Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 00:33

General

  • Target

    5c488299cec6388995eeb2dd30118f1c_JaffaCakes118.html

  • Size

    34KB

  • MD5

    5c488299cec6388995eeb2dd30118f1c

  • SHA1

    b871ba80a31891d590347267b05074f6fa9a9fad

  • SHA256

    49c9417050dd2ee8bba42f24c54e1ef77f440bd1f2f185bdfc33bc46bb607c67

  • SHA512

    8358f9db176edf53ce11ab1c1e66e9a5d99ce45d8ff310dfd84d8e30cc009d23cbc2f0b60a08adba9bf477fc6279a0f1c5f6004168c95619f37a560d079c25fc

  • SSDEEP

    192:uwnhb5nbunQjxn5Q/ynQie5Nn23panQOkEnteEnQTbnJnQOgfcwqY+cwqYCcwqY9:/Q/k37XGI5Jy75MKRPrLLt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5c488299cec6388995eeb2dd30118f1c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    652c139537c8f3130c4059a4a3628677

    SHA1

    52cae44d742baec5cc614bf586781973d860ce09

    SHA256

    19bbd8069eca4518635f02236ceb04930b6db82e652fbb333d0fd26e367dc4c2

    SHA512

    d7b2ab05c338d09372feb5dbc14d95b84271ed029a23e5e61fd11ed24c0d15df05cec45775a393f3dbd4e97baf470cc6ecbcb3c2cbedcf31ac8a85d48a0b89bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d79c269583b86d5c78213fb9083b07a1

    SHA1

    bfaf6c98d759085b9d8365c9db420f1fd94d33ce

    SHA256

    b01c58611d23aaa2077982bc5972519e0b9838df508c9ff561a9a45bca4f8ff5

    SHA512

    9f5ae07916a81061889c92939be5ad250f419d150da5d468e897d91386c2c15f3dbe439aca830435df99cf9fb89bdbd28497c7bd8de95d587396497700a2e2d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    569b55bbed6009175b5d76072ba924f6

    SHA1

    4ee67a4014f881a6e21afb187024ceac0cd2b6b0

    SHA256

    bc06f10f206438822867f480ff6a376496b574664d4000b65de1e86417d19125

    SHA512

    a87800fd7a4303188f984bc2c332b26e94b809902f8dfa435afa0370dbfcd805a5540a255d9ec5717de54307eae252d65e64ea3f0a77e8b10ab1fd216efc8ac9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    05eed5270d38eabf59d14b2a09568abc

    SHA1

    f7f542d8bcd305fc69c7f4b0a175e96e51facbf3

    SHA256

    0f3a2d73a73a5ebb3b82d86f72520b10607cd34f6641ba292b90613a2c9863db

    SHA512

    fd9cf2c421ffbef930cde2888c79d6de387b618a4683eb30eac0663e94e1d59be9349465971eadffa79bd8dc1e8da0d55fe13c15e873ec8e9f446169803ad343

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    120ae00391ca2c0fbc260c4ef0bd3f9b

    SHA1

    2acff322479982bf638114893ddab990f3cee270

    SHA256

    3dfb2365829676487b21c412aba54b3be7ff20ad1176e5c46f3bf4197da02528

    SHA512

    164079bd0446aa09c08c62512f08e6c030a745c1de471d5be78303b71d7771a6ced876ca729a7d54b31ceef948aa1e0dadd2bdcfc87bdda2c305f7a06fa822df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0634d7489bcedcc08e4e62097caedcfb

    SHA1

    7444dfb5a41cba9d121c38c25c84e5b5e9e5e346

    SHA256

    1eeb8156824d518c3a3e93e5d61dfadc4e89309a990c974e21ca99200c006784

    SHA512

    4f4b92ddf240d147df2de74c857acaa1a82de2b837fe1305e6ecc8f23679f012a14e7eb44dc00f4da08b9332458e090a9d9644ec4ce9c75e96ee60e69b0f94c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34c93e76918e84155a25740a06d4334c

    SHA1

    50a8d9708d508f0682d683d8ff095a8e956285ff

    SHA256

    63e12926f11482f1078d1bbcd84ecb11d97c2fecc751d00ac88e8b320611d618

    SHA512

    0d6463acf5b7ddac249c2e5682344e982419d942964bed8a8bb5a25f125447f1a9d5fb0d72ca2f324bfe9498a367040d99e65424961b58d034fafd0e8956e3f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bc285c0f76a7b141269e319008da415c

    SHA1

    bf84d80edfb5f0637c2616a0f3366e6fddf290c0

    SHA256

    36eda5f668af45df2a5d3d5db6c9317c9abd7d7f5167ce0b111f5f3b6b55452b

    SHA512

    7af89607c0bf293de7463aa74ff2495f564b08ff46702485c62763087794f4bc9d4bd719f21d457b5be2cfbddd7509e355b2cd4f4ff221413eea7bc5f0d45a53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5bcc756e5c38894f123a01ead6f3e5a0

    SHA1

    1363e78e7ba12cb127bdeefcc0691c208d87ecb7

    SHA256

    233b1420d02abfd921b5f07ac5eb9a4e9abd28e99ae118e9709cd09a5a3d0881

    SHA512

    90a9b80d7aa21dec1253d7da2971a6bbe0f78e97ee849c665ffd64de9c29168722fb2e663777b2b188bbac1e9a5997b219508d3709f718ffd377d8b33fa51acf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f0f2f4b0dd4ff8f0d36d6eef6ad85dc

