Analysis

  • max time kernel
    134s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 17:41

General

  • Target

    fd467a7768092e36f36ba957289b23c6_JaffaCakes118.html

  • Size

    56KB

  • MD5

    fd467a7768092e36f36ba957289b23c6

  • SHA1

    25fb307f103e30f0a244a2233dbde3cd4156546a

  • SHA256

    b26a2389521541e0635d22be5c544d92288cd5f558d90404aa7478960a989aa2

  • SHA512

    806f5c5b091c9818f744e39a9b4809370b698df5c25d8a543027845f826d70fbd4960a7324be1279d53822ebcd63180dc9ae462aa6784fa315fde118ff6e76b0

  • SSDEEP

    1536:WhALBbwcgRrFAMSLVd5/Y6eBz1aPP3q+z833NI+NCskdfWyfYSs3Aj5apVIl23lr:yrFAMSLVdZY6F+Npk5WyQSsSapVIl23l

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fd467a7768092e36f36ba957289b23c6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2804 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7cab92d5e96755dba98f7c610f81dcf0

    SHA1

    0125eb8825224f84596734cbddc38291f4639bd3

    SHA256

    e526cfecd09d2a0577b49ee568d7356d4c4fb1f9003333cfc4c33773f52632e3

    SHA512

    2ba7bc3aa3fb99735f1803127177f650b05dc6532b7fec755ff280d12ffd623a39f9449cae1ee438752166ad098f7169fcc94d81e23b8cd066a05df7d86b44a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cd0907d8151df35833b4669b67fa84cb

    SHA1

    f6bcd229f4915cf15d4695192666a6ef94bbf988

    SHA256

    bd1907fe7be9ccd41e40baf4c857407741fafe73025975ccc63f639699c1f760

    SHA512

    c0bf6e7b697c6634010581fbe3cf4cf75217b9680ce7c593ab13fd7935085e21924747709d74c1cb362cc4e069d6c15b75fe140f5d76565aca83c3012c8683e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    25e7521ff7ced05b8fdb2f1f7956475a

    SHA1

    faeb8378ec75bad330f5ee2e9198c2008b9e3986

    SHA256

    57ad36a50093285a2ea67497e8cfba47981973683d86a65791bd9bb8e04ff94b

    SHA512

    41b81fcde954a241c3a35d16b5015c28356904aab72e7347edda3da29b663e24aaaf73d8aa58e789321729670fce594180233ec34a8e39dc95f214ade262a587

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f504a36ef45dca9dbbdd31a9f3d4b90

    SHA1

    6c9674cede6ee197997be133fdddfe01d6cb5595

    SHA256

    1ccfeab6a35102117e8de11e8a220d8120a8a3966e37c9a617cdbd7bf1c51775

    SHA512

    a69be5fcdbe931fdeb8b2a5e99f7c1e202099a0d40c78b511cf1a78da1e0a5cbb94e60b462dde6169cc631f3b7fc65f5d277424d2598d6001fecff5c1cd4f4e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    29e34e841cc22e7c29b571103d2580f3

    SHA1

    042383e2b813cf7151def5b254ca409030a132ce

    SHA256

    0c950bc202befe143300c5611007a2000af460c35a32ebd636b6423ecb32a8d0

    SHA512

    cb922bebe4a7952005ed900b5e3cf74766c984e06b4db7ffe7d14df9190941ff6709b9113bc4dd9314f77a693db7cf8ff99e44396ab1f5b1422a517dc3f427ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcab3aee16f56b53943cc8938ad7b5fe

    SHA1

    01bb409b6241cf58c6e5182162fa775ab6c180cb

    SHA256

    19b5dc21d239214fcb5bee5d93299569ca7e443a7c7f4f652007224d473feb2d

    SHA512

    24e12b98625fe139ba09afbe57a8c51ede525c19f209f798e738dd9f434da305ba969ef665120dfd399dc50c218fec037ba45ccd1b644f6871dde3089dd4afed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e0fbdd1e9fe45fa39f64af818b24a68c

