Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 14:05

General

  • Target

    2f7b8557452431766ef6319958d4b08c_JaffaCakes118.html

  • Size

    13KB

  • MD5

    2f7b8557452431766ef6319958d4b08c

  • SHA1

    1f14e29f93dc77c82bdc732bc7b831ae33b12699

  • SHA256

    08b7a04b7666819769cf15e32182000488c2d68ded46b04fa30e3961e26dfc21

  • SHA512

    6a2b7dd9f1c0fb7e7f891c2b2dab8f210ce85260deefa6aee66d2ef296ba4bef33c281be171be31b5bb30f6d5e7fde3b4a7d6195f0c3c8bd47a9e6bcb8a510ae

  • SSDEEP

    192:UdJFKaRa2av0W4swDtSnNhLaOwu6bWwPO6NXiIgxiAkHxiAKll:UdJFKalpD0nNQbWIO6NSIgsAkHsAEl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f7b8557452431766ef6319958d4b08c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    531c922f9aed2212464b0282833e8991

    SHA1

    dc5af0bc86225a3e2e51b4ccc609f6e518bd49c9

    SHA256

    813e10207755994e44928c306623a23845ff36f87ac58e0e172fc42bbe1f385c

    SHA512

    643373f97a8e1d1c2444987f587bedbc9fb1d2ca248b270b830b4b09aff94232ccbff0c95a6ee78528bb6541bdd83693d830f3f379b870cc9fd10273540a4e2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d9dcf8e19f498456ade84030daefaf5f

    SHA1

    7c2bbf57e3b309677c8cbbaf83f3edac2cb4101d

    SHA256

    5d759c8df80cf05f228811e0239d223deac38612463b65e3f0bbaf3da2b8d3ca

    SHA512

    d28daaf6d1e44a5a020983d95e209eb4a5c852d613169023709f6430a8205540b8760114c7e5d0bf7984744df210d510c3bbc00d5126454bf1117f28c067ee65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55c23616a5393bb09611c9faa3d8d1f8

    SHA1

    47d7a67c7911efd89856c63560c971d3f9b89327

    SHA256

    2c0277f8317531096e59d8771f3ab1edf5cc3688e608f9fbd0c9912919efa349

    SHA512

    25c89b7c79799efb9c6412d6607c272ea491b748de2a9b5590d4e7d2d2f7a7b7f4f5e2900dd668f1017aedd5c3db7a27a6a3838ebad7798c509be5bfdb1b061c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    034c736cf8716d6b6df395057dc33b3f

    SHA1

    01f212c08ed477c11a38056733eabbd606dc886e

    SHA256

    765f898a7a18528f27eebc157bc58cf0dd3a03816004056698cabfa0cbddb981

    SHA512

    bc368ba18c4852b00c0a3cd1116fdc2b4d5e62ce510da3fe27bee954d1ec87c154bc48348670f9d11cf811146c80bebda331f08ca31b80606a88b37b38dc0db8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    66f90fa3e70fa9227697bbd2eacdfba3

    SHA1

    d7a94d8e720779d7c72ab1b503077813d9635e30

    SHA256

    cff0400c91e6c652d3d8ddac16ae78fab9b0a1f0502d5727f381a1df0ee2c65b

    SHA512

    ceb3a29533114d730f3dfa18e192af1650d2aaddcce4a38340702a78a1b8246917b1ea1c101cc402dfafc924ff981070f8367c07b19175f19a92075a6bee4288

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e2f24c252b13b18ddb41659a644fa41

    SHA1

    d5821887cd0802fad7bb645ec9f42b2ffe667217

    SHA256

    8f5d43b93d7e32fbe746f1db45a8632c8a594aa31b648843dffa0e09b22ef9c1

    SHA512

    81f9cbe29b53da4fef775b02ede339ddf86bbc860451b8015a3eee2452cc6bf5da25c95fab8f48048e25e780d22ab38c7ce6b612a6fc13205d5771edec567c9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8f67bd7e52fcb150ee5929c0246c87f

    SHA1

    25e61c5af95e130beb01b6489bc464d28034177f

    SHA256

    908a5f90ccf9274d0f6883523d25663c41b1139dbdef0de89f3c82694bc0cf86

    SHA512

    d7b5226dfeb04aa71b4390a65bc20200fb9e7810b4867769777955c9c691d6b578631899fc6f51ab5775b42bd234b0c6265b1a876f2526ab98cd0000203238ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ce39c65a58e111a231a98a5d6f79944

    SHA1

    ed993647a3fdbb8e20fcd2dbf6ca34ca78aea732

    SHA256

    57c24c787154509a34201a0ce1d33f21eb359e862f44febc5a6800fd264c5be1

    SHA512

    3bae4f291449ef57f00cf796aaed7f24375002d55d5723719cfb483056cfd9a99b138c35263d98a6dd18ffdfedff867a78e76a124d2b2c6177be996c360d3655

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7762f1ce89864c35cbe537fb73d7b1f

    SHA1

    78caf5513ab92371c649d6bb3db35bd17ab20469

    SHA256

    af440d41bec2627abbf6685c0b4e996d6d646ba94215852f8859e7f776f0747e

    SHA512

    b75ef8f5fd87b40831e6ce11d08e52ffad2abe959526083544597d04aa8e63d6f8484737e64e26bf3ddb512ef5668cdf5302de149f2be78732b01b0d01d6f622

