Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2024 15:59

General

  • Target

    4045bc65ce10be86fe60ecfc330850cb_JaffaCakes118.html

  • Size

    460KB

  • MD5

    4045bc65ce10be86fe60ecfc330850cb

  • SHA1

    c160480b49cb8173829a7dbcb7a3e3ebb10f2c8c

  • SHA256

    289050a778b807c49db0f20eb3bbf34b27bd2492e6fbf6001a8c3a54765a33d6

  • SHA512

    33d059e5b85ed8617bb010dd4d63ed943069c63710972417620d346a380d6c68e9b76467815d4dd220e58963ec27aaf8db1d17bca1ce89c5377268c7b2ddcf55

  • SSDEEP

    6144:SYsMYod+X3oI+YbsMYod+X3oI+YTsMYod+X3oI+YLsMYod+X3oI+YQ:55d+X3B5d+X3d5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4045bc65ce10be86fe60ecfc330850cb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c696a0407eb3196775058b01e65f6577

    SHA1

    4905edddd7fe9e846b085030d3d4caf2a3d0d1b3

    SHA256

    c7a02e735f42ce123bb646a5bbae7fd90da8230f9d831ee68fae3267d44cb424

    SHA512

    32ef183070ce8561df7e99b366800b1f755c1ae9aba1fbb8780e8af1cb21aa2ba3efd789a9c161f616d141241d4214cfee8a34bc61d9985b6352880c5da9c06a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    40d4175e4444930ae9ec74df80c8736a

    SHA1

    9a367dbfa1da72c6a20b94bd5bd8be7bba6536af

    SHA256

    804b491e750641f2b5042806ef47c415acd128dc20ef069571745a410676d418

    SHA512

    cb524cb0f94ed003bacb098ee843904537e8710b003277414664e23a0bd18ca4dde20760b1ec2c914f1124f0ee7f0963b2bc8cac3cfa95b5cf839b7b7f5916f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f69da77805c14fec7c84b73e07e0ca10

    SHA1

    473529bcffe2399689a9bf9207ff688edfdced9c

    SHA256

    35fb25186bbc4c6dba8dd6b530c1c4d14d8cba196f8be332fa3ecd0dad356f9c

    SHA512

    fdd232505b230d4adec2d2dfbf6f212223444229037c6c18aa49f63305df690b6418ac69a2c0d9b93c2fd274ae7e4e69c9053cf9a50c41d1d6333874ddd5f45a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8328ad08feb915e04d150f8b5c26a06e

    SHA1

    07538350208bd782b947c5496e637a624bbb9feb

    SHA256

    b0669f75d113b1e4a1040b8241393bda35a733c06d6077e8b33d3e49833ede4d

    SHA512

    34487b326304a22c4bb2312cae70ddd163b6979db18b3d0efd476c7122ad484183865072df99b33df6f8f51c2f909762900127dd97079b650e87d8ffc2da9417

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0acd00d68b822ea7da67357ccc120c55

    SHA1

    5c690e660c81fb5fe2cb5b607df1843ef56f0c7d

    SHA256

    6647e8aa2a0cb536223aacc336165276c1c3475d054895d34c90060996a60c52

    SHA512

    f4cd4f2367ada5cda4078773a3022e922c0e3d9dfbd0e4b60e9310856d14e1c3d458879eca96e724cd37fab813e80b65a3e2bd4737b12d0fa93b2e2cf93dc379

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80b5751da0430bed765f634f7ea0741f

    SHA1

    533660e1bb2e6d97bd1fbb50f33b31d93dee486f

    SHA256

    8d757a215dd9c5a85303d187e8dabac262b9e7ec7efe0f87b4b7072d549b84c8

    SHA512

    16cf17daea2bff82ed71911e314c438d641fb37348e2ea09d54d7c3b6b811d78a26c7ec53b62d98a06c4c791bea59661219be9696c10fe7affd6dd2ce56ac9ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    802f121433b8e357eae4466d57b70e4e

    SHA1

    fb35ffc0022ecda3e1bfc1a6f39cf09071bc7610

    SHA256

    ecccb0c495325224ab609645c0f2aee72fa8b16890fa0a016787646fa737dfbd

    SHA512

    7664ac0f277f147d5a19bd085862860bd2276611302ff4412ee4d486c981089281b4270ead95cad3c4a0955c1dd202515467b0a341b4af8e6202ce1445f36b87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5fac0bd9d0b17c8626460ce13e22d4d9

