Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12-05-2024 17:48

General

  • Target

    3b5683f5b873bc33fe432602e137d7de_JaffaCakes118.html

  • Size

    108KB

  • MD5

    3b5683f5b873bc33fe432602e137d7de

  • SHA1

    246c7d906e450530415f17df1cf6c1dd82dd3f6f

  • SHA256

    19ed54b0e64871e61eb210e6910c3d76d4ba7adaf962c572deda6b3242b16de3

  • SHA512

    b34dfad6d6308189cef07349b4f924de0a10559d4be735f14b5ac840d587e5b9f6c5c70e40f90ae2ff496a0cf52c9547304f0a6b88c15951874205cb675bc3d7

  • SSDEEP

    768:sSZzMfjbrgVlCeWlcVNji+cnD9Y4x3Njqt1CY0GKz0ZigNxi6oMiRoWCScU5pTjK:sSZz/nNjiv9Y4x3N+ttu3RCWWN+Xi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3b5683f5b873bc33fe432602e137d7de_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    84721cd35068ddfc92aa0a4c829fbd2a

    SHA1

    71d7e227e0f3fcbb585598d0f3757a8935b748ce

    SHA256

    bf8250097eb58e963c7cd636093d2a332647af517ad22ddebe1765703b8dd199

    SHA512

    f08b89715c28ae36927316d6fca1716dbd9e935edf9d7e979586c4e4610fc29c83514e2385dbf43e7227f8275603c5cbd85c2a098be6ada95aee1a24c5e23dfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    49d0bf345c0ccd8ac18b817d3e3fe154

    SHA1

    1ec3c8f7417c162f1f3bfa0c651f229c0bddfba6

    SHA256

    e7f20c316e35aef67f03fe0a41c2119499081f53607ac09d91930bb8c31ceed4

    SHA512

    dd17c00b088982aa38dbb371d3bcf6c449ffa5273f2efb1a30e3655a176524953e0534816631c9d22831425d0e2e2738cd3ac778dc981627917146f5a9542052

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1db34574a591771403e283b23131bc5f

    SHA1

    1d9016a6d7412f270e8e328168009fc6dacbc223

    SHA256

    2eff2c803847dbccb40219c198755b7e32336bd9068ea2f9d82385d1ae3ac978

    SHA512

    e4e91b740c5fd5d0b5355c840c4d13dabe191dd0655e100c63a986c3d409b393a2758d287e3acf23c17ca81ba84a80d0e84e5bc31453ee9c14abc8b25012ed37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    35d8a6e2a429fe7fc6e5d31b25875c2c

    SHA1

    e2b251e0d0405c1253039425144c50d57c61bace

    SHA256

    2b38c9c05db535dabe5c63f191b00288733550d876bb731f9487fc20427e8c92

    SHA512

    9f64071c1a46a8e6ca9eb2ac2e00a7d991f570211ebdd661a974b126a6f99a162b7d4a53a6393bb3a753781166650959fc95553d8b867f209b3d44a5e9dd13cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92eeab3632a2d6d9920256861fbeefd7

    SHA1

    81c75a573a5e0ef367c2b0508e625b8422139237

    SHA256

    8ee25686ed9f1e41a91044c76b7cd916eaaff85045d729d6497abdc714d2e81f

    SHA512

    bc8dd093f8bc8cdf21a47e55d5654be1fccc7de882f0b55c1c423c3b6307ec83f93efbef3a03fdffe82895213f273e56d6ac06ea2af998ba42956de0a470f55d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bf4ac3fe4912ad64270dcbbba68aa27c

    SHA1

    9cb2a833092ff9fcfd9732028e6340e93dc9fa6a

    SHA256

    e26f4bd7ce927babb8845d9d6403fc6eb52c6f7213a69b325e98bc885e1efb25

    SHA512

    b6ffcb875ba27def41652c444fdaa848b80bdce8036ab9a4835433886ae468f478949b2912cb1843b5895c1d97226556b251109a2566ac81be53ae1aa9d4a676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dfddd1694e1c9f8df271194a73548d25

    SHA1

    91598e7c5fbaebaf5cb57c354852ce8824c8ee98

    SHA256

    47657fb8469e1e929fe707a4d08ab1790e81147a342cfae29916b762887945b6

    SHA512

    f3b95464f8ce7475fca4eb7ebdc1815d4f822504eb204cb410728d11e85f14cffa7572fec587143a87b70c13756f78a432fb0ead296b991508a719b1bc785a46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee12d7eb4e7add1ed9708ca590fc39d3

