Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 17:46

General

  • Target

    474efc3e63f65ca54e1f94d2fc099143_JaffaCakes118.html

  • Size

    24KB

  • MD5

    474efc3e63f65ca54e1f94d2fc099143

  • SHA1

    02a67d047ddbe8016905c60437c12fa904e1e02c

  • SHA256

    710b13d9554b11600f47c3554221f753f76c7895aba1531d542bc3a58e0a0bc6

  • SHA512

    2836911d4394890ed500f8a74d09e1334f8c5750596dbcdc9c8bae8fdee877ef8f21b05f3c4482c69e8690d27a532ad59d70604b109d6ddfa6485e77ab410944

  • SSDEEP

    384:+PamLRIJiO7p2AglwU3wAO+kekMk9MWfM:+PamLRIJiO7kAglt3wAOFlv9MW0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\474efc3e63f65ca54e1f94d2fc099143_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1260

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0f2e624e94eb5f2e32a92190755e7dd

    SHA1

    33afcaf3cee7b91ae1bfbb4d93f02544abc68826

    SHA256

    5bff6f637cd251e34fd1f1989a017055b2f2a22574daab64c373590880c93ed7

    SHA512

    350e85374e66e80eaef18a7776da75fee90b0c3c0914adc834a7d3086519e892668ae5387529787b4c6efbd020918840880b6e3aa14b5896d541ecbcbbd53ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2d5db640a24cf722c065c3fe93aa3f3

    SHA1

    ad96f42216ecf2cf06f1804c86dcf3d38b453bab

    SHA256

    6cc9477a81961acb0fd841b88f833f87287c1f07bf2c9c271c3b39370dd73c82

    SHA512

    9431ef52b8c1682f7f134cf19777bef7fb6d5cebbf9a5ebddf30150890060608a69dd6df71b6539b8a3af50f43867a5eda060311c88ae858943c7740004cef2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    35cb369674b8b58e1838d1491e1e2a1e

    SHA1

    45bcbec7981e28b7e6613e04d638c6e902149e31

    SHA256

    58598b426d770df9c45f747edc79c01736025c2eb8b58ac7a31e9172dbab445b

    SHA512

    385fdd393ce6617e59c4c080d6f0a29d929c22e2d4e87c2c66548b5078e6942904a465665732891180d19cc40c7d26da0213d9fcea4ca58f40e350b7c2a61e61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5bc3b8d5ed4ae13af764ca977df8e803

    SHA1

    8909795928863ad0e24fc4ea7e1d264bd6ec8ce0

    SHA256

    6a2a4ff3072cb23ce7c341fd044df4ce80a711541b3734096768cc9a82d57050

    SHA512

    f4e1a2346e80a50b0c33051afc55297514b39d05353ef961522a6983cf3a8ec38414ce5ced378a04e8441c90f332272c80d2521e1022ecf79cf4ae3b95abf1ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    533999f03e5c631ce690e9eb9be7cd08

    SHA1

    440645ca0742fa1b11e144bddbfcd1010eeb8f5c

    SHA256

    965b068e2cc783b6f382401981879e0a524b22abeb1f8fbf50dd665a8d3ce28d

    SHA512

    b1435aacd7bfedbf785f6c7efa1331eb6be8cc44d0af4b13a51aac4d77a1534bc7deac1e586768222485a78977e4ee14b0cc63566a45511164a5d2479acae1d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a2f4a27ee7fa035ece0661ab64a1fc7c

    SHA1

    f2c13f31af29a8bd95ed17e9273d75e8b03b8a68

    SHA256

    d502178c095f7160709461968b3b6082844361cd9ca03bfb236c894857890641

    SHA512

    4199cecef4a4005f740b80d953d33c3e923a3c03d9eeb9064d2d496911d2da32b05c060544665c164814aeef9cc3bad6515b1f4d7218d64acf1404d7ca763feb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    47734bbbaeaf316895a40c92d5bb72af

    SHA1

    2791eacc367ae46375cbeef0cc09f58acf291e30

    SHA256

    2b4e987b4b85de3d45898bd810337a460b4b20c7eec27f07d721231f496847bb

    SHA512

    85e20c83aaa9b31e33250d554e15fedcf56d88cf2552dec12631e40d5868203e56ea2a788d623799f46e782284ae011cd2e75ebdf0a689f9ebadf723f1a61ea7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2cede2cc945db01783254cb30b708fa5

    SHA1

    bfee591831919c83b03efdf2870eedd1107973ab

    SHA256

    fb6201f6c65c59987478efc593a21d6546166abfd2b2edfa757f64444eab8133

    SHA512

    c67f9aafde236e78f48b9c64f50c55849d6ab7a056611a921b8e61d424f8a8be0872a5494bb4d0c431d7e5310cac5b0bedff3cdf9f5a599bca2970acd2aabfb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a1fcdbc2e0aee671cadf9b1bd4fa462

    SHA1

    8a68a4acbe2439229d64058857a6b78b9d7ecb4a

    SHA256

    6f079e7c543386501663ce20c902088c2644b18cf08edc5ee2ac3448dffdcf99

    SHA512

    57247501bf6c9bc40cfb0ef07a8042723eb93f204fd1781e0d50bd61e6721841f098dda0435e9cfecdd8aaa37a4316313177cd39c9ac47315c6c885c5cb1f987

