfbfb826f41d36f2f

    SHA1

    cf3e32ea5e702e31dca90d50969c64223833325d

    SHA256

    f1e060a954298d497a8b51228339ce295601d1b6c00e10f328acd46e5f8a0446

    SHA512

    f70203ab9ae10e276240dab407ed72568ef3f1c993773ab9ea99d3da263700d0b7560de87b281f0680af9d39b4074e08223bdada0c51bdebe93b63f628da21f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0ea8770fce8f8364cdec3f4d7b59d7e

    SHA1

    ca6fb1a20255165ee1abdf107e2ed8a71959c8c3

    SHA256

    79deb77a55bb6c4d2c6be0c3a599b243937bb911997ea31e40eec7d9c3ae6ddd

    SHA512

    5a3d1539f58767b14a76345d4dfaba6fde8d16a2c5f4b95374e84574f0a5509f747ac2a1cc5b57cc04037230f022403787fac2b607420a413ac09c8aa97ebe59

  • C:\Users\Admin\AppData\Local\Temp\Cab119F.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1290.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b