Analysis

  • max time kernel
    141s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 18:02

General

  • Target

    475dc56c1a19bd260debf53dc55edcf8_JaffaCakes118.html

  • Size

    139KB

  • MD5

    475dc56c1a19bd260debf53dc55edcf8

  • SHA1

    2659ad0a1f8573d8bbcf31e828bc9497dfdcb76a

  • SHA256

    21cf81a58fba759dff64fef95f93e82f53b7f1a4de41bd8b4ec40fcc4dee7bd6

  • SHA512

    b3ed7bb66ef6a7dc690b3ab6dd03aaae9f45e27eb109e96abdf9145a0e5921a252228ca776d282926886cb3247801202e81d619a8b1b0ad9b56719ebf642bad3

  • SSDEEP

    1536:SNVtPhllyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy+:SNHxyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\475dc56c1a19bd260debf53dc55edcf8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    345aa1994c6e121847ff7f378fa25a61

    SHA1

    06e23689856b13c34e8791c5a40edaf9e54f254e

    SHA256

    8c547a2a2f16d725fc58a463a228e2e9b5c032cd9ae67c287c92af0ff6db0fde

    SHA512

    c2d5ee40efbcc5ac17779ec12307e103724e90cf756369db8673cdcae59360d53f18e253404661cb8ed3d645fb7f97b0f4b4bb7880b30ce0c511be0ba05be8ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6fc156ece228b07672a07321bd564171

    SHA1

    72db824b79f3c7943af11fe67b73da41649399dc

    SHA256

    eb96839900789a67f5ed3726dd563856edd1b38094f8aec64ec593de08f9bb75

    SHA512

    079fc7a1d036f5eb0a33458d7c0fa5198e39659c0f7be9e60a5ad7059b7274caf53083043b68f124bc3419a4d55c037e905fffa80b94d621154015bff71c3971

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ba7bb8321eb4dca5c0d0d382bd97e62f

    SHA1

    e6280c2308647f416f388f145a29b7db1221417c

    SHA256

    d9e0c06bebd0b3f4f3987e5a1782635a5409e13b70a8ed7fffd11a1b1abb1d61

    SHA512

    f46332e3c54cc514d543c944016ade1d1ee9f62e13bfed9dc3c4ee790ac443d10c265565e70ea782b87091d163049008df98a189149d374699a98d48a4c044a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c251c2fd55fb227101b2787c177b2101

    SHA1

    9bdaef35dc38563877f5d4efa50eae10d2d254ca

    SHA256

    3a3adfabfd692d752d69beb446bb2aed35cd1fa6d02a3dca86373393d4b19d7b

    SHA512

    f7826ed1904baa6fbcbe9a5c779705b1b763057e91f85a598c923005f2b4e06708ab59d9d7627c7258cebc68a5975db25cbd34fc5f4be75fc3271802277360a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e09867725d6a8820791d02560412107

    SHA1

    b633efabd007c09e5a945a9f585aca710df348f1

    SHA256

    7bedd9bbccbd937c340fb0e67c208567d24955a4e2fccddeb0276565b52a4182

    SHA512

    3d8464b862e34dd9c13b11310ccd78201e60301e0f1ff3b72424b387999f7b5c71e389597593eb4537f197760800275c008ef35094d3ad7bf3348aa55bfa7c87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f5c3590bbcef0009f724c8bcea64cdc

    SHA1

    1920d25901d7fd57770e7d547abeb4cf15301107

    SHA256

    3592da37e5b120aad7932bdf37d5f95b811d9331e2829eac3641ef5a54bb8929

    SHA512

    4f44027286651d4c8b796898016c938c2941a37d895e627c9a0d4558ec9fa1001ef5a42306fea5bebb5d2647b26382a1eabe0b5f480aee7a3dcb24487985b428

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    602ea0f81f032569779dd2d08cbb221b

    SHA1

    ac01534b9f9d4c29aa95751bf1f6a2fa76507abc

    SHA256

    deaf5db49fade79966ceea1b3d923cc426d9abb401ff68d616e87618cc1bf319

    SHA512

    3d2f6f45863dfe33dca15be7f349e2bdb870d21fc8e09c4a153051b1739355f948b1a2697778837f43edba7281895005a49b4601f724f12d07c7d33454fd9156

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5899e24273866a944508d61acc7b3db6

    SHA1

    4d27c09fd34c21674b2c33e4f71e24c11c09a129

    SHA256

    6796147fa7fae821d95654f92a6d48dfbfe81038ca0a1cb4c9ba1e3b0c96af6d

    SHA512

    f73d1a68543f2a59f75a50aad0bb7cdb2412023f626d97f10bf9f731aa30c8b1122874f8bb2eeb20bd615835682bf7d59c19396efb564b595cfe2ca56ad87cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    86c8f35fd03ddee842ace0c6a8b8ab3c

    SHA1

    a09170c8cf3697d480e2f38327486a7239bf75da

    SHA256

    29902312baf5fc46b881983ed5d5c6f37f51db007be46b88c69b0a7fef3ff744

    SHA512

    e3095060583c60aa02639ef60a4808edc31860d9c8acbfbc20689e4bbec84b7c8dc1edc01fb930f5a228cdf4b16a0c858bcfbb6f6395a3a4a6e4d2c76f06aecf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b6ccd423dcf389bfe67cbfbca065b96

