Analysis

  • max time kernel
    138s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 16:51

General

  • Target

    602ac4b4fef7185f7e81c276332573a3_JaffaCakes118.html

  • Size

    25KB

  • MD5

    602ac4b4fef7185f7e81c276332573a3

  • SHA1

    a908c8dd6d844e86c78328669d2d33e86d69c3d4

  • SHA256

    0d3a469ad14cab1498e958a1a602fe8568fb835305042a46effc6689854fef34

  • SHA512

    cc3e47b3e059de7dd98d972b7cdf974403650d7d1d1b98669e6ed4a7f2e6cee5b698e0c9a40b41429789bd7953e4ac90d83a4b4ae58db8e7698ba76d1aad053e

  • SSDEEP

    384:e+gO7w/THylYauIJdBMMI7witKP7ApeEahRKAx5A:e+grjyliIJdCMI7NtKP7ceJvC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\602ac4b4fef7185f7e81c276332573a3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dda65a3ab5c15e8f90bd1d6e9f8e72d9

    SHA1

    14e5786c0c8f13ba6d052e938cb99bc7ec877816

    SHA256

    93deea539147607274675db03355ddc84d4b565033035fb1f9206434e852c25c

    SHA512

    e5a3e49e73ee0419ae5066fa75a51e770284e2b6c145fe9f80095d54b36aa32f91b54d840585ddcd371239892458877bd72511fa2cd06430d0c87f3e21fc3d61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93d0b2004ea71736ecd26daebe8074d2

    SHA1

    ddf63908b6232f75d72d3ac01c6a60137c1443f0

    SHA256

    df85f484bffff437c1a5ad3b7dded624cac2c943f1e74313c41a769f244ef9a4

    SHA512

    d8a5617601646f44ea9b3852ce01915494c9d3272dfab86d8c13e9f82ca87f0791f0f80f6ec291bbf56cf6229cb286ad816ae9502bd70009951612426685899c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9b1e9615de88815a426c99f9b31af1d2

    SHA1

    312f7f973e53fb80985691d805147c318c3aa5b7

    SHA256

    2614226825a01d042d08d2317c3a11ec9b5221943f004e0357b36c778e3b859c

    SHA512

    f7c1a808cc9287bbc517f12a5dbc86ec500a9a8d17d6614265d86178c62d128f5e4e90ab5e2fb4e7177bd071f96a2be0dc37c52afb95dc41f1b2c546e9cf5d61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2fe945f269a361d01b3716d04a113b8

    SHA1

    e88d33e42700827d0f7f85684802e916f64aaaa8

    SHA256

    04985624489d58c5608e20a9854852b0a85e718a0610675992b78aa9c0f1e26d

    SHA512

    1b45435b9773aabc47b2e2c060fe68e7aa52e070fa70038f7cd49c404d5f648aecec248e392a5e6dd67ef374fe55f475a658c62f91ba0f5bdf889618c23f3301

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d311ec5afbfb5a7fed7cb4398cbf1e7

    SHA1

    36ed5ad5dea23056f1a331d5c04635eec7765971

    SHA256

    61384d469180438f4f32239e84734650f7f7fe197c6e952acfacc208ced45f68

    SHA512

    d07f507b0b59f405a7e5c61b1c29cb9b18a3f400df933536ab6a350694311979c22ed54904b1bab89d721e47e5ce546e2f65bec9c05b23346057e7fb1f271b43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ed2fa3fd8a62dc7a850beb6346743a7

    SHA1

    4c79e6d30aa5bcef2bad7436281c684b073826a9

    SHA256

    5ea5b691afd1707735e001b4cad2b1675da944d4032f3a7f852ea1c75e5ee66e

    SHA512

    7638cf76349244f62606d81838f8fe1b51228ae8eeb649af042896e0b141fb2b0b631823d586ee3cfb0367719b39f5c5bbf95c32fce4aaf7cfd0e3cf6e201ed9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2d8c82aa3eededc20d445d905deee210

    SHA1

    c72e5e889f937b6b7007d8eacc99dfc23109db84

    SHA256

    38098d22d0664fd60dd42035ec594fc1103722cc4917baba9ea419b9109cf560

    SHA512

    76a07463eabdd947bbdeed99574e95d042bddcb865bd1a5ce65f90fe52ec972e42282a3c8772c16b1a27fd8f0c51ac3a54aac4800ddd0da193efaefdb55193ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    51b908e43dc1a1954a8c420753a27bba

    SHA1

    84d9c766ec75f89dc2f8bce4dea90b8c9b2fe0d0

    SHA256

    fd911b531648146f6a115930a2b50d5e512c0b31fccb65e46fdc65269e726efc

    SHA512

    1f08a3dfff3bab300bb0388f58cdd3b2e5a15e0faa36f8428b196f51449393de1d7dffd6af5cc91ce7f9916ed676cf440945fa57ccffeec3e5ca36c9a3071cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0df351468f9e4cd483b87b867418d5b3

