Analysis

  • max time kernel
    142s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    08-05-2024 23:30

General

  • Target

    27395c41f43f513e1d74495134736c6b_JaffaCakes118.html

  • Size

    26KB

  • MD5

    27395c41f43f513e1d74495134736c6b

  • SHA1

    4409cf3b5988741fa7c3e3f3bb9f9cf33424a9eb

  • SHA256

    a80202d7c133b123a7712ae5c760a642c9dff0d17c51bdab1caa4ab3d6e37697

  • SHA512

    b1cf93af1e898c9c18421ef40950d670f33703a41b0e18deeebba52264752c33e935c7c86933de3defc8d8961cafe6bf05af67d044a6cb369debebe14d4b3f5f

  • SSDEEP

    768:SszdsFqvfudlQVV1C5m1CCCcmzm3C/CnCQGVW7s3/1Bosz2:SqdsFqvfug1C5m1CCCcmzm3C/CnCQmOb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\27395c41f43f513e1d74495134736c6b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4dea0d36652b1e13f2aa250d60736d53

    SHA1

    5710d922238839870a43271452caf3c20c49d290

    SHA256

    6515283c79a02145a5bba2ead9d0cfa9138f6311493c7e6e72a890328ed5d47f

    SHA512

    eb7097575ed8d138b0941a1fe629ce9192f07be9f5c1053d7204c067af2ba67d11c01a3b3db25490dca99a9789af5cc4195dd6c0f5091b5926715df94e640a3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2d1f9b5a8f3111960c99c1ca378266ae

    SHA1

    369c810d60c3c11982b36e3203d9c43a2e41cee7

    SHA256

    ca2d067fd97508f0c96bd533fccdafb9dee9f1fc61d413b971273485e1055608

    SHA512

    af9e19f25143234b91984a10124afdff7eca4b297b6f74f12c9670e581fb113afcf5e1e30aca2e9d9b486c22c0af5f1bf3a9bfaa58433a28c056eb8a8e810967

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9dcdee7255dcea0f33594d04185b75c8

    SHA1

    2de920a2912d7bab872f3e5c19c920f3108d9661

    SHA256

    1f75b98fa1bd37843cefb92b035be2d3afbd8e10a2074e1455ab310b4662d799

    SHA512

    cc128756e460c28c4694a0cc51c84b597bd950f6819a5aa38bf37b6ab395bd72878642f265f2d62d1eb25372e8c048472d3fd20f3cc0b213bd1f7abdb24a21a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fa833f5b1593466184b07595f6c25b41

    SHA1

    93bf0a91fe48d690a3c30f5803d54dffb8882548

    SHA256

    24083ae8e4657e9e27af53599c7b6f0ad293f0ea316040165e50808d3d980bbf

    SHA512

    243dba5579843e47c20b3123f94aac2d67c77b432a0c399250a6428d2715cf676091426018a048d85380752231800de3f3005c4fd046e9489e87b588d48f3d86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    99fd354b8b79f610f9bcddadd8c54d29

    SHA1

    7dbf42fe8f856f390ee7e2ab55a549a31972377b

    SHA256

    82256a202f876fcfb5096853a16b4c20514be2dab0dcd30ea4a9619884b1aedd

    SHA512

    f37ef2369e34be58c37ea6f5c3dd03239bba229ee004ea264d7939e3e9df056060dda32148304081b6d2d1e443ac07db079c51f9e1f7806fc47d8e8202bb5a21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    179abbff384f4f0bfd203ef4b0bb1b6a

    SHA1

    668c3eef79dd47e32cf4aeadc2691f627fac976b

    SHA256

    5e11df0e3c236f9985e2ccf3e15ee2c5b40cf0430e56c874af92642a79c5cc4d

    SHA512

    d1198c45b4b0c78fe949dfefedf535eb76315003d761ec1a730a5479c8d619a53c9a5ad7a7ebb9810147eb83d5f8307b5f818c0bbc66247e58f43888bdd65951

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f2b1529d8e45a068921a34aed448c56

    SHA1

    3ea244cafd01d0dea9e4aabbff84acd378333cdc

    SHA256

    128d6e5136b2e7cf530a79f94295a2cd6d3dc07a366b446d98e69bcc44a49189

    SHA512

    ad8cc867bef59ff05ec0fffd29f573f329e1e3d1fdf62ad26f852b842de614f4c67e53cbfd6a13c8adf9c989dad05af604226e750638a2f061f06c4b67dd9d16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c66d61d4e290660477e12531cb5b3f64

    SHA1

    06c82c48492ce81de887c1e6b6a127ed04e1842c

    SHA256

    9c0a4b9dc22c848c8dfa6844328787590cf73d0a67e95f97a01b497499a1f6e2

    SHA512

    5c7b56386be5d4c431c503dccdaa53fcfd4842fd6e4ad66f9d84ef09d544e451a42780b7e60c70c2171514f8a032c799a8cdf3c7b5c34062b49e4b2aeb2645f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2a5d1f1b7fd7d85855301043b8fc53d

    SHA1

    79c2372b9163ef1a117472e1f2284fb4b3e36030

    SHA256

    976d72eef918b927242118c87c70e5cb7319675377977e78afd0942088bd8c8d

    SHA512

    034b90d893fab551b251857c02fc4d031e84f30ec1fd5c7ad49080e50773145b2f62cd361cae9f0e8306b543337b17676f73138f1389c943c6ee0afe86ba8aee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9919ecc2a4e256006ed4a936064efe99

