Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/05/2024, 05:30

General

  • Target

    387f8a2e159d457822cc28acf4460262_JaffaCakes118.html

  • Size

    26KB

  • MD5

    387f8a2e159d457822cc28acf4460262

  • SHA1

    bc8eb693aef65fe567d68bf742f8f5d09d35e0c2

  • SHA256

    3899fbdca91b283621935ad7a0f6fd30102c42f0987180dad9f93ef06385d7fb

  • SHA512

    e32fa3bc49c162d35b1c2ece8ff0bbf8088d170f4d406a89a2c95062d673f6fe028d453f5ade17dee12542c67c68c5f79e9adc24e8f1deeaf99daa26577db3ec

  • SSDEEP

    768:jrxe0NcT6yHv3jkHGP22BJDggqodzbYs2:jI06T6yHvDP2MsAd/Ys2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\387f8a2e159d457822cc28acf4460262_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2904 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bf02fdc157ab5a4e120e4be5155bd82a

          SHA1

          c75e489184b1a19256a3c682ffac1fad2778f9bb

          SHA256

          92101b1f4b94a1c86b22d22413fda3325b73e38e4ae0403ed58c5d47169a3c93

          SHA512

          c8a615ad1e307e9c9bbe1b96d0de459ab2549152005f425e68f54bd46634e2e616a10a19a8eaab7ae6e01f29e94679967915b3b507edc35bc12a65af639dd5ef

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2a63ff162b0cfdff761eef4875af2a42

          SHA1

          110f304ce2ad13a708da29a01200ce5d7b85eacc

          SHA256

          4b8682d709117102b5efc3ca2d9e135ea4b7d3cfaab9d89b705032ebb79e822d

          SHA512

          629c0bc68a45d2b14ad689002378575471154ce5e6f0596cb4b5821296a2e4f39b19c635b6b8dce331d1b316033db811cd2a0e216fc2b1cdf637abf876d8c8f0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bb151b4d9b5660c030126ff90812bbfa

          SHA1

          0f4b2b071dddf4fbbaca0f2b112309b6184f8bd7

          SHA256

          cb1daba35e170eafbdb34bae4033e195b73734848b2455e245f5616b3ff8ba3b

          SHA512

          367111c4483d3500cbd0db4438ae5341c79601bb8f5a399fdffb1e8d96000a107ef643d4a4b96b979e389df8422aaf01ed63e13e9b5cbaccf976ab56d3449e62

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cf99960ee180e60d9fcb8612164c5947

          SHA1

          dc573ef626e0e75adb0bc6ba354ba916dc8cfa63

          SHA256

          f633579b6f582c07f226949a293a880620a6e7a620a769bf4872a5ec08821250

          SHA512

          861e09bc14e84ad7ea7228fe1ce1f188042093f848557b8cc3a2806fa88e3190b82e7652963831336d5d771cfe91849dcee81f0dd82c2fb63c4a979707a5bbeb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          02cfd3fd7c51df8693608e08e4292aea

          SHA1

          b2218c817008615ab578e8343f1722ee90ea0be1

          SHA256

          19bb35e549e4c90cc40b7f69944e11c0f8733600cf3d62e8ac480395e2e5ceee

          SHA512

          b58063b322bf5ed9bf0beff039e135ed7935b4845911b73254f2b18e7b249dcff073a61551171c02e1580324b8f0430de99ad6aa21855125a6d51b3d13183dee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dfd80479302ffaeb627be012ef60d11f

          SHA1

          ca9b128422dddb9ead8a51e5399584c6be5efe81

          SHA256

          9ba86aa19a1bce280db7fa4ec223b2516ae1baa0686f98f73369c0d1daaf12f4

          SHA512

          54a81ff3e024f595f20506cadb041f093a47d8a567054b5b1cd4b8c14ab035a5cfb9aeef0a1715a266f43006817231cb47f8c3e0b2997b41fadb7e400cdfe8bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8559ba900781f591acec115219917ea4

          SHA1

          3eae78c6d62c310ca4337b87314bf222dd215775

          SHA256

          f17b2393d67c4babd49afcc625352c55eb0e831e601a2ebd181ec8956f931311

          SHA512

          593d71887f60e36bf4c6d6581ba4fdb8ffbc9a4e91cf882a0127dff008005446930a987c9bc4a525e314f0a6555f13009d45c6dd5e642360c669829e3337b4a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5064f01dda83a707a8841877da3e23e9

          SHA1

          b1c268beb6ddfb696d9058e32416c8ca2dcb7c96

          SHA256

          49077e14d4adbf7e63e510719ba545347e81856f2b7418fad8a42bd55e4058f0

          SHA512

          c852209055970fb999911179343c43709aa37fa5796196201fff5c6e2082b939986dc37435cb8751acf42e848529d7b2277ebe2e620997a32d29c0d3bb1d604f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c8b3da4bdc9059981d9b1aa127f7d32b

