Analysis

  • max time kernel
    137s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-05-2024 11:18

General

  • Target

    414bb1fff4d10f1bf469f4c0217ea010_JaffaCakes118.html

  • Size

    157KB

  • MD5

    414bb1fff4d10f1bf469f4c0217ea010

  • SHA1

    9b7900fe9476f3446f749a17399f38a92b8659a1

  • SHA256

    bddc9e637ff20f81ca49983018c59a03bb61c7d49eb6443d34acac8a247a4e0a

  • SHA512

    46d54b4ed493f5533ba0a1501504c9e46b1583d23ddab381ec5490fa49eb1cd0c4a78e79733c7f388597137d870ad7c2f4d07aac2e37fa1791b6d3a594128e2d

  • SSDEEP

    3072:Sn5o1K8DqvyfkMY+BES09JXAnyrZalI+YQ:SnSbDq6sMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\414bb1fff4d10f1bf469f4c0217ea010_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2504
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2504 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1742d635e0ee0904c35b055a5b1dfec8

    SHA1

    0452a5772c359e511326ff645e396063f4708493

    SHA256

    19d27f0dcdee7a261d178db8819bb9cc922983329ff46955e4e1dfe06c005f48

    SHA512

    9f2db91f81ee11aa7b675ef76ffc3f64081fe620a3becb98fe0ff46029035c81f8fa35c82fffa4a4d91e4e4fd4643a023d5a796cf4aec5ece780ef8488c4f6ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f447d13d337291a5bdc05b7f1b94464

    SHA1

    419cba97678624ad1821a620f7a1f7e6b8392f58

    SHA256

    c0e088eb1aba9ac7075b49b225fe07253531e2ce499a03d5145048e5f354e6be

    SHA512

    35ba1a73e60e52ea1a7cd000230ca2a7d758190ef840bde9312c328a2acab11f61e99ee6221e1b57fdcc5605a1f46e5a672159893fe867f508f93354c030cf22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4322960944d315ed9046d7d90cdcd3b9

    SHA1

    18b9e8559a6ab81317b29ac4ce711bb25e30bf9e

    SHA256

    741d3174f23dd724e95a05ffddf17f39792005ded7b0fedb319515b203505a83

    SHA512

    655558790256b6fa162a6583bfd186c4b60680bd22cee36a8405a9ca10abd25cf9e13aa51a3a33b36d3a6cdcb2fc02c3cad3a8869cdd383987054e454411623c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    85fdf7a10ca2542cbff03faec29675f2

    SHA1

    555a1c5c29eb5681ebca186299527191254aa289

    SHA256

    ec83ca0cead47b8452f1cede80ac1d4e545f69170eb8e21812aa4098f3b64ff8

    SHA512

    3bb643d5c6417ee309585f7ab505478ead129bba0ea205fac61a96ea4fc3e213650aaf0cbd84e5aa11de02473429414c489e6cbbf218aad48338ff8475788966

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5cd1a8b29a35522abc391fda56c00749

    SHA1

    f0dd0f9922d5d4b52948e5c36189d063f950c367

    SHA256

    50646be2e1f5a773e9252f49efb18c98bdcbd10d17326ac93db5f5919bf5dc5b

    SHA512

    aabb31c439a3ff3f9004eebfb1c24b3336268a9ac98254a63e3ea1b452285a736ae87e1a6961404c8d9a6d20e58a16832a2e5e91006f042307a456d4ca9a4891

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    995eb24eb65e1229df7909d49f13ec82

    SHA1

    a13d0d45fba005a08dd40bfbb9693f2c47a6792e

    SHA256

    568f35a437188d7bfb1fad780075c35c0ab2c11d3aaf2bb2e0e7e257b97bc481

    SHA512

    85a6df5609f5d9e2317757a198afd9f4e991415bb2dae50cc784875561be1d4980869025c04fc67268c193c4ab0a93642941afc354d572fff7dd02662fd72caa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d0eff51f4eded4e48b36e2ff1442fe7

    SHA1

    95feff0f1a0d80c1327ad5d759d4267e78c2058c

    SHA256

    9e7b1c88ce8a9d5231c6f35a0167d24f13eed0f4ecdbdef58fb794d33f06d407

    SHA512

    be9d2aae9331be3994712f3f1af58b50c07e59bbb95d28ad3f073d84727da30b96b723c559fc6646dd8cde9797563175e9f04112138a195dd8cd9b5987968628

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c4f842446b3bdfe4a7f35ea9afe4b675

    SHA1

    b17758098a0a08de035dd440f831dbbc923dff1a

    SHA256

    7f642c0e12bc3434347a770f2608d7e85a86fd287840456aa8443203ef65753e

    SHA512

    af190e507a17fd834e5c58a54c36e7a37e573fd32a9fcff988795e96ac359a4711d9b4ba42f21c9cbe7704e67cd3c3f4acfa3cbb10197c9e479aa82f93a539c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    396ea449c0af06a59bf487de017dbf10

