Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 09:08

General

  • Target

    5e462c13b7141c1807f25332b8fa356c_JaffaCakes118.html

  • Size

    32KB

  • MD5

    5e462c13b7141c1807f25332b8fa356c

  • SHA1

    fcced7d966e246a2a0bbc65b02702be6f30dd42b

  • SHA256

    01770a5df07aa2478c78dc258ca827e7df7923c4a46b318c0918433d7acb420f

  • SHA512

    6dbc329a1ebba1f4bc00cadf8459f9648f83eaacce579d03d95438bb5e8f4f5857a91a3d5e61dea10798afbf9858c7fe6a6d0281d94097e8e12e58c92ed39727

  • SSDEEP

    192:uwLAIb5nEQ4inQjxn5Q/MnQie/Nn2z0nQOkEntISnQTbnxnQmSExGtwXBA6368y/:6Q/Azhrxjh68y/j/NQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5e462c13b7141c1807f25332b8fa356c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:628 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2128

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    924e5816d9e7f274114ae65d530d5e74

    SHA1

    7cf4a9972b01e7d5cde90d80fcfc80edad22f5e0

    SHA256

    911dedbd63c1f267940f3ae999f4fe2aba7e40c5d74722a1b6bf5330c60f1adb

    SHA512

    6088fb5e13623565f1aa0107e624712cb7d2c5db0e7701e2ebfde69e2036e561de16a5e80ebfcc1c1d89bfcb013444979dc35352e7cda8ce0a756b2fd2086e67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b960b0e884f5676dc291acf893ad6ca

    SHA1

    bb6a9ad01f0cd1e5fb657646bce31dfbff809051

    SHA256

    b7eddae5b6dc04674c06a35b95145d4b2b7cc2fedcbeb4a5437892940752152c

    SHA512

    d0765dd6c287c6652eb995dff36942e1b061f914f69dc27cf09c20a4f046d020d3475f917cb04af09f075acf90a39f12c03b073848f7e0af767cfe5e1fb88f72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a5b91a0d035b88c36ccc80afecf81d0

    SHA1

    d265bf19333ade552e599e7c94534f6dcbf27e73

    SHA256

    408a2e1fc804d604b74a04f0a6caacaeede4832182358b8c3781718b61b18850

    SHA512

    d9cc51d90b943f7049680438d2d639d6f329778f40025d4fb97575d26010b98817bdb31291530997db069816fbaf937aa08a7c4817680890dc1d2bf181166a5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e50b2cb53a02b4d1d784808d220c53a7

    SHA1

    7790afcfea6d2287f58e7c3ff80a2da6e4f013c5

    SHA256

    8e9fe7409415e4363d52f564ac9ea7a74c1ade5f8f4c91e0e08134d024a4179d

    SHA512

    042f24ecea906016b724ba6bdd041ddbdd0c9ac9bdf9526e1e25672825df8f05e460dce9d1a894dfe03cf3a3180d204cbe20a102728bafee09155db593cd1170

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fb22320692304dc295319cdda985642f

    SHA1

    9e68d98729330b84d0e223bdcc62a832f486d2ea

    SHA256

    948beddfb85fd8043b10be0418f2aafbcb08617cefe9c4812621b3aba7496bcb

    SHA512

    228913b0a600e65532513279a661d652dbfdd889156f47df9c563af4fca7b5b8fce94d5bdef612ce0117f49067f018da224c8893fc2814157a26b0107d70ce67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    861485eecc2e3c0836be963a47d143d0

    SHA1

    6f07816ed80cec5ec71101d1b51f4376587a0371

    SHA256

    cde96f65dd22a46de782a45689cc7772d5fb1148796a11cef423c06dec990c19

    SHA512

    407ab882c4443ff22f41f0428f4e71994a6013073a85137f4851922b7ec17a9673929884c691edb121d258816be0c54516da93519e2780f3040cf6ba1ee30d79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eef3f9c0c0d9690d7c5e98ff1736fc34

    SHA1

    477ff8be5452f41ef969ecece48a1e470e17991e

    SHA256

    040129cd342da0cefe9ed6562d7dcd1a4dab561f551576c4fc72ff1327196706

    SHA512

    1ee1b1f6cec4405918717b019449ecb1a669f7abfe60d0d9730779cec0e4947a26bece5a090a0e3c2d5019b504aaa42389792f0041fb67077e1b654eabdbebc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a2deea2eae9094ee014ca7df3006b542

    SHA1

    f46130cd87ade4081bc6da2944903104fe883b15

    SHA256

    6485083513ff8773ccdbff0be04833685b3501cf6d78f7220885e060e0d0e4ce

    SHA512

    26b1107a124d1cf13df40b47f8426b969d526a7acd7c22e484fcd430909a451ea2788c49c07b312ef7b196cb75963e56b14ac2fa661c432828908067d52ce21b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fef56264b96fc9f3eb7ca38945d0353b

    SHA1

    905f1398cbd859ded2e1c3b8170c34cad49fcb91

    SHA256

    f775a9a7ed7966181dd98b2454365e8d7c7251a702bd824c7e0ccab5130613af

    SHA512

    65fdecf3b2aacdc18ff1d47cd4536fe21eb0d0312d35e6e02964a5b4d57164a2971057c2a08f11bb54c84f44e307911435e793c092091125ac4aac6fa50c00ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    936d8e3d786c8998447ad49d7c947041

    SHA1

    ba1096b94951b750a98ebe735d7ee5da1ad56fb5

    SHA256

    daad34bf35dbc98cba2d7813aff5492623e6b8e790bc605bb03a08f9ae51e281

    SHA512

    94d1f860b97f91e9233b833e64d0e0bd8fd5ac91f7089fa6fa28ea8591263c2e3f57ef6bf871af8f8287dffcc62e7ec8f51855fe1095769544cb4613ba067a79

  • C:\Users\Admin\AppData\Local\Temp\Cab2FF7.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3119.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a