    SHA1

    76cef68e8255a88c5aee468b33f122e500031dd5

    SHA256

    f9f87f94bf8b4fc5b5ce1034891e1f3b92438ce55652d8d69d12cd0773ed1a9a

    SHA512

    3596614dfe99527b3736f5708a1f0a9c6595f33ecc2f8f850c3ff4117cdf06b77cccff9446183b1b9449be471d7fde9c40e78d9f685cc8f64ea016cd2fadefcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    65e36d7829e1137c9d6e33892726ea42

    SHA1

    8020964cacf2bca355078efb40c9856d31c80bdb

    SHA256

    addd2f3b328d5fdded44f26bafcf8ac6126fcf818df3c8e5381f09f9a857cf1d

    SHA512

    9eb42a4703ab741761ad7d1e3dde9c4a6e6ff41f0c2ae16f6c9d778298236819ac7090f196c7c7e1f24510b09a2cacffd52434e47aeb1820f221e2f7d3799b90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f9aed8ced3546b63852821aaf9e16e15

    SHA1

    4897548ce4697ea70ac8838fdc21fdd4f8b919cb

    SHA256

    1ae6eed0143c269e44f8cf53f0d9d0cc96f2c079d9fa7b57174843a1050486a3

    SHA512

    3dc2f4fd657d93cd83185f99b5320653e3e1128c79eb2759690a303ffb9e96cebd0b7e8e3641b04f7d4b83bd2bf218c8d3ed9184f78423de4a8706b6fd179dfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9ae1f50a39f070b84900590f97923d2

    SHA1

    724fba8d80d7873d0b55329eacec31bfe02586e7

    SHA256

    6d2bff8c0d2676a1ea7d200df161c9b2dd14db9853514285c98f3df415fb66cb

    SHA512

    97f67ea7838700df47ec88b5512cdd3946d4c0a52c0e110447e90c97731ace89056b66f7b8c1b19f43e2256c7eefd4424dc6594ebad3402f0a658b0ced1d77e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7c6ec803a1b343b812ac4624c2939cd3

    SHA1

    fc275b7108e70f94c51ece453ce4dc84a732d712

    SHA256

    1fdbbf296be53d89139401980b4d988a129855171816b3993e21b02134dca833

    SHA512

    78e02471d219a3ff5d9e9aefe7656ec8fe62cc493706a1f4a404ea2a38b627fd39e27cbdefaa3e71e668061f05ed46b87994879d997da6ef0c5aa70127309ebc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48b8ee8adfd3071c78db34657ab82035

    SHA1

    fcac9276db42728c9435606dabfc097a83b15665

    SHA256

    58bfacb953bde4e407f92e5126007ba543a4bed804773ea5f429ecb60f7224f0

    SHA512

    e9bdb82ef8bfc841d16f07306f9bfd07eddb8903ab3af0b8d0a5f963b315942508cfd677d63907250593ffa1f19452d8338dfcf0af6d0eb96bad79c0d170adbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87a6cbda87d437e59364ea55b5a0bdb8

    SHA1

    32cc87f4d8819b2f31cfbb697e7c509908863ba4

    SHA256

    b4378d60244130530798ec8df4a23617bd69c6bcc8383f44525d2747d257a20a

    SHA512

    7ed539dc0b45617b7a393e8f3e1f9f7e02319376b48eab4e37f0ac64ddd6b6262d4735e62ecdf62ca55a76d2824028bef274f8530877041f3fe036f40850faa5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de11cccf83693c2902d18b3ff067ac14

    SHA1

    efcb54950a19019c70f900f13b5bab78b54f2039

    SHA256

    268e31fc061ff5d29c23697133b44ed6700699629373d123a5b5e33b343b7b15

    SHA512

    fa28adaa445d3f3aaebca7ae692adb6c6fe2c86d1cc194dd6c6cb4b5a60acca8695f63507c350852c3c468c8d83203496146b1f439b41385c91fe1d68610f8ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6fd8cc3ca2d522a182d596465f33abb8

    SHA1

    de6309a1d4c0f762564c0da281a2f0fa5dd6eb18

    SHA256

    c13c4c1800f5dbed32454c10346423f16b603cff37e429501d45c49900dfd063

    SHA512

    615d8edea360a94ac52418e4ad1c3406ce4365a315af279a2347fe4e13511990f9bc60ae34ed2cffb89e05b0f4eb626fbc31d437fbe6ce3ae56500b0f08df8fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc4a9a5d130888788080df08362c4851

    SHA1

    c0b79bdf1b8ba054900a03f4d9c674b2554a65a4

    SHA256

    63d3a71f379c99cf6964b7b89477a168ca9f620f432d98973df73fe027f689b6

    SHA512

    cbe986deca15ab06bec2fea44d47235249437f8dc77ce8e52f4594388a99ca6e4b85ff894be8a4ecfb82deefcdbeaf9be23fda10391f7c8a4d6f5e25f029dd09

  • C:\Users\Admin\AppData\Local\Temp\Cab173A.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar174D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a