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    441c1356bbabb801d176667103a757d6

    SHA1

    7d23fd570ea9ff77779354725a9dce1e8f033fbe

    SHA256

    6333480f7183f0dcfd6ed9a0916dfa0cee4f22507782bf23932e2f984b57497a

    SHA512

    bda1e2f6068ac3693bff3f5b4d94c4d73ee535108709f6def3e02e209791f750a81d654ceeca382af80362745d4c26ba236db40b5c82707370a965ac0742b9f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    50769376dc953fbc5823b046d567f8ef

    SHA1

    dd7801805e224dc7c0d9945b24cdc1980673b4db

    SHA256

    85840c2e142ecd9cad9f94ecb1620df398c62d820c0f3fe8e265f2b75df5ef9f

    SHA512

    fe735d5ac8a24f5ef25cc2d2f98db5cfbe7770aa97384449210afb7b01b5434ad0ea35b61beeacba973ec2dbede947922604d65ba891667ca6688207978a5d5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aab32d1ba2ab2d7c2eea60d966ee3aeb

    SHA1

    ac8de214d402c5551c5b58c9124abca71d01d550

    SHA256

    ee384bdf015fb53f6f56b243d065eb3716ffaceb44e452113b05535c71cadb96

    SHA512

    a7d77bd0dad85a151a9acaec3b8986175568757d6b0488506cd1c4c159bae32bf530cf73aed5b6a29055c978c36670a515cfa97dbf27b5f717ba551db5bcdbfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6bab380dcdd65071b6f776e9ac49e5c

    SHA1

    8a422e926364a8618c1c7bda4eb873fc624d2a48

    SHA256

    a1a52ca2ace87bea8c1a595d67dc00d7f514590de9376de215e1f5649915785c

    SHA512

    a33ff1609b5de3688f3421b6fe3989b37180d9a58124631bcc7823cc173c904b41bc13b94a7e15e45104788a831e020afa6c18548cfac61836b365ca7b425741

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f33381613e2b2d79bef8ebbcb09e61b7

    SHA1

    3c6c0457beb29717eaa578ece272f03053098098

    SHA256

    169127a709b3f076c9de1b0985ba2a0046827fc2536f3acd89b7a36f3d82c897

    SHA512

    46fbf7de14929154f825e1ac331f1fd6934021fdb965b6815b25ddd408166a542ce48d491d52470e5d42740fe6ad5c2a1311f94ea7f1b6ed1c5c351759650856

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2b9e378535f8a0ce7494e5b465e060e

    SHA1

    f5551b4100bf7715c0f3f1653d0cb0034ff5cad5

    SHA256

    eb53fcd3130006b36d830520caacefb1e24ca6bcd6ef806ffb2a21d021b63923

    SHA512

    eab813a1eed5a7f7daad338a6481006390ea2b77a22f6e9fb2473f79c78c4f9e7af5d23d66fcf5403553f3f5fba1ecab22e116e64377ceafc10c7e4eb7a6db93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    98b6aa27408b9977b1621fe0f4510f43

    SHA1

    7e51bf2f3973fb3a1da56adaebef334d6594927d

    SHA256

    d15c9e245515938a5ac3c83713e7df0405ccb136239d1e5b3668683f59be60a7

    SHA512

    69a2c4056f5224f7f94fb172a77824ca20e78704391587f0714d237828d25940992ede86f663cc6ead8d1ce9329f3c554fd45092a2f2a24f8bd4c7a5aa058dd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    717ecac9310f4a1a98fb725f1388e047

    SHA1

    7f1bfc47cb4147fe6dafbf58a5a087337fdaf377

    SHA256

    dc7e96446a847a7fc4a98f2b3e692b7226e0d4b2071c0faad8a236979d513ce1

    SHA512

    61134f1c546771ce8354760b2ad2d0efe7ac6eb6cfecd8631ef402a1819b95a27470aac9e2da5bd9ad2d3b5e61ad1ae559ebf109b66c4bd18753a555eeaa9609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7c21a001087d304752facdcedd23bd24

    SHA1

    a20572948249848c49dd793dd2631bc49d350748

    SHA256

    2b88a51f824c158795f9c65b148321957853c1442ea1cf7baa10c7be6bf7a035

    SHA512

    11d4e682046101d49351a5254f91c45d0ff718506b670ff3a74c68be22687696676480ad7603eff9b81423ca66f992feb640b256b97d7ad8a221c0731caf1da9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    907e58071b0993155d6ab06975f68a5d

    SHA1

    e0e7d8e9c0619afeb613a3c02636693291a3c6a7

    SHA256

    33fc02064342a9a245b81ea9e25433202e9d524f3a38bc50993eb6480801ae65

    SHA512

    234dc108b41979e3ba7d6f60432d88b5572833fdda24d0573e858f70fa467aac7ecdee23c14d75f3909667fe15b1cfe3dc0618ca4452721a45d95500402ab5b0

  • C:\Users\Admin\AppData\Local\Temp\CabEC26.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarEC77.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a