Analysis

  • max time kernel
    142s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 07:18

General

  • Target

    4512dda763a0d969aa57c0fff12cf13d_JaffaCakes118.html

  • Size

    23KB

  • MD5

    4512dda763a0d969aa57c0fff12cf13d

  • SHA1

    bd0ad983d0082982cad3f2e7b9f5c767f70aba2e

  • SHA256

    fc99da3f64af2c8da62bf919ac3c8981130208dbfa7c3cf66e4f583afaf45de1

  • SHA512

    d105e012630375c33cd0352979360052c1150e993e5db2a77cf0afbf96a6bbb83e7a5ac8356a238cb814b868f8dff685ed39c0c2c54aa912fcc1e6797c7507d9

  • SSDEEP

    192:N+So2Vrb5nInQjLntQ/DnQieTnQnQOkrnt5qnQTbnSnQkanQt4MRnFnQ7XnlnQTC:USoQJQ/eX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4512dda763a0d969aa57c0fff12cf13d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f87e1926c18ccd2c554f0eb6ef6eb35e

    SHA1

    41552cd028c8f486ebc603aef08bb980390bc3d8

    SHA256

    950cf4636c7b48be8a61b09790fe4ab3cf99359c6eb6d89f653848e43ed55976

    SHA512

    df69af9b8576ff62e09849182d3d039ca4bc24b8b05b2f3898210f8acadcc7d4d2183c92a13d442411a3ed362c78bb26664e102b907dc0c993fd58b51bf81f9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1005a2391df17bb06bb9b7c6aae20759

    SHA1

    52d3965a498e9d078d497676c1a2d15d09415859

    SHA256

    cadb8c366aa79bc55417e205dacf345c8fae32bac9aea9ebd3174512629d6038

    SHA512

    8d3d5dd7b1e1ef0f978ca0f4926f1e90cbb75374967576128c159961066c591fceda6b8d30334a05f5882ff4957b868967d9b204c87b9a53901e78486211d6d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    38693568b280603b057dd01bfb6df5da

    SHA1

    d4f3f01766621f1e2a3f5bcc9774927319fea81e

    SHA256

    9cffdcc417c20787e5d58b6c2d828faaacb9b81b1ab9b6999eada231cd3e59c9

    SHA512

    42c4698532fc942ca60a49e9ea22341632c1c49eadb04ae6f128dea5b0f318fb30cb6cdf864e5e6f6bfbe53d5f4e763d67919de7e33d50af0be359044ab23e04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b7bc1b744258f23f4f3094664356a77

    SHA1

    80ded1c6a5b88397dea0b168daa3e3320969c683

    SHA256

    24af0d809e7796c30b12bb8010e49b7f924db6929e5917cc4e9a65605632d09f

    SHA512

    76274a3cc3d2ff94e02493f5f8d2aa0a641cec74292347c018d017e0f69532e65a2e195fe39ba9678e5d69f9ab6302f4568631c87330a5b32fbc4000862f8ed7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20082630ffd9f260d016419ae44fe980

    SHA1

    99d88d600c80d341067be3198a5276c0d4ca7f88

    SHA256

    ea88797ec298d41dc595d00ffbaca60716ddd91657575e7c7ef00461580fa719

    SHA512

    a98f68f0e50895625ed3441f4e9b5fc1a9c6dbbca30742cdac5820de7cf19bcba6403d735d787051fa356a47b3de3cd7ae5ef858fef09cfe79ff700cee5e8dfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d0993d7d2b1b15af790c9c5071b67584

    SHA1

    19268d32c19b0ac6b545c510b5ba3765247c11c4

    SHA256

    eb0f686f37972088c306f9ff914b9e1c3bd91d728a8fd3ddea203dc19d535e1b

    SHA512

    28e2ef00267eb6c72454b2466e41a3ca6763d8a596a37bcc339982e83d93513ffdf17f5c454505b7680aeedd0cebb274cb9d7127968e5e33c90cf7e59191d8a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ee2aa3068a022d024b7b2f9c417f9ff

    SHA1

    ac9c60bd31dbf24ad3f396cacd1ca2ae4a9ae343

    SHA256

    4419af3ea35c2c30c5bef0063b076471f41419a4aee4b4259a3c4db330ac3f33

    SHA512

    de2dbb1c37c9c04578aaf5f07be5104879b94a710235159fea33db881255dfd3446864137feca7dbbd860c48e06c64ef6d8490cc79323b1d6096f4c6d25c10dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    14eabb9a6685001e9859fbed545dffe9

    SHA1

    d181080c11d3f30ae2988370099a9d6422cb86fe

    SHA256

    806e4030124108f338600e142c9c62c6c138585adad1a0a7ef8da41c2b4e30cb

    SHA512

    69bc56f631f7dfc2193db60cc0cefc803b8482fc0199bb4cb14248e0692cf8ca2f4bb8717dc232aa3794c52582c7d746f4e675739d02ae968e6b59a1fbcd787e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b0056c2ff6517e63ea3b4ea483918a76