    SHA1

    ff4abc90fbe703ec1a119903678db1b674a5d7cc

    SHA256

    10f2f463e12f9d6f7f97921e4f9d1b281c117b7422ad0ac363769f1b6b1b661b

    SHA512

    17a2ed2ce592c344e9510156077e5e4cdd41b1c04522714103d53cd4a10e89f2e0d3d7271ce9f3518b0b94157f37c2a78abedc6dac7372635768207db545c3b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    85d4c246de2b6d494cce7e6d52943926

    SHA1

    18ffbbc9c8e7313d0983ade94a3804885c078005

    SHA256

    0b0c5db389bf0b6b95ef674a58f663f64c82625d6ca54f809f3bbcd47027b960

    SHA512

    7b59bdd0709b3645630761f5ef255567a03404fe7b8fe70821e6a1e807e73497a9ba6ed215ed2121a81278a436442ed6bce02403be6b264254147303a041bc97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c484349161a522ff2762da61e1a7209

    SHA1

    97f2a1b620e6bde876c8289187e4f443e6969cbb

    SHA256

    b02144dff36f3228bab2587feb070a275632239fdbc0ff940d5373633c5a6486

    SHA512

    4bafe038358ba49c47cd7711714157e42dde60122dd115786329aef0fe00cfd9321d59cee6d9829247c2e419ba216998ff2f6760837416c15760dbf74104b9f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7d47241e0d149ef74de40a486e7879a6

    SHA1

    57544e74ccbd4c0c804d7ae424eac10d6c03fd63

    SHA256

    d4651b8ca8d5800db1f66c12ebcb4d1f1eff779c741d21787b24bc7730a1d236

    SHA512

    8c6c23ccc22ad36c78de9bf5cb6343d412a583f9a1c91ed3eb587946b58b5dca5c47fbc0c7b5b46fec305db6cdba1fb18b4427af11f1fc587a1e164e3042818c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4891122a1e1631ca9131feef71d57429

    SHA1

    a7494b0c8df9ebca39b26b32b304a50cd5cc2e5d

    SHA256

    26b08ec8af40e09cc12c624be5e46b5afa0846594a462f179f88476b542f4947

    SHA512

    5adabcdfbc4baacb74954e24fb6f33fd6d9aa152424c34efb07533aa3252a8dbfc34cf72ceebcd418d075f2a8c1e2b205106152050b758bb8a86d5606a8e5a0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bbc11b7b4e66e0ffc278ed6d5dcd1f54

    SHA1

    c75044188026f9de78ac474c7676ab3f9bd80dec

    SHA256

    ddc4656743cf7c155732f8280c6c486e91bf621d8823f32682d6459df24b8dda

    SHA512

    55acb42f7c246194a50264c6893c6ea9c5f3a6040f9c8b38454c8c7e757fe905a41e5c5a5750b12dc9b1e74ce127fa0160a1a509479bb8f148ce9b099e74d464

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c7474b311268796924328983e589c6f1

    SHA1

    9452d9e14a2510c943a01c893d6e9eab6dcc35bf

    SHA256

    32c141376608b5940e49470ef8651a9d4994ffc602c4bb227dc42553f87a6a33

    SHA512

    d7ab7a47053efd2f1b15ff6a23bc46e3ebed540b82a0909b0f1886d96e23c4c201cde5f34467a1fbe00d181abab4185c616d5164c8ebd2c30cda9b4f6dd9b76e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5bef01984c449edb832138811871cacc

    SHA1

    64bf40493f066b6cc7540d30be76e7b1e5cc5163

    SHA256

    d057dca9745c851aeab9fd5cc9ca21d658899b766b1706546ac773ba99102b6a

    SHA512

    9d22305568304bcce688ca80953b14ff70f9e27cedcbcac9bd16fe8e2fdc343281adf1ed2ded3e473c57818ed0db66cf6a0d66e54c87d41f1b719d162f43c954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a1b738c32c65e023ac280f7a705b3b9a

    SHA1

    8ae3d2f3845f6ab3b1be301a7e3dd7a3411d5822

    SHA256

    9991e97833c9bb8a18579eda71cf138ade96a883a61ca9266907a848837481ca

    SHA512

    1b24bf91aa5b708f813a743ba04ed66aff4bb4986410e5168a0e08af13bab98ddd7509bd50438364f932127a6b5d07825e254b469692e65c7506429dee4e0ac1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dac30434cbe9bd87f2c041a460056aae

    SHA1

    41aaf499b8d68ff3665fc0b7309d19b95bc73d6a

    SHA256

    72cf9360df35463c422270e91d770a11bd40d0671a706eab9a836a0ab9ceecdb

    SHA512

    c8e96c1ec93201ffbfb790c8a2d0958053f8709900496e59025da56c9fac2956b612d547a587a1649523cadd25b584e6bdfe50769c6e0315101be2c506a9547b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f19537e00173c12c8566c44ac2269b8

    SHA1

    f2552c6c99bd8247cf779dd11d3b30da11eb4b0c

    SHA256

    165a205a09c07b7a80dd7b755c61aea71797e6532754a9ba206047a14beaaf55

    SHA512

    7906f8701a23d25beceb244a8b83496e4ed2e42dcbd697171b045202bbeda6987a39ceaed2fd6e943ba2926ed9eed22a78657821a13e104aecdd4cf6de430711

  • C:\Users\Admin\AppData\Local\Temp\Cab34AA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar350B.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a