    SHA1

    7ccd5508ff2e4a4bb04eb060bfc7f8077c74b269

    SHA256

    fe17d300c15a432d8ba4ea2f1cb6152f4eece9e7ef14b19d82456e34ea76c12c

    SHA512

    a921a4ec5f32276a75ce64ad87b3b3e3890cfacad365e610844093aeb9b816eabb2400c5026180db7e27299592b6e70d0c21dd9317ee274a3911bd9b88fcfff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    617e6d1210e6a2c7fb00541fd27454a9

    SHA1

    4105d5bd23c960d4e70ebb1ab08fec73e00888e7

    SHA256

    5cebeff1fda48206163db1cc4a5e368616996cac28cd77bde26e861b6850c960

    SHA512

    e8b1883b6bc4e3c17e067c3b36a6f1f4381c2550dffa88bae94c01ddf60571fafb87c81ce30d87199333a272b0aae009ce003abd2f6ecca2364e4e3539eba845

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0c069cd99aa5bf38fc833ca7301485fe

    SHA1

    bf0aca2397f3e2f523bedcbcc98595af0de14f49

    SHA256

    854dc7c40547cf45d3faca03e47c08f68c3ae7ba5b52f7442f6d1793a73c598b

    SHA512

    7d8eb00d409849f8801b144765af0e3d474ef7e7f0d4ae4409ef4efe01732d468fed5c9c0bd3fa62a1e7a1e3edf81b524c55af08802774ca9815ce16adf6f01a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7a339eeda07951e12dd1b615f23da891

    SHA1

    7422c92efe7c6ba66fe6064de6491f896fd9be5a

    SHA256

    bb8135f8d5eace29e23a5ef2410823d6f65203d5e75cc1e9259fccd32f479fea

    SHA512

    e98e33f3784f8c7e63a4579ce0e9fe573ea24a5e9224c6c85026765e2ba4f9475279ec6d7bbb5937c6d8389f85b26f8327b1929951731c947365e2281cd29711

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    822fb5ccfc7ffac8a81639b1638d2b46

    SHA1

    cdfc4b5a7d7d30e767c258d7481e9a37134f3263

    SHA256

    6fc10a63555c7930ef4d94ed1159cc1a02d0275cbb77ba319b62f8d91e9da99f

    SHA512

    0d68cfbff71f9f5cdbd31663cda9abf2ed132d70c54f9c5bcf498e2b3d0c7f3050b9f061b7af3d7aad434ff35a513b50f53be074d5953f3eeffba7640a154837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ee911b259e767588544c243107ed0e65

    SHA1

    d8ad8d04d936497efb40bde6e1b785fa6e299fd4

    SHA256

    e60d94b889d9ea99309390226d74e80fc84975418875479f82e835d84fa84723

    SHA512

    8e61b8af79f80367cbc6b296ed8dcc2a55799a9b5aeb94e4a01cd26e5a70f6cbe271278648b06bedf67205fd5f4dd6d169aef38a944e5be95531b285c5008b2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a59b4d9f10043a6d260c2af63476d78

    SHA1

    44e2387e06b7b184289ed661373f67a276033b9b

    SHA256

    4d5659a594f7f48ff458f78e5dda173432996959919dfe2213cb013fd2a55b18

    SHA512

    9d97cf948a1d0476b738f516d6f3f3ddd6173e731661cc748a332091c4cfb17c5b2df069deb9d5ecd604fc01d5e97a339f8bef8abbd5b180d3966d2edb4822d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57d95ed7106a8d0d05c81838af640cfd

    SHA1

    8306f591dfe531766ecf6f3f386fff37fae0394a

    SHA256

    869408a76bc38a3b2310ba1aac1bd568449f45d33e6854050c4cfd8fae09b4d7

    SHA512

    7917c2222e3dda94f3a8aba2884a473c96d0a16f303d9b28e5f4ae4902b9f366de246c5e2eab1686e4804224a2a0699ba20018c2b1123b253e5444fa0f854b65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9d4e0ecb9bcce26fe1c50bc447c7dcbb

    SHA1

    321ca581c9d350d183afdd5b9479ae9ced72791d

    SHA256

    d16d0e0d9712c5f6d628f937920a8efb37c1b1e3a986d6fc4d578cf98c0139bc

    SHA512

    c20866fd8c5c1520c84db11f1048dc6d43fe0a5adf031844ed654f9da9a3c9231f0818a5524db55c0a35d6e80a273fda7f9a2d8b077dd2e42cd4242193c4d0d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    737c687f2a63dbef165b860e71c02656

    SHA1

    a9111356f98b2c164e04da9ac645599007e25df9

    SHA256

    a4e2ee98edcb8129a47fd0f86b36f80a82b6882defce56120f0af9da43e8ac29

    SHA512

    f95e59a43de2e8f63e1c1d2f77b27c9030067995e0ad837b073a48fe45f3c916a86e2e53af5493632e2c16f5609f75d49bc1225bdcaaf9a6e53a90c5ee61fb6a

  • C:\Users\Admin\AppData\Local\Temp\Cab36EA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar374C.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a