    SHA1

    7ae746e863cdf6cabd84314a9914883314af5a7a

    SHA256

    b31c3773dfe870ead2c1dcb8897fa972d9146d31afe73db9325630eb488ef48d

    SHA512

    8a438c7f79cb19a39f2bc3df9bb2d37b42e99f10b4517ab50dfb08f0c8e152559a577be0b46f724ef91cdd347e6a6372724b23fe2258e5a8ace695d5dd85dd1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da77ef9236790dc7ed17f5d7a3323e2b

    SHA1

    b2b0c465e3d61057dcd17eea0fb8966f80dc0580

    SHA256

    27da14c5ef8a653a3c4ba49caaeea793956ae2c617a0a8e12d90829b013de771

    SHA512

    8baa71d292c3c5bcc3aefbeaa211c6740413c000a14eb813dbe43ba433f1371c81b75a76810f7af4eafd2d2af7da3c7b1a1a5c03e6ad505137e6c15a5b2238cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7c49687460581c97614e8724489b366e

    SHA1

    07872a4c2fdf49db300f4decdf2b455f6400ffd4

    SHA256

    52d9aa203c66f1a1402338c7331fa5e07b5278440afc4e3a2e12d5f4d69bb68c

    SHA512

    7f030e3be6e9380377aee365f0a5c86012a08363744c47502f4a954fe899e40e5820a47f88b8d23bb6e6140a6739713bf3d17f0fe6753b1d23a327979f773705

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c785f01d873f7b933130cc7a9cbfc36c

    SHA1

    8f04aa3215d9db4203f9b4e03eb81c341146a2c2

    SHA256

    97967656b5a6f6cf1095f100339bc1185ef2f3d8437c7fe2fc69db972a702299

    SHA512

    5445e93814e80c4fef984d14be42c96ddca88b5b01d2ea10bb7f6536bfb30cfb75b34d8c1514055db221c617e14e8cc4ea1289fe0d82a1915ee4e7b462f65e02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    66852bea5efe3558688b8efef0e7ea1f

    SHA1

    6837888f54d2036df335a544b348bd156b93e130

    SHA256

    d3f3a426c76c896b17dbb27df626a4c4f56f00bb106336b368fba9084243c0be

    SHA512

    b7a9db4f5978422337040d560b3b64561c05d9470745b65bfd3a9b811e82fc3512d1297da1f84ad8268726041c585fd3971460758c62df74b4b0b58367e2c447

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3fc979e1844acbe253fe9e77ba637b12

    SHA1

    02c2efed05e2a0dc35abcf79358afc66ce82d102

    SHA256

    74b337a720ecd041a653cd4d744af8f04bab95bef1a1b9fdc7f881858e69c6ea

    SHA512

    252b58fe9b396d021b6eb9938d59da2a9266de7da395ee46ca14b01a2afc5df2420aec82ea6627fbb68e3d1560895bb27142882b3c4dcfc1046c3b90a3d7b673

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2b3a032173b8873186c12ba68d4a8fd

    SHA1

    954574d20b8f6a1a6115565346e78865078e7249

    SHA256

    6faab59b83732de50a621b41a6869490a474542be808f6187891e87b0345f3ee

    SHA512

    7c8b621eb2ebbf8487d685d04ae83003512dd84fcc8705f8860167d2800e885f55e1c8403e9f10bd4265c5b92b922cf6bb544d890b172c2b6407d6e00e1330aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cb3459913fb32f9fdb98172dec4b7782

    SHA1

    f32717ef08629f9bd888c6fc08d9386faabf094c

    SHA256

    ed017bb282bf354c1234d3dd57b953aedae17d17e181ac76ef2bcd00c3d02f9f

    SHA512

    cef33eb2d1882c208d437f58e105e3bf3aaf1e0c9cdc7c972237c81f41ab20a9d5894e16c19362a3f04e1883376956f6ed0c63256be81fa785e22f26e62da89d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7dafef034bacce90fadf1cef6a47de25

    SHA1

    f9e09e13c1ca6c5bf1217f1ecd4207a6bc4ab401

    SHA256

    c713b3a8cd955c220d090933666bf75e04df06bb43143c88e705846db1027bde

    SHA512

    31bf81eeea4878450c69223b7ba7bac7323ed652ff77f310d8c90e01239b2b69e28d7eb75c0e28dd64b602c63ef2aea0db4f257572cc80bf5ec7dc0c86bc7ff8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee08b37eeb35551071014953ca140824

    SHA1

    3fefa430e3556838facd4c435737605f37ccc493

    SHA256

    22fc25ee3a64149cd806211bc8817affcd29db244ae8c48678fd71639a45934e

    SHA512

    3664844612cf5ac2b4ccafc11f4b926ea666622b423c83d8710aad301b25c59da965e84c601e195bbda43a74876d25af3044559514b9dbdf85080052e95c25de

  • C:\Users\Admin\AppData\Local\Temp\Cab36BD.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar371D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a