    SHA1

    65bf30e2149fd2e3f5410c608b97a4ae2dcd1da6

    SHA256

    4823e52bece10f7c2062a0640a3e2680c2c6fc1f61ffe7db361885848f105a5c

    SHA512

    745212c36601457bb5d1c2089100ceeb3fd10fa81895f04189778ec2019a3cbb8d4cfc0a0ad069f8b20d66336ec276d2052f886d3120381dfb7793ec829281bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a97f6dd930bb823e79ae9f9a6143338

    SHA1

    9a8ad698a661e6439089502dc5741f18d333d81e

    SHA256

    0d0afa7400c4385cae6b02f680fb4740b5a263c498f85ff5ee089da6cd42b7b9

    SHA512

    95b7a2cce5afac2b1ea2a6b2244a3aefedb163e0c42db32b0862b0a867117f4c8404f5e9cdb75de278c3174f93d93c677c276a989eed5bd5003ebc293c62690d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55cf38120c56125e5239f1ae397e7a41

    SHA1

    5752eaeef5d31c997e5744d39ca6163abe27e2d2

    SHA256

    ea9838192d524409c1d6df7dcaeed2d5c78befea07a8de67d925009b8440eacc

    SHA512

    d4441daebc15284b36fe9033fb9e6dab9d63025cf015a220c2741876e464d3c6df6a06143a821651bd848139690d5a43268c33315f6186e5ce1a388017e8d38e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    08b4e0dd92b16f0b1da161ea4569a9c3

    SHA1

    b491ee9fd1cd3f931ab4a0dcecf5073407cba3e0

    SHA256

    67a24f085f53dbd9cf94ffd863a23424487082c3c69337d9bff7638258d6e85f

    SHA512

    b9ee835a3f4efab9176e327eac316fad909aad253bb8c087a2170d50ff4c863eebe0d5e9c8f9b7889570276738d361055a908ec8f4413fc7afe185035707ebb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee71fc0983fe3674faf51114ebdf4afa

    SHA1

    49e00793ef613875371f358169c88129ad86d141

    SHA256

    bd894ba41d539108cf8c005e498e78c2692a60aac045ac6c35a3f575d5c29375

    SHA512

    0f03770c65f6617c3e43f3fedcab1e61025208d1e7d2e84fb2f9aa316cb6846d5232f2dd89b4ac681c252ba9ec815f6246c42407459c4e7b63fee4b1d069b50f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    78d7f2f6be8f97bb5b07bbd4ddfaca50

    SHA1

    ae8a24c8e9a5d57a1b1143f0b421926856bc5407

    SHA256

    0e541f0ba68b7e0d46fc6077490de99e04ff4038271081bd1c0fbe32081245e2

    SHA512

    686f62ae1d65c9444cb2e1b1555e213d94321068c317f9aa2abe7f42e33e349f14f3aac270e62466e2a27dea41b321ee11024d2c5c8d0d52acd7c4a86efcd3a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f37447488972704b6bc7569f4516e83

    SHA1

    280cddfd84681992380a4d680cde2a3e9415cfd0

    SHA256

    d9d37c73626ec4e5fc827e3c623e4bb70998ed3b67632120896e04dda367153d

    SHA512

    b4842eca11ff3a49970358d5e2df5bd55c8b5f2c16d9500be44585d607beccb95dcfc9a0de6cf8e2f5daf8eb28d2ea769dc0fd05eb1d510b9d49aacdfadac13b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76c7fa16cdee77e341c1d16f86115b36

    SHA1

    98006ab7647fd1ceb5f088bf96941756e7c93180

    SHA256

    1ce89478c66a28c29609c286d5a9375ac59522f06c67981f2f68d3c06516bcbf

    SHA512

    75555bd5e6d7f48328b7c02a14411f41bb0a70458956563fa7ec064c387e1629490a50ce52af2ccf701253383f0ad1743cef315ff24382af925922d1c3010905

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5d40181c50dfaddfec3c85b32cb560f

    SHA1

    3ad1b7cca69f6af350aa7eba9eb96a7c43f78ee1

    SHA256

    e525b189f2d2525f0b506999be415ab6355da8eeab2a2bf44aff2d39bf1a7030

    SHA512

    43576ba19af6a7ee3140abffa509907cb61a7ddd96ca795783ec6b4adb8b04c78720f24fa758a9dae6dbb87a73f2711adad141d7d67c02bcfa71a12c2ed8f0ab

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\allskins.min[1].htm

    Filesize

    122B

    MD5

    00d64a82ba2d055e5facd3a30efac924

    SHA1

    308e275068e3bec5effca608fe9df2008c979650

    SHA256

    aaa3feed097fda6687c7c27860c24980f3ff105b6f326d10c98854145e9afa6b

    SHA512

    1151e227086964ec19c11eb388ace411a56a6e1da96409b2bfdb5313fb5df75223add437a653decf3afdfbd2be2cde421c512f9de423ad74f2ebbaf81119d8fc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTL9DZJ3\slides.min.jquery[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Temp\Cab31FB.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar324C.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a