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2236bc1bffdadaa5eaf73353d206217

    SHA1

    48c5e69e4f3d4db3fd79318c2fb700f82c1205d6

    SHA256

    18469b0936ba67275ebbfff38970b9e6fbdb365c346d1780accc2eb72f91d0f6

    SHA512

    b2d66aca31bbbfeb26b09f0a34838a19ae47a43b6dc30852a7c1b86faf29769b6a38ed7e14162a62e20fec13c7f6198abd451c682921c6f38b9f437cd94464ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    acd22797fb0db42aa431c0e283ec11eb

    SHA1

    eb653866d32fde7cfcd88b62a5cc1755fa490ce6

    SHA256

    5bc567862316410436b79ad5742cdce492ceed7c24fe92e1967e3517df15050d

    SHA512

    1930b36cc50ecf7eb973c738732eedd087dda412d6e8b846e87cca726aa9f7b2475f98094b38ca3d4f5148d357d7a4bedf4436c44bcb9cafa9faf654c424e301

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    650e475255bb476e629f0e761bb4e3cc

    SHA1

    a822a8152d78e08a292df8483c28b30d7bcc3620

    SHA256

    32131fcac026bcceebfc5adb8377b5d80985708773e985471a7821c87f718d3f

    SHA512

    8382f0aea8311ac39210a5fa4d9718f26675f90e637925aa43271ebd40dcb164f92075dc486de954bfc54964c8a6276ebd7ce73ed50eba0b1234cdc7ef7b9dc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dd81eb46abad4a7f4683293b06aa9ca1

    SHA1

    0aa134ed0d5ea48e7b594d46a27e4f71ad06c6e1

    SHA256

    cf91c107a2e4ce507d9a21287fe6d0e6406eb74461b4bcd239e84597cdedcb11

    SHA512

    fe354d2d48518fcff1cfb2e37561d0d51b9da311ed7828d61694a174d4d55e8fc79a9f1a0ee7953350cd1e103fe3f3fbef04d1c6a02db931ad48e69380b1ecf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3cf9bc6f2eec0f13bebb53d484b5de42

    SHA1

    6baf7fe1dbd46b680568ced1158e268fd0189117

    SHA256

    33a5cccb74307b93295845572634ba618cef0b84858d23696dca09d1b40c506f

    SHA512

    56d7409df5e580460fc2fb93def450cf083a4ec1c979a6df36c98c27c641f8995d6f0bc8f5f037339148b653c1539467f94f887fb9949c7b64f13829d06a3101

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eeafab000816752325f9ac19acd6389c

    SHA1

    7e56fe8074d6bfe3c5f1a13a76a63bb3e093542f

    SHA256

    56961e8018e0940d415f78e5cedac7968289c2ac4ecc66482c53906d548ba719

    SHA512

    fb130c707100809839d734d9af4f6ab2334dacec851a8df884df2b4708829fdc77e87dd5c50aad88c641ce156ce78aa45006b9aaccebc86ca934e5c86a99314f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac2bdcfd388822bede6dbed7806b538b

    SHA1

    67865b429e24d3a52c7934f042e6fefae0f25a75

    SHA256

    de7ff4ca45921f946654bc0830567766d884ffb6716ebc920a879e8a947f53bd

    SHA512

    480a44e42f9a57a96a37976a5b8794192da84cd733bfe099a8253c3e801825a570d65e76cb317c2c91f9dc28f321a0890f00d3e7ef34ba8af81378a8ba9458d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93ce96a0e7658eb5d3b1a671d510cb64

    SHA1

    51fa6a09de1f5bba57a0793998d8e2850fcd181c

    SHA256

    e1ab5858a84a98e1a1c50ac286c7a6af93cdb2664a42f8f348d8e24902e04e22

    SHA512

    f6437f8000dd359f58e2a5c242d438fbfdb29848b3471a6361369dd19ece0dd85eb2ea20f4551f67299481b116333b4f77e100fd4ec1530a265ec8765eb0fe20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7bec942c2499007600dd6468a7e573ad

    SHA1

    85988a2c86b50fe572dfb517c3d21a93086653bf

    SHA256

    17b2bc53d8eb33a115326f344c5fbef725770aafd1b4228b235c776949f0ee8e

    SHA512

    bea1b7cc51102e1e02034aaff364d650f276971bdae1d3fcd54db52c2def1d5995f39a00b45aecae827b592a218bd087a9d86c7fff7f1f7919272ea8b83e0318

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3692702cb07bf5051955ebe1ac46d511

    SHA1

    1bdda1c2ba735b4f1324a31bf52c7115e12e4fb3

    SHA256

    c5e071719aecf3795f084cc9eea98656e245548f6da898c59c4feee7a3e794db

    SHA512

    637b9ec965ea0a2e1e7bdc88c6063c640b0e2117d08d0a5fa44b54606df1ad789e12bfe3d26a66f4f84d3825f88cde1e3aeb6fc1d8b9b663fe00d5aafb1c5102

  • C:\Users\Admin\AppData\Local\Temp\Cab238A.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3891.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a