Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 10:55

General

  • Target

    4fa4203110e65e31431ca18b77ecda30_JaffaCakes118.html

  • Size

    461KB

  • MD5

    4fa4203110e65e31431ca18b77ecda30

  • SHA1

    0bde5faf85577fdd31873bda24bca85fefbd2775

  • SHA256

    0ec1c9db91ef47735d90b997a99a1da734a560558d774e6fe70a6da0dff6f58e

  • SHA512

    66fbd630df1f85474b1620e2db3f7ae58249f4f67ef5cf28450707b4c6a98e5e4ffd3257c4d05407e8b74e5b84d8579b7227f550599464f59a80c3a9ce40da0e

  • SSDEEP

    6144:SnsMYod+X3oI+Y92sMYod+X3oI+YBsMYod+X3oI+YLsMYod+X3oI+YQ:E5d+X3s5d+X3r5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4fa4203110e65e31431ca18b77ecda30_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2496

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    272287ee05b6e30a1d88e7ae380ed14f

    SHA1

    7cbc700ae343ddf8a930df980864c5061e968272

    SHA256

    37bfd830e6310ac9e1099bce5d0e0d86f6c42e4e143b8bd35d30983437488ac1

    SHA512

    b478577f47c13d8049ac24a6b4cb70f9382a6907d447eebf81fe95981d0b2dc992231146c2194f6a68f519384483eaf7b69e80ef87add19cd683824e09e6cabf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96f590519b8c89d8f695a69b4852ac4d

    SHA1

    6b5454913e1803952a9214005c54dc309b80dd32

    SHA256

    371ae9c279cbd48e7201348a05bafaae0246d58fc9ec441032cec27d57ea56c5

    SHA512

    a8a6b6c085775c73fb5ad2b17fd7253faee8466ee2635c963f34fe6c88bd884e37ac921e9f4763d0481b1bce20ac8f4995f28a180194561a088df1eb9b0510f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1cbe4fce64802a75b122f04e2d469090

    SHA1

    c938ceabbe04d20531abc1f1eeb28113f3844802

    SHA256

    f450d21f3d29ee7403bf6047ca0971cf24327d55b2f7718704f848d34e539541

    SHA512

    27f63b185ddd8088730bb486071b377f9b91ce7c94417cf9f1424338d3d4580abd0df8aff12b4ea171a1f7343ad88ab94bd0e3ad3d48802dac5c369c7ee9a1a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cef73727901bd8250d4b253c72040c56

    SHA1

    197d057c7c711a799fd9fc7f2ea2edefcf2f4d41

    SHA256

    2c9f4b44b6ddcfe96cccc2179a07923d421522429b1cfabc9481dfcbdadd58ec

    SHA512

    06ca58e1d349702db49f6eb2ed588b9c314328c5dc7c567803ac93d061846601c6127be1f0e12019e31b0ff42bbb31c1b31d81e2d858e3cf8840c09a3b766ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77c13e49c17422b6232d884c525cb335

    SHA1

    89367edd08d399ff7e93dcb677463281f9a69337

    SHA256

    867cd91b425246fe6ee463c09b9f68aee5c735b8e04b4d081e1fa25ec703b601

    SHA512

    c47f7ea924018e3a377b0242b46d7522ea1c2ff46cbff202cc2323b311c25bfc8c09a32bbaa385ab867248797cc791efef3e2297a550a4623ad6e36bc1563067

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5f9172a1901f2244d8262cada57343f

    SHA1

    3f5fabd23a6924d61a0b3bd16a5d77e25a33e654

    SHA256

    5b867e37607ce6aa32912cc54e35071ff3e36d842bdda80d83381aaa1ac24b1b

    SHA512

    37513486358b7217c35e2c42f93fedca57324c8af5ccb538f21aa38ad44a936e013a9ba3a9ccb4fbb68442ab4d86818aa9c2b7bb565d9b0b94719057263c3752

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    44e8f56120446feed207a529968b321f

    SHA1

    8446998e8de1e015ad3cf210b262ba3c9ea3e750

    SHA256

    525dc4788707c97375233c1c3d80454979d6f3a92bde670526861444acce6631

    SHA512

    a76c0ac7ec5ee6422f043956f9755865f5cb397af5ad7a1d00b3c3b40081af336bf30ecef5601929a86d2077433e10b84ed329fc7442eb7cc516c29bd34acdd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cd2d5a33d92457bbb606b12524fd40b6

    SHA1

    46698fcbf87bb2f6ea68e6343f28b67bd1f109bd

    SHA256

    2f37d3a685da1137a51cadc22d478fd4714386f76e7e991f96aab334360c37c6

    SHA512

    4b79e18c58e5c40514746cab066f86d3f130b08d069acb4fb82ed9660e9bccdcb59a1387cc5ff5042c164766cf4ad6af378969237cd51e1b712a8ef9f918c52b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c8cc93ce09421d85d037e99a57da50f5

    SHA1

    451fd697456bb450e8b2063dbd8935fa3c3766ed

    SHA256

    f8e28faec03fcb4bb7b417fdf6f45122b0d73614f2033d08ba55509bdf313075

    SHA512

    ad41caef1e8580d43662fc776ac848ff0f852a8c4566aa4d19bba2b3a9d78c23e2ffacc514fda80dab2d9cb412bc239dae25bdec445583880e6b25f41f86c85a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a52a1bd0e4d6112f13ecaa8e10f0de4