    SHA1

    81ace17faa600d8bd1b995b2ec0b5c098ed00142

    SHA256

    7317b04d8b6be5ed1ff8bd8d95723795d3224ade2006968e1f725c0234053454

    SHA512

    dc3d9226f0510dd21c9fee5981f0619af006c4c98a253db82e6f79fe6efe8b127545cf7f2d0bbf11bbb96a4cc47fe69926902544494a44957ba4c377a9db708b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3bf9ad4461c88eb8fe774a09c4848d68

    SHA1

    fd10b7f2548eb48f65bfc8a228eaa3353ab9319b

    SHA256

    47e7bb5dc411f0f90f5a04b397155a604ea6fd9edf69762f3e882b2e931624ab

    SHA512

    a4f744ce0a49f93d9d9f30da6a8cd0439dd3549755d10391ab3fd882aa1e6b276a51e3ff38ded2ce0a11defd22bc1e176b5d4f4e17c218097c217bba79691470

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ee46dd525e9c043b4ee8d84277e5506

    SHA1

    aa8be4b8a2a29d848ced286273d4a15c8ba9c88f

    SHA256

    dece613773e977e825ed19ae221d7a6a323fdc06228011e36f3ca3a1859a28de

    SHA512

    c5d32d3459341d8e5f5b822330f9907e6d53e685604243776e0505d1e0c7cb2f8c4837a2e9121466d5139906c32180852cc8bf1a74f39e1d9cbe01319a14abe9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2702474900f489f125fbb409074f9a75

    SHA1

    22028c6bb7cc891bd7e735d38c8703a169f1c556

    SHA256

    a7b71993d6df0c9d94a9944470638d033635fafb1f3a152b3efff77045e14dea

    SHA512

    a1461b97ea85c6f46e876ad8c3ed9c7de458bf1c5c0e4f72bdf2d0efe0b3d09dde8ca734bbda2ccf25a2b5b5a3a657be51da396e12a61efab3174367f243bdb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5df03590d79768968406a06d1df67faf

    SHA1

    e0e500dfda0a02788343e787940e2ed30188ad35

    SHA256

    6a258585775f5ed6bcab3a82be98b968b1ced551b3d4ef0d536a46fc5caac6a4

    SHA512

    aa400c1de58b692281f8356e9163c76f37d15b54701516176d4c015217ac71a2d441df84d0cde0d0af91552eca73ce5814179885729d2084222007b037083cbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3744737c92946b08e94ff6ad1398dada

    SHA1

    efcdc145110fa6adb267aad68703c7a7261ddbba

    SHA256

    3a01e83ef72b89011310faa5ea03d6ca07eb868209ca869043c847dc93093f6d

    SHA512

    5465a16070e257725bb0c2573a1ebc17400d5cdc4c5716a3f53be306c744bca22a642269296cc6a2caab098836301559a26f7487c05aab0d02aa7a27cf765dbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    a37370cd446e6715f8eabfbf6709cd07

    SHA1

    3abad56897916590fb9ea09daccc7a0ca03c4831

    SHA256

    a0d5026f0613b6c503510e1b83391dd6e028ac6db221a4551099b2d6dbe04edb

    SHA512

    bf417310a4192539ce1a8dbe09a185576e3057d70a545486480f72cacc4485e00f4b08a781b52c29439a9b6a0dc51a1ce6432dffb3ae356edccc9df0da4bad6d

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\datetimepicker[1].htm

    Filesize

    795B

    MD5

    5d8d79c3cb9af023240b1be6f5057aaa

    SHA1

    df22980677b134e83d878893f7c7984e0d78a240

    SHA256

    e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

    SHA512

    66f432b622cee0bcc06cbc0f833de1471ea36c295b4cd93eb848d97e69c2252acd2fc8972db51ea35475a424f4d6cb5001325525fb04f71b8704eb24de1c4008

  • C:\Users\Admin\AppData\Local\Temp\Cab8AC3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1FE.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\TarFEFA.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06