    SHA1

    a71ee7daaf6108f6340ee5eaa72259a9ce9f51a7

    SHA256

    706acd184da9f242d35bd4c96a13cddce3f2c9334d10455523a4cfcb635a8a90

    SHA512

    b3d40698bc03ed5cc17532bd09d065722ed6ab9fdebdaac54eea7379c75be12b56cfdb7879d886ddd77fd6a50bcda43bdf60ade05a06086b7ac82d6d5a0c598d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdc77e925b4619f067550956bfc8780a

    SHA1

    8c411b8d958efdb2de51bd91b041a4e4c3e6df0f

    SHA256

    2f176ad7c3ab8d91bd46cde06980b26bdcc547d7be57aca3349f360710b3ac03

    SHA512

    c4f033797f6a8909c9efaf6dc2772248ed489f45f66a26c63c56ad5deebb8d3be17e48c6126ace192c5a6996855a0925eaf789c4f9cee16e34d4a3ea72407985

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e8d25b0c45e597d92fc9e0bb0ea27205

    SHA1

    7c09b3b78ef7e4633184d2c6e0042d320794835d

    SHA256

    a1805b096656c3f1c9683e487a3d1450f264562ce707214636f1cd7f6d097277

    SHA512

    a7d80bbb80a08beffbcf6b85043b69b9439bd154c69de9e9fd4c6b0e9f2052af3ad5b9bf8519d9a8f2c9725dd9a82c083fbfb9d4317967a5d1fe78f863ad7cbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    502b442a595a95cfa7f23d8e80c952e2

    SHA1

    786b91abfe96a9bd1b3bfa1553b33731864811c0

    SHA256

    370daf249d6fed72bc8e84d2390274c6f6c0589e3acbb3068b511a85ec808ac3

    SHA512

    36ef726dce0d789960306a576512f7b9308cdc2815a6f54d6da62c37758d683560dc3c02d03c42df50f5668ad78744fa4fd971f5d1efeaf2406dc2752efc24da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e4224d2462371f9bdaace9234cd53a5

    SHA1

    346226012403132be3d29a6203c84075e2ffed3d

    SHA256

    f7003cac6495844f74b78bc7a621d939176f83c3abfb27dc2c56657db677fb6a

    SHA512

    daff45c2689752724e2a8fc675fb49dc49bf14202e153515ad944c88f934083b3e80257226eb5fdd369788d4ea4d5a33e90030fbb7eef4bd6dc54ce8d1e287b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b83ab9c85166a6b8d5c7210a8793aa73

    SHA1

    06d4d7ace800456b99b49532d974ab0e47e65669

    SHA256

    45b80548ff1f8bf1f1e0e84e0290fa250e02ddbdeafdd5d30fde75d988b1e249

    SHA512

    6602ef4865e5042c416aeec9614a2a03b7b6dfffcdf7c698230b4e876a26a8aa6fe58027131cc8a44813ec6c47e8ed6b834e1059de8b15ea1424fab7343e25f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    06bb92a1f9f594128649fd36b962a512

    SHA1

    74bb8cb5e1b4ffb0d3e5f2941b0dbf6d05e225e5

    SHA256

    0c520c0633a88e2156665348565be96d023300d66b58235398ae13fef938a742

    SHA512

    4ee10c3de0908f47a768ebd06589b5e6b3bcc4b56ee5415e611ba5576c2d642c9f70bd2c2ae2c26fdb09908ec5d5c1deb75167d58fd56f71a0d70007a9bdadc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4cf029ef20358d405a1ebb9580854f1f

    SHA1

    9fa1ece153574fb850350fa13dccd9823805ff59

    SHA256

    e3375014e845d163de37d996d2ee6b24a0c011157509c9e70e0ba3375fb5cbaa

    SHA512

    74630fee1f7d6da564494b1a7b77c6e28f063fb5af310f787ebc73d2a0e043ba132fa33b683deb7d016f18a5b5883dd06ee7157f0339296311e9b97bbf626221

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    25c3fd75c7a2fa512f671598517e3a8e

    SHA1

    b76c02d2e27155e29ce63453e0257761537be383

    SHA256

    b828308600f96560a6d9986dc48793ca635100619628310f1093c3657e2aa2c2

    SHA512

    60d0dc199223246f65cadb52798a6ffe1bd7811936c4650eb3f8ee48283d2b569f7abd37d0376ed088aafeaa7b6e23fbe9fa5a8cce9ac471831cca816f9dbe61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae6a28242e707776482b5868939d5750

    SHA1

    ac5fc74d8944261e621d2c871014585aa2036915

    SHA256

    c30b4cb4640549b6d927e517a680ff8459cb3d56fde116e8bf6b042ce7fb690d

    SHA512

    455521667710452851edc6abddb3cdfe1ee2fd5f7d8b6dc25c81d2707ca76827f84095a3966494aa9ee579fd6f32d941acdcd917257aaf9433ca39d44018d256

  • C:\Users\Admin\AppData\Local\Temp\Cab9629.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab96E7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar972A.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a