    SHA1

    d6f0c0e10a8e9ddeb01a803960c75414a7eec598

    SHA256

    d6211581bf17c9704e2eac26ac1921e6a4071e15c3019537a3f5ebfc8dba6530

    SHA512

    c62b63ab0483c8ca207e73519977cbd5ecd792a96411037b0ec08f1968149359ee011327bbe0237144f1b4dea37976d36f22d29ba1b3e42524e0af07361e2c63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37884caec3b3aa43780756fd392972fd

    SHA1

    d917323dce01ea29da328758a4f1750b90b2ba66

    SHA256

    04722ca1f962b239f4fe7fac0cc08f9f70aba6131660e17135d6030ecaca90bd

    SHA512

    92dbbb61272fbff8b1ff1a7740016cf0a5d27fd7cfe2084c108bd48e0c318b0f278c71fc1fc2ab15354da10569a2c5f15d957983bdf3ce4db99b1b475565984c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    364c44c924a6394c73f7df4c6c704c28

    SHA1

    33233d85f7220bdeca7c39e382fb5f99750ac5c7

    SHA256

    2f087b8d8c99c317ffd5e6f83a2b4f5e4baeaa9f83ac2c59e322cceacc4a629a

    SHA512

    7089f76cb41d7f74748e4eb6aaa3d8c797350f38839c29d83ab0ba020c86e5ecc7ca82ec9d0e9dce628a002bd18c755c7435a734f0ac1d1d4ec874878370e272

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6240204eca48b9ca2348358b8841adc4

    SHA1

    798d1d9f15cd2590a8d156d3c04e99436b14352a

    SHA256

    8fb626c6089e49723f9b0dd1362b674d4a8cd9c71aba27bd3a5f334f42100b27

    SHA512

    126ca400f73be60f32fd6cb1624f053372960b044e9f24bf27bff1dc1330328472a80ce88e8dc7dc9552f5b20fa4797de685e8f5aa02fcec15381ae23e1ddb3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02b61910d0481a16b5e16d3027d29e13

    SHA1

    1a01622e0b89ff3cec900293e31baf6d3d3897ed

    SHA256

    d4e068467022c4c993848161179e3d963ab7be5577fd4d57547f66bb9fa5fff6

    SHA512

    3a84665d396ed605f9ab412e991cd42b90e517e60a86f75659f9ddc56d3384ea0c9bac50f333eabb277d2d9d6ccbb245179a2d2436e00d892b40790662900e83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f2423ada5dd4f025536ccbdb42d287f5

    SHA1

    9b99a7a3ddfea51275cb338272f669abbfd89ab1

    SHA256

    48638f00d8829d3c1d43d84c509116efa4765d562e5e239a97ac9b12d2926160

    SHA512

    250a47919e5327a0b5f805d6417d499fdac849460b3efc074c934473d69fa6afcdbed355f9012d639519a0f5f3db1a770b9ee62d785c819167e851c9b2979df1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2833abdb7eac1c256428ffe639a4ac88

    SHA1

    9c1798e7becf7f26df8a69cc5c1bcbe35381e82d

    SHA256

    793b26b5f2b0ba9d0bb49dc5dcea62696fc0ff16e77ee8ee88554f45b0e52ef4

    SHA512

    2b55796e801689899baf706a8e2f6fe4dd6873e13f999ca0505ac11d5fd692221bc79a07eb378e1d481dadbcef51f2a217bd712c400b4995e17e2b4623bf85be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ccca2993b65192e1b62a242a72f5453

    SHA1

    5ee90b79f771ceb6769f293387b890b2030943e1

    SHA256

    065c712ed0e99b575525cfbf2e50beb4fbf54fe1565a25d714e08c30e9145029

    SHA512

    a5653824886c34a9eff2d6f3830031c484672d5261f90737189435a6c332687eaa378fea1ce2ef7f82c8550059ed5e6ffe9513b655a98e44c9457cd2b6979627

  • C:\Users\Admin\AppData\Local\Temp\Cab4F4B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4F9C.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a