    SHA1

    92b780cd79cb00035e252c8b3e84539d65b2260a

    SHA256

    40b243aa668297da3042c6bd3eabd7e8451d245d33a59e51a66a3f2f1d21e58e

    SHA512

    b89d86397cf4e68f76c8ab0fa518a856d38bbc59de3f9bf14631ab47b07273898006680853410edcca723a42096aaeabd69e2121a7bbb62f0e11e66de6ad8c64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5f5f545d4c8233ab760bdeb4b152dbe

    SHA1

    5cefa8ff2faa817a7fd2441ff8bb7add4bb6d4d2

    SHA256

    d3e02aacc7177435ad8c1c72306411ac9030dfa629f824b0183192359bb9a764

    SHA512

    bb2b33d6fd29bc619047365f88fe0bb6ccb05fdf6649b4e73543f2ea798ca77d7c5dc422a85e69a4d17c9514715573d59a312b7c8956415a202eacf3022fb26b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71da582e19f6b23c96640994ea95b5fe

    SHA1

    52553a35b8b35ce05adc2b9895a166e3d9f25eac

    SHA256

    cbcb901c160919960973982f122a51f676710582fe6ab32adee3c9ab619feb2d

    SHA512

    7f627bf6b1cc9dae5ded65f74d332b1b8922f040df5a8be149e0ca1e5cb6e95da6bec3941543342fe98dcc05bf419a3da479f64ba99d23a8fcd77297ba682b94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d97447f7d84f89f2a259435455b10674

    SHA1

    cab77f109698f6c34a4776c5658c0f3c0532aaba

    SHA256

    0b75319fa0338b45a8e9b02e45623afb4a0c4078cad6942da5fab137f53c91a6

    SHA512

    6c840590b55732b1618a31a3fa1950b659f623ac61fe7e313e8627470b92009d20010b8d2882d1b4efa475efc5ba2b7d92dec3401695f0b3643e191f81f9cf62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3943a8d1804eec05b8a2ce2efb8ee451

    SHA1

    21e7cc33977c3b13b0099524e265cb027f7c6757

    SHA256

    8bcc0bf53ddc95f816a7a1084b6ebeb01e6262c7ccac774c7c1028d8a0da2e67

    SHA512

    414e398dd1066ce80c00f0a188f0a44b403e658f3500f6b71dcb90c6bfce6a3d1784602853117fed94f35bb35eeb4ee0e4138b13cabc570bc562f60fbfba6734

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f0c4ab07345f1157a51b2c94bd93c97

    SHA1

    4334251d468af70629ebb04b67b8135dc3cd3577

    SHA256

    0899e2ad1354f2c209c3ec9f0bdf92064431e9286f625d1efc542fee8a01c602

    SHA512

    4b485629a9606ac189968aa5a0b6979a7baeebcc16e2b3fae4bd06b33fb96c6f5aab8e3d299d425849f514c3ab6b80a8d6958862d13f5450a8bc48f004266346

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    277904b83a9bc317629fcd58179f96bf

    SHA1

    4cab111ae84f59bac763a77aebafdac335e81678

    SHA256

    7785a1433645e0cc09658a51bba59dbab4d62bb9648cf4b87cf053bf107e8df0

    SHA512

    7f0536e3c474035c44517bccd186952064a6f451a9be4183f7c6fe0a3a8cf1548ff1085a8d5286e3c76f19578a49d46b827057dcd7a5db2bb2a8cf65e5a56a24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    c541b4ab437570f4c2a2789fc346d6b0

    SHA1

    8788a3c36de5485461a208f9a54fc4afccaab13e

    SHA256

    bebdd6c6fb3b0806af705063f0783e563f3b2b683c642768da6549380d8d0b4b

    SHA512

    7233228ce56c70376686d9f15bd0347ef4946709d88910889502ee656b01a6a2dc6ce047bfcd263d633f8bd5fdfb38f9ddab4716c253d2a221082a08fb70be38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    926965f81cd39b6bb37fabfd9c7f04eb

    SHA1

    cc24f3926f0944b288076ad315c3c96a17680cf7

    SHA256

    78eddfb2b5d2d530925368b89e65ac429e0be16338b029566ed8b570c0a3b72f

    SHA512

    4ef613b2ff09b0d73e5188ba0604c3c670669da2acf1f0ed6960a3a0714f646e4a17d4e802fe0402f28050b06864974b97ffb2bf1c2eca02310067b81c62c6e2

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\ips_menu[1].htm

    Filesize

    167B

    MD5

    0104c301c5e02bd6148b8703d19b3a73

    SHA1

    7436e0b4b1f8c222c38069890b75fa2baf9ca620

    SHA256

    446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

    SHA512

    84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

  • C:\Users\Admin\AppData\Local\Temp\Cab4461.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4571.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a