          SHA1

          8c9c90b0d621fa53ab80451a8fd982a5e7fe3fce

          SHA256

          e77e68f8438dc622df529e631eddf6d814ac1d16fabb9103228b80e5c6c43334

          SHA512

          96e159cf760ef60c237debcc826e9ca147654a799906b303e78b6d730bd70b73611cd43c27cebde809fabc58020968001ad6d7877f5cab6219587ed7a3c61705

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bc8e97e1deffc4355dfece5e7d769ff0

          SHA1

          78fa5c4e487dabed6ad7bf2a3ca75e88fab67892

          SHA256

          20fa7c4f4708cd50606486f06ae23aa6cba8a8a34e917f10c4b935ce64ead0a1

          SHA512

          df6e88a269bcd8b496d1aa0c82ceee29b873ca209dc8878fcb14c3f8c6707319a844f3a0e8d7c63aed02d1fc1ebce97284b6cab1005ffbaec691f7ecd3508e59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3c74f9c4da5febfd85594ec14ea1d4a5

          SHA1

          a7a43d500e4cf805b8e088431b211dfeaea9fb63

          SHA256

          4a3f686a5711ba9a8a3fe67e93e89b5d905b3d686220a08d26852a5f912d2417

          SHA512

          90a6dcf0dbd3b38e6d84ac752a31c807914591bac907b51e00520720696204822083746079ea7fe5fab980afc5b7e2f7f542bb525b82426ac2472b346916d1a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b131161db5f8cfe8e7f4833dbcc5929a

          SHA1

          4a9cd81cf4c06d78eb143dbc56eef1b89466f3a4

          SHA256

          eb88d56cae349f802db3cd73e7a73c4de9a6c550d6d75fec2b2fa78eff9bb035

          SHA512

          445fe86e639952748560a9175941b276a589e6adc3fdaf6b71b6932a22f5e8f0c4aef66bb9fbd8f52028c014ba09588915867cd36d8156b9fbcfa6691fac05f4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          262c076f9d55772133cd9425cdb247e4

          SHA1

          36df95168607756729a399a8cf384c5cf2746bf8

          SHA256

          b8c2f40f26d3b4c523ecdaf32929ec57e3cc68bf3a4fe11594088d2121f25eb8

          SHA512

          44e8667cf1eaf7dc699d22a9675dbb9973ec8fd7772f7e12623d3603ce29884a5546224a33bfebef60e270e62f55ae386d756f59db1224c4d03582cd988ca0fc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9856a7649c0e67b5bbea3bb5be24e1c2

          SHA1

          3d9d80afa4f577a90360ddb41a9c057b9f2f3166

          SHA256

          997cb2b58af3cf0cdfb14daa64f4446c68e3514c8e64056ad45fa4ec122d144d

          SHA512

          2fc026ca94437ca173310a0c49fd3d49084d6ce2f69f0702f33e7c0a1d929982082db06aac52cd59506e92034f4977795f56ae9b09e5b861605f681df21e78ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5d7c15442c489b6f1a14b5a9331ba909

          SHA1

          6f6abfbe4e27de294cfbff421094b67c934207c8

          SHA256

          00dbd7c114fdef1f7149a16104f514d4ad940e467feca581842a82e3331eda0c

          SHA512

          73bb31505d84330ba61dbcca8125dc53ddef16616ee05a134939dca95fd66b470c66dfa0b447a4ad09f63fb890ddb5c559183dc57de5dc8f29f5b89a27876e46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b7a3b19aaddae48bfe446a38bae869a3

          SHA1

          b9163fc7f38cc805ca3daac018c25823cc0a86b0

          SHA256

          d7b500edc42554c81173ebd6f3ef45827216ec7a9f4768b0e3ef99651ffe3b8c

          SHA512

          f196eddf33554f83c5517e08e96ad7dfb6ab78f9f03681366a6cab9337f2d9644b54c533fc26e53434b7801041506d2485e37229fb28042c098710083c7d57fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f3e6eb1cdbd1c6fe0f5ce8f5a7362472

          SHA1

          6daa2342300c9830ef0aadffb72df037d115c448

          SHA256

          fb2a3e5994aa86661868a3c348936efc854780e0dfeaf68936cdcb5085abf01d

          SHA512

          2d62ca0bb6a4f87e6b9592a8f0efa2552cbd53d13f2b0ff9bb6aa125903c9d219bf2d859bec34b8bae7e5c21031d3a0b1b8c5151f15fb207564342d005912ed0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f082d830a73c90f4972903038c51cad3

          SHA1

          5faa4ef606e81b0a45cdd9cbe6f2e5d288cc32aa

          SHA256

          c4fd934fc2c22182fd990f38da889100a956c99a26ef4f12d984a1478290bbab

          SHA512

          9bf48814b0ea6ffd4231d92a9185970b319e43cee778f72215cfe8742699b23a27df14e132b6aadd6b78d8e9d37396e06dc29167461120c393b3543bbad6711c

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\desktop_style[1].htm

          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

        • C:\Users\Admin\AppData\Local\Temp\Cab3979.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab3A47.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar3A5C.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a