    SHA1

    863c1f4fa02bbf704029b3be76201b85b955006f

    SHA256

    0e1e3855eeed54240917292279b5a71816312138936fec274625be4c5f1ec8c2

    SHA512

    0ec08639ad87fe87ad84c0c54e8297994d1aa2fdd40c515e63c54c99e864e1ddd5e8bc2cd0101d3906ce3fa63e80d84cd2ebd44a21ac4f1cbff23ddc39728dfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9b98cbdac97de6ba37a6f9464e110fd9

    SHA1

    1b47a4b9af7faa50acde14ef5603bd8fb5628fe9

    SHA256

    baddc50dddfdff391c704990352fc4077b6d10d0fb40056e85c6ec0340b8e06e

    SHA512

    5575462843ca6c0f232a7b4eb0849f2a768e7dbee20dfc997f9813f9474c4cc248b136f38f26531ee1dfd1264341a715d5b3098e59127dfb121392527bbceb71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c7c6b02f007fcfe98149ca22efe10cd9

    SHA1

    5d3419cb7c9c2a4cce6e5011dbadf71603dae941

    SHA256

    df784e98bb4d4194b66161429e98f13824918eddf49730b64e216fab5defc508

    SHA512

    f380bd8d564ac57e22eee9cbf56745ba37cb11f91d1768fb0135c37237f0f9f19666bd882a08e7d209bcfdf1bf29f0dc3a08383160364ab68ffd6801ea90f569

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c2cd1c2f3ada2df099ff06f7d4ae69a

    SHA1

    02f8b9febf6bb8b3b32dc02ee43ba72ea8b8533b

    SHA256

    b6ed9881a1ba3ca1570fa0d50feeec5ff239c2dd2aaef57950d523bc853728e2

    SHA512

    56088eebde649e60d5f6d7b56aa777a5dfc9996a39c9f1f423db5ce8084eae6d697049919d3b0e6a9813af8dd00ebc51a31773c8904d3a62e60418b5c18e0220

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b3e4c06ef2d1420ba81da02fb1ea37a

    SHA1

    fe1fa1083383c6b5f918115aa8cd25616abed8cf

    SHA256

    1d52ee784b61b5fd36417db854b633558537debf78c0bf258d6028056e1c021d

    SHA512

    b0873b4693198b4c85c2f2df8369b141285d99f1d8b345d4e08265dc513fd6f89c98eca23bc98d7918a55dcfe3b19175a648c08e8ebe1ba88edac3f18207fa54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ea6b6e9fb09f2ddf2ce3006c31392dd

    SHA1

    23d87e77ec15917a18463b92aceea7dc83962ac8

    SHA256

    0e19da0beba3f27cd330f679be5dc6e54c43b9db85a928cb6cdd413ab8fe02a2

    SHA512

    452faf853641fe711fd85727bcdea078edded7d150c3c3bdb24820ed4d12e85c2f654a141be56a8d8257696902d8f47c8768859916134399c7bbb5cdfbdf4898

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83f1d4d84c6c1aec9c15d87ca93e1099

    SHA1

    667f706d7b22f92ef52b2de448db9b7c53e4a3ef

    SHA256

    97011054deda5c71194273dc1e241074b5defb8b19a81242cbcbd699db92468a

    SHA512

    ca9c5cb370cd063c7f42d676f0eef0ed5558cc3ed54abb4eeb68b34727278ff0a2fbe32444716adbf278960a088f0743ca56e516fa9525ac44332422519c3769

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    09710857d8da47424f82a48ba6eb3427

    SHA1

    49b6ee7c3c8f921d2a140dce554f0789153ebaab

    SHA256

    86a36a241905f530533006a097e3e8df8669f44f6e70edd306c68fbb04e9e9d4

    SHA512

    0aabe8e3789907877d4bdd58de3e38d1a1a150e37554f13bbabb0056b6d697b329f02ea0db369fc200fc1278f98c09c66478686cafcd168b242ffa30583aeacf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    382c299957e7c261655b50b1460af8c6

    SHA1

    06801ab124d8b59bdbf6a1b878e793315c19fd38

    SHA256

    f00c25124174e764b49bf16927c7bbf6db1d5aa75b7009aef420d9df7d2c445d

    SHA512

    e701def195391fc9f219a5af43167aa3836b8765673152b7b7697dd3be600aa4ffacf490bcdb88cbf4a429ec8d0607ea36ef2c4c214cc6786280fd26efd9f45c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4241735e39210cca3d3461829bde1006

    SHA1

    638dc126b9fd15dbd1a07e0a920d0a781686ab40

    SHA256

    8b7c2b2286c36ec5337ab927dae19a3d6a7773fb5acf7efb4bf0670ed6f50a76

    SHA512

    3e60f7d663c0f32fa41c12a43422cd9207584a8611468d48791d89a72e0a7dd70bc6b86253f4da11d5aae7fe01efc21cc3a6485312b4d1dae404a0d0e53bea99

  • C:\Users\Admin\AppData\Local\Temp\Cab5A91.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5B82.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a